Preparing for a Windows upgrade using the unified product installer

This topic provides the information you need to prepare your environment for the upgrade process on Microsoft Windows systems using the unified product installer. It includes instructions for preparing to upgrade the TrueSight Server Automation system. 

The topic includes the following sections:

Related topics

Walkthrough-Upgrading-to-the-latest-version-for-Microsoft-Windows

Troubleshooting-the-installation-migration-or-upgrade

Step 1: Review requirements and limitations

Prior to upgrading, it is important to carefully review the following requirements and limitations.

Requirements for upgrade on Windows

Category

Requirement

Product integrations

If your TrueSight Server Automation environment includes BMC Cloud Lifecycle Management, you need to ensure that you maintain compatibility with BMC Cloud Lifecycle Management.  For more information, see Component-BMC-product-service-pack-and-patch-levels in the BMC Cloud Lifecycle Management online technical documentation.

If your TrueSight Server Automation environment includes TrueSight Smart Reporting for Server Automation, upgrade TrueSight Smart Reporting for Server Automation before upgrading TrueSight Server Automation. For more information, see the TrueSight Smart Reporting for Server Automation online technical documentation.

Base requirements

Review the following key requirements.

Click here to review.
  • During an upgrade, the unified product installer automatically installs an RSCD Agent on every Application Server machine that does not already have an agent installed. If you are not interested in having PsExec installed in your environment or if you are not interested in providing details of the required credentials, you can install an RSCD Agent manually on each of the detected machines.
  • If you have external PXE servers in your environment, copy the appserver installation script (for example, ..\installers/appserver_64\BSA<version>-WIN64.sh) to the C:\Windows path on Windows PXE Servers to use the Remote Site default option in Unified product installer before you start the upgrade.

  • Ensure that Microsoft Visual C++ 2015 Redistributable Update 3 is installed on the server. For more information, see Installing an RSCD agent (Windows).
    Note:

    As a prerequisite to install Microsoft Visual C++ 2015 Redistributable Update 3 on Windows 2012 R2, you must have the following patches installed on your server:

    • KB2919442 (Required for 2919355)
    • KB2919355. This patch requires several other patches: clearcompressionflag.exe, KB2919355, KB2932046, KB2959977, KB2937592, KB2938439, and KB2934018. This are all available on the download page for KB2919355.
    For more information about the prerequisites for Microsoft Visual C++ 2015 Redistributable Update 3, refer to the Microsoft documentation here.

  • NSH must be present on each Application Server machine (that is NSH proxy server, Configuration server, Job server, or PXE server).
  • Unified installer should be run only from a node set up as a Configuration server (for more about this type of Application Server setup, see Application Server types).
  • During the upgrade, the installer checks the existing version of Perl. If the host computer on which you are installing the Network Shell has:
    • A supported version of Perl installed — The Network Shell installation automatically installs the Network Shell Perl module. For information about the Perl versions that TrueSight Server Automation supports, see Perl support.
    • An unsupported version of Perl installed — The installation copies files that allow you to install the Perl module after you have installed the supported version of Perl
  • On 64-bit Windows systems, confirm that the %WINDIR%\SysWOW64 directory contains a copy of the chcp.com file. The installer uses this file to set the code page of standard output (stdout). You can obtain the file from a 32-bit version of Windows.

Supported platforms

The unified installer supports Windows 64-bit and Linux 64-bit operating systems. For a complete list of platforms supported by the unified installer, see Supported-platforms.

PXE servers

To improve performance during the upgrade, create a new folder on your remote PXE server (by default, %SystemDrive%/BSAInstallerDumpDir, for example, C:/BSAInstallerDumpDir) and then manually copy the PXE installer binary (..\installers\pxe_64\PXE<version>-WIN32) into the %SystemDrive%/BSAInstallerDumpDir folder prior to upgrading. The unified product installer validates the existence of the PXE installer binary under the expected location, and upgrades the PXE server during the upgrade process.


Install mode

If you are using Microsoft Windows 2003 or 2008, you must upgrade in Install mode instead of Execute mode, see Using-Install-mode-instead-of-Execute-mode.

Configuration objects

Upgrading to a new release can potentially create mismatches between the version of a custom configuration object, an agent, and any model objects that reference custom configuration objects. Therefore, as part of the upgrade process, you must distribute the latest versions of the custom configuration objects that are not included as part of an RSCD agent.

The product installation is automatically upgraded to the appropriate version when you upgrade the agent. However, you must upgrade any custom configuration objects that are not included with the agent by running a Distribute Configuration Objects Job. Configure this job to target servers to which custom configuration objects need to be distributed. For a list of those objects that are included as part of an agent installation and those that are not included with the agent and require distribution, see Custom-configuration-objects.

To upgrade custom configuration objects

Click here to see the steps for upgrading custom configuration objects.
  1. Run an Update Server Properties Job on the agents you have upgraded. For more information, see Creating Update Server Properties Jobs.
  2. If you are not upgrading all of your agents at this time, make copies of all component templates, BLPackages, Snapshot Jobs, and Audit Jobs that reference custom configuration objects that have dependencies on agents running earlier versions. You must maintain a version match between component templates, BLPackages, Snapshot Jobs, and Audit Jobs and custom configuration objects and agents. The objects that you copy in this step are the objects that you can use to maintain the version match.
  3. If you upgrade to the latest version of TrueSight Server Automation and you are using TrueSight Server Automation for virtual environments, you must immediately update the RSCD agent on the system used for the integration and add the new configuration object version for the integration. For example, for the vCenter server, you must upgrade the RSCD agent on either the Windows vCenter server or the AMO proxy and add the new VMware configuration object to the vCenter server object in TrueSight Server Automation.
  4. To ensure that all configuration-object-based assets within existing content are upgraded, run an Upgrade Model Objects Job that targets any component templates, BLPackages, Snapshot Jobs, or Audit jobs that you want to upgrade. For more information about the Upgrade Model Objects Job, see Creating-or-modifying-Upgrade-Model-Objects-Jobs.
    Note: Do not run the Upgrade Model Objects Job against the copies of objects that you created in step 3.
    If you open an existing component template, BLPackage, Snapshot Job, or Audit Job that references a custom configuration object and a later version of that custom configuration object exists, the system displays a message saying it will automatically upgrade the referenced custom configuration object. To maintain a version match with an earlier agent, close the component template, BLPackage, Snapshot Job, or Audit Job without saving.
  5. After executing the Upgrade Model Objects Job, display the results of the job run to see which assets were successfully upgraded and which were not. If you find that certain assets were not automatically upgraded, you must upgrade them manually. Perform the following steps:
    1. Open the object (template, package, or job).
    2. Manually remove the asset of the earlier version and add the asset of the latest version.
    3. Save the object.

To upgrade virtualization configuration objects

Click here to see the steps for upgrading virtualization configuration objects.

The Upgrade Model Object Job is not supported for upgrading virtualization configuration objects.

To upgrade configuration objects that you distributed in prior versions, complete the following steps:

  1. Import the new version of the virtualization configuration object (for example, the VMware vCenter configuration object).
  2. Restart the RSCD agent on which the configuration object is distributed. This step is a prerequisite for successful upgrade of the configuration object on the target server.
  3. Run the Distribute Configuration Objects Job to distribute the configuration objects to the target agent (see Distributing-configuration-objects).
  4. To identify the configuration objects that failed, run the Upgrade Model Objects Job on all jobs, templates, and BLPackages that reference the configuration object.
  5. After the Upgrade Model Objects Job completes, open the objects for which the job failed.
  6. Remove the parts that are marked as failed and add new ones from the upgraded configuration object.

Upgrading to a new release can potentially create mismatches between the version of a custom configuration object, an agent, and any model objects that reference custom configuration objects. Therefore, as part of the upgrade process, you must distribute the latest versions of custom configuration objects for the custom configuration objects that are not included as part of an agent.  The  installation are automatically upgraded to the appropriate version when you upgrade the agent. (See Custom-configuration-objects for a list of those objects.) You should upgrade any custom configuration objects not included with the agent by running a Distribute Configuration Objects Job. The job should target servers to which custom configuration objects should be distributed.

Potential issues

Click here to review a list of potential issues you can encounter during an upgrade.
  • Upgrade to version 8.6 or later does not grant the DBMS_LOCK privilege to user - Before you start upgrading from a previous version to TrueSight Server Automation 8.6, ensure that the TrueSight Server Automation user is granted the DBMS_LOCK privilege. This privilege is required for carrying out a handshake between TrueSight Server Automation database and the TrueSight Smart Reporting for Server Automation ETL during database clean up. You can use the SYS user to grant the DBMS_LOCK privilege by entering the following command: GRANT EXECUTE on DBMS_LOCK TO <User>
  • Upgrade to version 8.6 or later disables PropertySync - As of TrueSight Server Automation version 8.5, the PropertySync feature has been deprecated. During migration of the database, PropertySync is disabled and the migration results table displays the migration warning: PropertySync has been changed from true to false. Contact BMC Support for further assistance.
  • Upgrade to version 8.5 or later deprecates the Provision provisionDevice BLCLI command. Earlier releases supported the Provision:provisionDevice command. This command has been deprecated. BMC recommends that you use the ProvisionJob:createProvisionJob command instead.
  • Upgrade to version 8.6 or later causes Citrix XenServer Provision Jobs to fail - After an upgrade from TrueSight Server Automation version 8.3 or earlier to TrueSight Server Automation version 8.5 or later, existing Citrix XenServer Provision Jobs fail (QM001706976). Failed jobs display the error message: com.bladelogic.om.infra.mfw .util.BlException: Proxy cannot be null, Error: Proxy cannot be null. To work around the issue, open the Provision Job in the content editor. On the Server Settings panel, browse the Server Properties option to select or create a valid agentless managed object (AMO).
  • Audit performed with snapshots captured using earlier versions of the RSCD agent can fail - When capturing data from target servers, version 8.6.00 of TrueSight Server Automation skips IPv6 addresses and masks. After an upgrade to version 8.6.00 or later from version 8.3 or earlier, an audit performed with snapshots captured using older versions of an RSCD agent can fail if the targets had IPv6 enabled.
  • In a multiple application server (MAS) environment, if the RSCD Agent is not present on the secondary node and the primary node is using PsExec version 2.34, upgrade to version 21.3 or later on the secondary node fails. To fix the issue, perform one of the following tasks:
    • Install RSCD Agent on the secondary node and start the upgrade process again on the secondary node.
    • Use PsExec version 2.2 instead of version 2.34 on the primary node, and start the upgrade process again on the secondary node.

Certificate issue

If your id.pem certificate was created with a key size of 1024 bits (or less), you will need to regenerate it with a higher key size (2048 or higher). This is due to a change in the FIPS requirement for minimum key length (now 2048 bits).

Security requirements

The unified product installer must be run by a super user, that is, a local Administrator or Administrator-equivalent local user. This enables the installer to install components on remote Application Servers using existing RSCD Agents and PsExec.

In a domain environment, this can be a domain user who is part of the local Administrators group. In such a case, ensure that you prepare the same local Administrator user on any remote Application Server that does not have an RSCD Agent installed.

If you have a high security level enabled in your TrueSight Server Automation installation, the unified installer cannot upgrade the product through the RSCD Agent on the remote host computers. Before upgrading, you must temporarily adjust the security level on the machines where you want to upgrade the Application Servers. At the beginning of the upgrade process, the unified installer checks the security setup and, if problems are detected, issues an error message. This message helps you decide on the actions that you must take to adjust the security settings. After the upgrade, remember to re-adjust your security settings, based on your unique needs and the IT security policies at your organization.

Before initiating the upgrade, the installer discovers the existing Application Servers and checks whether an RSCD Agent is installed on each Application Server. For Application Servers that do not have an RSCD Agent installed, the installer prompts you for the credentials of the relevant host computers and installs a fully authorized RSCD Agent on each server. Note that if you suspend or abort the upgrade, you will need to manually uninstall the RSCD Agent on each of the servers. After the upgrade, remember to re-adjust your security settings, based on your unique needs and the IT security policies at your organization.

In addition, ensure that the following security requirements are met before initiating the upgrade:

  • Ensure that you have authentication profiles of any of the following types set up at your TrueSight Server Automation installation: Secure Remote Password (SRP), LDAP, or Microsoft Windows Domain Authentication. 

    Upgrade to TrueSight Server Automation version 8.9.03 or later is not supported through Active Directory Kerberos, PKI, or RSA SecureID authentication profiles.

  • You must disable the use of client-side certificates that secure access between Application Servers and agents or repeaters before you upgrade using the unified product installer. For more information, see TLS-with-client-side-certificates-Discontinuing-use-of-client-side-certificates.
  • Ensure that your firewall allows communication on all ports used by various components of TrueSight Server Automation. For more information on ports, see TrueSight-Server-Automation-ports.
  • Ensure that the port number that is used by the SSH service running on all hosts is 22, which is the default port number for SSH.

Limitations when using the unified product installer

Category

Description of support or limitation

Multiple Application Server (MAS) environments

The unified product installer only supports upgrade of an homogeneous MAS environment, that is, either all Application Servers run on Linux 64-bit operating systems or all run on Windows 64-bit operating systems.

"Mixed" Application Server/database environments

The unified product installer supports upgrade of "mixed" Application Server/database environments (for example, Linux Application Server + Microsoft SQL Server database). The UPI does not require the database or the file server operating system to match the operating system of the Application Servers.

PXE servers

For PXE servers to be upgraded by the unified product installer, they must be:

  • Up and running.
  • Running the same OS as the Application Server.

If your environment includes hybrid PXE servers (that is, PXE servers not running Windows or Linux), you must perform a workaround for the upgrade

Click here to see the workaround.
  1.  Stop the hybrid PXE server / TFTP server.
  2. Run the unified product installer. The installer ignores the PXE server, as it is in a stopped state. The installer upgrades the rest of the infrastructure, with the exception of the hybrid PXE server.
  3. Once the unified product installer has completed the upgrade, run the configurator utility on that PXE server. See Migrating-the-database-and-persisting-configuration-data-to-the-database.
  4. Upgrade the PXE server according to the instructions in Upgrading-the-Provisioning-System.
  5. Copy the global.property file from the Application Server to the /br/deployments/ directory on the PXe server.
  6. Restart the PXE server.

Upgrade scenarios

The unified product installer does not support the following upgrade scenarios:

  • 32-bit Windows or 32-bit Linux machines
  • Solaris SPARC machines
  • Upgrading the TrueSight Server Automation Console (RCP client). Uninstall the older version of the console and install the new version on a different host.
  • Application Servers installed with the -local flag, that is installed in a self-contained directory structure.

  

Back to top

Step 2: Prepare the database

During an upgrade process, core data is migrated to the upgraded TrueSight Server Automation database. To ensure that this migration completes successfully, you must prepare your database before performing the upgrade. To prepare your database, review the following list of prerequisite tasks and perform the tasks that are relevant for your environment.

Task

Description

Back up the TrueSight Server Automation database.

You must back up before beginning the data upgrade process.

The data upgrade occurs in place. If, for any reason, it should become impossible to complete the upgrade, the only way to
restore the database to its pre-upgrade state is from the backups.

Remove unnecessary deployments

The migration process uses the database system ID information in the _template deployment to identify the database to migrate. In addition,
the configurations from each existing deployment are processed, so each deployment present in the Deployments directory should have the correct configuration.

Certain deployments are transitory and can be removed before an upgrade as they are not needed for normal operation.

  • _install, _postmig, and _util can be removed from the deployments directory if present, and provided that an installation,

    postmigration process, or blcontent process is not being run.

  • (optional) _launcher is for the Application Server Launcher. 

    This does not include database configuration information. 

    Both _spawner and _pxe include database configuration information. 

    The _template deployment is used to create new deployments, including those used during migration.

    However, you can delete them for stale deployments (user created deployments that are not in use anymore).

Ensure that the database configuration information on the deployments of the Application Server is up-to-date

Before upgrading the Application Server, ensure that the database configuration information on the deployments of the Application Server is up-to-date.

You can use the blasadmin utility to check the database related and file server related information for each of the deployments (except _launcher).

You can use the following blasadmin commands. If either of these commands returns an error, you can use the blasadmin utility to
correct the configuration information and proceed with the upgrade.

  • blasadmin -s <deloyment name> show database all (for the _pxe deployment use blasadmin -s _pxe show pxe all)
  • blasadmin -s <deployment name> show file all

If these commands return an error, use the blasadmin utility to correct the configuration so that those commands do not return an error.

Ensure that the blgroup table does not contain duplicate entries

Before you start the upgrade, connect to the database and run the following query:

select name, parent_group_id, group_type_id, count(*)
from blgroup
group by name, parent_group_id, group_type_id
having count(*)>1;

If the above query returns any rows, contact BMC Support for further actions.

(Oracle only) Ensure that the sufficient free space, which is required for migration to 21.3 or later versions, is available on the tablespaces

Before you start the upgrade, connect to the database and run the following query:

select table_size_mbs, table_space_free_space_mbs
from(select sum(bytes)/1024/1024 table_size_mbs
from user_segments us
where segment_name in(select ut.table_name
from user_tables ut
where ut.table_name in (select column_value
from table(LANG_UTIL.STR_TO_ARRAY('JOB_RUN_EVENT,COMPLIANCE_RULE_RESULT'))))
) tab_size,
(select sum(dfs.bytes)/1024/1024 table_space_free_space_mbs
from dba_free_space dfs
where dfs.tablespace_name = (select tablespace_name from user_segments where segment_name = 'JOB_RUN_EVENT')
group by dfs.tablespace_name
) free_space;

If the value returned by the table_space_free_space_mbs column is lesser than the value returned by the table_size_mbs column, increase the tablespace size.

(Oracle only) Grant privileges explicitly to the user account

For an Oracle database, you must grant certain privileges explicitly to the user account (typically BLADELOGIC) that will be used during the upgrade.

Some of the privileges can be revoked after database migration is performed during the upgrade. For the complete list, see List-of-required-database-permissions.

(SQL only) Configure the database to use the simple recovery mode

For information about configuring the simple recovery mode, see the appropriate Microsoft documentation.

(SQL only) Shrink the transaction log file.

For more information, see the appropriate Microsoft documentation.

Back to top

Step 3: Prepare the automation environment

Perform these tasks in order. Many steps are prerequisites for other steps that occur later in the process.

  1. Back up the TrueSight Server Automation database. The data upgrade occurs in place. If, for any reason, it should become impossible to complete the upgrade, the only way to restore the database to its pre-upgrade state is from the backups.
  2. Ensure that your connection to Microsoft SQL database is not encrypted. TrueSight Server Automation does not support using an encrypted Microsoft SQL database connection at the time of upgrade. However, after the product is upgraded successfully, TrueSight Server Automation can use an encrypted connection to communicate with the Microsoft SQL database. For steps on enabling and disabling an encrypted connection to your SQL database server, see Encrypting-your-database-connection.
  3. Verify that the following components are up and running for the upgrade to be successful:
    • All Application Servers
    • PXE Server
    • RSCD agents on Application Servers, PXE servers, and file servers. 

  4. Back up the installation directories for all Application Servers and PXE servers. The default installation locations are:

    • Application Server: C:\Program Files\BMC Software\BladeLogic\NSH

    • PXE Server: C:\Program Files\BMC Software\BladeLogic\PXE

      If you are upgrading the PXE server, follow the upgrade instructions for Windows or UNIX, to prevent loss of configuration settings.

    Important

    Ensure that all files and folders in the installation directory and its sub-directories do not have the read-only attribute enabled. The upgrade might fail, if the read-only attribute is enabled on any file.

    Note that the user who installed the earlier version of the product might have changed the installation directory from the default location, so ensure that you have the right location. If your current installation is already an upgrade from a previous version, the paths might be different, due to differences in these locations in earlier versions of TrueSight Server Automation. If you do not know the installation location for TrueSight Server Automation components view the contents of the %WINDIR%\rsc\HOME file.

  5. Back up the TrueSight Server Automation file server storage location. For example, copy the entire contents of the storage location to a directory other than the current storage location.
  6. Ensure that there is an RSCD agent installed on each Application Server to avoid potential errors in the upgrade process.
  7. Ensure that there is an RSCD agent and NSH are installed on the PXE server.
  8. Back up the existing certificate.pem, RSCD log files and respective signature files. 
  1. Make sure that you have 4 GB on disk with temp space and 4 GB on disk with installation directory.

  2. Ensure that you have disabled the NSH proxy on all Application Servers in the environment to avoid failure during upgrade. To disable the NSH proxy, run the following command on the NSH client:
    secadmin -m default -p 5 -appserver_protocol clear -T encryption_only -e tls

    Note: After the upgrade completes, remember to add this entry back into the secure file. You can use the following command:
    secadmin -m default -p 5 -appserver_protocol ssoproxy -T encryption_only -e tls

  • To preserve the Live Reporting dashboard environment, back up the cacerts file (for example,C:\Program Files\BMC Software\BladeLogic\appserver\NSH\jre\lib\security\cacerts for Windowsto a separate safe location on the TrueSight Server Automation server. You must do this because the TrueSight Server Automation upgrade overwrites the existing cacerts.

  • New in 8.9.02Ensure that Microsoft Visual C++ 2015 Redistributable Update 3 is installed on the server. For more information, see Installing an RSCD agent (Windows).

    Note

    As a prerequisite to install Microsoft Visual C++ 2015 Redistributable Update 3 on Windows 2012 R2, you must have the following patches installed on your server:

    • KB2919442 (Required for 2919355)
    • KB2919355. This patch requires several other patches: clearcompressionflag.exe, KB2919355, KB2932046, KB2959977, KB2937592, KB2938439, and KB2934018. This are all available on the download page for KB2919355.
    For more information about the prerequisites for Microsoft Visual C++ 2015 Redistributable Update 3, refer to the Microsoft documentation here.

Back to top

Where to go from here

Test the upgrade in a duplicated environment and then proceed to Walkthrough-Upgrading-to-the-latest-version-for-Microsoft-Windows.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*