Versions Compared

Old Version 15

changes.mady.by.user Tomi

Saved on

compared with

New Version Current

changes.mady.by.user Juha Koponen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Info

Last reviewed: 2022-03-23


Info
titlePLEASE NOTE!

Please note that this Knowledge Base article has been created only for 2023.1


Please note that the information in this Knowledge Base has not undergone extensive testing or verification by our Engineering team. While this article offers valuable insights, it may not guarantee flawless solutions for your specific Identity Server environment and configuration.

Please contact your Ubisecure partner and/or Ubisecure Support team to obtain more information.

Two node upgrade process

The idea is to keep one node of CID running and perform upgrade on slave node first. 

...

  1. Extract the deployment template. See instructions from Deployment template extraction on Linux - CustomerID.
  2. Copy configuration files from old master to new, and setup.

    1. Transfer files from old master to new master.

      Code Block
      languagetext
      scp /usr/local/ubisecure/customerid/application/linux.config <new_master_node_user>@<new_master_node>:/usr/local/ubisecure/customerid/application/
scp -r /usr/local/ubisecure/customerid/application/custom <new_master_node_user>@<new_master_node>:/usr/local/ubisecure/customerid/application/

      (Ensure to copy all subfolders under custom).

    2. On the new master, go through each setting in /usr/local/ubisecure/customerid/application/linux.config  and compare to the configuration template for the new version in /usr/local/ubisecure/customerid/application/config/linux.config

      1. Add settings missing from the previous version, refer to Setup template on Linux - CustomerID for existing options
      2. Check settings related to the versions of 3rd party software: wildfly.home, database.driver.file
      3. Check and fix settings related to your environment, all the URLs, host names and IP addresses, especially: proxy.local.url, wildfly.ip_addr.master, and wildfly.ip_addr.slave

    3. Run setup.sh.

      Code Block
      cd /usr/local/ubisecure/customerid/application
./setup.sh


  3. Prepare WildFly for domain configuration. See instructions from Two node WildFly prepare for domain configuration on Linux - CustomerID.
  4. Configure HTTPS, See Two node SSL configuration on Linux - CustomerID -  This generates certificate files and Keystore (default location: %WILDFLY_HOME%\domain\configuration\keystore.pfx) is registered to WildFly in the next step  - master node WildFly configuration. 
  5. Configure WildFly on CustomerID Master Node. See instructions from Two node master WildFly configuration on Linux - CustomerID.
  6. Configure the singleton subsystem. See instructions from Two node singleton subsystem configuration on Linux - CustomerID.

...

Info

Ensure to check memory allocation for tomcat and wildfly from the old environment and to apply that to any new environment:

To check memory allocated to Wildfly:

Goto /home/wildfly/wildfly-21.0.2.Final/domain/configuration/domain.xml - Check value of following in old environment and update in new environments.

<jvm name="default">

  <heap size="4G" max-size="4G"/>

</jvm>

To check memory allocated for tomcat:

Goto  /usr/local/ubisecure/ubilogin-sso/ubilogin/config/tomcat/jsvc.sh - Check value of following in old environment and update in new environments.

JAVA_OPTS="-Xms4g -Xmx4g"

...