OpenText product name changes coming to the community soon! Learn more.

Wikis - Page

Migrating the Ubuntu SMG Appliance to the SLES SMG Appliance

4 Likes

SMG migration documentation is available here https://www.novell.com/documentation/secure-messaging-gateway/secure-messaging-gateway/data/migrating_to_sles_appliance.html

Unfortunately, there are a couple of items that could use a little more clarification.  I thought I would provide my notes to supplement the documentation and help anyone else out who is preparing to do a Ubuntu SMG appliance migration to SLES SMG appliance.

I also want to give recognition to Suzie Wathen (Micro Focus SMG Tech Support) for her assistance in working through the migration.  Her expertise was vital to completing this task.

The numbered steps below match up with the steps in the documentation linked above (at the time this was published):

1. Download the SLES OVA file and deploy it.

2. Edit the virtual settings.  The default CPU and RAM settings were acceptable for my environment.  I changed hard disk 1 from the default 16 GB to 60 GB and added a 50 GB hard disk 2.

3. Power on the appliance.

4. Accept the license.

5. Specify the passwords, NTP server and timezone.

6. Specify the hostname and IP address and other request network settings.  During the migration process, the hostname and IP address for the source and destination appliances will be swapped.

7. Select the secondary hard drive that you created.

8. Login to the VAAdmin Console at https://<ip or dns of new smg server>:9443 using the vaadmin user.

9. Prep the SMG on SLES appliance.

  • System Services > ssh > Action > Start
  • System Services > ssh > Options > Set as automatic
  • Configure postgresql > Allowed connections = 0.0.0.0/0
  • phpPgAdmin > postgresql > Login (username = postgres / password = postgres)

Because I did not change the database user of my Ubuntu SMG appliance from the default settings, I did not need to change any user information in phpPgAdmin.  However, the first time I setup the SLES SMG appliance, I was unable to login to phpPgAdmin > postgresql.  I chose to delete the VM and start over.  The second time, the login worked and so I just used this as a check to make sure everything was deploying properly.

At this point you should also enable access to the Ubuntu SMG appliance.  Micro Focus provides a script to do this, but it is not mentioned in the documentation.

  • Open a command line on your Ubuntu SMG appliance.  (I just use PuTTY.)
  • Switch to root: "sudo su".
  • Change directory: "cd /opt/gwava/assets/bin/linux/scripts".
  • Make the script executable: "chmod x pg_enable_access.sh".
  • Run the command with the IP address of your SLES SMG appliance: "./pg_enable_access.sh <ip_address_of_SLES_appliance>".
  • Verify the script action: "tail /etc/postgresql/9.5/main/pg_hba.conf".  The last line of the file should contain the IP address of your SLES appliance with a /32 netmask.
  • Close the command line session.

10. On the SLES SMG appliance, select SMG User Interface > Role > Replace an existing Secure Messaging Gateway server

11.  Enter the following information:

  • Server name.  This must be the name of the Ubuntu SMG appliance.  An IP address will not work.  To get the name, login to the Ubuntu SMG appliance and select System Administration > System Management > Manage Servers.  It will be listed there.
  • Server DB user name.  This defaults to "postgres" and should be used unless you changed the defaults on your Ubuntu SMG appliance.
  • Server DB password.  This defaults to "postgres" and should be used unless you changed the defaults on your Ubuntu SMG appliance.
  • DB server address.  This should be the IP address of your Ubuntu SMG appliance.
  • DB name.  This defaults to "SecureGateway" and should be used unless you changed the defaults on your Ubuntu SMG appliance.
  • DB user name.  This defaults to "postgres" and should be used unless you changed the defaults on your Ubuntu SMG appliance.
  • DB password.  This defaults to "postgres" and should be used unless you changed the defaults on your Ubuntu SMG appliance.

12. Proceed to the validation step and then open the link to the Ubuntu SMG appliance.

13. Advance the wizard on the SLES appliance to install.

14. Login to the Ubuntu SMG appliance and select System Administration > System Management > Manage Servers > (name of your server) > Prepare

  • open a command line on the Ubuntu SMG appliance
  • Change directory: "cd /opt/gwava/replace
  • Run the command "sudo ./replace_server.sh".  When the replace_server script runs, you will be prompted to continue and then you will need to enter the root password of your SLES SMG appliance.  The password is not stored, so you will be prompted multiple times while the script runs.  This only takes a few minutes to complete.
  • At completion of the script you are prompted to press the space bar to shut down the Ubuntu SMG appliance.

The Ubuntu SMG appliance is now configured with the IP address of your SLES SMG appliance.

15. No additional notes here.

16. Login to the VAAdmin Console of the SLES SMG appliance using at https://<ip or dns of new smg server>:9443 using the vaadmin user.  Select Appliance Configuration > Network (This takes a few seconds to respond.)  Select eth0 to change the network settings.  You should change the IP address and hostname to match the ones used by your Ubuntu SMG appliance.  Select Ok.  This page will display "saving network configuration" but will never get beyond that because the IP address change you made has broken the connection.  Open a command line on the server (I did this through the server console of my virtual environment) and verify that the address has changed using the command "ip a".  If it has changed, reboot the server.  After the server boots, you should be able to login to the SMG Administration interface (this is not the appliance port 9443 interface) and verify that everything looks the same as the Ubuntu SMG appliance.

17.  You now need to copy the quarantine files from the Ubuntu SMG appliance to the SLES SMG appliance.  First boot up the Ubuntu SMG appliance.  It should be reachable at the IP address that you used when you first created the SLES SMG appliance.

  • open a command line on the Ubuntu SMG appliance
  • Change directory: "cd /opt/gwava/replace"
  • Run the command "sudo ./copy_files.sh".  When the copy_files script runs, you will be prompted to continue and then you will need to enter the root password of your SLES SMG appliance.  The password is not stored, so you will be prompted multiple times while the script runs.  This only took about 10 minutes for my server, but will vary depending upon how large your quarantine is.
  • At completion of the script, you can shut down the Ubuntu SMG appliance.

Clean up steps:

  • Login to the VAAdmin interface of the SLES SMG appliance (port 9443)
  • Select System Services > ssh > Action > Stop
  • Select System Services > ssh > Options > Set as manual
  • Select Configure postgresql > Allowed connections = "<ip address of SLES SMG appliance>/32".  This entry was originally blank.  Clearing the entry so it is blank and selecting save just causes the page to spin endlessly.  Changing it to the IP address of the appliance is the most restrictive way I can find to lock this back down.

Hopefully this helps clear up a few items.  If there are any questions or comments about my notes, please leave it in the comment section below.

Labels:

Support Tips/Knowledge Docs
Support Tip
Comment List
Related
Recommended