CA API Gateway 9.1

9.4 9.1

Upgrade an Appliance Gateway

This section describes how to upgrade gateways in the appliance and virtual appliance form factors. 
gateway91
This section describes how to upgrade
CA API Gateway
s in the appliance and virtual appliance form factors. 
Determine the Existing Version
Before upgrading, you can use the procedure below to verify the version of the 
CA API Gateway
 currently installed. After upgrading, you can use these steps to validate that the installation packages were installed correctly.
To determine the version of the Gateway
:
  1. Log in as
    ssgconfig
    and open a privileged command shell from the Gateway main menu.
  2. At the command prompt, type:
    # rpm  -q ssg
    The installed version of the Gateway is displayed.
Disable Enterprise Service Manager
If the 
CA API Gateway
 - Enterprise Service Manager is present, you must disable it prior to upgrading the Gateway.
To disable the Enterprise Service Manager (ESM):
  1. Log in as 
    ssgconfig
     and select option
    7
     (Display Enterprise Service Manager) from the main menu.
  2. Select option
    2
     (Disable the Enterprise Service Manager) and then press
    Enter
     to continue.
  3. Enter
    y
     to confirm the stoppage of the ESM.
Upload and Install the Patch Files
: Prior to upgrading Gateway, you will need to install the kernel patch, CA_API_PlatformUpdate_64bit_vKernel-2018-10-05.L7P. The patch installation is a one-time requirement for each Gateway upgrade attempt. An upgrade attempt consists of the installation of one or more platform upgrade patches and ends with the installation of a single Gateway upgrade patch.
To upgrade the Gateway :
  1. For clustered Gateways, if replication is in effect, stop the slave in MySQL on all database nodes in the cluster:
    1. Log in as
      ssgconfig
       and open a privileged command shell from the Gateway configuration menu.
    2. Open MySQL:
      # mysql
    3. At the MySQL command prompt, type:
      # stop slave;
  2. Back up the Gateway. For more information, see Back Up Gateways.
  3. Stop all Gateway nodes. For more information, see "
    To stop the Appliance Gateway using the menu
    " in Start and Stop the Gateway.
    Note:
     It is important that you stop the Gateway using the menu, not through the command line.
  4. Upload the patch files for the upgrade.
  5. Install any platform updates
    first
     and then reboot the Gateway appliance, using option 
    R
     from the main menu. For information about how to install the patch, see Patch an Appliance Gateway
  6. Install the application update and then reboot the appliance again.
  7. Replication should restart automatically after restarting the Gateway. To verify this:
    1. Open a privileged shell and log in to the MySQL client:
      # mysql
    2. Once logged into MySQL, run this command: 
      show slave status\G;
      You should see the following lines:
      Slave_IO_Running: Yes
      Slave_SQL_Running: Yes
    3. If replication did not restart, manually start it by running this script: 
      # /opt/SecureSpan/Appliance/bin/restart_replication.sh
      Virtual appliances may experience a slight delay when restarting, as the
      vmware-tools_reconf_once s
      ervice takes a moment to prepare the VMware tools for the new OS kernel.
  8. If your Gateway is configured to use the MySQL database, upgrade the Gateway database on the node hosting the primary database. To do this, access the Gateway main menu and then select option
    2
    , then option
    1
     to upgrade the Gateway database. For more information, see Gateway Configuration Menu (Appliance).
    If your Gateway is configured to use the built-in embedded database, the database upgrades automatically during Gateway restart.
    If you are upgrading the database after Gateway patch installation, ensure that you either have the Administrative Database user (
    root
    ) privileges or grant the user with similar privileges for successful upgrade.
  9. Restart ble the Gateway using option
    R
     ("Reboot the CA API Gateway appliance"). For clustered Gateways with replication in effect, the secondary database is replicated from the primary database.
  10. If the
    API Gateway
     - Enterprise Service Manager is present, re-enable it by repeating the steps under "Disable Enterprise Service Manager" above (this time option
    2
     reverts to "Enable Enterprise Service Manager").
AWS Amazon Machine Image Gateway: Upgrading to Version 9.3 or 9.4
The process for upgrading the AMI form factor of Gateway is similar to an Appliance Gateway upgrade as described in this topic, but with a few important differences for the Amazon RDS database. The following general steps describe how you should back up, restore and configure the AMI Gateway database.
  1. Create a MySQL database backup of 'NON-PROD' RDS instance for the 'gateway' database with 'mysqldump' with --routines. 
    This ensures all procedures and functions will be exported to the upgraded Gateway. 
  2. Create a new 'UPGRADE' RDS instance running MYSQL 5.7.x.
  3. Create a 'gateway' user and grant all privileges to 'gateway' and '<db name>_testUpgrade' databases.
    Where 'ssg' is the default <db name>. 
  4. Restore the MySQL database backup using 'mysql' and the file produced by 'mysqldump' while logged in as the 'gateway' user.
  5. Configure the 9.4 appliance to upgrade the 'gateway' database from version 9.1.x to 9.3 or 9.4.
  6. Configure the 9.4 appliance to use the 'UPGRADE' RDS instance and enable the node. 
  7. Add the new Gateway certificate to the database and test the Gateway. 

Content feedback and comments