How to Upgrade RHEL/CentOS 7 to 8 with EDR Installed
book
Article ID: 285647
calendar_today
Updated On:
Products
Carbon Black EDR (formerly Cb Response)
Issue/Introduction
How to upgrade RHEL/CentOS 7 to 8 with the EDR version 7.8 installed.
Environment
EDR Server: 7.8.0
RHEL/CentOS: 7.x
RHEL/CentOS: 8.x
Resolution
Instead of a RHEL upgrade on the same server, a second server is required. The critical EDR v7.8.0 files are copied from the RHEL 7.x server to the RHEL 8.x server.
Confirm the backup directory has enough disk space for Cb configuration files, Postgres database, Solr data and optionally Solr cbevents.
Backup the EDR 7.8 files on the RHEL 7.x server according to the Guide p. 72.
Stop EDR services.
Change directories to store the backup files (i.e. /root/RHEL7/). Confirm there is enough disk space for the complete backup.
Issue commands to back up critical files.
cd /root/RHEL7/ cp /etc/hosts . tar -P --selinux -cvf cbssh.tar /etc/ssh/ tar -P --selinux -cvf cbconfig.tar /etc/cb/ tar -P --selinux -cvf cbrootauthkeys.tar /root/.ssh/authorized_keys tar -P --selinux -cvf cbinstallers.tar /usr/share/cb/coreservices/installers/ tar -P --selinux -cvf cbcrons.tar /etc/cron.d/cb
Issue commands to perform a full backup or skip the event core backups. (See Guide for additional information)
tar -P --selinux -cvf cbdata.tar /var/cb/ OR backup without event data tar --exclude=/var/cb/data/solr?/cbevents/* -P --selinux -cvf cbdata.tar /var/cb
See Guide for backing up custom changes for syslog and syslog templates.
Create a second server with RHEL 8.x installed and registered. Confirm the RHEL8 resources follow the OER.
Configure the RHEL 8.x server's hostname, IP address and DNS server to match the EDR 7.x server.
vi /etc/hosts
vi /etc/sysconfig/network-scripts/ifcfg-<interface>
Install the instance's rpm on the RHEL 8 server.
rpm -ivh <your instance>.rpm
Follow the Guide p16. Disable a few modules prior to the cb-enterprise install.
yum module disable -y postgresql redis python39
Install cb-enterprise on the RHEL 8.x server.
yum install cb-enterprise
Initialize the RHEL 8.x cb-enterprise, but do not start the services.
/usr/share/cb/cbinit
cbinit will go through the normal setup and will ask for username, email, password etc. Fill this out, it can be fake info as you will be restoring the old info in step 10.
Copy the EDR 7.x backup tar files to the RHEL 8.x server.
Follow the Guide p73-74 to restore the tar files on the RHEL 8.x server.
Remove data from the fresh install:
rm -rf /etc/cb
rm -rf /var/cb
Restore items from the tar files (from the backup directory):
Reboot the RHEL 8.x server with EDR 7.x installed and restored. The sensors will start reporting to the new server. Connect to the EDR 7.x UI on the RHEL 8 server.