Upgrading opConfig from Version 1.x to 2.x

opConfig can be upgraded to Version 2.x with very little effort, and this document describes the process and caveats:

The Upgrade Process

  • To upgrade the software, simply use the interactive installer as described in the opConfig 3 Installation Guide.
    The installer will merge your old license file with the new one, and copy over the configuration files for connections, credential sets and command sets.
    As both old opConfig and new use the same database, all information present  in the old version will be visible in the new one.
  • Adjust your cron jobs and URLs to the new names.
    opConfig 2.x works out of /usr/local/omk, and the binaries are named differently from Version 1.x:

 

 

Old NameNew Name
/usr/local/opmantek//usr/local/omk
/usr/local/opmantek/bin/opConfig-cli.pl/usr/local/omk/bin/opconfig-cli.pl
/usr/local/opmantek/bin/opConfigd.pl/usr/local/omk/bin/opconfigd.pl
http://<machine>/cgi-omk/opConfig.pl

http://<machine>/omk/opConfig/

  • Make sure that you do run the NEW binaries, not the old ones.
    Ideally you should remove the opConfig Version 1 installation altogether after the upgrade.
  • Verify that the nodes (and their connections), and the credential sets are correctly visible in the new GUI.
    opConfig 2.x converts existing  connections.nmis and credential_sets.nmis files to the database on first startup, then renames the files with the suffix .disabled. In version 2.x all credential set and node configurations are performed in the GUI.

Important Changes, Other Things to Know

  • If you have a license for Version 1.4 of Open-AudIT Enterprise or newer, then opConfig can import audit data from Open-AudIT. This audit information will show up in opConfig as command "audit", and the command output  will be the full audit data set in JSON format.
    To enable this, set the necessary options in conf/opCommon.nmis and run opconfig-cli.pl act=import_audit periodically or as a one-off. The related config settings are as follows:

    'opconfig_audit_import' => 1, # to enable this altogether
    'opconfig_audit_import_url_base' => "http://my.oae.system.com/omk/oae/",
    'opconfig_audit_import_user' => "nmis",		 # needs ro-access
    'opconfig_audit_import_password' => "somepassword",
  • The new compliance management abilities are described elsewhere: opConfig and Compliance Management
  • opConfig's log files are now in /usr/local/omk/logsopConfig.log is for any opConfig-specific GUI logs, opConfig-cli.log is for opconfig-cli.pl. opconfigd logs to common.log, and opDaemon.log is for the Opmantek Web Infrastructure.
  • When running command sets against target nodes, opConfig now optionally checks them against tags given to opconfig-cli.pl. That way you can selectively run commands tagged HOURLY (for example), others only on demand etc. Simply add the tags that you require the command to have as "tags=tagA,tagB" to the opconfig-cli.pl invocation for act=run_command_sets.