Best migration and upgrade path

Dear Foreman Experts,

I am trying to accomplish two goals:

  • Migrate an existing Foreman 1.7.5 instance from old CentOS 6.10 server to new CentOS 7.8 server.
  • Upgrade Foreman from 1.7.5 to 1.24 or 2.1.

I tried installing Foreman 1.7.5 on CentOS, planning to import the database from the old server. However, I encountered some unavailable third-party repositories, namely Software Collections ruby193, and Puppetlabs puppet 3.x while running foreman-installer

Question: Can I successfully dump the database from Foreman 1.7.5 and restore to a later version, say 1.25, where all dependencies are currently available?

In other words, what is the latest Foreman version that would support a direct DB restore from v1.7.5?

Thanks for your help.

AFAIK we’ve never dropped DB migrations so in theory it should still work. I’d just try it out on a server:

  • Install a fresh 2.0
  • Stop all services (I think systemctl emergency can do that for you but it may also stop ssh etc)
  • Start the database
  • Import a dump
  • foreman-rake db:migrate && foreman-rake db:seed

I know of at least 1 person who upgraded their Foreman on CentOS 6 (I think 1.10) to Katello on CentOS 7. That worked even though technically we don’t support it. But it’s open source so you have total freedom to ignore that :slight_smile:

After that I’d suggest to rerun the installer just to make sure everything passes.

ekohl,

Thanks for these tips. Looks like a 1.7 to 2.0 migration is pretty doable.

Once I do the DB, though, I will need to transfer the file-based content as well. Do these paths look right, going from foreman 1.7 to foreman 2.0? Again, I’m going from CentOS 6.10 to CentOS 7.8.

foreman 1.7 paths, with puppet 2.7

/var/lib/puppet/ssl
/etc/puppet/environments
/var/lib/tftpboot/boot

foreman 2.0 paths with puppet6 (respectively)

/etc/puppetlabs/puppet/ssl
/etc/puppetlabs/code/environments/
/var/lib/tftpboot/boot

Are there any other dirs with content to be transferred? I assume I should NOT move /etc/foreman/ as that is managed by puppet and the foreman-installer (?)

Thanks again.

-jm

That sounds correct yes.

Hey @ekohl - how sure are you that this can truly be done (skip major versions when upgrading)

I know the documentation, as well as many posts here state you “must” hit every major version along the way (minor versions can be skipped)

But I also know you are super smart, and tend to know what you are talking about regarding Foreman…

Is this a “You can’t provide a warranty/liability, but are confident it’s actually fine” thing?

Mostly like that. Generally the upgrade process is: ensure all packages are updated, system is configured correctly, migrate DB, run seeds and start services. Running the installer on a fresh system configures the system. Then you can stop all services, drop the database and import it again. Since no migrations have been removed, you’re following the same path that you would otherwise, just in a single step rather than doing it over 10+ steps. Then running the installer at the end ensures everything is running.

I just realized you do need to copy /etc/foreman/encryption_key.rb before migrating as well. Other files are related to the proxy: if you run DHCP and DNS as well, you need to copy that.

Since it’s a fresh server, you should be able to click through the UI to see if the data is correct but I think that if the migrate passes, I’d trust it.