Saltar al contenido

Actualización de Linux RHEL6 a RHEL7

12 febrero 2021

Tabla de contenidos

Aunque ni siquiera la propia RedHat recomiende la actualización de «major versions«, en este artículo vamos a aprender a actualizar un Linux RedHat 6 a RedHat 7.

RedHat no recomienda la actualizacion del sistema operativo cuando se trata de saltar de major versionRedHat no recomienda la actualizacion del sistema operativo cuando se trata de saltar de major version

El motivo es porque, a pesar de todo, sí que existe un procedimiento oficial de actualización de RedHat 6.10 a 7.9 que ejecutaremos bajo nuestro propio riesgo.

[embedded content][embedded content]

¿Por qué actualizar de Linux RedHat 6 a 7?

En las grandes corporaciones, que es para quien va destinado Linux RedHat, existen enormes proyectos con muchos proveedores implicados. En una entorno puede participar una empresa que se dedique a proporcionar la infraestructura, otra a la administración del sistema operativo, otra desarrolla las aplicaciones, otra administra las bases de datos, etc.

Suelen ser aplicaciones críticas que, si se ven afectadas, miles de usuarios lo van a padecer.

Todo esto lo explico para entender el motivo por el que un sistema operativo tarda tanto tiempo en ser actualizado una major version, aunque RedHat de diez años de vida a cada versión de Linux que saca al mercado.

Se puede entender, por tanto que, económicamente, es más factible actualizar el sistema operativo que migrarlo a una versión nueva y montarlo todo desde cero, implicando a todos los equipos de aplicaciones y demás. Un proyecto nuevo cuesta mucho dinero a un cliente.

Aún así, no nos libramos de la implicación de otros equipos. Pongamos, por ejemplo, que actualizamos la versión de Java al actualizar el sistema y hay una aplicación que ya no funciona. Este tipo de tareas se ha de realizar primero en entornos de desarrollo antes de hacerlo en un entorno que afecte directamente a los usuarios reales.

A continuación, vamos a ir al grano con la actualización del sistema.

Instalación de RedHat 6.10

Para hacer esta prueba he instalado un servidor RedHat 6.10 en una maquina virtual local en mi PC. Nos sirve para ver el procedimiento de actualización.

En la documentación oficial se puede ver que RedHat recomienda actualizar a partir de RedHat 6.10, por lo que si tenemos una versión inferior, primero tendremos que aplicar el yum update para actualizarlo.

Matriz de soporte de actualizacion de RedHatMatriz de soporte de actualizacion de RedHat

Si no sabes como instalar un Linux, puedes echarle un vistazo a este artículo.

Finalmente, ya tenemos un servidor Linux RedHat 6.10 de pruebas para actualizar y continuar con el procedimiento:

[[email protected] ~]# lsb_release -a
LSB Version:	:base-4.0-amd64:base-4.0-noarch:core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch
Distributor ID:	RedHatEnterpriseServer
Description:	Red Hat Enterprise Linux Server release 6.10 (Santiago)
Release:	6.10
Codename:	Santiago
[[email protected] ~]#

Registrar el servidor en RedHat

RedHat vive a base del soporte que dan a los clientes y de las suscripciones de sus productos.

Para que un sistema operativo RedHat pueda ser actualizado, tiene que estar registrado en RedHat, de lo contrario, no tendremos acceso a sus repositorios de software.

[[email protected] ~]# subscription-manager register --username UsuarioRedHat --password ContraseñaRedHat --auto-attach
Registering to: subscription.rhsm.redhat.com:443/subscription
The system has been registered with ID: ae9abd3a-f996-4b39-8dfd-4b4efbf51ee3
The registered system name is: localhost.localhost
Installed Product Current Status:
Product Name: Red Hat Enterprise Linux Server
Status: Subscribed WARNING The yum plugins: /etc/yum/pluginconf.d/subscription-manager.conf, /etc/yum/pluginconf.d/product-id.conf were automatically enabled for the benefit of Red Hat Subscription Management. If not desired, use "subscription-manager config --rhsm.auto_enable_yum_plugins=0" to block this behavior. [[email protected] ~]# 

Una vez que ya nos hemos suscrito, ya podemos utilizar algunos repositorios que vamos a necesitar para la actualización del sistema.

[[email protected] ~]# subscription-manager repos --enable rhel-6-server-extras-rpms
Repository 'rhel-6-server-extras-rpms' is enabled for this system.
[[email protected] ~]# subscription-manager repos --enable rhel-6-server-optional-rpms
Repository 'rhel-6-server-optional-rpms' is enabled for this system.
[[email protected] ~]#

Antes de comenzar con el procedimiento de actualización, instalaremos los últimos paquetes disponibles:

[[email protected] ~]# yum update -y
[[email protected] ~]# reboot

Instalación de las herramientas de actualización de Major Version de Linux RedHat

El siguiente paso es instalar las herramientas que nos van a permitir saltar de RedHat 6.10 a 7.9.

[[email protected] ~]# yum -y install preupgrade-assistant preupgrade-assistant-ui preupgrade-assistant-el6toel7 redhat-upgrade-tool Loaded plugins: product-id, refresh-packagekit, search-disabled-repos, security, subscription-manager
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package preupgrade-assistant.noarch 0:2.6.2-1.el6 will be installed
--> Processing Dependency: openscap >= 1.0.8 for package: preupgrade-assistant-2.6.2-1.el6.noarch
--> Processing Dependency: openscap-engine-sce >= 1.0.8 for package: preupgrade-assistant-2.6.2-1.el6.noarch
...

Dejamos que termine el proceso. La salida del comando es bastante larga.

Análisis del sistema previo a la actualización

Una de las tareas importantes que tenemos que lanzar antes de actualizar el sistema, es un análisis de posibles incompatibilidades con el mismo. Lo haremos con una de las herramientas que acabamos de instalar en el punto anterior.

La salida del comando es bastante larga, así que solamente copio algunos trocitos para que veáis lo que hace:

[[email protected] ~]# preupg
The Preupgrade Assistant is a diagnostics tool and does not perform the actual upgrade.
Do you want to continue? [Y/n]
Y
Gathering logs used by the Preupgrade Assistant:
All installed packages : 01/10 ...finished (time 00:01s)
All changed files : 02/10 ...finished (time 01:27s)
Changed config files : 03/10 ...finished (time 00:00s)
All users : 04/10 ...finished (time 00:00s)
All groups : 05/10 ...finished (time 00:00s)
Service statuses : 06/10 ...finished (time 00:00s)
All installed files : 07/10 ...finished (time 00:02s)
All local files : 08/10 ...finished (time 00:03s)
All executable files : 09/10 ...finished (time 00:00s)
Red Hat signed packages : 10/10 ...finished (time 00:00s)
Assessment of the system, running checks / SCE scripts:
001/140 ...done (Configuration files to be reviewed) (time: 00:02s)
002/140 ...done (File lists for the manual migration) (time: 00:00s)
003/140 ...done (Bacula Backup Software) (time: 00:00s)
004/140 ...done (MySQL configuration) (time: 00:00s) ... 139/140 ...done (NIS server UID_MIN and GID_MIN limits) (time: 00:00s)
140/140 ...done (The NIS server configuration file) (time: 00:00s)
The assessment finished (time 05:00s)
Result table with checks and their results for 'main contents':
-------------------------------------------------------------------------------------------------------------------
|Bacula Backup Software |notapplicable |
|MySQL data stack |notapplicable |
|Changes related to moving from MySQL to MariaDB |notapplicable |
|PostgreSQL |notapplicable |
|Red Hat Directory Server |notapplicable |
|Arptables |notapplicable | ... |Enabled and disabled services in Red Hat Enterprise Linux 6 |needs_action |
|The /etc/rc.local and /etc/rc.d/rc.local files |needs_action |
|The cgroups configuration compatibility |needs_action |
|GNOME desktop environment |fail |
-------------------------------------------------------------------------------------------------------------------
The tarball with results is stored in '/root/preupgrade-results/preupg_results-210209232415.tar.gz' .
The latest assessment is stored in the '/root/preupgrade' directory.
Summary information:
We have found some critical issues. In-place upgrade or migration is not advised.
Read the file /root/preupgrade/result.html for more details.
Please ensure you have backed up your system and/or data before doing a system upgrade to prevent loss of data in case the upgrade fails and full re-install of the system from installation media is needed.
Upload results to UI by the command:
e.g. preupg -u http://example.com:8099/submit/ -r /root/preupgrade-results/preupg_results-210209232415.tar.gz .
[[email protected] ~]# 

Si os fijáis, al final de la instalación hay un paquete que da problemas de incompatibilidad:

|GNOME desktop environment |fail 

Y estamos hablando de una instalación nueva de un RedHat 6.10 que no se ha tocado. Imaginaos en un entorno de producción donde se hayan instalado todo tipo de paquetes, tanto de otros repositorios como software de terceros. Esta es una de las razones importantes por las que RedHat no recomienda la actualización a Major Versions.

Actualización del sistema operativo

A pesar del «fail» anterior, voy a actualizar el sistema para que veáis que los problemas que nos va a dar.

La actualización va a utilizar, directamente, la ISO de RedHat 7.9, que ya la había descargado previamente en el siguiente directorio:

[[email protected] ISO]# pwd
/ISO
[[email protected] ISO]# ls -lh
total 4.3G
-rw-rw-r--. 1 david david 4.3G Feb 9 23:48 rhel-server-7.9-x86_64-dvd.iso
[[email protected] ISO]#

Así que vamos con el primer intento de subida de versión:

[[email protected] ISO]# redhat-upgrade-tool --iso rhel-server-7.9-x86_64-dvd.iso setting up repos...
upgradeiso | 2.8 kB 00:00 ... upgradeiso/primary | 2.1 MB 00:00 ... The Preupgrade Assistant has found EXTREME upgrade risks.
Run preupg --riskcheck --verbose to view these risks.
Continuing with this upgrade is not recommended - the system will be unsupported and most likely broken after the upgrade.
[[email protected] ISO]# [[email protected] ISO]# preupg --riskcheck --verbose
preupg.risk.EXTREME: You have the GNOME desktop environment session as an option in your X11 session manager. The GNOME desktop environment as a part of the 'Desktop' yum group underwent a serious redesign in its user interface as well as in underlying technologies in Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The /etc/shadow and /etc/gshadow files must be backed up manually by the administrator.
preupg.risk.HIGH: Package mysql is not installed.
preupg.risk.HIGH: Please, install all required packages (and binaries) and run preupg again to process check properly.
preupg.risk.HIGH: We detected some packages not signed by Red Hat. You can find the list in the /root/preupgrade/kickstart/nonrhpkgs file. Handle them yourself.
preupg.risk.HIGH: After upgrading to Red Hat Enterprise Linux 7, there are still some el6 packages left. Add the '--cleanup-post' option to redhat-upgrade-tool to remove them automatically.
preupg.risk.HIGH: The PackageKit-yum-plugin package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The apr-util-ldap package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The at-spi package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The at-spi-python package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The avahi-ui package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The cracklib-python package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The flac package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The gnome-backgrounds package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The gnome-doc-utils-stylesheets package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The gnome-vfs2-smb package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The groff package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The gstreamer-python package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The liboil package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The libopenraw-gnome package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The libproxy-bin package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The libproxy-python package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The libreport-compat package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The libreport-newt package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The libreport-plugin-kerneloops package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The libreport-plugin-logger package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The openscap-engine-sce package is available in the Optional channel.
preupg.risk.HIGH: The psutils package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The pulseaudio-module-gconf package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The system-config-firewall package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The system-config-firewall-tui package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: The xz-lzma-compat package moved to the Optional channel between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
preupg.risk.HIGH: There were changes in SELinux policies between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. See the solution to resolve this problem.
preupg.risk.HIGH: Back up the grub RPM manually before the upgrade. See the remediation instructions for more info.
preupg.risk.HIGH: The blk-availability service is disabled by default in Red Hat Enterprise Linux 7. Enable it by typing: systemctl enable blk-availability && systemctl start blk-availability.service .
preupg.risk.HIGH: The firstboot service is disabled by default in Red Hat Enterprise Linux 7. Enable it by typing: systemctl enable firstboot && systemctl start firstboot.service .
preupg.risk.HIGH: The haldaemon service is disabled by default in Red Hat Enterprise Linux 7. Enable it by typing: systemctl enable haldaemon && systemctl start haldaemon.service .
preupg.risk.HIGH: The ip6tables service is disabled by default in Red Hat Enterprise Linux 7. Enable it by typing: systemctl enable ip6tables && systemctl start ip6tables.service .
preupg.risk.HIGH: The messagebus service is disabled by default in Red Hat Enterprise Linux 7. Enable it by typing: systemctl enable messagebus && systemctl start messagebus.service .
preupg.risk.HIGH: The netfs service is disabled by default in Red Hat Enterprise Linux 7. Enable it by typing: systemctl enable netfs && systemctl start netfs.service .
preupg.risk.HIGH: The network service is disabled by default in Red Hat Enterprise Linux 7. Enable it by typing: systemctl enable network && systemctl start network.service .
preupg.risk.HIGH: The portreserve service is disabled by default in Red Hat Enterprise Linux 7. Enable it by typing: systemctl enable portreserve && systemctl start portreserve.service .
preupg.risk.HIGH: The postfix service is disabled by default in Red Hat Enterprise Linux 7. Enable it by typing: systemctl enable postfix && systemctl start postfix.service .
preupg.risk.HIGH: The rdma service is disabled by default in Red Hat Enterprise Linux 7. Enable it by typing: systemctl enable rdma && systemctl start rdma.service .
preupg.risk.HIGH: The udev-post service is disabled by default in Red Hat Enterprise Linux 7. Enable it by typing: systemctl enable udev-post && systemctl start udev-post.service .
preupg.risk.HIGH: The /etc/rc.d/rc.local file was changed.
preupg.risk.HIGH: Additional libcgroup configuration files were created (/etc/cgconfig.d).
[[email protected] ISO]#

Aunque la salida del comando es un poco larga, os la he querido pegar para que veáis los problemas que da cuando tenemos una incompatibilidad de paquetes de sistema entre RedHat 6 y 7.

Afortunadamente, en este caso solamente se está quejando del grupo de paquetes «Desktop», así que lo elimino:

yum groupremove Desktop

Resulta que en RedHat 7, el entorno gráfico cambia bastante a nivel de instalación, respecto a su antecesor. Lo podremos instalar posteriormente cuando hayamos finalizado la actualización.

Esta acción ha eliminado 217 paquetes del sistema (516MB).

Si estabas conectado al servidor por el entorno gráfico, ya no podrás, así que tendrás que iniciar una sesión SSH en modo texto.

Vuelvo a lanzar otro análisis con preupg y se queja de otros paquetes residuales del entorno gráfico. Los elimino también.

[[email protected] ~]# rpm -qa |grep -i x11 |awk '{print "yum remove -y " $1}' |sh

Vuelvo a ejecutar preupg y esta vez ya está todo correcto.

Vuelvo a lanzar el comando de actualización del sistema. Os copio algunos trocitos relevantes porque son demasiadas líneas:

[[email protected] ~]# redhat-upgrade-tool --iso /ISO/rhel-server-7.9-x86_64-dvd.iso
setting up repos...
upgradeiso | 2.8 kB 00:00 ...
upgradeiso/primary | 2.1 MB 00:00 ...
The Preupgrade Assistant has found upgrade risks. You can run 'preupg --riskcheck --verbose' to view these risks.
Addressing high risk issues is mandatory before continuing with the upgrade.
Ignoring these risks may result in a broken and/or unsupported upgrade.
Please backup your data. List of issues:
preupg.risk.MEDIUM: Some packages installed on the system were removed between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. This might break the functionality of the packages that depend on the removed packages.
preupg.risk.MEDIUM: After the upgrade, migrate GRUB to GRUB 2 manually.
preupg.risk.SLIGHT: We detected some files where their modifications are not tracked by the RPM packages. Check the functionality of the files after the successful upgrade.
preupg.risk.HIGH: The /etc/shadow and /etc/gshadow files must be backed up manually by the administrator. ... preupg.risk.SLIGHT: The rhel-6-server-cf-ce-1-source-rpms repository is not enabled.
preupg.risk.SLIGHT: The rhel-6-server-satellite-tools-6-beta-debug-rpms repository is not enabled.
preupg.risk.SLIGHT: The rhel-ha-for-rhel-6-server-fastrack-debug-rpms repository is not enabled.
preupg.risk.SLIGHT: The jb-eap-6.3-for-rhel-6-server-debug-rpms repository is not enabled.
preupg.risk.SLIGHT: The rhel-6-server-rhceph-1.2-osd-source-rpms repository is not enabled.
preupg.risk.SLIGHT: The rhel-6-server-rhevm-3.3-source-rpms repository is not enabled.
preupg.risk.SLIGHT: The rhel-rs-for-rhel-6-server-fastrack-source-rpms repository is not enabled.
preupg.risk.SLIGHT: The rhel-6-server-satellite-tools-6.2-source-rpms repository is not enabled.
preupg.risk.SLIGHT: The rhel-server-dts2-6-rpms repository is not enabled. ... preupg.risk.SLIGHT: The rhel-6-server-els-rpms repository is not enabled.
preupg.risk.SLIGHT: Enabled repository files for the Kickstart generation are stored in the /root/preupgrade/kickstart/available-repos file.
preupg.risk.SLIGHT: Some packages installed on the system changed their names between Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Although they should be compatible, monitor them after the update.
Continue with the upgrade [Y/N]? Y
getting boot images...
vmlinuz-redhat-upgrade-tool | 6.5 MB 00:00 ...
initramfs-redhat-upgrade-tool.img | 54 MB 00:01 ...
setting up update...
upgradeiso/productid | 1.6 kB 00:00 ...
testing upgrade transaction
rpm transaction 100% [==========================================================================================================================================]
rpm install 100% [==============================================================================================================================================]
setting up system for upgrade
HOOK-pkgdowngrades: INFO: start with arguments: /root/preupgrade/pkgdowngrades/enforce_downgraded --destdir=/root/preupgrade/pkgdowngrades/rpms --installroot=/root/preupgrade/pkgdowngrades/installroot --rhelupdir=/var/lib/system-upgrade
Loaded plugins: product-id, subscription-manager
No plugin match for: rhnplugin
This system is not registered with an entitlement server. You can use subscription-manager to register.
Loaded plugins: product-id, subscription-manager
HOOK-pkgdowngrades: WARNING: The ncurses-base.x86_64 package switched to 'noarch' in the next RHEL release.
HOOK-pkgdowngrades: WARNING: The perl-Pod-Escapes.x86_64 package switched to 'noarch' in the next RHEL release.
HOOK-pkgdowngrades: WARNING: The perl-Module-Pluggable.x86_64 package switched to 'noarch' in the next RHEL release.
HOOK-pkgdowngrades: WARNING: The perl-Pod-Simple.x86_64 package switched to 'noarch' in the next RHEL release.
HOOK-pkgdowngrades: WARNING: The 'hwdata' package is not noarch anymore, x86_64 will be installed. ... HOOK-pkgdowngrades: INFO: DOWNGRADE: enforcing package installation 'insights-client.noarch'
HOOK-pkgdowngrades: INFO: DOWNGRADE: enforcing package installation 'satyr.x86_64'
HOOK-pkgdowngrades: INFO: DOWNGRADE: enforcing package installation 'xcb-util.x86_64'
HOOK-pkgdowngrades: INFO: DOWNGRADE: enforcing package installation 'redhat-menus.noarch'
HOOK-pkgdowngrades: INFO: done
Finished. Reboot to start upgrade.
[[email protected] ~]#

Reinicio el sistema una vez finalizado el proceso.

Durante el proceso de boot, podemos observar como el sistema operativo ya se está actualizando:

Actualizacion de RedHat 6.10 a 7.9Actualizacion de RedHat 6.10 a 7.9

Al final de todo el proceso, se vuelve a reinicar automáticamente y ya podremos acceder a él con la versión actualizada.

[[email protected] ~]# lsb_release -a
LSB Version: :core-4.1-amd64:core-4.1-noarch
Distributor ID: RedHatEnterpriseServer
Description: Red Hat Enterprise Linux Server release 7.9 (Maipo)
Release: 7.9
Codename: Maipo
[[email protected] ~]#

Sólo faltaba volver a instalar el entorno gráfico, que podéis consultar en este artículo.