ishenwei/nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
070bd42886bf85534041b93dd2c837ee42e8ab52
nexus/knowledgebase/csd-wiki/ICSD/Pre-upgrade-task-of-AC-when-upgrade-from-24.2-to-24.3_688996364.md

130 lines
5.5 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Pre-upgrade-task-of-AC-when-upgrade-from-24.2-to-24.3_688996364
**Introduction:**
The exeuction of sql scripts is required when AC is enbaled for a Tenant on the ESM tenant in ESM 24.2 release, before upgrade of ESM chart to 24.3
It updates the existing 'Owner' of schema tables created in 24.2 to the tenant schema owner.
## 1\. Pre-condition:
Download the below DB scripts onto the Bastion Node.
[https://github.houston.softwaregrp.net/oo-rnd/itom-saas-tools/blob/master/configure-ac-tenant/ds\_change\_table\_ownership.sql](https://github.houston.softwaregrp.net/oo-rnd/itom-saas-tools/blob/master/configure-ac-tenant/ds_change_table_ownership.sql)
[https://github.houston.softwaregrp.net/oo-rnd/itom-saas-tools/blob/master/configure-ac-tenant/vps\_change\_table\_ownership.sql](https://github.houston.softwaregrp.net/oo-rnd/itom-saas-tools/blob/master/configure-ac-tenant/vps_change_table_ownership.sql)
## 2\. Run the sql scripts:
We need to connect to a bastion node having access to the RDS of SMAX setup.
### 2.1. Data Sync service:
1\. Check the Tenant schema details before running the sql sciprts:
**1.** Connect to the acdatasyncdb.
**`2.Check the schema details`**
**`acdatasyncdb=# \dn`**
**![](attachments/688996364/688996357.png)**
3\. Pre-SQL scripts execution validation (check the 'Owner' of the schema table)
  **`  acdatasyncdb=# \dt syncservice_<tenantId>.*`**
**![](attachments/688996364/688996358.png)**
2\. Run the Sql script from the Bastion host.
Usage: Script iterates over the schemas of the DataSync DB named LIKE 'syncservice\_%', get the schema owner and set it as owner of the tables.
To get password of user acdatasyncdbuser:
→ Get the secret key for db password
kubectl get cm itom-ac-database-configmap -n <itsma namespace> -o yaml
The result is like:
**DB\_PASSWORD\_KEY**: itom\_itsma\_db\_password\_secret\_key
You may find the DB\_PASSWORD\_KEY value from the itom-ac-database-configmap
→ Get the acdatasyncdbuser db password.
kubectl get pod -n <itsma namespace> | grep "itom-ac-data-sync" | head -1 | awk '{print $1}'
kubectl exec <itom-ac-data-sync pod> -n <itsma namespace> -c itom-ac-data-sync -- get\_secret <password key>
For example:
kubectl exec $(kubectl get pod -n itsma-eks | grep "itom-ac-data-sync" | head -1 | awk '{print $1}') -n itsma-eks -c itom-ac-data-sync -- get\_secret itom\_itsma\_db\_password\_secret\_key
Command: PGPASSWORD='<password>' psql -h [<](http://ac-regression-01-postgres.cluster-cqfvpwi0zslp.us-west-2.rds.amazonaws.com/) postgres\_hostname> -p 5432 -d acdatasyncdb -U acdatasyncdbuser -a -f **ds\_change\_table\_ownership.sql**
**\*** PGPASSWORD - acdatasyncdbuser database user password
3\. Post SQL scripts execution validation (Here 'Owner' of the tables is changed post the sql script execution):
**`acdatasyncdb=# \dt syncservice_<tenantId>.*`**
![](attachments/688996364/688996359.png)
### 2.2. Vulnerability & Patching service:
1\. Check the Tenant schema details before running the sql sciprts:
1\. Connect to the acpatchdb
**`2. Check the schema details`**
**`acpatchdb=# \dn`**
![](attachments/688996364/688996360.png)
3\. Pre-SQL script execution validation: (check 'Owner' of the schema tables)
   **`   acpatchdb=# \dt vps_schema_<tenantId>.*`**
![](attachments/688996364/688996361.png)
2\. Run the Sql script from the Bastion host.
Uasage: Script iterates over the schemas of the VPS DB named LIKE 'vps\_schema\_%', get the schema owner and sets it as owner of the tables.
To get password of user acpatchdbuser:
→ Get the secret key for db password
kubectl get cm itom-ac-database-configmap -n <itsma namespace> -o yaml
The result is like:
**DB\_PASSWORD\_KEY**: itom\_itsma\_db\_password\_secret\_key
You may find the DB\_PASSWORD\_KEY value from the itom-ac-database-configmap
→ Get the acpatchdbuser db password.
kubectl get pod -n <itsma namespace> | grep "itom-ac-data-sync" | head -1 | awk '{print $1}'
kubectl exec <itom-ac-data-sync pod> -n <itsma namespace> -c itom-ac-data-sync -- get\_secret <password key>
For example:
kubectl exec $(kubectl get pod -n itsma-eks | grep "itom-ac-data-sync" | head -1 | awk '{print $1}') -n itsma-eks -c itom-ac-data-sync -- get\_secret itom\_itsma\_db\_password\_secret\_key
Command: PGPASSWORD='<password>' psql -h <postgres\_hostname> -p 5432 -d acpatchdb -U acpatchdbuser -a -f **vps\_change\_table\_ownership.sql**
\* PGPASSWORD - acpatchdbuser database user password
3\. Post SQL scripts execution (Here 'Owner' of the table is changed post the sql script execution):
 **` acpatchdb=# \dt vps_schema_<tenantId>.*`**
![](attachments/688996364/688996362.png)
**Related pages**
- Page:
[ESM Cloud Farm Version Tracking](/display/ICSD/ESM+Cloud+Farm+Version+Tracking)
- Page:
[How to get an Opentext Confluence account](/display/ICSD/How+to+get+an+Opentext+Confluence+account)
- Page:
[ITOM APM AppPluse Cloud Farm Information](/display/ICSD/ITOM+APM+AppPluse+Cloud+Farm+Information)
- Page:
[ITOM Cloud Service Ops Doc Management Process](/display/ICSD/ITOM+Cloud+Service+Ops+Doc+Management+Process)
- Page:
[ITOM ESM Cloud Service Catalog](/display/ICSD/ITOM+ESM+Cloud+Service+Catalog)
- Page:
[ITOM OpsB NOM Cloud Service Catalog](/display/ICSD/ITOM+OpsB+NOM+Cloud+Service+Catalog)
- Page:
[OpsB and NOM Cloud Deployments Version Tracking](/display/ICSD/OpsB+and+NOM+Cloud+Deployments+Version+Tracking)
Reference in New Issue View Git Blame Copy Permalink