» Synchrony Gateway Upgrade Axway User: Daily Insight into an Axway User’s Brain

I’ve been so busy lately I haven’t really had any time to write here, it’s nuts! We recently undertook a 3 week PSO engagement so I’ve been working side-by-side with our PSO resource to do a number of things. One of the most prominent was something I’ve been pushing for since I knew it existed - an upgrade of gateway 6.9.1 to 6.11.4 in our dev environment. The PSO resource helped to make all of the install files available and provided some guidance, but I was able to the majority of it myself, and it was quite painless, and 6.11.4 has some awesome features that 6.9.1 is lacking.

I think I’ve stated it here already, but the two biggest advantages are support of an active/active failover on the XSR (Axway Secure Relay) by allowing multiple instances of an XSR to be running and configured in Gateway. My favorite though, is a Trans type called “Multi” that pulls any files that exist on a remote site, which takes away the need to do a list, parse it for filenames, and execute a script to pull them! Talk about making life easier. There is a downfall in that it doesn’t work with SFTP, but it’s great for when you have to log into a remote site and pull files. Another of my favorites is that a lot of the configuration variables became dynamic. For example, you can change log levels for your various protocols or Gateway options without restarting, which is a huge help!

I figure I’d also detail the steps of how we upgraded so that anybody who plans to try the upgrade can follow these plans quickly and easily…and if you have problems, just leave a comment and I’ll answer right away! These are for Linux, but should be almost identical in an AIX, Solaris, or Windows environment, the command syntaxes will vary, but I’m not going to get into that much detail. The hope in doing this is that I’ll be able to reference it if necessary, you’ll be able to get a feel for how the upgrade works, and maybe some of the things that were trial and error for us might be easier for you. It should be noted that we’re assuming you have the install files ready to go.

#1. Export all of the data you need from 6.9.1 using the command line. These will be “pelbase export” and “secadm export” and similar commands. You’ll want to look at the help file for your version for the correct syntax, but make sure that you get your Local Sites, Remote Sites, CGates, Security Profiles, VFDs, SSH and TLS profiles, transfer models, decision rules and rule table, and anything else you might have stored in Gateway. You will be exporting these to text files, and the easiest thing to do is just keep them on the server you’re installing the new version on.

#2. Stop Gateway, and verified all processes ended (”ps ef | grep gateway” in a linux environment). If you want to maintain congruence between environments, or have scripts pointing to a certain directory, you’ll want to move your current install directory to a backup (i.e. if you are installed at /axway/gateway/691, rename the folder to /axway/gateway/691.old).

#3. Run the install file by doing ./setupUNIX.sh install instmode console (again, linux), and basically follow the options. If you use special ports, enter them, make sure you’ve got your license key handy, basicaly just be prepared. If you backed up to 691.old, make sure that you put the “Synchrony Root directory” as “/axway” if thats where you want to put the install, then you can enter “691″ or whatever else you’d like for the actual application. I keep going back to the /axway/691 example because its’ similar to what my client had in their prod/dev/qa environments, and there was an enormous list of things pointing to that directory, all of which would function the same in 6.11.4.

#4. Start Gateway, verify that you can reach it via FTP by just doing an “ftp SERVERNAME” from the command line. If you can connect, then you should be in good shape! From there, make a cgate and try to actually log in and drop a file off to Gateway.

#5. Stop Gateway, and download all of the patches/service packs available, and install those using the same setupUNIX.sh, but this time run “./seupUNIX.sh update instmode -console”.

#6. Start Gateway again, and run your tests!

Obviously there are some other obstacles, but this thing was a piece of cake. Getting the XSR configured and working with it was a bit more cumbersome than I had hoped, but overall it was cake. I’d love to hear about anybody elses issues/concerns/successes with this upgrade, so shoot me an e-mail using tony @ inventmn dot com, or comment on the post if you have any insight!

It’s midnight now so I better get some kind of sleep, still have a lot of big days ahead of us.

Night ‘Yall!

Tony Lloyd