Migration to Swivel Appliance OS 5.x
Overview
This article is a step-by-step guide to migrate to the latest Swivel Appliance version. Please read carefully and follow the instructions to avoid any Issues. Swivel Secure highly recommend customers to engage our Professional Services, especially where High Availability appliances have been deployed and authentication is a critical service. Please email supportdesk@swivelsecure.com if you need assistance.
Requirements
Swivel Appliance OS Version: 5.x or higher (to obtain the latest version of the appliance, please contact sales@swivelsecure.com who can reissue your VM Download email if you are in an active support agreement)
Update to AuthControl Sentry 4.2.3 or higher prior to migration
Command Line Interface access may be required in some migration cases. Typically a migration should be performed by an accredited Swivel Secure partner or Swivel Secure engineer. Otherwise, access to the Command Line would require the customer to sign a warranty waiver form. Please contact supportdesk@swivelsecure.com for further details.
Migration Steps
Preparation
Warning
These steps will cause a service impact on your old live appliance, but they will make the restored appliance safer to work with.
Make the following temporary changes on your live, old appliance, prior to backup:
Set the database to Shipping. Take a note of what it was set to previously. In most cases it will be set to ‘Appliance Database’. This will mean that when your backup is restored you can login to the Administration interface with the default admin / 1234 credentials. It means you can review the Log Viewer in the event that your restored database does not work:
Stop messaging. This will prevent any messages being sent out accidentally, en masse to your users due to a bad configuration or upgrade bug:
Stop repository syncing. This will prevent new users being added or accidentally removed in the event of a bad database restoration:
Backup old appliance
Once you have carried out the above preparation, from the CMI Main Menu, select the Backup and Restore menu option. Then select Backup. Then select Application Only Backup:
On screen you should see “INFO: Backup created at /backups/swivel/….tar.gz
You can now copy off the backup file to your workstation using an scp client such as WinSCP, or the scp command in Windows:
Deploy new appliance
Deploy the new appliance to your hypervisor. Apply a temporary static IP networking configuration, with default gateway, DNS and hostname, ideally on the same subnet as the live old appliance.
Restore backup
Copy the backup to the new appliance:
In the new appliance CMI Main Menu select Backup and Restore. Then select restore. Then Application Only Restore:
Access the new appliance on temporary IP
Login to the Administration interface of the new appliance on https://<temporary_IP>:8080/sentry.
On the new appliance - revert the changes you made in the Preparation section above: set the Database back to ‘Appliance Database’, or whatever was selected previously. Start Messaging again and enable the Repository sync schedule.
Stop the old appliance
From the CMI main menu, select Administration -> Shutdown, to shut down the old appliance.
Set the new appliance to the live IP
Now, on the new appliance:
From the CMI main menu, select Networking -> Change Interface IP Addresses -> en160 and set the IP to be the live IP address that was used by the old appliance
From the CMI main menu, select Appliance -> Start or Stop services. Stop and start Database. Stop and Start Tomcat.
Login to the Administration interface of the new appliance on https://<live_IP>:8080/sentry.
Test your integrations
Login to your remote access or cloud applications that are secured by the Swivel Secure appliance
Review the Log Viewer to check for any issues