With CentOS 8 now EOL, it is officially time to upgrade CentOS 8 virtual machines to CentOS 8 Stream. The good news is that it is even quicker and easier than the upgrade from CentOS 7 to CentOS 8 was.
First things first… Take a backup of your virtual machine, or at least a snapshot so that you have something you can revert back to if something goes wrong in this process.
Take a look at what release your CentOS machine is currently running.
cat /etc/centos-release
cat /etc/os-release
As you can see this machine is currently on CentOS 8.5.2111.
At this point, I’m going to enter “sudo su” on my VM and then enter my credentials, so that I can continue as ‘root’ and I don’t have to type “sudo” before every single command.
To begin, start by updating your system.
dnf -y update
The next step is to update your machine to the current CentOS Stream release package.
List and view all of the enabled repositories. You should see they are set to “CentOS Stream 8”.
sudo dnf repolist
Next, synchronize all of the installed packages on your machine.
Note: For situational awareness, this step will upgrade or downgrade packages to match the new CentOS Stream ABI/API and will apparently break 100% RHEL compatibility due to the ABI/API change. This is the perfect example of why you would want to take a full backup of the system before making any changes, just in case the ABI/API change breaks one of your applications running on the system.
dnf -y distro-sync
Reboot your system.
init 6
Confirm that we are now running on CentOS 8 Stream.
cat /etc/centos-release
cat /etc/os-release
We can now see that this machine is now running on CentOS Stream 8.
Warning: CentOS 8 has reached End of Life (EOL) and is no longer supported. You should really consider moving to a supported OS such as CentOS 8 Stream.
I was looking at some virtual machines earlier today and I realized that they were not running the most current version of CentOS. Since I am going to upgrade them, I figured it’d be the perfect time to document the process of how to do it.
The first thing I do is make a backup of my virtual machine. You can’t recover from an accident if you don’t have a recovery point. At the very least, make sure you have taken a snapshot of your virtual machine.
Next, I verify what version of CentOS I’m on by running the following command.
cat /etc/centos-release
From the screenshot below you can see that I am currently on version 7.9.2009.
At this point, I’m going to enter “sudo su” on my VM and then enter my credentials, so that I can continue as ‘root’ and I don’t have to type “sudo” before every single command.
First step is to install the EPEL repository.
yum -y install epel-release
Next, install both ‘yum-utils’ and ‘rpmconf’ by using this command.
yum -y install yum-utils rpmconf
Next, use ‘rpmconf’ to resolve the RPM packages that are in use on your VM.
rpmconf -a
Then clean up any packages that are not required by your system.
CentOS Linux 8 had actually reached the End Of Life (EOL) as of December 31st, 2021. Which means that CentOS 8 will no longer receive development from the official CentOS project. After that EOL date, if you need to update your CentOS (yes, that means us right now), you need to change the mirrors to point to vault.centos.org where they are archived. So a better option would actually be to upgrade to CentOS Stream instead, but we’ll save that for another post… Here is how to change the mirrors.
cd /etc/yum.repos.d/
sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*
dnf update
cd
There are two packages, dracut-network and rpmconf, that conflict with upgradingand need to be removed.
dnf remove dracut-network rpmconf
Remove the old CentOS 7 kernel
rpm -e `rpm -q kernel`
Remove any conflicting packages that are not needed any longer
VMware Update Manager (VUM) is a component of vCenter has matured a lot as product since its introduction. One of my favorite parts about it is that it is now baked into the vCenter Server Appliance (VCSA). Using it makes the process of updating and patching your hosts a simple centralized task. Here we are going to use VUM to upgrade our ESXi host from v6.0 to v6.7.
1) The First thing we need to do is check the infamous “VMware Product Interoperability Matrices” to find our upgrade path. Looking at the matrix, we can see that we should be able to upgrade from any v6.0 release directly to v6.7u3.
Sometimes, depending on which version of ESXi you are running, you may not be able to jump straight to the latest release. You might need to do an incremental upgrade, stepping up through versions, until you finally land on your ‘final’ version.
For example, in the picture above we can see that ESXi v5.5 does not have a direct upgrade path to v6.7. You would first have to upgrade the host to v6.0 or v6.5, before you make another jump to v6.7.
2) The next step is to download the bits of your ESXi iso. There are a couple places you can grab this iso from.
a) The first place you can get it from is directly from VMware. Login into your VMware portal, in the right hand corner under “Quick Links” click on ‘Download Products’. In the search bar at the top of the page enter “ESXi” and you should see what we’re looking for in the auto-suggested dropdown, click on it.
Now look for the keyword “Product Binaries” in the search results, there’s a lot of other stuff like drivers listed, which we’re not looking for right now. Click the link, you’ll see another page with the actual download links.
b) For most folks, the above-mentioned way to find and download the ESXi iso will be fine. However, if you are running Dell hardware, then you have a second option; Download and use the Dell Customized ESXi image. It’s an ESXi iso that has all the Dell specific drivers pre-baked into it.
The Dell customization image includes: modifying files to identify Dell and Dell support, updating the ESXi image with the latest validated asynchronous drivers, and updating patches if it addresses a common issue for Dell systems.
To find this customized iso image, go to https://support.dell.com/ and enter your product serial number.
Click on the “Drivers & Downloads” tab.
Choose “Enterprise Solutions” in the Category field.
Expand the VMware ESXi link and click download on the desired version for your server.
3) Now we are finally ready to start using VUM, and we begin by importing our iso image we downloaded in the previous step. Login into your vCenter Server. From the menu, click on “Update Manager” -> “ESXi Images” -> “Import”.
Click the “Browse” button to navigate to and select the ESXi 6.7 iso image you downloaded previously. This will start uploading the file into VUM.
4) With our iso image now in vCenter, the next step is creating the baseline that vCenter will use to check if hosts are in compliance. Select the image you just imported, and click on “New Baseline”
Give your new baseline a name, such as “ESXi 6.7u3 Upgrade”, and click ‘NEXT’.
Make sure the image you imported is the one you have selected and click ‘NEXT’ again.
Verify all the summary details are
correct and click ‘FINISH’.
Select “Baselines”, you will see the baseline that we just finished creating.
5) The next step is to attach the baseline we just created to an object. The two objects we can attach our baseline to is either our cluster or individual host. I’m going to show how to do it on a cluster object, but the process is the same for a host.
From the “Hosts and Clusters” view in vCenter, select either your cluster object. Go to the “Updates” -> “Host Updates” -> “Attached baselines” -> “Attach” -> “Attach Baseline or Baseline Group”
Select the baseline we created earlier and click ‘ATTACH’.
6) With our baseline attached to our cluster or host object, we are finally ready to upgrade the ESXi host itself. Or in VUM terms – “remediate the host”.
Go to the “Updates” -> “Host Updates” -> “Attached baselines”. Select the baseline you want to apply, in our case it’s the “ESXi 6.7u3 Upgrade”, and then click on “Remediate”.
Click on “Accept the license agreement” -> Click on “Next” to accept all the default options before upgrading ESXi 6.x to ESXi 6.7 -> Click on “Finish” to begin the upgrade. Your host should go into “Maintenance Mode” before it applies it’s remediation steps and completes the upgrade, click “OK”.
7) It’s time to sit back and watch the status bar do it’s thing.
8) Once the remediation has completed, you will be able to verify that your host has been upgraded and is now in compliance.
Upgrading the IOS version on your Cisco 3850 Catalyst switch is not something to be dreaded. In fact it should probably be rejoiced, as these days it most likely means you’re also catching up on patching some vulnerabilities on your device. While the upgrade process is a little different on the 3850 then older generations of the Catalyst switches, not much has changed. Overall it is an easy process that won’t take you long to complete.
What has changed is that the 3850 switch? Well the “operating system” that the hardware now runs on is called IOS-XE. Whereas previous generations of Cisco hardware ran on IOS software.
The IOS-XE software is delivered as a bundle containing a set of packages which your device will use. These packages, during the install step, will get expanded before they are actually installed on the device. The older generations of devices that ran IOS had a .bin file that was essenitally a “flat” image and not a bundle of packages. While there are other changes too, that is the main difference between the “new” IOS-XE and the “old” IOS.
Okay… Lets get our switch upgraded…
Step 1: Download the latest (or rather the recommended) IOS-XE version from the support portal of Cisco.com. (At the time of me writing this, the recommended release version is “Fuji-16.9.4”)
Step 2: Transfer the .bin file you downloaded in step 1 to your device. There are a few ways to so; TFTP or USB being the most common.
Via TFTP
3850-SW# copy tftp flash: Address or name or remote host []? 10.1.2.3 Source filename[]? cat3k_caa-universalk9.16.09.04.SPA.bin Destination filename[cat3k_caa-universalk9.16.09.04.SPA.bin]? Accessing tftp://10.1.2.3/cat3k_caa-universalk9.16.09.04.SPA.bin... Loading cat3k_caa-universalk9.16.09.04.SPA.bin from 10.1.2.3: !!!!!!!!!!!!!
Once the software install completes, you will need to reboot the switch so that it can boot into the freshly installed IOS-XE version.
3850-SW# reload
Step 4: Verify the new version. After rebooting the device in the previous step, you will want to verify that you are indeed running the new IOS version. You can run the following command to do so.
3850-SW# show version | i Switch Cisco IOS Software [Fuji], Catalyst L3 Switch Software (CAT3K_CAA-UNIVERSALK9-M), Version 16.9.4, RELEASE SOFTWARE (fc2) Switch Ports Model SW Version SW Image Mode
Here we can see that the switch is running Fuji, and that it is on version 16.9.4. And now we’re done!
