You can upgrade all cells in the server group together with the shared database by running the VMware Cloud Director installer with the --private-key-path option.
You can use the VMware Cloud Director installer for Linux to upgrade a VMware Cloud Director server group that consists of VMware Cloud Director installations on a supported Linux OS. If your VMware Cloud Director server group consists of VMware Cloud Director 9.5 appliances deployments, you use the VMware Cloud Director installer for Linux to upgrade your existing environment only as part of the migration workflow. See Upgrading and Migrating Your VMware Cloud Director Appliance.
VMware Cloud Director for Linux is distributed as a digitally signed executable file with a name of the form vmware-vcloud-director-distribution-v.v.v-nnnnnn.bin, where v.v.v represents the product version and nnnnnn the build number. For example: vmware-vcloud-director-distribution-10.4.0-19780584.bin. Running this executable installs or upgrades VMware Cloud Director.
When you run the VMware Cloud Director installer with the --private-key-path option, you can add other command options of the upgrade utility, for example, --maintenance-cell. For information about the database upgrade utility options, see Database Upgrade Utility Reference for VMware Cloud Director on Linux.
Prerequisites
-
Important: VMware Cloud Director 10.5.1 and later no longer accepts certificates whose signature algorithms use SHA-1.For VMware Cloud Director 10.5.1 and later, verify that none of the certificates in the certificate chain use SHA-1 as their signature algorithm, for example,
sha1WithRSAEncryption
. -
Verify that your VMware Cloud Director database, the vSphere components, and the NSX components are compatible with the new version of VMware Cloud Director.
Important: If your existing VMware Cloud Director installation uses an Oracle database or a Microsoft SQL Server database, verify that you migrated to a PostgreSQL database before the upgrade. For the possible upgrade paths, see Upgrading Your VMware Cloud Director on Linux. -
Verify that you have superuser credentials for the target server.
-
If you want the installer to verify the digital signature of the installation file, download and install the VMware public key on the target server. If you already verified the digital signature of the installation file, you do not need to verify it again during installation. See Download and Install the VMware Public Key for an Installation of VMware Cloud Director on Linux.
- Verify that you have a valid license key to use the version of the VMware Cloud Director software to which you are upgrading.
- Verify that all cells permit SSH connections from the superuser without a password. To perform a verification, you can run the following Linux command:
sudo -u vcloud ssh -i private-key-path root@cell-ip
This example sets your identity tovcloud
, then makes an SSH connection to the cell at cell-ip as root but does not supply the root password. If the private key in private-key-path on the local cell is readable by uservcloud.vcloud
and the corresponding public key is present in the authorized-keys file for the root user at cell-ip the command succeeds.Note:The
vcloud
user,vcloud
group, andvcloud.vcloud
account are created by the VMware Cloud Director installer for use as an identity with which VMware Cloud Director processes run. Thevcloud
user has no password. - Verify that you all ESXi hosts are activated. Deactivated ESXi hosts are unsupported.
- Verify that all servers in the server group can access the shared transfer server storage. See Preparing the Transfer Server Storage for Your VMware Cloud Director on Linux.
-
Starting with version 10.3, VMware Cloud Director no longer allows administrator and tenant LDAP servers to bypass SSL certificate validation. Before you upgrade VMware Cloud Director, you must test your connection. If any of the organizations have these invalid configurations, for each one, you must turn off the Accept all certificates setting for the LDAP server and import the certificates in the LDAP settings UI.
In recent releases, when you update the LDAP settings to turn off the Accept all certificates setting, a trust on first use dialog box automates the import of the certificate for the LDAP server of an organization. However, in earlier releases, it is a two-step process of turning the Accept all certificates setting off, and then, using the UI to upload the certificate of the LDAP server.
- If your VMware Cloud Director installation uses an LDAPS server, to avoid LDAP login failures after the upgrade, verify that you have a properly constructed certificate for Java 8 Update 181. For information, see the Java 8 Release Changes at https://www.java.com.
Procedure
Results
- Verifies that the current cell host meets all requirements.
- Unpacks the VMware Cloud Director RPM package.
- Upgrades VMware Cloud Director software on the current cell.
- Upgrades the VMware Cloud Director database.
- Upgrades VMware Cloud Director software on each of the remaining cells, then restarts VMware Cloud Director services on the cell.
- Restarts VMware Cloud Director services on the current cell.
What to do next
- Start the VMware Cloud Director services on all cells in the server group.
-
Verify that your AMQP connections are working properly.
-
For each cell, verify that there are no add-on upgrade errors in vcloud-container-info.log.
- Upgrade the NSX-V Manager Instances Registered to VMware Cloud Director
- Upgrade vCenter Server Systems, ESXi Hosts, and NSX Edges Registered to Your VMware Cloud Director