Step-3 Upgrading ABS AI Engine
This section discusses the steps to upgrade ABS 5.0 to 5.1
Before you begin
-
Extract the upgrade scripts from the PingIntelligence upgrade package as explained in Common upgrade tasks section
About this task
Complete the following steps on all the ABS nodes in a cluster.
Steps
-
Download the ABS 5.1 binary. Copy the binary to a temporary directory and extract it.
# cp pi-api-abs-5.1.tar.gz ~/pi-tmp/ # cd ~/pi-tmp/ # tar -xvf pi-api-abs-5.1.tar.gz
-
Navigate to
~/pi-tmp/pingidentity/upgrade/abs/
and copy the ABS upgrade script to the~/pi-tmp/pingidentity/abs/util/
directory in the temporary directory.# cd ~/pi-tmp/pingidentity/upgrade/abs/ # cp abs-upgrade.sh ~/pi-tmp/pingidentity/abs/util
-
Navigate to
~/pi-tmp/pingidentity/abs/util/
directory and run the upgrade script.: Only after successful upgrade of MongoDB, proceed with ABS upgrade. # cd ~/pi-tmp/pingidentity/abs/util/ # ./abs-upgrade.sh <ABS 5.0 installation path>
For example:
# ./abs-upgrade.sh /home/pi-user/pingidentity/abs Upgrading ABS to version 5.1 are you sure you want to continue? (yes/no): yes making the configuration changes and copying new binaries configuration for smtp_ssl field is already configured configuration for mongo_ssl field is already configured configuration for mongo_auth_mechanism field is already configured upgrade to ABS 5.1 is successful please start ABS using: /home/pi-user/pingidentity/abs//bin/start.sh if systemctl service present, run command: systemctl restart pi-abs.service
-
Verify that the upgrade was successful by entering the following command.
# cat /<ABS installation path>/pingidentity/abs/version.txt
For eexample:
+
# cat /home/pi-user/pingidentity/abs/version.txt
-
Open the
config/kafka.properties
file, and make the necessary changes.A description of each config file parameter is provided below:
#Kafka bootstrap servers pi.kafka.bootstrap-servers - A comma separated list of Kafka Broker server hostnames/IP addresses with port pi.kafka.use-insecure - If set to true, kafka hostname will not be verified in the TLS certificate pi.kafka.sslTruststoreLocation - Path to the truststore with which the Kafka broker has been setup pi.kafka.sslTruststorePassword - Password of the truststore pi.kafka.authentication.protocol - Authentication protocol used between Kafka clients and brokers pi.kafka.authentication.sasl-mechanism - SASL Mechanism used for authentication #Topics pi.kafka.topic.transactions - Name of transactions topic pi.kafka.topic.attacks - Name of attacks topic pi.kafka.topic.anomalies - Name of anomalies topic # ABS consumer details pi.kafka.consumer.authentication.username - Username for kafka consumer pi.kafka.consumer.authentication.password - Password for kafka consumer pi.kafka.consumer.groupId - Group name for kafka consumer pi.kafka.consumer.max-poll-records-config - Number of records that can be returned in one poll call to kafka pi.kafka.consumer.poll-interval - Interval between two poll calls to kafka #ABS producer details pi.kafka.producer.authentication.username - Username for kafka producer pi.kafka.producer.authentication.password - Password for kafka producer pi.kafka.producer.acks - Kafka broker acknowledgement property pi.kafka.producer.min-insync-replicas - Minimum number of replicas that need to be in-sync pi.kafka.producer.retries - Number of retries for a failed send pi.kafka.producer.linger - Producer delay between sending records pi.kafka.producer.buffer-memory - Producer buffer memory in bytes pi.kafka.producer.batch-size - Maximum number of records that can be sent in one batch
-
Update the license file in
/pingidentity/abs/config
directory to the new PingIntelligence 5.1 license file. -
Start all ABS nodes.
Start the ABS nodes only after completing the MongoDB upgrade as detailed in Step-2 Upgrading MongoDB.
# /<ABS installation path>/pingidentity/abs/bin/start.sh
For example:
# /home/pi-user/pingidentity/abs/bin/start.sh
If ABS is running as a service, then run the following command.
# systemctl start pi-abs.service
Next steps
Proceed to Step-5 Installing API Publish and Dashboard.