On This Page
Data
Proceed only if...
- You have completed the setup in the previous step.
- The validation results indicated you are ready to start transferring data.
Otherwise go back to setting up AWS / Azure / VM / Linux / appliance / same server.
In this step you will:
-
Create directories for data conversion.
-
Transfer the bulk of your TOS Classic data to the new machine.
Overview
The transfer of data from TOS Classic to TOS Aurora is split into two phases to minimize downtime of TOS Classic. The preliminary data transfer moves the bulk of your data from the old server to the new, while allowing users to work on TOS Classic, whereas the final data transfer, done just before the install, transfers the remaining data when TOS Classic is no longer available to users. The preliminary phase is optional but recommended to reduce downtime and can be performed more than once, transferring only new and changed data each time.
Directories on the New Server
-
On the new TOS Aurora server, create directories to receive the data transferred from your TOS Classic server. Run the following commands exactly as shown, replacing <PGVER> with the PostgresSQL version you are using:
-
If you have SecureChange, create these directories too.
[<ADMIN> ~]$ mkdir -p /opt/tufin/data/volumes/migration-pv/sc/
mkdir -p /opt/tufin/data/volumes/migration-pv/sc/[<ADMIN> ~]$ mkdir -p /opt/tufin/data/volumes/migration-pv/sc/pg/
mkdir -p /opt/tufin/data/volumes/migration-pv/sc/pg/
Preliminary Data Transfer
While not mandatory, this step is recommended so you can transfer the bulk of your rule data while your users still work on TOS Classic, leaving the transfer of remaining data to the final data transfer phase (when TOS Classic must be stopped). This step can be performed more than once; only new and changed data will be transferred.
-
On the TOS Classic server, if not already done, assume root user or privileges.
On RHEL/CentOS
-
On the TOS Classic server, run the screen command:
-
On the TOS Classic server, copy your data to the new TOS Aurora server, using the rsync command, where,
-
<PGVER> is the PostgresSQL version you are using
-
<ADMIN> is an admin user on your new TOS Aurora server, who has permissions to the directories created previously.
-
<IP> is the internal IP address of the new TOS Aurora machine
If using password to authenticate:
(TOS Classic) [<ADMIN> ~]$ rsync -avzhe ssh --progress /var/lib/pgsql/<PGVER>/data/ <ADMIN>@<IP>:/opt/tufin/data/volumes/postgres/<PGVER>/data/ --rsync-path="sudo rsync"
rsync -avzhe ssh --progress /var/lib/pgsql/<PGVER>/data/ <ADMIN>@<IP>:/opt/tufin/data/volumes/postgres/<PGVER>/data/ --rsync-path="sudo rsync"If using key pair files to authenticate, use the rsync command, where,
-
<LOCAL-PEM-PATH> is the location of the .pem file on your computer
(TOS Classic) [<ADMIN> ~]$ rsync -avzhe "ssh -i <PEM-PATH>" --progress /var/lib/pgsql/<PGVER>/data/ <ADMIN>@<IP>:/opt/tufin/data/volumes/postgres/<PGVER>/data/ --rsync-path="sudo rsync"
rsync -avzhe "ssh -i <LOCAL-PEM-PATH>" --progress /var/lib/pgsql/<PGVER>/data/ <ADMIN>@<IP>:/opt/tufin/data/volumes/postgres/<PGVER>/data/ --rsync-path="sudo rsync" -
-
Exit the screen session.
Can I Proceed?
Continue to the next step only if...
- You are ready to stop all activity on TOS Classic.
- You understand that the length of the upgrade process will depend on the amount of data remaining to transfer to the new servers.