Data

In this step you will:

1. Create directories for data conversion.

2. Transfer the bulk of your TOS Classic data to the new machine.

Overview

The transfer of data from TOS Classic to TOS Aurora is split into two phases to minimize downtime of TOS Classic. The preliminary data transfer moves the bulk of your data from the old server to the new, while allowing users to work on TOS Classic, whereas the final data transfer, done just before the install, transfers the remaining data when TOS Classic is no longer available to users. The preliminary phase is optional but recommended to reduce downtime and can be performed more than once, transferring only new and changed data each time.

Directories on the New Server

1. On the new TOS Aurora server, create directories to receive the data transferred from your TOS Classic server. Run the following commands exactly as shown, replacing <PGVER> with the PostgresSQL version you are using:

   [<ADMIN> ~]$ mkdir -p /opt/tufin/migration/

   mkdir -p /opt/tufin/migration/

   [<ADMIN> ~]$ mkdir -p /opt/tufin/data/volumes/postgres/<PGVER>/data/

   mkdir -p /opt/tufin/data/volumes/postgres/<PGVER>/data/

   [<ADMIN> ~]$ mkdir -p /opt/tufin/data/volumes/lucene/indexes/

   mkdir -p mkdir -p /opt/tufin/data/volumes/lucene/indexes/

2. If you have SecureChange, create these directories too.

   [<ADMIN> ~]$ mkdir -p /opt/tufin/data/volumes/migration-pv/sc/

   mkdir -p /opt/tufin/data/volumes/migration-pv/sc/

   [<ADMIN> ~]$ mkdir -p /opt/tufin/data/volumes/migration-pv/sc/pg/

   mkdir -p /opt/tufin/data/volumes/migration-pv/sc/pg/

   [<ADMIN> ~]$ mkdir -p /opt/tufin/data/volumes/migration-pv/sc/conf/

   mkdir -p /opt/tufin/data/volumes/migration-pv/sc/conf/

   [<ADMIN> ~]$ mkdir -p /opt/tufin/data/volumes/mongo-sc-rs/

   mkdir -p /opt/tufin/data/volumes/mongo-sc-rs/

Preliminary Data Transfer

While not mandatory, this step is recommended so you can transfer the bulk of your rule data while your users still work on TOS Classic, leaving the transfer of remaining data to the final data transfer phase (when TOS Classic must be stopped). This step can be performed more than once; only new and changed data will be transferred.

1. On the TOS Classic server, if not already done, assume root user or privileges.

   [TOS Classic Server]$ sudo su

   sudo su

   On RHEL/CentOS

   [TOS Classic Server]$ su -

   su -

2. On the TOS Classic server, run the screen command:

   [TOS Classic Server]# screen -S preliminary

   screen -S preliminary

3. On the TOS Classic server, copy your data to the new TOS Aurora server, using the rsync command, where,

   • <PGVER> is the PostgresSQL version you are using

   • <ADMIN> is an admin user on your new TOS Aurora server, who has permissions to the directories created previously.

   • <IP> is the internal IP address of the new TOS Aurora machine

   If using password to authenticate:

   (TOS Classic) [<ADMIN> ~]$ rsync -avzhe ssh --progress /var/lib/pgsql/<PGVER>/data/ <ADMIN>@<IP>:/opt/tufin/data/volumes/postgres/<PGVER>/data/  --rsync-path="sudo rsync"

   rsync -avzhe ssh --progress /var/lib/pgsql/<PGVER>/data/ <ADMIN>@<IP>:/opt/tufin/data/volumes/postgres/<PGVER>/data/ --rsync-path="sudo rsync"

   If using key pair files to authenticate, use the rsync command, where,

   • <LOCAL-PEM-PATH> is the location of the .pem file on your computer

   (TOS Classic) [<ADMIN> ~]$ rsync -avzhe "ssh -i <PEM-PATH>"  --progress /var/lib/pgsql/<PGVER>/data/ <ADMIN>@<IP>:/opt/tufin/data/volumes/postgres/<PGVER>/data/  --rsync-path="sudo rsync"

   rsync -avzhe "ssh -i <LOCAL-PEM-PATH>" --progress /var/lib/pgsql/<PGVER>/data/ <ADMIN>@<IP>:/opt/tufin/data/volumes/postgres/<PGVER>/data/ --rsync-path="sudo rsync"

4. Exit the screen session.

   [TOS Classic Server]# exit

   exit

Can I Proceed?

Continue to the next step only if...

1. You are ready to stop all activity on TOS Classic.
2. You understand that the length of the upgrade process will depend on the amount of data remaining to transfer to the new servers.