cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

199
Views
0
Helpful
3
Replies
Highlighted

ACS 5.1 to 5.3 Upgrdae

Good day, Gents.

I read several guides such as http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-3/installation/guide/csacs_book/csacs_upg.html and several tickets from support forums, but I haven't understood am I right in suggestions.

Our company has primary/log collector server and secondary one. And according to link above my plan should be as following:

first variant

1) patch both servers 5.1 to the latest one

2) backup both of them using backup repository cli command

3) deregister secondary one, therefore every server will be a standalone one

4) upgrade old secondary to 5.3

5) on primary 5.1 make old secondary one (now separate primary 5.3 one) as remote target

6) upgrade old primary one to 5.3

7) register old primary one to current primary one as a secondary one

8) promote a secondary one as a primary one

9) optionally return to primary one functions of log collector as we have right now

10) optionally patch both servers 5.3 to the latest one

second variant:

1) patch both servers 5.1 to the latest one

2) backup both of them using backup repository cli command

3) promote current secondary one as primary one. result - new secondary one (previous primary one)/log collector, new primary one (previous secondary one)

4) reallocate functions of log collector to primary server. result - secondary server, primary/log collector server

5) deregister secondary server (previous primary one). result - two standalone servers

6)upgrade secondary server to 5.3

7) make on primary server 5.1 new  primary server 5.3 as a remote target for deployment

8) upgrade primary server 5.1 to 5.3

9) register it to current 5.3 primary server as a secondary one

10) promote secondary server as primary one

11) optionally return functions of log collector to primary one as we have right now

12) optionally patch both servers with the latest patch

 

Which one is more correct or they almost identical ones? i'm just confused a little bit with functions of log collector and afraid of not to lose previous logging info after upgrading

 

Thanks in advance

3 REPLIES 3
Highlighted

any suggestions/thoughts?

Highlighted
Enthusiast

The second veriont is more suitable,

*Before restoring ACS 5.1 database backup in ACS 5.3, you need to install ACS 5.3 patch 4 (or higher).

Highlighted

thank you for response.

actually i still not sure about the reason of promoting secondary server to primary in the second variant in the third line. what for is it? why cann't we as in the first variant immediately after degradating servers, upgrade the old second server?

and i didn't understand what for i need to  restore something according to your statement "*Before restoring ACS 5.1 database backup in ACS 5.3, you need to install ACS 5.3 patch 4 (or higher)."

and if i'm planning to upgrade servers with application bundle (NOT re-imaging), i didn't see the statement for restoring something as you wrote

or if i did as you said, would i restore log collector/monitoring and view database info? if yes, which command should i use? restore filename repository repository-name command?

BW

Content for Community-Ad