Data Migration to Rehost a Matched Version Instance of ExtremeCloud IQ Site Engine

You can migrate data across the same version of ExtremeCloud IQ Site Engine to a new instance running on a new host. Use this procedure if you need to migrate your data across the matched version of ExtremeCloud IQ Site Engine 24.7 or later. Use this procedure for scenarios such as migrating from VM to physical, from physical to virtual, for a host OS change, or to migrate to a new host on a different network environment or location.

If you need to migrate data from an old version to a new version of ExtremeCloud IQ Site Engine for an upgrade, go see MySQL to PostgreSQL Data Migration (For Upgrades from ExtremeCloud IQ Site Engine 24.2 to 24.7 and later)

Migration Steps:

  1. Ensure you have a backup of the ExtremeCloud IQ Site Engine configuration with Administration > Backup/Restore.

  2. Install a new ExtremeCloud IQ Site Engine, use the ExtremeCloud IQ Site Engine Suite Installation procedure.

  3. Complete the installation wizard. If you need original values then check these files in your migration source:
    /usr/postinstall/dnetconfig.properties
    /usr/postinstall/snmpconfig.properties

  4. Copy the backup to the new installation.

  5. Restore the backup onto the new system through CLI, see Restoring the Database Using the CLI.

  6. As necessary, re-create local accounts in the Operating System of the new installation. The local accounts defined in the Operating System are not part of the backup.
    For reference, the /etc/passwd file contains local accounts known to the operating system.

  7. If SCP is used for inventory manager, copy the SSH keys and settings with the command:
    sudo scp -r root@<IP-of-the-source>:/etc/ssh /etc/

  8. Copy additional files from the source instance that are not part of the backup:

    • Custom Mibs (~/NetSight/appdata/System/mibs/MyMibs)

    • TFTP Firmware files (path is defined in Administration > Options > Inventory Manager > File Transfer)

    • FTP Firmware files (path is defined in Administration > Options > Inventory Manager > File Transfer)

    • SCP Firmware files (path is defined in Administration > Options > Inventory Manager > File Transfer)

    • SFTP Firmware files (path is defined in Administration > Options > Inventory Manager > File Transfer)

    • Licenses (~/NetSight/appdata/license)

    • Events/logs (the path is in Alarms & Events > Event Configuration > Event Logs)

    • TFTPd settings (~/NetSight/services/nstftpd.cfg)

    • SNMPtrapd settings (~/NetSight/appdata/snmptrapd.conf)

    • NAT config settings (~/NetSight/appdata/nat_config.txt)

    • Custom CLI scripts (~/NetSight/appdata/CommandScriptTool/overrides)

    • Custom FlexViews not part of the VendorProfiles (~/NetSight/appdata/System/FlexViews/My FlexViews)

    • Logs (~/NetSight//appdata/logs and all subdirectories)

  9. Check and transfer any custom modifications you might have in:

    • NSJBoss.properties (~/NetSight/appdata/NSJBoss.properties)

    • snmptrapd.conf (~/NetSight/appdata/snmptrapd.conf)

    • If you customized the file ~/NetSight/services/nstftpd.cfg. Verify it matches the Firmware Directory Path specified in the TFTP Transfer Settings option in Inventory Manager (Tools > Options > Inventory Manager > File Transfer Settings > TFTP Transfer Settings).

  10. Check for and transfer over any other customizations, such as custom scripts in the file system.

  11. Configure the server certificate trust mode on the ExtremeCloud IQ Site Engine to handle the certificates it receives from other servers. Required if you have Access Control Engines or Application Analytics Engines or connect to LDAP servers, and you want the server certificate trust mode to be "Locked." For more information, see the Server Certificate Trust Mode section of the ExtremeCloud IQ Site Engine and ExtremeControl Secure Communication Help topic.

    1. Configure the ExtremeCloud IQ Site Engine with the Server Certificate Trust Mode set to "Trust All" (the default). Trust All avoids certificate trust problems while the server is being configured.

    2. Once the server is configured and communicating with other servers and engines as necessary, you can transition the Server Certificate Trust Mode to "Trust And Record" where the server learns the certificates it expects to receive, and then transition to "Locked" when the certificate learning is completed.