Hi all – I know I promised to follow up with more LogInsight posts and I intend to follow through! However, as a brief interruption to that blog series (available here), I wanted to let everyone know I’ve upgraded one of my environments from LogInsight 4.0.0-4624504 to 4.3.0-5084751 but not without issue.

You can refer to the VMware LogInsight 4.3 Documentation for instructions on performing the upgrade. When I followed the procedure, however, I was faced with the following error:

There were really no details provided at all. So, I connected to the node I was upgrading (a single node in this case) via SSH and looked at /var/log/loginsight/upgrade.log:

conwaylogs1:/var/log/loginsight # cat upgrade.log

2017-03-14 13:39:15,182 loginsight-upgrade INFO Certificate verified: VMware-vRealize-Log-Insight.cert: /C=US/ST=California/L=Palo Alto/O=VMware, Inc.

error 18 at 0 depth lookup:self signed certificate

OK

2017-03-14 13:39:38,114 loginsight-upgrade INFO Signature of the manifest validated: Verified OK

2017-03-14 13:39:38,877 loginsight-upgrade INFO Current version is 4.0.0-4624504 and upgrade version is 4.3.0-5084751. Version Check successful!

2017-03-14 13:39:38,878 loginsight-upgrade INFO Available Disk Space at /tmp: 13392916480

2017-03-14 13:39:38,878 loginsight-upgrade INFO Disk Space Check successful!

2017-03-14 13:39:38,878 loginsight-upgrade INFO Available Disk Space at /storage/core: 206482673664

2017-03-14 13:39:38,878 loginsight-upgrade INFO Disk Space Check successful!

2017-03-14 13:39:45,301 loginsight-upgrade INFO Checksum validation successful!

2017-03-14 13:39:45,322 loginsight-upgrade INFO Attempting to upgrade to version 4.3.0-5084751

2017-03-14 13:50:01,727 loginsight-upgrade INFO Verified source version 4.0.0 >= 4.0.0.0

Running upgrade validation for v3+

Validation script regular output:

Failed to read pre-upgrade30ga-script-package.script

Restarting Log Insight

2017-03-14 13:50:01,727 loginsight-upgrade INFO Pre-upgrade validation was not OK

2017-03-14 13:50:01,727 loginsight-upgrade INFO <div style=’margin-bottom:5px’><b>Log Insight deployment did not pass pre-upgrade validation:</b></div> <div><urlopen error [Errno 1] _ssl.c:497: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol></div>

2017-03-14 13:50:01,727 loginsight-upgrade ERROR Upgrade pre-validation errors

Traceback (most recent call last):

File “/usr/lib/loginsight/application/sbin/loginsight-pak-upgrade.py”, line 508, in main

raise ValidationError(err.strip())

ValidationError: “<div style=’margin-bottom:5px’><b>Log Insight deployment did not pass pre-upgrade validation:</b></div> <div><urlopen error [Errno 1] _ssl.c:497: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol></div>”

2017-03-14 13:50:01,728 loginsight-upgrade INFO Done!

Again, there’s really nothing obvious in the output. However, the text in red suggested something was up with an unknown protocol in regards to SSL. Hrm. Well, actually, as is best-practice, I disabled TLSv1 on all of my environments. So, as a long shot I thought I would re-enabled TLSv1 in case there was some sort of validation being done. You can read this KB on how to disabled TLSv1 (and thus re-enable it if needed).

It turns out that after re-enabling TLSv1 on the LogInsight 4.0 appliance, my upgrade went through successfully!

And finally, as confirmation, if you look at upgrade.log again you’ll see:

[…]

vmware-tools-vsock-common-10.0.9-5.sles11.x86_64 has already been installed.

vmware-tools-vsock-kmp-default-9.8.1.0_3.0.76_0.11-5.sles11.x86_64 has already been installed.

vmware-tools-vsock-kmp-trace-9.8.1.0_3.0.76_0.11-5.sles11.x86_64 has already been installed.

Running post-install script

Restarting Log Insight

2017-03-14 14:22:42,280 loginsight-upgrade INFO Successfully upgraded to version 4.3.0-5084751!

2017-03-14 14:22:42,280 loginsight-upgrade INFO Upgrade took 1 minutes

2017-03-14 14:22:42,280 loginsight-upgrade INFO Done!

Just a heads up to those who may be upgrading their appliances! Disabling TLSv1 is definitely a good idea, but in this case it bites you in the upgrade process! Good luck and feel free to let me know if you have similar or opposite experiences!

Share this: Twitter

Facebook

