Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Symptoms

Your organization has a tight security policy that mandates a firewall which blocks any external traffic, including that from your SoftNAS instance to/from the outer world. This is preventing receipt of necessary updates.  

Purpose

The purpose of this document is to outline the steps required to maintain access to the required  IPs for SoftNAS updates without compromising the tight security requirements of organizational policy.More details on our latest releases can be found in Release Notes: repositories

 Note: If upgrading from 4.3.0 to 4.3.1 please refer to Section A. 

Note: If upgrading from pre-4.3.0 to 4.3.1 or later please refer to Section B.

Note: SoftNAS recommends a reboot of your system be performed prior to performing a system upgrade. This ensures that the upgrade is performed on a stable system. 
Note: In addition to this KB; If you are upgrading a HA pair please refer to the link here /wiki/spaces/SD/pages/92999399


Warning: If putting only one node into maintenance mode, synchronization need not occur. If both HA nodes need to be placed into maintenance, a forced synchronization will need to occur.

Resolution

Our goal here, as mentioned, is to translate the mirroring system to a fixed URL or set of URLs that we can use when configuring any firewall. If you have already installed SoftNAS in a secure VPC and are unable to open HTTP traffic to the outside world to proceed with the following steps

Section A: Upgrading from 4.3.0 to 4.3.1 or Later

  1. Please whitelist the following domains/IPs

    # softnas.com IP: 54.88.117.35/32
    # mirror.softnas.com IP: 184.73.232.53/32

  2. Next, you can test the above changes by running the commands below and if your firewall is properly configured you should be able to get some feedback as the screenshot below:

    curl -k https://softnas.com 
    curl -k https://mirror.softnas.com 

  3. If steps 2 was successful please head over to Storage Center → Settings Software updates to begin the upgrade process. If not please check your firewall and network traffic and try step 2 again

Section B: Upgrading from Pre-4.3.0 to 4.3.1 or Later

  1. This additional step is required for pre-4.3.0 to 4.3.1 or later. that said, please cd into the repo directory
    # cd /etc/yum.repos.d

  2. Next, create the repo below 

    # vim softnas-remi.repo

    Paste the content below:

    [epel]
    name=Extra Packages for Enterprise Linux 6 - $basearch
    baseurl=https://mirror.softnas.com/epel/6/$basearch
    failovermethod=priority
    enabled=1
    gpgcheck=0

    [remi-safe]
    name=Safe Remi's RPM repository for Enterprise Linux 6 - $basearch
    baseurl=http://mirror.softnas.com/remi/enterprise/6/safe/$basearch/
    enabled=1
    gpgcheck=0

    [remi-php72]
    name=Remi's PHP 7.2 RPM repository for Enterprise Linux 6 - $basearch
    baseurl=http://mirror.softnas.com/remi/enterprise/6/php72/$basearch/
    enabled=0
    gpgcheck=0

  3. run yum repolist to update the cache


    # yum repolist 

  4. Complete the upgrade process as directed in Section A


      
  • No labels