Upgrade to Gluu Server 4.0#
The Gluu Server cannot be upgraded with a simple
apt-get upgrade. You will need to either use our in-place upgrade script or explicitly install the new version and export/import your data. Find the existing version below for upgrade instructions to Gluu Server 4.0.
- Before upgrading, make sure to back up the Gluu container or LDAP LDIF.
- Upgrades should always be thoroughly scoped and tested on a development environment first.
Upgrading from 3.1.x to 4.0#
At this time, only Gluu Server version 3.1.x can be upgraded to version 4.0. The upgrade script works on CentOS 7, Ubuntu 16, and RedHat 7. Upgrade script performs the following steps:
- Upgrades Java to Amazon Corretto. Extracts certificates from the existing Java keystore to
hostname_service.crtin the upgrade directory. After upgrading Java, imports to keystore
- Upgrades all Gluu WAR files, NodeJS, and Passport components
- Transfers all data from LDAP to
gluu.ldifin the upgrade directory
- Upgrades to WrenDS (a community maintained fork of OpenDJ). If you are currently running OpenLDAP, it will be backed up and migrated to WrenDS
gluu.ldifto convert the existing data set to the new model. Removes all inums. Depending on the data size, this step will take some time. Writes resulting data to
gluu_noinum.ldif. Your current passport configuration will be moved to
gluuPassportConfiguration.jsonfor future reference
gluu_noinum.ldifto newly installed WrenDS. Rejected and Skipped entries will be written to
opendj_skips.txtto the upgrade directory
- Upgrade script uses setup.py to updated the configuration. All activities will be logged to
- All files will be backed up with
file_name.gluu-version-#~where # is a consecutive number, unless backup is specified in another way.
- Sets the OpenID Connect
falseby default to ensure clients are unable to gather unwanted claims. If a client in use depends on this property, it can be set back to
truein the JSON configuration.
If you are using custom schema:
(a) OpenDJ Users: Back up the schema file
(b) OpenLDAP users: Convert the schema according to this guide
When the upgrade script prompts:
If you have custom ldap schema, add them now and press c If you don't have any custom schema you can continue with pressing c
Put the schema file in
- This upgrade replaces all the default Gluu Server scripts WITH SCRIPTS FROM 4.0 and removes other custom scripts. (This will replace any customization you may have made to these default script entries)
- Default authentication mode will be set to auth_ldap_server
- Cache provider configuration will be set to 4.0 default
- Reconfigure your logo and favicon
There are two options to perform the upgrade (both methods work inside the container):
The upgrade script can download all needed software and applications from the internet. You can perform an online upgrade by following these steps:
- Download the upgrade script
- Execute the script with
python update.py -o
Your upgrade directory will be the current directory. The script will create these directories: