Installing release 1.6.0
How to install and upgrade to ESB3024 Router release 1.6.0
To install ESB3024 Router, one first needs to copy the installation ISO image
to the target node where the router will be run. Due to the way the
installer operates, it is necessary that the host is reachable by
password-less SSH from itself for the user account that will perform the
installation, and that this user has sudo access.
Prerequisites:
Ensure that the current user has sudo access.
If the above command fails, you may need to add the user to the
/etc/sudoers file.
Ensure that the installer has password-less SSH access to localhost.
If using the root user, the PermitRootLogin property of the
/etc/ssh/sshd_config file must be set to ‘yes’.
The local host key must also be included in the .ssh/authorized_keys
file of the user running the installer. That can be done by issuing the
following as the intended user:
mkdir -m 0700 -p ~/.ssh
ssh-keyscan localhost >> ~/.ssh/authorized_keys
Note! The ssh-keyscan utility will result in the key fingerprint being
output on the console. As a security best-practice its recommended to
verify that this host-key matches the machine’s true SSH host key. As an
alternative, to this ssh-keyscan approach, establishing an SSH connection
to localhost and accepting the host key will have the same result.
Disable SELinux.
The Security-Enhanced Linux Project (SELinux) is designed to add an
additional layer of security to the operating system by enforcing a set of
rules on processes. Unfortunately out of the box the default configuration
is not compatible with the way the installer operates. Before
proceeding with the installation, it is recommended to disable SELinux.
It can be re-enabled after the installation completes, if desired, but
will require manual configuration. Refer to the Red Hat Customer Portal
for details.
To check if SELinux is enabled:
This will result in one of 3 states, “Enforcing”, “Permissive” or
“Disabled”. If the state is “Enforcing” use the following to disable
SELinux. Either “Permissive” or “Disabled” is required to continue.
It is recommended to reboot the computer after changing SELinux modes,
but the changes should take effect immediately.
Assuming the installation ISO image is in the current working directory,
the following steps need to be executed either by root user or with sudo.
Mount the installation ISO image under /mnt/acd.
Note: The mount-point may be any accessible path, but /mnt/acd will be
used throughout this document.
mkdir -p /mnt/acd
mount esb3024-acd-router-esb3024-1.8.0.iso /mnt/acd
Run the installer script.
Upgrade
The upgrade procedure for the router is performed by taking a backup of the
configuration, installing the new version of the router, and applying the
saved configuration.
With the router running, save a backup of the configuration.
The exact procedure to accomplish this depends on the current method of
configuration, e.g. if confd is used, then the configuration should be
extracted from confd, but if the REST API is used directly, then the
configuration must be saved by fetching the current configuration snapshot
using the REST API.
Extracting the configuration using confd is the recommend approach where
available.
confcli | tee config_backup.json
To extract the configuration from the REST API, the following may be used
instead. Depending on the version of the router used, an API-Key may be
required to fetch from the REST API.
curl --insecure https://localhost:5001/v2/configuration \
| tee config_backup.json
If the API Key is required, it can be found in the file
/opt/edgeware/acd/router/cache/rest-api-key.json and
can be passed to the API by setting the value of the X-API-Key header.
curl --insecure -H "X-API-Key: 1234abcd" \
https://localhost:5001/v2/configuration \
| tee config_backup.json
Mount the new installation ISO under /mnt/acd.
Note: The mount-point may be any accessible path, but /mnt/acd will be used
throughout this document.
mkdir -p /mnt/acd
mount esb3024-acd-router-1.2.0.iso /mnt/acd
Stop the router and all associated services.
Before upgrading the router it needs to be stopped, which can be done by
typing this:
Run the installer script.
Migrate the configuration.
Note that this step only applies if the router is configured using
confd. If it is configured using the REST API, this step is not necessary.
See Configuration changes between 1.4.0 and 1.6.0
for instructions on how to migrate the configuration to release 1.6.0.
Troubleshooting
If there is a problem running the installer, additional debug information can
be output by adding -v or -vv or -vvv to the installer command, the
more “v” characters, the more detailed output.
1 - Configuration changes between 1.4.0 and 1.6.0
This describes the configuration changes between ESB3024 Router version 1.4.0 and 1.6.0.
confd configuration
The confd configuration used in version 1.4.0 is not directly compatible with
1.6.0, and will need to have a few minor updates in order to be valid. If this
is not done, the configuration will not be valid and it will not be possible to
make configuration changes. Running confcli will cause error messages and an
empty default configuration to be printed.
$ confcli services.routing.
[2023-12-12 16:08:07,120] [ERROR] Missing configuration key /services/routing/translationFunctions
[2023-12-12 16:08:07,122] [ERROR] Missing configuration key /services/routing/settings/instream/dashManifestRewrite/sessionGroupNames
[2023-12-12 16:08:07,122] [ERROR] Missing configuration key /services/routing/settings/instream/hlsManifestRewrite/sessionGroupNames
[2023-12-12 16:08:07,123] [ERROR] Missing configuration key /services/routing/settings/managedSessions
[2023-12-12 16:08:07,123] [ERROR] Missing configuration key /services/routing/tuning/target/recentDurationMilliseconds
{
"routing": {
"apiKey": "",
"settings": {
"allowedProxies": [],
"contentPopularity": {
"algorithm": "score_based",
"sessionGroupNames": []
},
"extendedContentIdentifier": {
...
The first thing that needs to be done is to rename the keys sessionGroupIds to
sessionGroupNames. If the configuration was backed up to the file
config_backup.json before upgrading, the keys can be renamed and the
updated configuration can be applied by typing this:
sed 's/"sessionGroupIds"/"sessionGroupNames"/' config_backup.json | confcli -i
[2023-12-19 12:33:17,725] [ERROR] Missing configuration key /services/routing/translationFunctions
[2023-12-19 12:33:17,726] [ERROR] Missing configuration key /services/routing/settings/instream/dashManifestRewrite/sessionGroupNames
[2023-12-19 12:33:17,727] [ERROR] Missing configuration key /services/routing/settings/instream/hlsManifestRewrite/sessionGroupNames
[2023-12-19 12:33:17,727] [ERROR] Missing configuration key /services/routing/settings/managedSessions
[2023-12-19 12:33:17,727] [ERROR] Missing configuration key /services/routing/tuning/target/recentDurationMilliseconds
The configuration has not yet been converted, so the error messages are still
printed. The configuration will be converted when the acd-confd service is
restarted.
systemctl restart acd-confd
This concludes the conversion of the configuration and the router is ready to be
used.
Configuration changes
Below are all configuration changes between version 1.4.0 and 1.6.0 listed.
Normally nothing needs to be done about this since they will be upgraded
automatically, but they are listed here for reference.
Added translationFunctions block
services.routing.translationFunctions has been added. It can be added as a
map with two empty strings as values, to make the top of the configuration look
like this:
{
"services": {
"routing": {
"translationFunctions": {
"request": "",
"response": ""
},
...
Renamed sessionGroupIds to sessionGroupNames
The keys
services.routing.settings.instream.dashManifestRewrite.sessionGroupIds and
services.routing.settings.instream.hlsManifestRewrite.sessionGroupIds have
been renamed to
services.routing.settings.instream.dashManifestRewrite.sessionGroupNames and
services.routing.settings.instream.hlsManifestRewrite.sessionGroupNames
respectively. Any session group IDs need to be manually converted to session
group names.
After the conversion, the head of the configuration file might look like this:
{
"services": {
"routing": {
"apiKey": "",
"settings": {
"allowedProxies": [],
"contentPopularity": {
"algorithm": "score_based",
"sessionGroupNames": []
},
"extendedContentIdentifier": {
"enabled": false,
"includedQueryParams": []
},
"instream": {
"dashManifestRewrite": {
"enabled": false,
"sessionGroupNames": []
},
"hlsManifestRewrite": {
"enabled": false,
"sessionGroupNames": []
},
"reversedFilenameComparison": false
},
...
Added managedSessions block
A services.routing.settings.managedSessions block has been added. After
adding the block, the configuration might look like this:
{
"services": {
"routing": {
"apiKey": "",
"settings": {
"allowedProxies": [],
"contentPopularity": {
"algorithm": "score_based",
"sessionGroupNames": []
},
...
"managedSessions": {
"fraction": 0.0,
"maxActive": 100000,
"sessionTypes": []
},
"usageLog": {
"enabled": false,
"logInterval": 3600000
}
},
...
Added recentDurationMilliseconds
A services.routing.tuning.target.recentDurationMilliseconds key has been added
to the configuration file, with a default value of 500. After adding the key,
the configuration might look like this:
{
"services": {
"routing": {
"apiKey": "",
...
"tuning": {
"target": {
...
"recentDurationMilliseconds": 500,
...
Storing the updated configuration
After all these changes have been done to the configuration file, it can be
applied to the router using confcli.
confcli will still display error messages because the stored configuration is
not valid. They will not be displayed anymore after the valid configuration has
been applied.
$ confcli -i < updated_config.json
[2023-12-12 18:52:05,500] [ERROR] Missing configuration key /services/routing/translationFunctions
[2023-12-12 18:52:05,502] [ERROR] Missing configuration key /services/routing/settings/instream/dashManifestRewrite/sessionGroupNames
[2023-12-12 18:52:05,502] [ERROR] Missing configuration key /services/routing/settings/instream/hlsManifestRewrite/sessionGroupNames
[2023-12-12 18:52:05,503] [ERROR] Missing configuration key /services/routing/settings/managedSessions
[2023-12-12 18:52:05,511] [ERROR] Missing configuration key /services/routing/tuning/target/recentDurationMilliseconds
Raw configuration
The following changes have been made to the raw configuration. If the router is
configured via confd and confcli, these changes will be applied by them.
This section is only relevant if the router is configured via the
v2/configuration API.
Simple changes
The following keys were added or removed. They will not need to be manually
updated, the router will add the new keys with default values.
- Removed the
tuning.repeated_session_start_threshold_seconds key. - Removed the
lua_paths key. - Added the
tuning.target_recent_duration_milliseconds key.
EDNS proxy changes
If the router has been configured to use an EDNS server, the following has to be
changed for the configuration to work.
The hosts.proxy_address key has been renamed to hosts.proxy_url and now
accepts a port that is used when connecting to the proxy.
The cdns.http_port and cdns.https_port keys now configure the port that is
used for connecting to the EDNS server, before they configured the port that is
used for connecting to the proxy.