Tag Archives: guide

RHEL and web-server

Another thing you will notice if you are used to debian is that RHEL has iptables enabled by default.

To alter it you use the ‘iptables’ command. It is quite complex and there are good guides out there.

If you just want to let http and ssh through you can run this:

iptables -I RH-Firewall-1-INPUT 3 -p tcp -m tcp –dport 80 –tcp-flags SYN,RST,ACK SYN -j ACCEPT
iptables -I RH-Firewall-1-INPUT 3 -p tcp -m tcp –dport 22 –tcp-flags SYN,RST,ACK SYN -j ACCEPT

You do not have to change anything in httpd (made by apache by the way) to enable it.
Just point your browser. The document root is by default: /var/www/html

Upgrade WordPress 3.x

Hi!

If your webhost is running in php safemode then you may run into some issues, for example you cannot do the upgrade of WP automagically via the admin interface and neither can you upgrade plugins manually, which is a hazzle.

To do the upgrade follow this guide:

http://codex.wordpress.org/Upgrading_WordPress_Extended

I went from 3.0.4 to 3.1
and from 3.1 to 3.1.3
and from 3.1.3 to 3.2

The way I do it is like this:

  1. Download your blog ( in my case /blog) to your local machine.
  2. Make a backup of your mysql database ( via phpmyadmin in my case ). Good idea is to delete spam comments before you do this, saves a few bytes.
  3. Download and extract the latest wordpress on your local machine.
  4. In the directory where you extracted the new wordpress files, remove the directories that you are supposed to keep (mentioned in red text in the guide/link above and in #6 below).
  5. Copy over the files from your blog that you are supposed to keep, get them from where you downloaded the new files to your local machine.
  6. In my case the things I needed to copy were: wp-config.php, the folders under wp-content – and their content,  .htaccess
  7. The rest did not apply to me, as I did not have the cache, wp-images, plugins/widget and not using special language or special robots.txt
  8. On your web-host, rename the folder of your blog (I have mine under /blog)
  9. Upload the new directory from your local machine (the new one where you have copied in the things you needed to keep).
  10. Surf to /wp-admin
  11. Click upgrade db
  12. Take this opportunity to update some plugins if you have that are out of date.
  13. I did not have to alter my permalinks, the setting was the same (%postname%) and the links are still working.
  14. Done!

If you do run into problems this way, check out the forums for some assistance.

There are things you can use to make this a lot faster.
For example maybe a lot of files aren’t different between the versions.
If you don’t do backup or maybe if you don’t upload the whole new directory that will save you lots of time.

Some ftp-clients (flashfxp for example) have what’s called a skip-list where you can specify that files with the exact same size should not be over-written but skipped.

– What I did last time was to just download 3.2. Extract the archive. Remove the wp-content. Upload and overwrite the files on the web host. Tada. Not so complicated at all :)

Install Drupal 7 in Debian 6

Time for another go!

Drupal is ..

.. a pretty famous and widely used CMS out there – so here we go ->

1. Get sudo configured on debian. Sucks to have to log on as root all the time when installing apps etc.

2. Download and untar drupal 7

3. Read INSTALL.TXT

Requirements:

– A web server. Apache (version 2.0 or greater) is recommended.
– PHP 5.2.4 (or greater) (http://www.php.net/).
– One of the following databases:
– MySQL 5.0.15 (or greater) (http://www.mysql.com/).

“sudo apt-get install lamp-server^” does not work in Debian 6 :/

Following this guide instead.

  1. aptitude update  and then upgrade (maybe not necessary because I used apt-get.. why have two??)
  2. sudo apt-get install mysql-server mysql-client (in Debian 6 you put in sql root user password during install)
  3. sudo apt-get install apache2 php5 php5-mysql libapache2-mod-php5 phpmyadmin
  4. Surf to http://ip/phpmyadmin and log on to the mysql db – does it work? yay!
  5. Create drupal db – see INSTALL.mysql.txt – basically this just tells you to create a database and a user. It asks you to do this via manual SQL queries, but we have phpmyadmin so we just have to; 1. click on databases and create a new one. 2. after that, click on privileges and create a new user. 3 just type in username and password, leave the rest for default.
  6. Copy extracted files to your www directory. Beware of rights, use chmod and possibly chown. /var/www/ is the default directory.
  7. Surf to http://ip/drupal (where install.php is)
  8. Standard setting
  9. Then it complains that it doesn’t have access. Because I had to set chmod 777 on the ‘sites’ directory under /drupal.
  10. Then I need to copy a file and make it writeable, just doing what the script tells me to.
  11. Configure the database settings.
  12. Now you can remove write access permissions on the sites/default directory and sites/default/settings.php
  13. Put in contact and admin accounts stuff.
  14. Done! Wow, that was easy :)

So much to do in there!
I will have to get back about this in another post :)

Ubuntu 10.10 + VMWare + Irssi

How small VM can you make if you are only going to use it to run Irssi in a screen?

OS: Ubuntu 10.10 x64 Virtual Kernel
Hypervisor: VMWare Workstation

Disk – no logs – 1.10GB is what my previous took, with samba, so probably less but 1.1 should be all right, don’t want it to run out of space either. Should probably partition /var/log into its own so that if that fills up (maybe after bruteforce ssh logins) then it doesn’t fill up the rest of /.
RAM –

  • turn off cron jobs
  • install virtual kernel

about the cron jobs, I just installed a ubuntu virtual kernel and only cron job running (as seen in syslog) is this:

CRON[9141]: (root) CMD (   cd / && run-parts –report /etc/cron.hourly)

Test 1

1.2GB disk
64MB RAM

Kernel panic – not syncing: attempted to kill init!
ctrl-alt-del in the VM doesn’t work, had to hard kill it :p
Reboot – same problem. It does this after selecting minimal virtual kernel and pressing install Ubuntu Server.

Test2

Increased RAM to 96MB and now it passed.
However, after selecting keyboard it still crashes. So 96 is also too little.

Googled around a little and found an article on Ubuntu.com that gives some insight.

For example: if you run out of memory, then it will swap. So if you are not running out of memory then it’s probably better to give it a little more to be on the safe side.

Test 3

Increased RAM to 128MB
Now it goes even longer.

Partitioning -> chose manual.
There is a device there ‘sda’ -> SCSI3. Mark that and hit enter. Say yes to create new empty partition. Then it creates a new space pri/log. Create new partition.

As size, type in: 100MB
Primary, beginning, default settings on the filesystem etc but mount point: /var/log. Then done setting up this partition.

Then we will create another partition for / (or the rest).

Like this:

ubuntu_partition right

ubuntu_partition right

The above does not include a swap space, and the installation complains that there is no swap space defined and that there may be problems if this is not configured during install.

Let’s see :)

** maybe Ubuntu is not the slimmest OS to install for this purpose. The guide I linked to above mentions a DSL – damn small linux. But we want a minimal server OS, not a desktop one. Maybe the new Debian 6 would be cool to try.

During install there was a dialogue about something being already on the disk.. and that this could cause issues. Maybe this was copied there from one of the previous tries with less amount of RAM. Went back and erazed this on each just to be on the safe side. Very slow though. About 1% / s. After this I went into each and set them to format instead. It mentions old installation files anyway. Proceeding. This happened twice? Three times now.. Maybe this is not going so well. Ok happened four times.

Hit Alt+F2 (and then enter to get the console) and then df -h. Nothing is over 20% except the SR0/cd-rom which is at 100%. Did a ‘more /var/log/syslog’ and at the end there are some ‘Out of memory’ things going on.

So there we go. 128MB is too little.

But here:  it says that 128MB is the requirement..

Test 4

I will try to install again and not mess up with the partitions.
1.2GB and 128MB again.
Going pretty well, looks like it’s stopped at 75% and “storing language”. Patience. Ok, 10mins later still there. Nothing about out of memory in /var/syslog. The Guest was behaving a little slow though when working the console.
Left it on over night and when I looked again the following day it was at the next step!

Installing openssh via the installation menu this time.
Taking quite long time this time as well. Like hours. 2 hours now. Nothing happening in syslog. Think I’ll give Debian a shot next Test.

In the meantime did Test 5. However 4 hours later, still configuring ‘language-pack-en-base’.

Now, approximately lots of hours later. It is at configure grub.

And yay, it finally boots!

user@irssi:~$ df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda1             1.1G  430M  606M  42% /
none                   54M  164K   54M   1% /dev
none                   57M  4.0K   57M   1% /dev/shm
none                   57M   36K   57M   1% /var/run
none                   57M     0   57M   0% /var/lock
none                  1.1G  430M  606M  42% /var/lib/ureadahead/debugfs
/home/martbhell/.Private 1.1G  430M  606M  42% /home/martbhell

And the size of the folder in Windows: 750 MB (787 341 312 bytes)

With 128MB ram there is maybe 10MB free and it swaps a little (just a few kB so far).

Test 5

debian-6.0.0-amd64-netinst
Using Debian 5 64-bit.

  1. graphical menu is seen, no advanced options used
  2. chose languages – look a lot like Ubuntu but there are some differences:
  3. After choosing a hostname it asks for domain. Put in WORKGROUP.
  4. Set a root account password (so no more sudoing – probably just add my user to the wheel/root group).
  5. and you have a few more options in the partitioning, like a separate /home partition
  6. then you get to chose a debian mirror (becuase I use the netinst). ftp.fi.debian.org is the one I chose
  7. you can participate in a “most used packages” survey
  8. software selection: graphical desktop, web, dns, ssh, laptop, standard system utilities. I chose SSH and standard system utilities.
  9. grub, then reboot and loading!

Internet works fine from the start. apt-get update; apt-get install irssi
Remember, here you have to log in as root to run ifconfig or apt-get.

It’s the same way in Debian as in Ubuntu to set static ip. Just edit /etc/network/interfaces / don’t forget you can just restart the networking services by ‘/etc/init.d/networking start’ instead of rebooting ;)
Now, I actually forgot to set minimal ram/disk for this one. So we have to do this again ;)

Test 6

debian-6.0.0-amd64-netinst
Using Debian 5 64-bit.
128MB RAM

One thing that’s cool about a VM is that you can resize the amount of RAM whenever (probably good to turn off the guest first). So how about just lowering it instead of installing a new one?

OK, so it now has 512MB. Going down to 64 in one go (listed as minimum in VMWare Workstation).

It’s swapping after just a few minutes with screen+irssi.

to sort by memory usage in top press SHIFT+m

biggest memory hogs (all over 1% – figures in bold) are :

1474 user 20   0 23388 6220 1572 S  0.0 11.2 0:00.25 bash
1503 user 20   0 50084 5228 3824 S  0.0  9.4 0:00.06 irssi
1470 root      20   0 70488 3280 2584 S  0.0  5.9 0:00.03 sshd
913 root      20   0  117m 1788  904 S  0.0  3.2 0:00.01 rsyslogd
1473 user 20   0 70488 1680  964 S  0.0  3.0 0:00.06 sshd
1502 user 20   0 25184 1472  992 S  0.0  2.6 0:00.01 screen
1546 user 20   0 19040 1300 1004 R 99.9  2.3 0:00.01 top
985 root      20   0 22392  712  512 S  0.0  1.3 0:00.00 cron
1233 Debian-e  20   0 44140  660  392 S  0.0  1.2 0:00.00 exim4
1472 root      20   0  5928  620  520 S  0.0  1.1 0:00.00 getty
1 root      20   0  8352  616  560 S  0.0  1.1 0:01.42 init
1277 root      20   0 49168  544  428 S  0.0  1.0 0:00.00 sshd

What I might be able to get rid of is rsyslogd and cron. But then again, if I were to connect this to the internet so I could access it and resume the screen/irssi from anywhere, I would want to keep track of what is happening on the machine.

user@debian:/var/log$ df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda1             3.8G  638M  3.0G  18% /
tmpfs                  28M     0   28M   0% /lib/init/rw
udev                   23M  140K   23M   1% /dev
tmpfs                  28M     0   28M   0% /dev/shm

Windows usage: 887 MB (930 816 000 bytes)

Summary

The Ubuntu Server 10.10 with the minimal virtual kernel took forever to install (maybe it would have been faster to have more mem during install and then lower when it’s done) and with 128MB it still swaps a little with only screen and irssi running. But it does use about 130MB or 200MB less space than the Debian6 guest.

The Debian 6 however runs OK with 64MB, swaps a little at that though so I would probably run this with 96 or 128MB just to be on the safe side if I were to run it.

File share from Ubuntu 10.10 with Windows 7 Client

Figured I would give this a shot and see how this is done in Linux.

Overview

1x Ubuntu 10.10 VM in VMWare Workstation. Installed with virtual kernel.
1x Windows 7 VM. All updates.

Not going to go through the installations in this post, just the domain/LDAP part. See previous posts for installation stuffs.

Found this article on ubuntu.com -> -> 10.10/serverguide/C/network-authentication.html .. But this does not exist anymore.

Whoa, quite a lot to do. Think I will read the manuals this time :)

Basically I think I just need to install and then configure Samba.
Because it has file-sharing and authentication/authorization.

So, first step will be to install Samba and try file-sharing.

File Sharing

sudo apt-get install samba

installs these:

The following NEW packages will be installed:
libavahi-client3 libavahi-common-data libavahi-common3 libcups2
libfile-copy-recursive-perl libgnutls26 libldap-2.4-2 libsasl2-2
libsasl2-modules libtalloc2 libtasn1-3 libwbclient0 samba samba-common
samba-common-bin update-inetd

After that I can run \\192.168.0.ip which is the IP of the VM running samba – it gives me a login prompt.

Uncommenting this in /etc/samba/smb.conf

[homes] comment = Home Directories
browseable = yes

Still asks for a password. Tried with user@ip – this seems to work. It shows a directory called “homes” but it doesn’t work to browse into it.

[2011/02/06 16:30:45.949726,  1] smbd/service.c:678(make_connection_snum)
create_connection_server_info failed: NT_STATUS_ACCESS_DENIED

Set ‘share’ and set the guest account = nobody  then I got this:

[2011/02/07 13:22:06.770082,  0] smbd/service.c:988(make_connection_snum)
canonicalize_connect_path failed for service foo, path /mnt/foo

Then what I did was this:

  1. created a directory called /samba
  2. sudo chmod +x /samba
  3. sudo chmod 777 /samba
  4. sudo chown nobody /samba
  5. add this to /etc/samba/smb.conf
  6. [foo] comment = foo
    path = /samba
    read only = no
    guest ok = yes
    guest only = yes
    browseable = yes
  7. security = share
  8. guest account = nobody

And then \\ip\foo and woopsie! I can both write and read :)

[2011/02/07 13:23:14.022980,  1] smbd/service.c:1070(make_connection_snum)
192.168.0.ip (192.168.0.ip) connect to service foo initially as user nobod

yay!

Brocade SAN Switch Firmware Upgrades

Overview

This is my guide/template to upgrading Fabric OS (FOS) – Firmware – on the Brocade SAN Switches. If you have any additions, comments or questions please go ahead and comment or if you have any questions you can find my e-mail on https://guldmyr.com. The post has been updated over 173 times according to my WordPress revisions, first update in January 2011.

This article was originally built from my experience with HP branded Brocade SAN Switches – not with any other OEM or pure Brocade switches. I have however since beginning this document gotten experience with other vendors.
I do not think others are different except for licenses and some default fabric.ops.
I made a comparison of two downloads of the 6.3.1b Fabric OS Firmware (one via IBM and one from HP). You can find a link to the “IBM” firmware and release notes after 6.x in that article too. I found that they are very similar and the HP firmware works on the IBM switch and vice versa. Another example is that firmware gotten from HDS works on an HP branded Brocade switch.

When you see 7.2.x this means any version in the Fabric OS 7.2.x series. For upgrades, this would generally mean the latest available in that series (like 7.2.1g for 7.2.x or 8.0.2d for 8.0.x) unless of course there is a problem with the latest. Sign up for your vendor’s security and update alerts to get notified about new releases.

Carefully plan the upgrade, it takes time but it is rewarding and worth it.

Updates in this article:

Old Updates

2011-02-22: Updated links because the release notes I had before to 6.1.x and above did not work anymore. Also changed the sub-versions in 6.1.x and above to the latest released one by HP.
2011-02-24: Found link to 5.2.x and 6.0.x FOS on HP.com with the help of an ITRC thread.
2011-04-21: Added links for correlating Brocade Product name, model number and HP name. Latest in 6.4.x series is now 6.4.1b
2011-05-05: Added link to Web Tools for 6.2.x with reference to how to upgrade Firmware via the web tools.
2011-05-15: A note added about compatibility regarding the ‘HP’ firmware files and other vendors – as far as I can tell the ones downloaded from HP will work on other non-HP switches. Also posted a new blog post about that. Added link to IBM.com – for correlating product names and for getting (all Fabric OS) firmwares. EMC also has Brocade products.
2011-05-18: Added a link to a post on HP’s support forum where the post helped a bit. Also made post a little easier, wrote a little about the release.plist confusion.
2011-05-24: Added example to show that driver updates are important. Some more restructuring of the article.
2011-07-12: Added FOS 7.0.0a
2011-07-14: Added link to HP knowledge base and updated a link to an ITRC forum thread to point to the new forum.
2011-09-29: Added FOS 7.0.0b and section about CF cards.
2011-10-19: Wrote a bit about firmware upgrade order.
2011-10-24: The HP links to 6.0.0c and 5.3.x seems to not work anymore. I could not find either of these for download on HP’s website. The IBM one still has 6.0.0c (release notes anyway).
2011-12-05: Went through all links to make sure they worked. Re-wrote some of the steps and re-ordered so that ‘decide’ is before ‘prepare’. Added output from switch when doing the firmware upgrade via CLI.
2011-12-10: Added table of contents via a plugin.
2012-01-02: Added FOS 7.0.0c
2012-01-09: Added EMC branded switches default pw
2012-02-14: Added HP’s link to FOS 5.x. firmware.
2012-02-15: Added IBM’s link to FOS 7 info and downloads.
2012-02-21: Some notes about which switches can do which firmware. Re-wrote a part of the upgrade order section.
2012-02-27: Note about licenses.
2012-02-29: Added note about 5.1.x to 5.3.x, made upgrade path clearer. Also made how to find 5.3.x and 6.x firmwares a little clearer for HP’s page.
2012-03-01: Added 6.2.2f and 7.0.1 and note about plist/ftp for 5.1.x
2012-04-03: Addeed 6.3.2e
2012-04-24: Added 7.0.1a
2012-04-27: Rewrote some part of the upgrade section.
2012-06-07: Added 6.4.3 and 7.0.1b
2012-06-14: Added link to Brocade FOS Target Path in decide section.
2012-10-27: Some grammar updates and 16G FOS 7.x requirement. 6.4.3b and 7.0.2.
2012-11-05: Updated links to release notes. Perhaps it’s time to condense the updates list. Notes about passive/active ftp, ifmodeshow|ipaddrshow and java version required (listed in release notes).

2013-03-10: 7.0.2b and 6.4.3c added some notes about compatibility. Improved list of which FOS works with which FC speeds.
2013-03-29: Added 7.1.0a and 7.0.2c. Only HP is out with 7.1.0a as of now. Brocade may have it non-publicly, at least I cannot see it in my brocade. Other minor updates.
2013-04-04: Added link to 6.4.3d
2013-05-02: Updated link to FOS Target Path.
2013-06-23: Changed some ftp:// links to http://
2013-07-16: Added link to IBM’s pdf with pictures for firmware upgrade.
2013-08-03: 6.4.3e by IBM – not available by HP yet. Disruptive upgrades are OK from 6.2 to 6.4.
2013-08-05: Added 7.1.1, updated some links to release notes.
2013-10-03: Made it a bit clearer regarding which is the earliest firmware you can upgrade from. Newer revisions of some Brocade release notes. 7.0.2d out and 6.4.3e link to hp.com
2013-11-14: Removed comment that B300 does not support 6.4.x – it does! It should have been the 200E! Thanks Eugene :)

2014-02-01: As of 2014-02-01 HP does not allow anybody without a valid support agreement to download firmwares. Release notes and at least some firmware links appears to still be working. Expect difficulty and broken links while hunting for firmwares. Fabric OS firmwares downloaded from IBM’s site works on HP switches too, but there might be some differences (although I couldn’t find any important ones when I compared 6.3.1b). So far it seems this restriction of access to firmwares only applies to HP servers.

2014-02-07: Added new link to HP’s page for FOS 5.2 to 6.3  Thanks Leo R!

2014-02-11: Added 7.2.0b and 7.1.1c (HP have 7.1.1c release notes up but IBM does not – to find Brocade version go to IBM’s download the firmware page that’s on Brocade.com and get the release notes from there). Also 3 years anniversary on this post on 2014-02-01!
2014-02-17: But be careful with 7.2.0b – IBM has a note on their 7.x page about 7.2.0b saying: “IBM recommends that customers not deploy FOS 7.2.0b if virtual switch capability is needed. Virtual switch users should migrate to an earlier version as soon as possible.
2014-03-17: The problem with 7.2.0b was likely DEFECT000491192 fixed in 7.2.0c and later also DEFECT000494570 was fixed in 7.2.0d. 7.2.0x seems a bit unstable at the moment. 7.2.1 is currently available for download via HP’s pages but not via IBM/Brocade’s. Also no release notes available. Archived 2013 updates.
2014-04-18: Added 6.4.3f and 7.1.1c and 7.1.2 is out. Updated migration paths a bit. The Brocade release notes of 7.1.x actually have a decent list of the migration path needed now. See the section “Recommended Migration Paths to FOS v7.1.2”.
2014-08-06: 7.2.1a, 7.1.2a, 7.0.2e. Updated some links that had gone bad (FOS Target Path) and made the “Show/Hide” Updates work again.
2014-09-28: 7.1.2b and 7.2.1b is out.
2014-10-01:  7.3.0a is out but can’t find any release notes for it.
2014-10-25: 7.2.1c
2015-01-18: 7.2.1d, 7.3.0c. “HP’s” release notes are too hard to find.. Added a note about FileZilla being a good ftp server. Thanks Harry Redl!
2015-02-20: 6.2.2g, 6.4.3g
2015-04-06: 7.3.1a from HP
2015-04-21: 7.3.1a from IBM
2015-06-19: Note about FileZilla being hosted off sourceforge – installer might contain malware.
2015-07-07: 7.4.0a, 7.3.1b, 7.2.1e. Removed link to HP’s webkey license page. Doesn’t work anymore. Note about BNA version required to manage Fabric OS v7.4 switches.
2015-08-31: 6.4.3g and 7.3.1b new revision of release notes. 7.2.1f, 7.4.0b
2015-09-01: 7.3.1c
2015-09-16: New versions of release notes.
2015-10-25: 7.4.1 is out for the brave and 6.4.3h (Fixes to OpenSSL CVE-2015-0286, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292)
2015-12-05: 7.2.1g and 7.3.1d. Updated some links. Need to go through a lot of the HP ones here to point to HPE..
2016-02-24: 7.4.1b
2016-03-15: 7.3.2
2016-05-17: 7.4.1c
2016-08-13: 7.3.2a, 7.4.1d
2016-12-19: 7.3.2b, 7.4.1e

New Updates

2017-03-10: 8.x has been out for a while
2017-04-29: new links to Brocade FOS target path and better links for where to fetch firmwares
2017-05-03: 8.0.2b and added links to Upgrade Guides for 8.0.0 and 7.4.0)
2017-05-13: 7.4.2
2017-08-07: 8.1.0c
2017-11-09: 8.1.1a
2017-12-05: 8.0.2c
2018-01-01: 8.1.2a and 7.4.2b
2018-02-08: 7.4.2c and 8.0.2d
2018-06-15: 8.2.0a and 8.1.2d and 8.0.2e
2018-10-11: fixing some links, Brocade is now Broadcom so some links are not working anymore surprise. Some HP links no longer work so removed those too.
2018-12-07: 7.4.2d and 8.0.2f and 8.1.2f
2019-04-18: FOS Target Path on Broadcom.  From a reader got a link to NetApp’s Brocadeassist portal where newer firmware can be found than on IBM’s. Some more link updates and link to 8.2.1b
2019-04-19: More link fixes.  FOS 6.x – 8.x firmwares can all be downloaded from the brocadeassist portal.
2019-04-20: 8.1.2g and 8.2.1b on IBM release notes so updated links

Steps

  1. decide
  2. prepare
  3. upgrade

Decide

One major release at a time is required for the upgrades after 5.2.x, see details below at the release notes section.

If you have to upgrade many steps, you should upgrade to the latest in the series (or if it’s very new, probably safest to go with the second newest, just check the release notes of the newest to make sure nothing related is fixed).

If the switch is on 5.1.x you can go directly to 5.3.x.

What I usually recommend is this path:
5.0.1d -> 5.2.3 -> 5.3.2c -> 6.0.1a -> 6.1.2c -> 6.2.2g -> 6.3.2e -> 6.4.3h > 7.0.2e > 7.1.2b > 7.2.1g > 7.3.2a > 7.4.2d > 8.0.2f > 8.1.2g > 8.2.1b

It’s also possible to upgrade from a version earlier than 6.4.1b to 7.0.x or from 7.0.x to 7.2.x  – but this is a disruptive upgrade (meaning ports will go offline/online during upgrade). 

Brocade now has a document that describes a process of determining the ‘ideal’ version of Fabric OS you should be running. It is called Brocade FOS Target Path.

Yet one more official document to help is the Brocade Fabric OS Features and Standards Support Matrix, 8.2.x

There is also a section (Recommended Migration Paths to FOS ) in the release notes describing how to get to the release you’re reading notes for. In addition to these, there are Upgrade Guides from Brocade, at least for newer Fabric OS ( 7.4.0 and 8.0.0).

There are newer releases being released every now and then, in several series at the same time. You can think of it as releasing updates for Windows XP and 7 at the same time.
For example, in February 2011 6.4.1a and 6.2.2e were released by HP. You can see this on HP’s site if you look at the date next to the download. Quite often Fabric OS versions are not released by the OEMs at the same time, for example “Customer Notice of 7.1.0a release 25th of March 2013” HP released 7.1.0a before IBM.

Which is the recommended one? Usually it’s the latest one in the highest series that the switch supports. If you have storage from more than one vendor you may want to check with all and see if they all support the version you want to upgrade to. Vendors certify their equipment with different firmware versions. If you have a tape library, ask the vendor if they have a recommended / list of certified versions.

HP: HP B-series Connectivity stream (available in HP SPOCK).
Brocade: “Brocade FOS Target Path
Other: Contact them for their compatibility matrices, for example IBM, HDS, EMC, Fujitsu.
Brocade also has their own “Brocade Fabric OS 7.x Compatibility Matrix” which lists compatibility with other vendors.

You could in principle also say that (some blades in directors are excepted from these generalizations):

2G cannot upgrade to Fabric OS 6.x
4G and 8G can be on Fabric OS 6.x
All 4G except some 4/8 & 4/16 (that’s 200E) and HP’s P- and C-class 4G blade switches (4012 & 4024) can run 6.4.x
8G can run Fabric OS 6.4.x
8G and above can run Fabric OS 7.x
16G (Gen5) needs to be on Fabric OS 7.x or Fabric OS 8.x
32G (Gen6) needs Fabric OS 8.x

Do you want to use the latest one in each series? Probably.
Do check for published advisories and the release notes in the firmwares.
Some models or blades may work on 7.0.x and not on 7.1.x or vice versa.
Fabric OS 7.3.x supports all hardware that supports 7.2.x.
Basically you need to read the release notes for at least the version you are upgrading to, to confirm that it supports your switch.

Download firmware links:

If you go to downloads for HP’s 4/16 there is a link that also takes you to the older FOS firmware. If you don’t click through it also only have the firmware that this switch supports. So the latest on there at the moment is 6.2.2f.

On the link above you can also download HP’s branded NA (Network Advisor, previously known as DCFM – Data Center Fabric Manager), see notes about that below.

If you click on manuals on the left side you will also be able to download release notes and other guides and references.

5.0.x firmware can also be found at http://ftp.hp.com/pub/softlib/software12/COL22074/co-86832-6/FOS-Drawer_Statement.htm

6.x, 7.x and 8.x. can be found in the IBM and NetApp links.

Firmware Upgrade Order

You also probably want to decide on an order to upgrade the firmware on the switches.
It’s possible to do it via DCFM (now called Network Advisor, used to be something else) one switch at a time or even in parallel. I’d advice against doing it in parallel. One at a time and one step at a time seems the most cautious one. It’s not too bad to run a SAN with switches in different firmwares. One idea is to have all switches of one model on the same firmware. If you need to upgrade in several steps, do one step at a time.

Also, switches that are of higher importance like Principal Switch, Core Switches or Seed Switches for DCFM/NA. Should you start with these or perhaps start with another switch of less importance to make sure the upgrade goes smoothly?

With more recent firmwares (6.4 and 7.x) it’s possible to jump more than one hop – if you are ok with disruptions in the network. Nice if you need to upgrade switches that aren’t in production.

Release notes:

FOS  7.xIBM_Link& 8.x IBM Link

Brocade release notes in .pdf

5.2.3
5.3.1c
6.0.0c
6.1.2c
6.2.2g
6.3.2e
6.4.3h
7.0.2e
7.1.2b
7.2.1g
7.3.2b
7.4.2d
8.0.2f
8.1.2g
8.2.1a
8.2.1b (NetApp) & IBM

Notes from the release notes:

Upgrading from Fabric OS 5.0.x to 5.2.3 is supported
Upgrading from Fabric OS 5.1.x to 5.3.1a is supported, but upgrading from Fabric OS 5.0.x or a previous release directly to 5.3.1a is not.
Upgrading to Fabric OS 6.0.0b is only allowed from Fabric OS 5.3.x. (6.0.0c is a special upgrade version, only meant to be used in between firmware upgrades)
Upgrading to Fabric OS 6.1.2c is allowed only from Fabric OS 6.0.0b
Upgrading to Fabric OS 6.2.2f is allowed only from Fabric OS 6.1.0a or later.
Upgrading to Fabric OS 6.3.2e is allowed only from Fabric OS 6.2.0a or later.
Upgrading to Fabric OS 6.4.3f is allowed only from Fabric OS 6.3.x. You can upgrade non-disruptively from 6.2
Upgrading to Fabric OS 7.0.2 can be done non-disruptively from Fabric OS 6.4.1a or later.
Upgrading to Fabric OS 7.1.2 can be non-disruptively upgraded from 7.0.x and 7.1.x. With caveats: For example, any previously existing error log entries with FOS v7.1.0 will be permanently lost once upgraded to FOS v7.1.2.
Upgrading to Fabric OS 7.2.x can be done non-disruptively from 7.1.x. Disruptively from 7.0.x is supported.
Upgrading to Fabric OS 7.3.x can be done non-disruptively from 7.2.x. Disruptively from 7.1.x is supported (see the FOS_UpgradeGuide_v730.pdf and the Brocade Release notes).
Upgrading to Fabric OS 7.4.x can be done non-disruptively from 7.3.x. From 6.4.x with firmwarecleaninstall
Upgrading to Fabric OS 8.0.x can be done non-disruptively from any Brocade 16G (Gen 5) platform and all blades in the Supported blades table running any FOS v7.4 firmware. From 7.3.0 with “firmwaredownload -s”
Upgrading to Fabric OS 8.1.x can be done non-disruptively from Brocade platform running 8.0.2 or later. From 7.4.x disruptively with “firmwaredownload -s”.
Upgrading to Fabric OS 8.2.x can be done non-disruptively from Brocade platform running 8.1.0a or later. From 8.0.x disruptively with “firmwaredownload -s”.

About non-disruptively: This means you can go to 7.0.xfrom earlier  than 6.4.1a but ports will go offline during the upgrade.
See the release notes or Upgrade Guides for more details.

DCFM: Data Centre Fabric Manager / BNA: Brocade Network Advisor .

From 6.2.2a release notes:

With the introduction of Fabric OS 6.1.1, certain features and functions were removed from Web Tools (resident in the firmware) and migrated to the DCFM management application. HP recommends that, before you upgrade to Fabric OS 6.1.1x or later, if DCFM is not running on your fabric, you review the Web Tools functionality moved to DCFM, page 29 in these release notes and take note of what has changed so you can assess the impact on your fabric.

Fabric OS 7.x cannot be managed by DCFM 10.4 or BNA 11.0. You need BNA 11.1.0, see the release notes for 7.x.

Brocade Network Advisor 12.4.0 or later is required to manage switches running FOS 7.4.0 or later.
Brocade Network Advisor 14.0.1 or later is required to manage switches running Fabric OS 8.0.1 or later

Updates to documents

Sometimes Brocade releases updates to the manuals without actually updating the manuals. On HP’s page you can find them as “Documentation Updates”, “Fabric OS Administrator’s Guide Update”.

Fabric Watch and MAPS with FOS v7.3

Users running Fabric Watch for switch monitoring in FOS v7.3 are advised to convert to MAPS monitoring before upgrading to FOS v7.4. If you don’t, Fabric Watch will stop working.

Also the APM have been replaced with Fabric/Flow Vision.

Interoperability

See the release notes of the firmware for the specifics. For example Fabric OS 8.0.2 cannot be in the same fabric as for example HP C-Class 4/12 FC switches (4024) and one must use Fibre Channel Routing.

Prepare

Download old Brocade Fabric OS Firmware.

Basically, you need to update in steps.

To get FOS 5.2.1b and 6.0.0c firmware: Contact OEM Vendor or Brocade. I’ve found that two vendors have the firmware available online for free: HP and IBM, see below:
Eventually after looking around on HP’s old pages we found to http://ftp.hp.com/pub/softlib/software12/COL22074/co-86832-6/FOS-Drawer_Statement.htm this link sometimes changes.

Link to IBM’s page for downloading FOS 6 firmwares. This has firmwares going back all the way to FOS 2.6, it even has Fabric OS 6.0.0c and 5.2.3. On the page they have listed release notes and a little further down there is a link called “Release 6 Firmware”.
Actually, if you click on ‘Release 6 Firmware’ you are taken to a page on brocade.com where you can find many different firmwares, including 5.x and 7.x
IBM also have a link about FOS 7.x and FOS 8.x

Also note that some features does not exist/work on older Fabric OS. For example on Fabric OS 5.1.x DHCP and SCP may not work (which forces you to use static IP and ftp).

Equivalent Product Names

Page with the equivalent Brocade and HP product names.
Page with the model number as seen in switchshow and HP’s model and Brocade’s model. This is a good one.
Page for correlating IBM and Brocade product names.

Recommendations

HP recommend that you upgrade one fabric and one switch at a time.
Waiting a week or at least a couple of days after you upgrade the first fabric is a good idea – gives you time to see if anything went wrong, if you can fix it and if you can do anything different next time.
See HP SPOCK for more details in regards to compatibility and interop modes.
The HP B-series Connectivity Stream lists the recommended firmware and all the supported ones for each switch model. It also has a list of the supported SFPs. Find it by clicking on “Switches” in the left-hand navigation pane under the “Other Hardware” section. The Connectivity Stream is great and it is updated often so I will not link directly to it. You need an HP Passport to log on to HP SPOCK – it is free to create and you do not need a contract or product in warranty.

Other vendors have similar matrices. HP for example does not have a list stating which Fabric OS firmware is supported with which HP P6000 firmware. The idea is that you go with the general recommendation of Fabric OS firmware.

Do read the release notes for the firmware(s) you decide on: for example not all 4GB SAN-switches can run the 6.4.x FOS. The 8- and 16-port 4Gbps switches (Brocade 200E) do not run 6.4.x or 6.3.x.
Only 8Gb and 16Gb switches can run the 7.x.x FOS.
The release notes also have the fixes, enhancements, upgrade paths and supported switches.
Generally the Brocade versions of the release notes are more verbose when it comes to fixes, but if you have an HP branded it might be easier to use the HP one as that has the HP names of the products. Also it might be hard to find the Brocade release notes if you do not have a contract with Brocade. Other vendors (like IBM/Fujitsu/HDS) provide you with the Brocade version of the release notes. You can find the release notes from their support pages.

Do  consider updating OS patches, HBA drivers/firmware, management softwares and storage drivers/firmware. For example Qlogic had driver updates to their drivers that prevent HP blades from getting stuck in G_port after a reboot. Another for Qlogic FC cards was to not write a partition table on Dell servers at 2TB on the LUN (not so nice for > 2TB disks)..

Upgrading Tools

SANLoader is an unofficial HP tool to upgrade firmwares. With this you do not have to create an ftpserver etc. Contact HP Support, they may give this to you.
This is meant to be used when the other ways does not work, but it helps out a lot as you do not have to set up an FTP/SCP server.

Sanloader used to (winter 2010) not work well on Windows 7 and may not work flawlessly on the pre 6.x firmwares.

Other ways:

  • Set up a ftp/scp server and upgrade via the CLI (command line interface).
  • Use DCFM ( Data Center Fabric Manager – now called Network Advisory ) to upgrade firmware.
  • Firmware can also be upgraded through the web interface (click on switch admin and then on firmware download). You will still need an FTP/SCP server for this though. See the web tools admin guide page 73-74 (FOS 6.2.x but it hasn’t moved).

FileZilla is a free FTP-server that works well. There are many alternatives around. But unfortunately some don’t work sometimes (not 100% sure but probably combination of older FOS with older ftp client with FTP server that couldn’t handle that client) as listed in the comments thread in this post. FileZilla is however still on sourceforge so you may want to be careful about installing that – it might contain malware. Storing them on a Synology NAS works – thanks Henny!

For FTP clients:

  • /usr/bin/ftp in Ubuntu (also in Ubuntu on Windows)
  • WinSCP for a free opensource Windows alternative that does both ftp and SCP (and more).

For SCP any machine with Linux and sshd on should work. You can also get an scp-server running on Windows, OpenSSH would work. Both protocols are old, SCP is safer while FTP is sending data in clear text.

Personally I like doing this via the CLI. The Network Advisor way gives you the possibility to upgrade in parallel, but that’s also risky. If you use a Linux server to provide the firmwares via SCP don’t forget to let the switches in via firewall or tcp.wrapper ( /etc/hosts.allow ). If you do the upgrade via ftp – make sure that passive and active ftp both works.

How to access the SAN-switch

The most common way is to access the CLI of a Brocade switch by connect to the IP of it with an ssh- or telnet-client, PuTTy is the name of a free Windows client. If you are comfortable with CLI, Windows 10 has WSL and a good ssh and scp client built in. Telnet is unsafe so do try to use the ssh at all costs. Windows 10 has Bash which is in my opinion much nicer to use than putty.
It’s also possible to access the switch CLI via a serial cable, however as the firmware files are several 100MB (approaching 1GB for 6.4.x) that’s not really viable when upgrading firmware. Hyperterminal is a free windows tool that comes by default in some Windows versions. You can also use PuTTy for serial access.
To access the web interface just point the web browser to . It requires Java. The Java version that’s supported is listed in the release notes of the Fabric OS.

Upgrade

Here on HP’s Support Forum are some more notes about v6.x. Basic steps:

Note: version 6 does not require to specify the exact folder location SWBDxx: it just needs the root containing “the install” file

1) Unpack the downloaded firmware in the FTP or SCP download directory
2) Start the FTP/SCP Server and allow access
3) Connect to the CLI of the switch via telnet or ssh
4) Type this in the CLI: firmwaredownload
5) Answer all questions: when it asks for File Name be sure to write /v6.4.1b, that is the folder under which you find all the SWBDxx folders. Failing to do so makes it impossible to download the firmware
6) Wait for reboot of the switch and reconnect, check the firmware version with the “version” command

More notes about the upgrade

CLI Command to start the update process is firmwaredownload – this starts the interactive version, it is possible to specify user, directory, host directly via the CLI. See the Command Reference Guide for details. There are reference guides for each major Fabric OS release.

Specifying Directory

Please use forward slashes when specifying directories.

For example when you unzip the firmware file and it creates a sub-folder in the FTP-root that is called v5.3.1a then you need to specify /v5.3.1a as the directory.

For firmwares prior to 5.3.x you have to specify the release.plist – /v5.2.2a/release.plist.
However it says in the release notes for 5.2.3 that release.plist is no longer needed.

In some cases you may have to specify the sub directory.
For example the 4/16 HP Switch is a Brocade 200E with switchtype 34. So you would then use directory SWBD34 – /v5.3.1a/SWDB34. You can also try with /v5.3.1a/release.plist, /v5.3.1a/SWDB34/release.plist or /v5.3.1a/install. However with 5.3.1a you should not have to so /v5.3.1a should be enough.

firmwaredownload example:

switch:admin> firmwaredownload
Server Name or IP Address: IP.TO.SCP.SERVER
User Name: username
File Name: /path/to/v6.2.2e
Network Protocol(1-auto-select, 2-FTP, 3-SCP) [1]: 3
Password:
Server IP: IP.TO.SCP.SERVER, Protocol IPv4
Checking system settings for firmwaredownload...
System settings check passed.
You can run firmwaredownloadstatus to get the status
 of this command.
This command will cause a warm/non-disruptive boot on the switch,
 but will require that existing telnet, secure telnet or SSH sessions
 be restarted.
Do you want to continue [Y]: y
 Firmware is being downloaded to the switch. This step may take up to 30 minutes.
 Preparing for firmwaredownload...
 Start to install packages...
 dir ##################################################
 [[lots of these for all packets]] ##################################################
 [[also stuff like these are seen many times:]]
 warning: /etc/fabos/pki/switch.0.rootcrt created as /etc/fabos/pki/switch.0.rootcrt.rpmnew
 kernel-module-ipsec ##################################################
 Removing unneeded files, please wait ...
 Finished removing unneeded files.
All packages have been downloaded successfully.
 Firmware has been downloaded to the secondary partition of the switch.
 HA Rebooting ...

Transfer Protocol and Connectivity

If you are using SCP and that does not work, please try with FTP. If neither works, see if something else can log on to the FTP/SCP server. And of course, make sure the right permissions/root directory are set on the FTP-server. If your FTP/SCP server has log files, check them. If it works from one client but not from the switch, check the logs and see if there’s a difference. Sometimes if the SCP doesn’t work via CLI it might work by doing SCP (but starting it from the Web Tools, thanks Eric in the comments for this!).

If you are logged on as root on the SAN-switch you can use the scp- or ssh-client on the switch to confirm connectivity, like this:

ssh username@server ls /tmp/v6.0.1a to list the /tmp/v6.0.1a on the SCP server.

You need to be root to run the above command.

If that also does not work, you have some kind of networking problem – you can try direct connecting a laptop to the LAN interface of the switch. To see the network settings on the switch: ifmodeshow and ipaddrshow

Passwords

Sometimes when upgrading from 6.1.1d to 6.2.2 we have seen that the passwords have gotten reset.

Default password is then “password” or “fibranne”.

You can reset the password with the CLI command “passwd admin” to reset password on the admin account.

If you forget all passwords it might be possible to be able to reset it via the serial cable interface while booting the switch.

On EMC branded switches the default password might be: Serv4EMC

CF Cards

If your switch is out of warranty/contract and it’s still working. I’d suggest making a copy(dd  in linux for example) of the CF-card. Then if the CF card decides to fail you can just get a new one from random_electronic store and dd the contents of the flash back.

Licenses

When replacing a switch make sure that the licenses are correct.
If for example you have a switch with ‘power pack’ – then for HP there is a special spare part number for a switch with power pack and one without. Power pack is a grouping of licenses,  which licenses are in the pack differs between models.