Upgrade a Landscape 19.10 Quickstart Installation to Landscape 23.03

The best approach is to perform new manual installation and copy over the database and configuration files from your Quickstart install. As a matter of convenience, it is possible to perform a quickstart upgrade in-place. The following guide outlines your 2 options for doing so:

Quickstart Upgrade: Option 1

This method is somewhat basic, but could be complicated depending on how much customization has happened after the landscape-server-quickstart install. It is strongly recommended that you backup the database before performing an upgrade this way.

Setup

2 LXD containers for Landscape

  • landscape-app-bionic (bionic) where Landscape 19.10 is running
  • landscape-app-focal (focal) where Landscape 23.03 is running

1 LXD container that we are managing in Landscape, for demonstration purposes

  • landscape-client (focal) is a machine enrolled in Landscape

Steps

  1. Install landscape-server-quickstart on landscape-app-bionic according to the quickstart install instructions
  2. Install landscape-client on landscape-client and register with server
  3. Stop all Landscape services on landscape-app-bionic with this command:
    sudo lsctl stop
    
  4. Backup all landscape- database tables using pg_dump
  5. Install landscape-server-quickstart on landscape-app-focal from the beta PPA
  6. Stop all Landscape services on landscape-app-focal with this command:
    sudo lsctl stop
    
  7. Restore database data using this command:
    psql -d <database> -f <file.sql>
    
  8. Run the setup command to do db schema migrations, if any:
    sudo setup-landscape-server
    
  9. Start Landscape services using this command:
    sudo lsctl start
    
  10. Made minor edits to /etc/apache2/sites-available landscape conf to correct the domain name, it should match what domain name you use for the Landscape Server
  11. If you are using a self-signed SSL certificate, copy the new SSL cert to landscape-client. It may be prudent to copy the old SSL certificate from landscape-app-bionic to landscape-app-focal, because the Quickstart creates one based on the machine’s hostname. There is a chance this hostname could be different when you were setting it up landscape-app-focal.
  12. Restart the landscape-client LXD machine to ensure everything is working

Quickstart Upgrade: Option 2

This method leverages do-release-upgrade and is not recommended, because configuration files differ from one Ubuntu LTS to the next. For those motivated to go this route, it is possible:

Setup

1 LXD container for Landscape

  • landscape-app-bionic (bionic)

Steps

  1. Install landscape-server-quickstart on landscape-app-bionic according to the quickstart install instructions
  2. Backup all landscape- database tables using pg_dump
  3. Perform a PPA purge with this command:
    sudo ppa-purge ppa:landscape/19.10
    
  4. The postgres package blocks do-release-upgrade because it is not marked for removal through that process:
    sudo apt remove postgresql-10-debversion
    
  5. Perform the release upgrade:
    sudo do-release-upgrade
    
  6. Add the Landscape 23.03 PPA:
    sudo add-apt-repository ppa:landscape/self-hosted-23.03
    
  7. Perform the Quickstart install
    sudo apt install landscape-server-quickstart
    

I’m trying to follow this, but can’t figure out how to backup the DBs via pg_dump from a quickstart install. I don’t remember it asking for a Postgres username/password.

Also, the in-place upgrade steps don’t seem to work. I get an error from Postgres when it tries to update the schema and then dies.

1 Like

You can dump the DB after switching to the postgres user. This allows for the simplest backup option using pg_dumpall. The output file will need to be sent to a location where the postgres user has write permissions, but that avoids the need to look up or process any credentials. I would suggest trying something like the following:

sudo -u postgres -- pg_dumpall -f /var/lib/postgresql/landscape.sql

If you wanted to get the credentials that Landscape uses internally, you can get those from the /etc/landscape/service.conf file, but those users are limited in their actions and what they can access. I do not believe these are able to use the pg_dump commands, so they will likely not work for this purpose. These passwords will likely also be base64 encoded, so you would also need to decode them before you could use them.

[stores]
user = landscape
password = b64:<encoded password>
host = localhost
main = landscape-standalone-main
account-1 = landscape-standalone-account-1
...

The best option is likely to just switching to the postgres user and using either pg_dump or pg_dumpall.

1 Like

Thanks, that was helpful and I was able to use pg_dumpall to backupt the DBs. Following the first set of outlined steps, I transferred the backup to the new server and used the following to restore:

sudo -u postgres -- psql -f /var/lib/postgresql/landscape.sql

That doesn’t appear to cause any errors, but on step 8 I get:

2023-03-07 00:31:29.826Z INFO landscape-setup "Bootstrapping from service.conf file ..."
2023-03-07 00:31:29.850Z ERROR landscape-setup "connection to server at \"localhost\" (127.0.0.1), port 5432 failed: FATAL:  password authentication failed for user \"landscape_superuser\"\nconnection to server at \"localhost\" (127.0.0.1), port 5432 failed: FATAL:  password authentication failed for user \"landscape_superuser\"\n"
1 Like

I did the upgrade, but ran into this issue. Any pointers on how to repair my server setup.

Setting up landscape-server (23.03+1-0landscape0) ...

========================================================================
Attempting schema upgrade as requested.
WARNING: this could take several minutes or more.

2023-03-10 05:14:32.412Z INFO landscape-setup “Bootstrapping from service.conf file …”
2023-03-10 05:14:32.430Z INFO landscape-setup “Skipping configuration migration …”
2023-03-10 05:14:32.430Z INFO landscape-setup “Checking Landscape databases …”
2023-03-10 05:14:32.443Z INFO landscape-setup “Checking database schema …”
2023-03-10 05:14:32.809Z INFO landscape-setup “Schema configuration output:\n\nLoading site configuration…\nWARNING: PostgreSQL has max_prepared_transactions set to 0, not using two-phase commit.\nSetting up database schema
s (will timeout after 86400 seconds) …\nSchema patch version: 483\n”
2023-03-10 05:14:32.809Z INFO landscape-setup “Checking package database initial data …”
2023-03-10 05:14:32.828Z INFO landscape-setup “Package database already initialized.”
2023-03-10 05:14:32.828Z INFO landscape-setup “Renaming stock hash-id stores …”
2023-03-10 05:14:32.828Z INFO landscape-setup “Stock package database not loaded, ignoring stock hash-id stores.”
Job for landscape-msgserver.service failed because the control process exited with error code.
See “systemctl status landscape-msgserver.service” and “journalctl -xe” for details.
invoke-rc.d: initscript landscape-msgserver, action “start” failed.

  • landscape-msgserver.service - LSB: Enable Landscape message processing
    Loaded: loaded (/etc/init.d/landscape-msgserver; generated)
    Active: failed (Result: exit-code) since Fri 2023-03-10 05:14:38 UTC; 12ms ago
    Docs: man:systemd-sysv-generator(8)
    Process: 5726 ExecStart=/etc/init.d/landscape-msgserver start (code=exited, status=1/FAILURE)

Mar 10 05:14:37 dc0b-landscape.th.local landscape-msgserver[5773]: ImportError: cannot import name ‘UBUNTU_PRO_INFO’ from ‘landscape.message_schemas’ (/usr/lib/python3/dist-packages/landscape/message_schemas/init.py)
Mar 10 05:14:37 dc0b-landscape.th.local landscape-msgserver[5773]: Failed to load application: File “/opt/canonical/landscape/canonical/landscape/message/handlers/configure.zcml”, line 220.4-224.3
Mar 10 05:14:37 dc0b-landscape.th.local landscape-msgserver[5773]: File “/opt/canonical/landscape/configs/standalone/message-server.zcml”, line 8.4-8.53
Mar 10 05:14:37 dc0b-landscape.th.local landscape-msgserver[5773]: File “/opt/canonical/landscape/configs/standalone/message-server-configure.zcml”, line 3.0-3.49
Mar 10 05:14:37 dc0b-landscape.th.local landscape-msgserver[5773]: File “/opt/canonical/landscape/canonical/landscape/message/configure.zcml”, line 4.4-4.35
Mar 10 05:14:37 dc0b-landscape.th.local landscape-msgserver[5773]: ImportError: cannot import name ‘UBUNTU_PRO_INFO’ from ‘landscape.message_schemas’ (/usr/lib/python3/dist-packages/landscape/message_schemas/init.py)
Mar 10 05:14:38 dc0b-landscape.th.local landscape-msgserver[5726]: …fail!
Mar 10 05:14:38 dc0b-landscape.th.local systemd[1]: landscape-msgserver.service: Control process exited, code=exited, status=1/FAILURE
Mar 10 05:14:38 dc0b-landscape.th.local systemd[1]: landscape-msgserver.service: Failed with result ‘exit-code’.
Mar 10 05:14:38 dc0b-landscape.th.local systemd[1]: Failed to start LSB: Enable Landscape message processing.
dpkg: error processing package landscape-server (–configure):
installed landscape-server package post-installation script subprocess returned error exit status 1
dpkg: dependency problems prevent configuration of landscape-server-quickstart:
landscape-server-quickstart depends on landscape-server (>= 23.03+1-0landscape0); however:
Package landscape-server is not configured yet.

dpkg: error processing package landscape-server-quickstart (–configure):
dependency problems - leaving unconfigured
Errors were encountered while processing:
landscape-server
landscape-server-quickstart
E: Sub-process /usr/bin/dpkg returned an error code (1)

1 Like

Just in case this is helpful to someone - maybe it was left unsaid because people expect experience with Postgres, but to get the first upgrade option to work I needed to do the following to backup the databases on the original server (landscape-app-bionic):

sudo -u postgres -- pg_dump -d landscape-standalone-account-1 -f /var/lib/postgresql/landscape-standalone-account-1.sql
sudo -u postgres -- pg_dump -d landscape-standalone-knowledge -f /var/lib/postgresql/landscape-standalone-knowledge.sql
sudo -u postgres -- pg_dump -d landscape-standalone-main -f /var/lib/postgresql/landscape-standalone-main.sql
sudo -u postgres -- pg_dump -d landscape-standalone-package -f /var/lib/postgresql/landscape-standalone-package.sql
sudo -u postgres -- pg_dump -d landscape-standalone-resource-1 -f /var/lib/postgresql/landscape-standalone-resource-1.sql
sudo -u postgres -- pg_dump -d landscape-standalone-session -f /var/lib/postgresql/landscape-standalone-session.sql

Then, on the new server (landscape-app-focal) I needed to drop and re-create the DBs, then restore them:

Drop and re-create DBs:
sudo -u postgres – psql
DROP DATABASE “landscape-standalone-account-1”;
DROP DATABASE “landscape-standalone-knowledge”;
DROP DATABASE “landscape-standalone-main”;
DROP DATABASE “landscape-standalone-package”;
DROP DATABASE “landscape-standalone-resource-1”;
DROP DATABASE “landscape-standalone-session”;

CREATE DATABASE "landscape-standalone-account-1";
CREATE DATABASE "landscape-standalone-knowledge";
CREATE DATABASE "landscape-standalone-main";
CREATE DATABASE "landscape-standalone-package";
CREATE DATABASE "landscape-standalone-resource-1";
CREATE DATABASE "landscape-standalone-session";
\q

Restore DBs:
sudo -u postgres – psql -d landscape-standalone-account-1 -f /var/lib/postgresql/landscape-standalone-account-1.sql
sudo -u postgres – psql -d landscape-standalone-knowledge -f /var/lib/postgresql/landscape-standalone-knowledge.sql
sudo -u postgres – psql -d landscape-standalone-main -f /var/lib/postgresql/landscape-standalone-main.sql
sudo -u postgres – psql -d landscape-standalone-package -f /var/lib/postgresql/landscape-standalone-package.sql
sudo -u postgres – psql -d landscape-standalone-resource-1 -f /var/lib/postgresql/landscape-standalone-resource-1.sql
sudo -u postgres – psql -d landscape-standalone-session -f /var/lib/postgresql/landscape-standalone-session.sql

1 Like

Since the dumpall copies the entirety of the PostgreSQL contents, it is likely pulling in the landscape users and their respective passwords. You might also be able to get around this by copying over the passwords from the previous service.conf on the source, so that the users/passwords line up with what is already in the database.

Edit: That said, I see that you found a workaround by copying just the individual databases, which also avoids the conflict of existing landscape database users.

1 Like

This error is because the version of landscape-client that is running on the server (landscape-client is a dependency of landscape-server) is an older one. It should be the latest but it’s not (maybe a different version is installed than the ppa one)

2 Likes

Thanks. Uninstalling landscape-client and re-running the installer fixed my issue.

1 Like

After the upgrade the /opt/canonical/landscape/scripts/update_security_db.sh fails consistently. I raised this on the forums under.