Leapping from Oracle Linux 7 to 8 – Oracle Linux 8 – Get It? Got It? Good!

Leapping from Oracle Linux 7 to 8

A challenge system admins often face is what to do when you have an older OS deployed and it’s about to reach the date when support ends. It happens, and it’s not fun. This will put you in a position to reinstall the newer OS on new systems, and then migrate your workload over. For many systems, there is a better way known as Leapp.

Leapp allows you to upgrade your OS from Oracle Linux 7 to Oracle Linux 8. There is no need to reinstall everything on new systems. Leapping consists of two phases:

  • A pre-upgrade phase that checks the system to determine whether the software can be upgraded
  • A second phase that actually performs the upgrade

Sounds good. But there are a few things you need to know.

Getting ready

First, Leapping from 7 to 8 is not supported for all use cases. Table 1.1 shows what Oracle will support when performing the operation. Leapp does not always work well with complex applications, such as database systems that have specific installation options based on the underlying OS version. It also may break some applications that are not included with the OS:

Table 1.1 – Leapp support matrix from Oracle

Next, Leapp also has some limitations when upgrading the kernel. This matrix from Oracle is seen in the following table:

Table 1.2 – Supported kernel upgrade from Oracle

Always look before you Leapp

Before Leapping from 7 to 8, you need to check a few things, as follows:

  • Make sure you have a solid backup. Snapshots of the system work best in case things don’t go well.
  • If Secure Boot is running, disable it with mokutil –sb-state. You can check the status by running the bootctl status command.
  • Make sure you have console access, just in case you need to troubleshoot issues.
  • Disable any network mounts, such as NFS mounts, Samba mounts, GlusterFS mounts, and so on. Disable them in your /etc/fstab file.
  • If you are using yum-plugin-versionlock, clear any locks with the yum versionlock clear command.
  • If you are running any KVM VMs, stop them all. You can do this with virsh shutdown $VM_NAME. If you’re not sure whether you are running any VMs, the virsh list –all command will list them all for you.
  • If you are using Spacewalk, Oracle Linux Manager, Unbreakable Linux Network, or any other centralized yum manager, unregister the system from it. You must Leapp against the yum.oracle.com repos.
  • If you need an HTTP proxy to access the yum.oracle.com repos, make sure it’s added to your /etc/yum.conf file.
  • Verify that you are using en_US.UTF-8 in /etc/locale.conf. You can switch via the localectl set-locale LANG=en_US.UTF-8 command.
  • In your /etc/ssh/sshd_config file, verify that you can log in as root. PermitRootLogin yes should be in the config file.

Once you’ve verified this list, patch your system against yum.oracle.com with yum update -y, and then reboot.

Finally, you can add the Leapp repo with the following command:


yum install -y leapp –enablerepo=ol7_leapp,ol7_latest

Next, do another sanity reboot, and maybe grab a second backup. After the reboot, if you are using a proxy to access them, then you need to add the proxy server for each repository entry in /etc/yum.repos.d/leapp-upgrade-repos-ol8.repo. You can do this with a simple sed command: sed -I ‘/^enabled=0.*/a proxy=http://proxy-host:proxy-port’ /etc/yum.repos.d/eap-upgrade-repos-ol8.repo.

Congratulations, you are now ready to analyze the system!

How to do it…

You will need to take the following steps:

  1. If you are running anywhere but on Oracle’s cloud (known as OCI), you can run the report with the following command:


leapp preupgrade –oraclelinux

2. If you are on OCI, run this command:


leapp preupgrade –oci

Both commands will run many checks and will give an alert if there are major issues. But you need to dig deeper into these:

Figure 1.16 – Leapp pre-upgrade results

  1. Now, you should have some interesting output. The /var/log/leapp/leapp-report.txt file will identify any risks with the upgrade. They are classified in three rankings, with the highest being a show stopper. Address any of the risks, rerun the analyzer, and check the report again. Once you are comfortable with the results, you can continue.
  2. The next step is to look at /var/log/leapp/answerfile. The file consists of specific checks that Leapp performs on the system. Each check contains information about the system and also prompts you for confirmation on the action to be performed:

Figure 1.17 – Leapp answerfile

In this example, there is only one answer to confirm. To accept an item in the file, add confirm = True in the section. Optionally, you can use the leapp command to confirm the line item, making sure the section matches:
leapp answer –section remove_pam_pkcs11_module_check.confirm=true

Leave a Reply

Your email address will not be published. Required fields are marked *

All Rights Reserved 2022-2024