Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 3892 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

upgrade from 9.409-9 to latest 9.411-3 fails on one firewall with postgress upgrade

systeembeheerder

Hi,


I upgraded my HA config of 2 UTM's in Master/Slave mode from 9.409-9 to latest  9.411-3. 

First the Slave (firewall2) succeeded. then it became the master and the orignal master (firewall1) started to update.

It did never finish.

 

/user/local/bin/pg92_schemaupgrade[4729]: Found schema upgrade files: /var/storage/pgsql92/upgrade/upgrade_NUTM-5561.sh

psql: could not connect to server: No such file or directory

Is the server running locally and accepting

connection on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"?

 

and so on.

 

according to the view on the other firewall the disk is not full.

Any suggestion?

 

Kind Regards,


Addy van den Doel

 

 

 



This thread was automatically locked due to age.
Parents
  • 0

    you have a running master so not real a problem..

    shutdown your firewall1, just connect eth3 (cluster-ha) to your running master and restart firewall1...

    check if it runs fine..

    greets

    zaphod
    ___________________________________________

    Home: Zotac CI321 (8GB RAM / 120GB SSD)  with latest Sophos UTM
    Work: 2 SG430 Cluster / many other models like SG105/SG115/SG135/SG135w/...

Reply
  • 0

    you have a running master so not real a problem..

    shutdown your firewall1, just connect eth3 (cluster-ha) to your running master and restart firewall1...

    check if it runs fine..

    greets

    zaphod
    ___________________________________________

    Home: Zotac CI321 (8GB RAM / 120GB SSD)  with latest Sophos UTM
    Work: 2 SG430 Cluster / many other models like SG105/SG115/SG135/SG135w/...

Children
  • 0 in reply to zaphod

    Hi zaphod,

     

    Thanks for the reply. 

    The firewall is hanging in the update process.. even after every reboot. To be honest I can't see how removing the cables (except the HA) is going to work to solve this.

    Can you explain how this is going to do the trick? 

    Addy

  • +1 in reply to systeembeheerder

    Hi Addy,

     

    you have a running master. check on HA config page that this is marked:

    if this is set then new nodes will be integrated automaticly.

    - uncable the non-function node (except HA)

    - Factory reset non-function node

    - it will reboot and should be automaticly be configured to be part of you HA Cluster

    - after all updates installed recable the node again

    HA should be function again.

    hope this helps.

     

    greets

    zaphod
    ___________________________________________

    Home: Zotac CI321 (8GB RAM / 120GB SSD)  with latest Sophos UTM
    Work: 2 SG430 Cluster / many other models like SG105/SG115/SG135/SG135w/...

  • 0 in reply to zaphod

    Ok, thats a solution,

    thanks for that.

    as this firewall HA set is at a remote location a hour drive away, is there a logical explanation for this?

    Bug in the update? something else I could check before upgrading so I can prevent this in the future?

    Because I can do life without this hour drive ;P

     

  • 0 in reply to systeembeheerder

    hi,

    i am not a sophos employee and this is a user helps user forum. i cant answer your questions.

    if you want to make sure i give you the right solution for your problem make a support-call at sophos..

     

    since the sophos updates are often buggy in the last months (or years?!?) it is always a good practice to not install each update as it is rolled out by sophos..

    check this forum.. there are always some early adopters ;-)

     

    greets

    zaphod
    ___________________________________________

    Home: Zotac CI321 (8GB RAM / 120GB SSD)  with latest Sophos UTM
    Work: 2 SG430 Cluster / many other models like SG105/SG115/SG135/SG135w/...

  • 0 in reply to zaphod

    Good to know they are buggy. I can relate now. 

    I want to keep up to date on security issues so might be an early adopter because of that. I was hoping some sophos employees would read along here an would learn something about its users and patch their bugs if it is one.

    at the Astaro era this was the case and I was pleased by it.  Not sure it this is still the case.

     

    Thanks for the help Zaphod.

     

Unfiltered HTML