CKB:Migrating Cryptshare: Unterschied zwischen den Versionen

Aus Cryptshare Documentation
Wechseln zu:Navigation, Suche
(Imported from text file)
 
Keine Bearbeitungszusammenfassung
 
Zeile 2: Zeile 2:


== Applies to: ==
== Applies to: ==
{{NoteBox|title=|content=All versions of Crypshare Server
{{NoteBox|title=|content=All versions of Cryptshare Server
}}
}}


Zeile 9: Zeile 9:


== Solution: ==
== Solution: ==
Be sure that your Cryptshare Server is running at least version 4.3.0 before proceeding. If not, please update as described here: [https://wiki.cryptshare.com/display/CSM/Updates Updates]
Be sure that your Cryptshare Server is running at least version 4.3.0 before proceeding. If not, please update as described here: [[CSSCurrent_en:Updates|Updates]]
The following guide will take you step by step to the new Appliance recommended and tested by our Support staff and customers.
The following guide will take you step by step to the new Appliance recommended and tested by our Support staff and customers.
=== Collect (or better check for completeness) the data for the new appliance ===
=== Collect (or better check for completeness) the data for the new appliance ===


'''According to our Quickstartguide Step 2 (Click to expand...)'''
'''According to our Quickstartguide Step 2'''


According to our [https://wiki.cryptshare.com/display/CSM/Quick+Start+Guide Quick Start Guide Step 2]:
According to our [[CSSCurrent_en:Quick_Start_Guide|Quick Start Guide Step 2]]:
{{TipBox|title=Best Practice|content=Depending on size and structure of your business, different stakeholders may need to be involved in your preparations.<br />We strongly recommend you identify these stakeholders during your preparation and have these items completed so the installation can be carried out smoothly.
{{TipBox|title=Best Practice|content=Depending on size and structure of your business, different stakeholders may need to be involved in your preparations.<br />We strongly recommend you identify these stakeholders during your preparation and have these items completed so the installation can be carried out smoothly.
}}
}}


'''New (temporary) IP-Adress (Click to expand...)'''
'''New (temporary) IP address'''


In general, you need a public, static IP address for your Cryptshare Server. In Case you have already such an adress in use, you'll need only a temporary adress as long both servers are needed (the actual one & the new one)
In general, you need a public, static IP address for your Cryptshare Server. In case you have already such an address in use, you'll need only a temporary address as long both servers are needed (the actual one & the new one)


'''SSL certificate (Click to expand...)'''
'''SSL certificate'''


The existing certificate will be copied in the process. If you want to change the certificate please follow [https://wiki.cryptshare.com/display/CSM/Setting+up+an+SSL+Certificate SSL Certificate] and the related Articles there.
The existing certificate will be copied in the process. If you want to change the certificate please follow [[CSSCurrent_en:Setting_up_an_SSL_Certificate|SSL Certificate]] and the related articles there.


'''Select or define the Administrators (Click to expand...)'''
'''Select or define the Administrators'''


It is mandatory to configure the e-mail address of a user or a user group as administrators of the Cryptshare Server. Cryptshare Server will send notifications to this e-mail address in case of available updates, warnings or errors. Without an administrator e-mail address, the configuration cannot be completed. Decide which e-mail address should be used and set up a user group in your mail server directory if required.
It is mandatory to configure the email address of a user or a user group as administrators of the Cryptshare Server. Cryptshare Server will send notifications to this email address in case of available updates, warnings or errors. Without an administrator email address, the configuration cannot be completed. Decide which email address should be used and set up a user group in your mail server directory if required.


=== Create the new Appliance ===
=== Create the new Appliance ===
Zeile 37: Zeile 37:
=== Prepare the Appliance in your Hypervisor (VMware or HyperV) ===
=== Prepare the Appliance in your Hypervisor (VMware or HyperV) ===
==== Check the Virtual Hardware ====
==== Check the Virtual Hardware ====
Refer to the [https://wiki.cryptshare.com/pages/viewpage.action?pageId=1016341 System Requirements].
Refer to the [[CSSCurrent_en:Requirements_for_Appliances|System Requirements]].
==== Add an additional Virtual Disk ====
==== Add an additional Virtual Disk ====
Cryptshare uses different storage locations to save
Cryptshare uses different storage locations to save
Zeile 48: Zeile 48:
These storage locations should be sized according to your requirements and have to be configured in the Cryptshare Server.
These storage locations should be sized according to your requirements and have to be configured in the Cryptshare Server.


'''Sizing calculation (Click to expand...)'''
'''Sizing calculation'''


{{InfoBox|title=Sizing Calculation|content=To determine the correct size for your needs, add the results of the following formulas:<br />`suggested Temp folder size = (Max allowed Transfersize * 3)  <br />`<br />`suggested retention folder size in MByte = ((expected average number of transfers per day) * (expected average transfer size in MByte) * (maximum planned retention time))`<br />`suggested backup folder size = depends on your backup strategy  <br />`<br />{{NoteBox{{!}}title=Planning the Backup size requirements{{!}}content=If you want to backup transfer data as well, you will have multiply the space by a factor (x+1) where x is the number of backups of the transfer data you want to keep. However, it is recommended to backup data to a location outside the Cryptshare Server as otherwise, you will lose your productive data and your backup data in case of a disk failure.<br />}}<br /><br />This will provide enough space for your transfer data, for the temporary directory and also if you want to back up the system configuration and transfer meta information to this disk.
{{InfoBox|title=Sizing Calculation|content=To determine the correct size for your needs, add the results of the following formulas:<br /><br />suggested Temp folder size = (Max allowed Transfersize * 3)  <br />suggested retention folder size in MByte = ((expected average number of transfers per day) * (expected average transfer size in MByte) * (maximum planned retention time))<br />suggested backup folder size = depends on your backup strategy  <br /><br />This will provide enough space for your transfer data, for the temporary directory and also if you want to back up the system configuration and transfer meta information to this disk.
}}
}}


Now add the additional virtual disk with the preferred size to the appliance using the instruction [https://wiki.cryptshare.com/x/EAWFAg Extending available disk space]
{{NoteBox|title=Planning the Backup size requirements|content=If you want to backup transfer data as well, you will have multiply the space by a factor (x+1) where x is the number of backups of the transfer data you want to keep. However, it is recommended to backup data to a location outside the Cryptshare Server as otherwise, you will lose your productive data and your backup data in case of a disk failure.<br />}}
To configure the Temp directory refer to [https://wiki.cryptshare.com/display/CSM/System+Startup+Configuration System Startup Settings - Temporary Folder]
 
{{InfoBox|title=enlarge an existing disk|content=Please follow this guide to enlarge the harddisk if nessecary:<br />[https://wiki.cryptshare.com/display/CKB/Freeing+Disk+Space+on+a+Cryptshare+Server Freeing Disk Space on a Cryptshare Server]
Now add the additional virtual disk with the preferred size to the appliance using the instruction [[CSSCurrent_en:Installation#Extend_available_disk_space_for_Cryptshare_transfers|Extending available disk space]]
To configure the Temp directory refer to [[CSSCurrent_en:System_Startup_Configuration#Temporary_Folder|System Startup Settings - Temporary Folder]]
{{InfoBox|title=enlarge an existing disk|content=Please follow this guide to enlarge the harddisk if nessecary:<br />[[{{NAMESPACE}}:Freeing_Disk_Space_on_a_Cryptshare_Server|Freeing Disk Space on a Cryptshare Server]]
}}
}}


Zeile 88: Zeile 90:
  scp -r /opt/cryptshare-3/resources/ui root@CRYPTSHARE_NEW:/opt/cryptshare-3/resources
  scp -r /opt/cryptshare-3/resources/ui root@CRYPTSHARE_NEW:/opt/cryptshare-3/resources


'''if you changed the ports or SSL-Passwords (Click here to expand...)'''
'''if you changed the ports or SSL-Passwords'''


  '''5. copy your Interface Config files'''
  '''5. copy your Interface Config files'''

Aktuelle Version vom 30. Dezember 2022, 12:17 Uhr


Applies to:

All versions of Cryptshare Server

Purpose:

This article guides you through a Cryptshare Server migration.

Solution:

Be sure that your Cryptshare Server is running at least version 4.3.0 before proceeding. If not, please update as described here: Updates The following guide will take you step by step to the new Appliance recommended and tested by our Support staff and customers.

Collect (or better check for completeness) the data for the new appliance

According to our Quickstartguide Step 2

According to our Quick Start Guide Step 2:

Best Practice
Depending on size and structure of your business, different stakeholders may need to be involved in your preparations.
We strongly recommend you identify these stakeholders during your preparation and have these items completed so the installation can be carried out smoothly.

New (temporary) IP address

In general, you need a public, static IP address for your Cryptshare Server. In case you have already such an address in use, you'll need only a temporary address as long both servers are needed (the actual one & the new one)

SSL certificate

The existing certificate will be copied in the process. If you want to change the certificate please follow SSL Certificate and the related articles there.

Select or define the Administrators

It is mandatory to configure the email address of a user or a user group as administrators of the Cryptshare Server. Cryptshare Server will send notifications to this email address in case of available updates, warnings or errors. Without an administrator email address, the configuration cannot be completed. Decide which email address should be used and set up a user group in your mail server directory if required.

Create the new Appliance

Create the new Appliance for vSphere or download one for the Hyper-V in our VM Build Service: Cryptshare Buildservice

Import the delivered Appliance

Install it parallel to your old server in your DMZ

Prepare the Appliance in your Hypervisor (VMware or HyperV)

Check the Virtual Hardware

Refer to the System Requirements.

Add an additional Virtual Disk

Cryptshare uses different storage locations to save

  • Temporary files

Temporary files are created during the upload, virus check, encryption process or any other pre-processing tasks.

  • The transfer payload

The folder where the payload of the system is stored, i.e. the encrypted files and messages that are being transferred from A to B reside in this folder until they are automatically deleted at the end of the retention time.

  • Backups

The folder into which you can back up your system configuration, transfer meta data and the transfer data itself. These storage locations should be sized according to your requirements and have to be configured in the Cryptshare Server.

Sizing calculation

Sizing Calculation
To determine the correct size for your needs, add the results of the following formulas:

suggested Temp folder size = (Max allowed Transfersize * 3)
suggested retention folder size in MByte = ((expected average number of transfers per day) * (expected average transfer size in MByte) * (maximum planned retention time))
suggested backup folder size = depends on your backup strategy

This will provide enough space for your transfer data, for the temporary directory and also if you want to back up the system configuration and transfer meta information to this disk.
Planning the Backup size requirements
If you want to backup transfer data as well, you will have multiply the space by a factor (x+1) where x is the number of backups of the transfer data you want to keep. However, it is recommended to backup data to a location outside the Cryptshare Server as otherwise, you will lose your productive data and your backup data in case of a disk failure.

Now add the additional virtual disk with the preferred size to the appliance using the instruction Extending available disk space To configure the Temp directory refer to System Startup Settings - Temporary Folder

enlarge an existing disk
Please follow this guide to enlarge the harddisk if nessecary:
Freeing Disk Space on a Cryptshare Server

Next steps with the new Server

  • Start the Server
  • login via PuTTY as root and proceed with this commands:
1. deactivate the Cryptshare service

rccryptshare stop
2. Set the TEMP Folder to the new disk

echo "" >> /opt/cryptshare-3/launcher.ini
echo "vm.arg.1=-Djava.io.tmpdir=/var/opt/cryptshare-3/tmp" >> /opt/cryptshare-3/launcher.ini

Proceed at the old Cryptshare Server

  • create a Backup of the database at the old system with the Name: cs3-MovingBackup
  • login via PuTTY as root and proceed with this commands:
deactivate the Cryptshare service

rccryptshare stop

Now start the Copyjobs to copy the data from the old Cryptshare Server to the new one

1. your actually active Transfers

scp /opt/cryptshare-3/upload (or your actually used path)/* root@CRYPTSHARE_NEW:/var/opt/cryptshare-3/uploads
2. your database Backup

scp /opt/cryptshare-3/backup (or your actually used path)/cs3-MovingBackup.zip root@CRYPTSHARE_NEW:/opt/cryptshare-3/backup
3. your actual SSL-Key

scp /opt/cryptshare-3/lib/security/keystore root@CRYPTSHARE_NEW:/opt/cryptshare-3/lib/security/
4. your actual Web-UI

scp -r /opt/cryptshare-3/resources/ui root@CRYPTSHARE_NEW:/opt/cryptshare-3/resources

if you changed the ports or SSL-Passwords

5. copy your Interface Config files

scp /opt/cryptshare-3/resources/WEB-INF/?i-config.xml root@CRYPTSHARE_NEW:/opt/cryptshare-3/resources/WEB-INF/

Finishing steps to activate the new Server

  • login via PuTTY as root and proceed with this commands:
activate the new Cryptshare Server

rccryptshare start
  • Log in the Administrative Interface and restore the DB-Backup cs3-MovingBackup
Please note! Using this way the database can be restored if one of the following Cryptshare versions is installed on old server:
4.3.0
If different versions are used, the web interface will be no more available after the restore.
Attention! Please restore the database only! Do not restore the system data and/or transfers in this way!
30441530.png
Restore database from version 4.2.x
Please use the following steps, to restore the database from Cryptshare 4.2.x
- unpack the backup from the old server into the folder /root/tmp
unzip /opt/cryptshare-3/backup/cs3-MovingBackup.zip -d /root/tmp
- change into new directory
cd /root/tmp/cs3-MovingBackup
- unpack the database
unzip database/db-cs3-Moving.zip -d cryptshare
- stop the Cryptshare service
systemctl stop cryptshare.service
- replace the database folder
mv cryptshare /opt/cryptshare-3/orientDB/databases/cryptshare
- start the Cryptshare service
systemctl start cryptshare.service
  • Make sure that all path names in the Administration Interface match the actual file locations:
    • Uploads: Check System Settings > Transfer Settings
    • Backups: Check Restore/Backup
    • Temp: Check System Status > Scroll down and click on Java Runtime Environment
    • Disk Space Monitoring: System Settings > System Notifications > Check if all monitored paths are valid
  • change the firewall and DNS-Settings (switch to the new IP-address)