How to migrate your OS when it reaches End-Of-Life

Luckily, we prepared a complete checklist with the full picture of having all steps listed and written down. This information can provide a clearer overview of the whole process, and how daunting performing it properly can be.

Allocates kernel memory loads new, secure code into it

Momentarily freezes all processes in a ‘safe’ mode

Modifies original functions and jumps to new secure code, ensuring old (vulnerable) code can never run

Unfreezes all processes and resumes

The Migration Has To Be
Thoroughly Planned

The upgrade process

01 Preparations Img
  • This must be done prior to the maintenance window.
  • It should replicate to the best of your ability the configuration and dependencies of the production environment
  • Until the upgrade can be achieved in the test environment, it should not be attempted in production. In fact, the maintenance window should not even be discussed at this stage



  • Consider the likely event of something not going according to script, no matter how thoroughly planned it was.
    A 10/15% time margin, or no less than the time you need to recover the original system from a backup, should be added to the expected time.
  • If you have a support agreement with your hardware provider, this is the time to ensure it’s in effect. The worst that can happen is needing vendor support and hearing back that it wasn’t paid this year or it expired last month.
  • Older hardware running on newer operating systems can sometimes trigger unexpected behaviors. Even if a driver is available, new functionality added to the operating system can interfere with regular operation of the device. For example, a new virtualization layer might interfere with direct hardware access, or reduce the communication speed between devices. Double check there is no such conflict.
  • If the skills are spread over many members of the team, and you don’t need them all on-site, at least agree on a schedule during which they can be on-call if needed.
  • If you rely on third party software with an SLA agreement, make sure your vendor will be available during the maintenance window to assist in case of unexpected issues.
02 Migration Img
  • Anything that was unexpected
  • Any incompatibilities found
  • Special configurations that were needed at any point during the process
  • Gracefully stop user sessions
  • If possible, cut communications to the system at a perimeter firewall (if applicable)
  • Stop any running services (web servers, databases, file servers)

You -should- test a restore of the backup to ensure it’s working properly. This is one of the most overlooked points, and, when it’s needed, it’s one of the most prone to failure.

The actual installation/upgrade steps are OS-specific. Official documentation should be followed wherever possible.

Ensure the hardware is testing properly. Most devices have a test function that should be working at this point.

  • Any system-specific optimizations, 
  • Integration with identity providers or authentication mechanisms,
  • Monitoring tools, 
  • Security reporting and assessments, local networking and firewall rules

 

Reinstall / Reconfigure specific software. Again, this includes any specific optimization, customization, integration with other systems.

This validation should be done by the actual stakeholders or properly trained staff on actually using that software. It’s easy to fail to spot any software problem if you’re not used to actually using it daily.

Perform a backup to have a point-in-time to fall back to if needed.

  • Start the services if they didn’t start automatically
  • Reopen communication to the system at the perimeter firewall (if applicable)
03 Failback Img
  • This will ensure that the users are least impacted by the problem
  • Ensure the company doesn’t fail compliance by overextending expected downtime
  • Still leave you with the issue of performing the upgrade
    • You should rebuild the test scenario until you can repeat the blocker problem as needed, and document the procedure to overcome it.

Upgrade now – or buy
some time

If, after reading the above migration checklist, you come to the realization that planning for migration and performing migration will take some time, you may want to consider TuxCare Extended Lifecycle Support Services to keep your systems safe while you structure your migration process.

What is included in Extended
Lifecycle Support?

Support for Major Enterprise Linux Distributions past the EOL Date

CentOS 6, Oracle Linux 6 and Ubuntu 16.04 LTS. Support for Debian is under development.

PATCHES AVAILABLE SOON AFTER CVES GO PUBLIC

The TuxCare team is famous for quickly delivering patches for critical CVEs right after the CVE goes public.

EASY SETUP, NO MIGRATION REQUIRED

Run a single script. No reboot is necessary, never interrupt your operations. Simply sync to a new repository file.

ATTRACTIVE PRICING

Starting at $4.25 per Operating System Image, Extended Lifecycle Support is easy on IT budgets. ELS is a sensible way to buy time to migrate.

Contact TuxCare Extended Lifecycle
Support Services Experts

for information regarding your distribution and special offers

Your compare list

Compare
REMOVE ALL
COMPARE
0