Product Upgrading

Recommendation for MetaDefender Core upgrade

Our goal is to help you execute the product upgrade continuously, efficiently, and correctly.

PostgreSQL service upgrade

• Bundled PostgreSQL Service: If you are using the bundled PostgreSQL server included in the installer, the PostgreSQL service will be automatically upgraded to the newer version (if available). No additional action is required for this process.
• Remote PostgreSQL Service: For remote PostgreSQL servers, customers are responsible for managing and upgrading the service independently. Upgrading MetaDefender Core does not update the remote PostgreSQL service.

Before the upgrade

Prepare a proper disaster recovery plan (DRP) including some common practices:

• Backup, or take a snapshot of your current working MetaDefender Core server.

  • This is to help quickly rollback for any upgrade failure might cause later for any reason.

• Optionally backup your PostgreSQL database, especially when using remote shared database mode.

  • Reference: https://www.postgresql.org/docs/current/backup.html
  • Please do it after stopping all linked MetaDefender Core instances to avoid potential data collision.

• Lastly, if backing up entire server is not feasible, then at least export MetaDefender Core configuration package Import/Export configuration just in case you'll need to start off a new server with current MetaDefender Core configuration to keep the scanning service running without any impact.

On the PostgreSQL server, double check server resource to ensure sufficient RAM memory and disk space to be preserved for the upgrade process.

• 8GB RAM available at least during the upgrade.
• Disk availability is greater than MetaDefender Core database size.

While doing the upgrade

Applicable for shared database deployment:

• Stop all MetaDefender Core instances' scanning service before performing the upgrade.
• Upgrade one (1) MetaDefender Core instance at a time.
• Proceed to upgrade MetaDefender Core instance where the bundle local PostgreSQL server is used for shared database setup.
• Otherwise is using remote PostgreSQL then the upgrade order does not matter.

For large size database, mostly for scan history, expecting long time to be spent on the upgrade process.

The product supports an option to skip data migration for scan history to expedite the process drastically and mitigate any failure risk. You can manually backup all data from your PostgreSQL server for offline usage if any.

Check "Skip upgrade scan data" to enable this feature while doing the upgrade.

or add following key in the ignition file:

[internal]

skip_upgrade_scan_data = 0

Troubleshooting

If the upgrade process ever runs into an error:

• Double check your network and services, applicable to remote PostgreSQL server.

• Optionally configure MetaDefender Core to skip migrating scan history.

  • Windows

    • Open Windows registry, and navigate to HKLM\Software\OPSWAT\Metascan
    • Add a new key internal/skip_upgrade_scan_data with value = 1

  • Linux

    • Open MetaDefender Core configuration file /etc/ometascan/ometascan.conf
    • Add new key into the file
      • [internal]
      • skip_upgrade_scan_data=1

  • Note: This key will be auto removed upon the upgrade finishes.

  • Then restart MetaDefender Core service to retry the upgrade.

    • Might retry this a few times until the upgrade is done.

Just in case the upgrade process still fails, please contact OPSWAT support with the support package - How to Create Support Package With Bundle Tools? This will help us analyze the root cause and figure out an optimal solution for your system failure.