OnApp 6.2 Patch 3 (6.2.0-183)

5 May 2020

This is an update for the Control Panel server and static compute resources. This document provides information on improvements and fixes implemented as a part of the 6.2.0-183 update, as well as the upgrade instructions for:

In this release, the global whitelist functionality has been implemented to increase the security level of your admin account. See Global Whitelist for more details and configuration instructions. 

On this page:


The following improvement was implemented in the scope of the 6.2.0-183 update. 

KeyRelease Notes
CORE-16894Improved data security with automated disk wiping on source data store after hot full migration between LVM data stores.


The following issues were fixed in the scope of the 6.2.0-183 update. 

KeyRelease NotesAffected Versions

When you edit only NIC 0 Connection field and leave all the other fields with default values at the Resources step of the vApp creation wizard, the vApp is created without a network and VS network interface.

6.2 - 6.2 Patch 2
CORE-16695After you migrated a Linux-based VS from Xen to KVM in the Migrate VS wizard, the network was not configured on the destination compute resource.6.2
CORE-16782When you tried to create a new user and used the “<” or “>” symbols when setting a password, the error message appeared in the user creation wizard.6.2

If you tried to delete a VS backup at the Backups for Virtual Server page, the transaction failed with a system error. 

CORE-16856When a transaction fails on VS which is not built or it is built and locked, and you schedule the next transaction on this VS, the Failed instead of Pending status is displayed at the VS Details page.6.2 Patch 2

When you tried to create a new vApp, the labels were cropped in the Password Reset section at the Guest Customization step of the creation wizard. 


If OnApp admin created White List for a user, the admin could not log in as this user if one's IP was not on the user's White List. 

CORE-16887Sometimes, after upgrading to 6.2, the 500 Internal Server Error could appear at the CDN usage statistics and CDN Resources pages.6.2 Patch 2
CORE-16895A vCenter VS creation could sometimes fail if it was based on OVA template with NVRAM file.6.0 Patch 8 - 6.2
CORE-16897Sometimes, if you edited prices at the Rate Card tab, the 500 Internal Server Error appeared.6.2
CORE-16903If you disabled the Show Compute resources on Virtual Server creation permission, the Primary data store dropbox at the Resources step of the VS Creation wizard still contained data stores added to a restricted compute zone.6.0 - 6.2
CORE-16910It was possible to allocate more than available Primary and Swap disks size at the Resources step of the VS Creation wizard for a Linux-based VS, but the VS creation failed. 6.2
CORE-16918If you set 2 for cores and vcpu values for a VS, and then unlocked editing XML config for a VS at the Edit XML Config page and clicked the Save button, the Irrelevant numbers of CPU sockets error appeared.6.0 - 6.2
CORE-16933It was impossible to hot migrate a VS created from the Linux template between two compute resources.6.2
CORE-16936If you selected a vCenter OVA template with two or more disks at the Templates step of the VS Creation wizard, it was impossible to proceed to the next step.6.2 Patch 2
INSTALLER-489If you used the NSX functionality, the size of production log could exceed 3GB per month. 6.2
INSTALLER-496If you updated libvirt and KVM versions from 1.5.x to EV on CentOS7 KVM compute resources with powered on VSs, the VSs were powered off after the update. 6.0 Patch 10 - 6.2 Patch 2

Patch Installation

The instructions below are relevant if you already run OnApp 6.2.

Upgrade Control Panel Server

  • If you upgrade from OnApp >=6.2.0-146, run the following command:

    Run the Control Panel installer:

    # /onapp/onapp-cp-install/onapp-cp-install.sh --quick-update
  • If you upgrade from OnApp < 6.2.0-146, run the following steps (1-4). 

To upgrade your Control Panel server:

  1. Upgrade OnApp Control Panel installer package:

    # yum update onapp-cp-install
  2. Update your server OS components (if required):

    # /onapp/onapp-cp-install/onapp-cp-install.sh -y
  3. (Optional) If you need some custom Control Panel configuration, set the values before the installer script runs.

     The list of custom configuration options for Control Panel.
    # vi /onapp/onapp-cp.conf

    Template server URL


    # IPs (separated with coma) list for the SNMP to trap. This is the list of Control Panel IP addresses on which the traps sent from the compute resources are processed.


    # OnApp Control Panel custom version


    # OnApp MySQL/MariaDB connection data (database.yml)


    # MySQL/MariaDB server configuration data (in case of local server)


    Use MariaDB instead of MySQL as OnApp database server (Deprecated parameter. If you set any values for this parameter, they will not take effect)


    #Configure the database server relative amount of available RAM


    # The number of C data structures that can be allocated before triggering the garbage collector. It defaults to 8 million. Only change this value if you understand what it does.


    # sysctl.conf net.core.somaxconn value


    # The root of OnApp database dump directory (on the Control Panel box)


    # Remote server's (to store database dumps) IP, user, path, openssh connection options and number of dumps to keep

    DB_DUMP_SERVER_SSH_OPT="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o PasswordAuthentication=no"
    DB_DUMP_CRON='40 * * * *'

    Enable monit - tool for managing and monitoring Unix systems


    # If enabled (the 1 value is set) - install (if local box) and configures RabbitMQ Server (messaging system) for the vCloud support. (Deprecated parameter. If you set any values for this parameter, they will not take effect)


    # Rotate transactions' log files created more than TRANS_LOGS_ROTATE_TIME day(s) ago


    # Maximum allowed for uploading file size in bytes, from 0 (meaning unlimited) to 2147483647 (2GB). Default is 0.


    # Timeout before ping Redis Server to check if it is started. Default is 10 sec.


    # OnApp Control Panel SSL certificates (please do not change if you aren't familiar with SSL certificates)

    # * The data below to generate self-signed PEM-encoded X.509 certificate

    SSL_CERT_COMMON_NAME=`hostname --fqdn 2>/dev/null`

    #   SSLCertificateFile, SSLCertificateKeyFile Apache directives' values

    #   ssl_certificate, ssl_certificate_key Nginx directives' values


    # * PEM-encoded CA Certificate (if custom one exists)
    #   SSLCACertificateFile, SSLCertificateChainFile Apache directives' values
    #   ssl_client_certificate Nginx directives' values


    #   SSLCipherSuite, SSLProtocol Apache directives' values

    #   ssl_ciphers, ssl_protocols Nginx directives' values

  4. Run the Control Panel installer:

    # onapp/onapp-cp-install/onapp-cp-install.sh --quick-update

    Please, answer ‘yes’ when installer prompts to initiate images, templates, and ISOs download. 

     The full list of installer options for Control Panel.


    /onapp/onapp-cp-install/onapp-cp-install.sh [-c CONFIG_FILE] [--mariadb | --community | --percona | --percona-cluster] [-m MYSQL_HOST] [--mysql-port=MYSQL_PORT] [--mysql-sock[=MYSQL_SOCK] [-p MYSQL_PASSWD] [-d MYSQL_DB] [-u MYSQL_USER] [-U ADMIN_LOGIN] [-P ADMIN_PASSWD] [-F ADMIN_FIRSTNAME] [-L ADMIN_LASTNAME] [-E ADMIN_EMAIL] [-v ONAPP_VERSION] [-i SNMP_TRAP_IPS] [--redis-host=REDIS_HOST] [--redis-bind[=REDIS_BIND] [--redis-passwd[=REDIS_PASSWD] [--redis-port=REDIS_PORT] [--redis-sock[=REDIS_SOCK] [--rbthost RBT_HOST] [--vcdlogin VCD_LOGIN] [--vcdpasswd VCD_PASSWD] [--vcdvhost VCD_VHOST] [--rbtlogin RBT_LOGIN] [--rbtpasswd RBT_PASSWD] [-a] [-y] [-D] [-t] [--noservices] [--ha-install] [--rake=RAKE_TASKS] [-h]
     Database server options:Default database SQL server is MySQL Server. Please use one of the following option to install LOCALLY.
    --mariadbMariaDB Server
     --communityMySQL Community Server
    --perconaPercona Server
    --percona-clusterPercona Cluster

    MYSQL_*Options are useful if MySQL is already installed and configured.
    -m MYSQL_HOSTMySQL host. Default is 'localhost'
    --mysql-port=MYSQL_PORTTCP port where MySQL Server serves connections. Default values is 3306 for the local installation
     --mysql-sock[=MYSQL_SOCK]Unix socket on which MySQL Server serves connections. Default values is /var/lib/mysql/mysql.sock. Used if local server only. The socket is unset if the option's argument isn't specified.
    -p MYSQL_PASSWDMySQL password. Random is generated if is not set or specified.
    -d MYSQL_DBOnApp MySQL database name. Default is 'onapp'
    -u MYSQL_USERMySQL user. Default is 'root'

    REDIS_*Options are useful if Redis Server is already installed and configured.

    IP address/FQDN where Redis Server runs. It is used by Control Panel to connect to Redis Server. The Redis Server will be installed and configured on the current box if localhost/ or box's public IP address (listed in SNMP_TRAP_IPS) is specified. Default value is If local Redis, it will serve as well on the unix socket 'PORT' (if --redis-sock without argument isn't specified).
    --redis-bind[=REDIS_BIND]The IP address for Redis Server to serve connections (to listen). The option isn't mandatory.
    --redis-port=REDIS_PORTRedis Server listen port.
    Defaults are:
    0 - if local server
    6379 - if remote server
    --redis-passwd[=REDIS_PASSWD]Redis Server password to authentificate.
    Random password is generated if the option's argument isn't specified.
    By default no password is used for local Redis.
    --redis-sock[=REDIS_SOCK]:Path to the Redis Server's socket. Used if local server only. Default is /var/run/redis/redis.sock. The socket is unset if the option's argument isn't specified.

    ADMIN_*Options are used to configure OnApp Control Panel administrator data.
    Please note, that these options are for NEW INSTALL only and not for upgrade


    CP administrator password
    -F ADMIN_FIRSTNAMECP administrator first name
    -L ADMIN_LASTNAMECP administrator last name
    -E ADMIN_EMAILCP administrator e-mail

      --rbthost   RBT_HOST  IP address/FQDN where RabbitMQ Server runs. The RabbitMQ will be installed and configured on the current box if localhost/ or box's public IP address (enlisted in SNMP_TRAP_IPS) Default value is
    VCD_*Options are usefull if vCloud/RabbitMQ are already installed and configured.
    --vcdlogin  VCD_LOGINRabbitMQ/vCloud user. Default value is 'rbtvcd'.
    --vcdpasswd VCD_PASSWDRabbitMQ/vCloud user password. The random password is generated if isn't specified.
    --vcdvhost  VCD_VHOSTRabbitMQ/vCloud vhost. Default value is '/'
    RBT_*  Options are used to configure RabbitMQ manager account. If local RabbitMQ server.
    --rbtlogin  RBT_LOGIN RabbitMQ manager login. The default value is 'rbtmgr'.
    --rbtpasswd RBT_PASSWDRabbitMQ manager password. The random password is generated if isn't specified.

    --rake RAKE_TASKSList of OnApp Control Panel rake tasks (separated with space) to run at the very end of install or upgrade.
    -v ONAPP_VERSIONInstall custom OnApp CP version
    -i SNMP_TRAP_IPSIP addresses separated with coma for snmp to trap
    -yUpdate OS packages (except of OnApp provided) on the box with 'yum update'.
    -aIs not interactive. Process with automatic installation. Please note, this will continue OnApp Control Panel install/upgrade even if there is transaction currently running.
    -tAdd to the database and download Base Templates. For new installs only. If this option is not used, then only the following mandatory System Templates will be added by default during fresh install: OnApp CDN Appliance; Load Balancer Virtual Appliance; Application Server Appliance.

    Do not start OnApp services: monit, onapp and httpd
    Please note, crond and all OnApp's cron tasks remain running. They could be disabled by stopping crond service manually for your own risk.

    -DDo not make database dump, and make sure it is disabled in the cron and not running at the moment.
    --quick|--quick-update[=SERVICE] Procceed with quick update procedure. This will skip update and configuration for services, such as system packages, MySQL database, Redis Server, RabbitMQ Server, and Monit service. Set the SERVICE parameter (space separated list of statements) to define services, which need to be updated. Possible reserved statements are:                   rpms - for 'system packages' upgrade;
    mysql - for MySQL databse upgrade ond configuring;
    redis - for ERedis Server upgrade and configuring;
    rabbitmq - for RabbitMQ Server upgrade and configuring;
    monit - for Monit upgrade and configuring.
    --accept-eulaAutomatically accept OnApp's End User License Agreement.
    -c CONFIG_FILECustom installer configuration file. Otherwise, preinstalled one is used.
    -hPrint this info
  5. Start OnApp related services (like onapp, onapp-licensing, httpd) if ‘—quick-update’ option was used for the installer.

Upgrade Static Compute Resources (CentOS7 KVM only)

To upgrade CentOS7 KVM static compute resources, follow the next procedure:

  1. Make sure your compute resource is visible and online on the Control Panel.
  2. Update hypervisor tools:

    # yum update onapp-hv-tools-kvm

Upgrade Static Compute Resources with Integrated Storage (CentOS7 KVM only)

To upgrade CentOS7 KVM static compute resources with Integrated Storage, follow the next procedure:

  1. Make sure your compute resource is visible and online on the Control Panel.
  2. Update hypervisor tools:

    # yum update onapp-hv-tools-kvm