In Progress CPANEL-42128 - cPanel ELevate from upgrade to AlmaLinux 8

[celiac101]

I got the warning below regarding my YUM repo. I believe I know how to fix this, and turn off a YUM repo on my system that is likely causing this, however, my bigger concern is that I did not realize that having auto updates on would also automatically upgrade my current CentOS v7.9.2009 STANDARD to AlmaLinux 8. This is an operating system upgrade, which seems, at least to me, to be a bit radical to do in an automated fashion, without supervision.

I thought CentOS v7 has 2 years left before it is no longer supported? Is there a reason why cPanel is trying to run this upgrade now? Is this upgrade no big deal, and could it cause my server issues?



WARNING:
The system detected the following issues which would prevent cPanel ELevate from upgrading the system to AlmaLinux 8:

One or more enabled YUM repo are currently unsupported. You should disable these repositories and remove packages installed from them before continuing the update. Consider reporting this limitation to Issues · cpanel/elevate
System is not up to date
This script (version 2) does not appear to be the newest available release (4). Run this script with the --update option: /scripts/elevate-cpanel --update Pass the --skip-elevate-version-check flag to skip this check.

 

[cPRex]

Hey there! Our automatic updates would never try and force an OS update. Can you let me know specifically where you are seeing this message?

 

[celiac101]

This was an email from my cPanel server with the subject " New Security Advisor notifications with High importance."

The language in the email definitely looks like it was some sort of failed automatic update, and it is now being sent to me daily at 4:30AM:

Type:
Info

Module:
Elevate

Message:
The system detected the following issues which would prevent cPanel ELevate from upgrading the system to AlmaLinux 8:

• One or more enabled YUM repo are currently unsupported. You should disable these repositories and remove packages installed from them before continuing the update. Consider reporting this limitation to Issues · cpanel/elevate
• This script (version 2) does not appear to be the newest available release (4). Run this script with the --update option: /scripts/elevate-cpanel --update Pass the --skip-elevate-version-check flag to skip this check.

 

[cPRex]

Thanks for the additional details. We have a case at CPANEL-42128 to keep that ELevate check from running automatically, but for now you can just ignore this warning. I'll be sure to post an update once I have more details.

But I do want to be clear - this is just a check of the script that *could* update your OS, and no attempted upgrade is taking place.

 

[celiac101]

Thank you for the additional info, and I'm glad my server is not trying to do this update unattended.

Can I ask how such updates are going? In general are most upgrades from CentOS v7 to AlmaLinux 8 going well, and would I notice anything different after such an upgrade? I really have no idea what such an upgrade would mean for my cPanel server, and don't know what modules would work, and which ones wouldn't.

 

[cPRex]

It really depends - I've heard mixed reviews from people. Some have no issues, some run into problems. The more customizations your machine has, the more likely there are to be issues. It's still important to note that ELevate is still experimental.

I'm sorry I don't have a better answer for that one. I'd hate to tell you "it's great" and then see you run into problems, but some people have used it without issue.

 

[quietFinn]

In any case, make sure you have Plan B.

 

[cPRex]

Always have a plan B. Maybe even a C. If you hit any other vowels than A...well..........good luck.

 

[exentric]

Just started receiving these emails as of today ..... are we sure it is not attempting to upgrade by itself ?

 

[cPRex]

Yes, 100% sure.

 

[cPSloaneB]

Additional details:

Currently, the ELevate assessor reports issues detected at the INFO level of severity in cPanel version 106. This should not be sufficient on its own to cause an iContact notification to be issued. If other assessors reported something at the WARNING/warn level or the ERROR/bad level, that is sufficient to cause a notification to be issued, and the ELevate information is likely being included incidentally. On the other hand, if the Security Advisor issues a notification via iContact on 106 or 108, and ELevate is the only item included in the report, that is likely to be a bug.

(Side info: We had planned to raise the severity to WARN in 108, but this never happened. We currently plan to raise the severity to ERROR at some point during the release of 110, since this is intended to be the last version of cPanel to support CentOS 7.)

Additionally, the ELevate assessor in the Security Advisor should never attempt to run the upgrade on its own. The --check flag passed to the upgrade script only performs a non-destructive pre-upgrade check, while the --start flag is required to get the script to begin the upgrade process proper.

 

[bfogel]

My host (DigitalOcean) makes it impossible to elevate my Centos 7 system to AlmaLinux. Can I disable the elevate assessor and make these warnings go away, since I know I'll never go that route?

 

[cPRex]

@bfogel - I don't believe that is possible at this time. I created a feature request at https://features.cpanel.net/topic/22633-disable-cpanel-elevate-warnings and I'll bring that up with the team next week.

 

[bfogel]

Thanks for the info. It may not be a big thing but I appreciate you passing on the request. Would you close the ticket?

 

[eugenevdm.host]

My host (DigitalOcean) makes it impossible to elevate my Centos 7 system to AlmaLinux. Can I disable the elevate assessor and make these warnings go away, since I know I'll never go that route?

Hi there, why do you say DigitalOcean makes it impossible? I just tried to Elevate a CentOS 7.x server to AlmaLinux 8.x and it appears completely broken down/gone at DigitalOcean. I am curious about which warning signs I missed.

 

[bfogel]

I asked cPanel directly if DigitalOcean binaries would interfere with the conversion to AlmaLinux and I was told "yes". I also asked DigitalOcean whether I could run a Droplet without their binaries and was told "no". Did you try the conversion? And now you can't access your Droplet?

 

[vanessa]

What binaries are they talking about? Ones like the cloud agent that can be removed and reinstalled after the upgrade?

 

[bfogel]

Good question, Vanessa. I don't recall, but given your comment, I'll ask them again and post an answer to your question.

 

[eugenevdm.host]

I've tried elevating two servers at DigitalOcean. The one worked with panel beating and the other is failing. I've created a forum post to detail the experience, but for now here I am quoting verbatim from DigitalOcean support after I thought I lost my first server (which didn't have snapshots):

An in-place upgrade of your CentOS distribution to AlmaLinux is also not something we recommend or can support. Instead, we would recommend that you deploy a new AlmaLinux Droplet and migrate your data.

The post where I detail the experience:

Elevate CentOS 7.x to AlmaLinux 8.0 at DigitalOcean issues

I'm sharing my experience elevating to AlmaLinux at DigitalOcean. The first lesson I learnt was rather do a snapshot before you do anything. Unfortunately to be consistent with the advice given by DigitalOcean, one has to shut down the droplet. Our 60 GB droplet with 40 GB of used space takes...

forums.cpanel.net

 

[bfogel]

I surrender. I will deploy a new AlmaLinux Droplet and cPanel/WHM and migrate data, as recommended. That was useful info shared by eugenevdm.host.