CloudShark Support

Migration from CloudShark 1.7 and earlier to 1.8 and later

Overview

A major change in CloudShark 1.8 is the transition from Ubuntu to CentOS/RHEL as the required operating system.

This decision was motivated by the improved long term support and stability offered on CentOS/RHEL. In addition, the move to an rpm based distribution enabled us to develop a number of significant improvements for CloudShark system administrators, including streamlined and automated package management, installation, and upgrades via the new Cloudshark Lounge.

Note that Ubuntu based operating systems will not be supported beyond CloudShark 1.7.

Migration Process

Any version of CloudShark up to 1.7 can be migrated to any version of CloudShark 1.8 and after.

As a result of the architectural changes associated with CentOS/RHEL, existing CloudShark 1.7 and earlier systems cannot be upgraded directly. Instead, a new system utilizing CentOS or RHEL 6.x or 7.x must be provisioned for CloudShark.

Once the new system is up and running, the process described on this page will migrate all captures, meta data, and settings from the old CloudShark <=1.7 system to the new CloudShark system. A successful migration should result in a CloudShark system that is essentially identical to the original CloudShark <=1.7 system.

This process will ensure that the following assets are migrated:

  • All capture files
  • All meta data associated with capture files (tags, comments, annotations, etc.)
  • The CloudShark system database
  • All CloudShark settings
  • Any SSL keys that have been set up for SSL decryption rules
  • The web server configuration (nginx configuration files and SSL configuration)

This process will not automatically configure the following:

  • LDAP/AD on the new system, or any operating system accounts
  • The firewall on the new system; if a custom firewall configuration has been set up on the old system, that configuration will have to be manually set up on the new system

Note that the migration process will not modify anything on the old system.

Requirements

CloudShark must be installed on a newly provisioned CentOS or RHEL system, as detailed in the CloudShark quick start guide. Note that installation of CloudShark will require an account on the new CloudShark Lounge. Please contact support@cloudshark.org if you have not received your account information.

The new CloudShark system must have an active internet connection and must be on the same network as the old CloudShark <=1.7 system. We recommend connecting both systems to the same LAN segment (preferably via gigabit Ethernet).

Before proceeding, note that the migration process may take some time, depending on the amount of data that needs to be copied, the performance of the two systems, and the speed of the LAN connecting them. There will be some downtime so please plan accordingly.

Procedure

  1. Ensure the requirements above have been met.

  2. Halt the CloudShark process on the new system: su; service cloudshark stop

  3. Halt the CloudShark process on the old <=1.7 system: /etc/init.d/cloudshark stop

  4. Run the command bash <(curl get.cloudshark.org/migrate) as the root user on the new system. This command will launch a shell script that will manage the migration of CloudShark assets from the old system to the new system. You will need to specify a few parameters, such as the IP address of the old CloudShark system and the password. This command can be run more than once in the case of interruption.

  5. Once the migration has finished, restart the new CloudShark system. The new system should be fully operational at this point, and should be identical to old system. The old system can now be disabled.

About CloudShark

CloudShark is made by QA Cafe, a technology company based in Portsmouth, NH. Our passion for packet captures has grown out of our other product CDRouter.

Get in touch via our Contact us page or by following us on your favorite service: