Installation
Highlighted

RHEL 7: Failing upgrade from 7.2.2 to 7.2.5/6

New Member

I have a small full instance of Splunk used for testing. It's installed on RHEL 7 via tarball.

I've followed the directions on the Splunk site about stopping Splunk services and then installing over top of the existing installation (tar -xzf -C /opt/splunk) then starting Splunk services. The directions indicate you should be prompted as Splunk recognizes there's an install already and that it will attempt to upgrade your instance.

When I start Splunk it never prompts me to upgrade, furthermore it starts Splunk normally. I log into the web GUI and see 7.2.2 still. I looked in ~/etc/system/default and noticed none of the files were touched.

I tried both 7.2.6 and 7.2.5 tarballs, and got the same result. I completely uninstalled my 7.2.2 and reinstalled it, then tried to upgrade it again to no avail.

Am I missing a step?

Labels (1)
Tags (3)
0 Karma
Highlighted

Re: RHEL 7: Failing upgrade from 7.2.2 to 7.2.5/6

SplunkTrust
SplunkTrust

With your command of tar -xzf -C /opt/splunk , can you confirm that the directory;
/opt/splunk/splunk does not exist?
Just to confirm that you are actually overwriting the files in /opt/splunk/bin et cetera.

Normally I've seen the -C option to tar been:
tar -xzf splunkinstallation.tar.gz -C /opt

View solution in original post

0 Karma
Highlighted

Re: RHEL 7: Failing upgrade from 7.2.2 to 7.2.5/6

New Member

Yes, however since it's a test system I opted not to backup. It was Stop, Deploy new tarball, Start.

0 Karma
Highlighted

Re: RHEL 7: Failing upgrade from 7.2.2 to 7.2.5/6

New Member

Yes this worked. I must've underestimated the splunk overwriting capability. The '-C /opt' instead of '-C /opt/splunk' worked flawlessly for me.

Thanks.

0 Karma
Highlighted

Re: RHEL 7: Failing upgrade from 7.2.2 to 7.2.5/6

SplunkTrust
SplunkTrust

@MFiller90 I've turned this into an answer so you can accept it. Thanks

0 Karma
Highlighted

Re: RHEL 7: Failing upgrade from 7.2.2 to 7.2.5/6

Ultra Champion

For education, I want to highlight that this was more about how the tar command works than Splunk. Some installers (like .exe, .msi, .rpm) will detect and overwrite. The tar command simply unpacks the compressed package (like a .zip file) and that's why it's imperative to do that unpacking such that the files overwrite the existing installation. If not, then you'll simply be creating a new Splunk install at another folder.

0 Karma