Server Upgrade - Gather Configuration Details

If you are running an in-place upgrade (you're not updating hardware as part of your upgrade), then nearly all the configuration data is preserved. Strictly-speaking, you do not need to gather all of the configuration information in this case. However, we recommend gathering the information as detailed in this topic. In the worse case scenario, should upgrade fail, then you will have a record of all configuration information should you need to restore. In any case, you can use the configuration details you collect to verify the upgrade when it's complete.

Take screen shots

A relatively quick way to capture the basics of your configuration is to take screen shots of the TSM web interface pages and the Tableau Server admin area.

Click through all visible pages and take screen shots:

Record object counts

When you are in Tableau Server admin area, count and record the following in each site:

  • Projects, workbooks, views, data sources
  • Users and groups

Record firewall configuration

If you have configured a local firewall for Tableau Server on Linux, then it's a good idea to copy the configuration for your records.

Our setup documentation describes how to use Firewalld(Link opens in a new window) to configure the firewall on single and multi-node deployments of Tableau Server running on RHEL/CentOS distributions. See Configure Local Firewall.

Run the following command to retrieve the firewall configuration:

sudo firewall-cmd --list-all

Verify TSM Controller certificate expiry

Verify the certificate for the TSM Controller is still valid.

To verify your TSM Controller SSL certificate's expiration date:

  1. Open a terminal session.

  2. Type the following commands to display the dates when the certificate is valid:

    openssl s_client -connect <tsm_servername>:8850
    echo | openssl s_client -connect <tsm_servername>:8850 2>/dev/null | openssl x509 -noout -dates
  3. If the certificate is expired, open a case(Link opens in a new window) with our Support team, and they can provide guidance.

Gather asset files

Many of the supporting files (certificates, IdP metadata, logos, etc) that you upload to Tableau Server are not accessible with TSM after you upload them. Specifically, files that are uploaded and managed by the Client File Service are renamed and obfuscated before they are distributed across the deployment. This process also parametrises the file attributes that are required by Tableau services. As a result, files are not mapped to a single file location on the file system for the following files. If you have uploaded any of the following files, be sure to have copies of them saved off of the computer that is running Tableau Server:

  • SAML certificate file
  • SAML key file
  • SAML IdP metadata file
  • OpenID.static.file
  • Kerberos.keytab file
  • LDAP Kerberos keytab file
  • LDAP Kerberos conf file
  • Mutual SSL certificate file
  • Mutual SSL revocation file
  • Customisation header logo file
  • Customisation sign-in logo file
  • Customisation compact logo file

Gather custom configuration information

Some configuration information is not displayed in the TSM or Tableau Server web pages. This section includes configuration details that you may need to gather depending on how you've customised your Tableau deployment.

Secure SMTP

If you have configured TLS for Tableau Server, then you will need to record the TLS-related configurations, which are not included in the Email Server configuration of the TSM Web UI.

To gather the TLS-related configurations, you must run tsm configuration get with the following key values:

  • svcmonitor.notification.smtp.ssl_enabled
  • svcmonitor.notification.smtp.ssl_required
  • svcmonitor.notification.smtp.ssl_check_server_identity
  • svcmonitor.notification.smtp.ssl_trust_all_hosts
  • svcmonitor.notification.smtp.ssl_ciphers
  • svcmonitor.notification.smtp.ssl_versions

For example, to retrieve the list of ciphers that are configured for SMTP TLS, run the following command:

tsm configuration get -k svcmonitor.notification.smtp.ssl_ciphers

You can find more information about each of the keys above in the TSM CLI section of Configure SMTP Setup.

Analytics extensions

If you have configured analytics extensions (formerly referred to as "external services), you will need to record your configuration information. Upgrading to Tableau Server 2020.2 or later will remove all configuration for this feature.

To retrieve the analytics extensions configuration from Tableau Server versions 2019.1 through 2020.1, run the following command:

tsm security vizql-extsvc-ssl list

To retrieve the password that is stored for the analytics extensions connection (if any), run the following tsm command:

tsm configuration get -k vizqlserver.rserve.password

You should also have a copy of the certificate for analytics extensions if you've configured SSL.

External Repository

This applies only if you are using the External Repository configuration with Tableau Server. If you are not sure if this applies to you, see Tableau Server External Repository.

If you are using an External Repository, you may need to take additional steps when upgrading.

External File Store

There are no special steps, actions or configurations required when upgrading Tableau Server configured with External File Store. You can upgrade Tableau Server using the normal procedure.

Port customisation

If you have changed the dynamic port range or have configured ports manually for Tableau Server, record the changes you have made.

Run the following command:

tsm topology list-ports

For more information see Tableau Services Manager Ports.

Continue to .Server Upgrade - Verify Licensing Status

Thanks for your feedback!Your feedback has been successfully submitted. Thank you!