Orchestrator Migration Guide - Containerized Deployment - 7.9.x

The following article contains a summary of the NetWitness® Orchestrator 7.9 Migration Guide for Containerized Deployments. To see the full guide, go to Attachments on this article and download the associated PDF.

Summary of the NetWitness® Orchestrator 7.9 Migration Guide for Containerized Deployments

The document is a technical migration guide for upgrading and containerizing NetWitness® Orchestrator software, specifically transitioning from CentOS™ 7 to AlmaLinux OS™ 9 using Docker® or Podman.

Migration to Containerized NetWitness® Orchestrator Deployment

This guide outlines the steps for upgrading NetWitness® Orchestrator to a containerized deployment while migrating from CentOS 7 to AlmaLinux OS 9. ​

• The migration process involves shutting down existing services and creating a data repository.
• Key prerequisites include AWS credentials, NetWitness® Orchestrator keystore password, and database access.
• Data migration includes OpenSearch data, Postgres dump files, NetWitness® Orchestrator certificates, and TC Exchange data.
• The guide emphasizes the importance of following the steps in order for successful migration.

Installation of Required Software

This section details the installation of necessary software components for the NetWitness® Orchestrator deployment.

• Users must download the NetWitness® Orchestrator Docker ZIP file on all intended hosts. ​
• Environment variables must be updated in the .env file for configuration. ​
• Installation steps differ for Docker and Podman, with specific commands provided for each. ​
• AWS CLI installation is required for downloading Docker images from NetWitness® Orchestrator's Elastic Container Registry. ​

Configuration of OpenSearch and Database

This section focuses on configuring OpenSearch and the Postgres database for the NetWitness® Orchestrator deployment. ​

• Users must increase the vm.max_map_count setting on the OpenSearch host. ​
• The Postgres database requires a dump file to be loaded after creating a less-privileged user.
• OpenSearch credentials must be set in the .env file to match the previous system. ​

Starting NetWitness® Orchestrator Services

This section describes the process of starting various NetWitness® Orchestrator services in the correct order. ​

• Services must be started in the following order: OpenSearch, Postgres, tc-mon, tc-app, and tc-job.
• Each service's startup should be verified using logs before proceeding to the next.
• Special instructions are provided for setting the OpenSearch password in rootless Podman environments. ​

Troubleshooting and Monitoring NetWitness® Orchestrator

This section provides guidance on troubleshooting common issues and monitoring the NetWitness® Orchestrator deployment. ​

• Users are advised to check the .env file for correct values if issues arise during startup. ​
• Monitoring can be done using Docker commands to check container status and logs.
• Log rotation for Nginx access logs is also covered, including configuration steps. ​

Enabling SAML Configuration

This section outlines the steps to enable SAML configuration for NetWitness® Orchestrator. ​

• Users must update the .env file with appropriate SAML settings. ​
• Required certificate files must be added to the certs folder for SAML integration.
• The guide emphasizes the importance of correct certificate configuration for successful SAML functionality.

For More Information:
For Release Notes and Documentation on NetWitness® Orchestrator 7.9, please visit our NetWitness® Orchestrator page on the NetWitness® Community.
For data sheets and other similar content, visit the Security Automation and Orchestration page on NetWitness.com.