1. Overview

Upgrade Prisma Cloud Onebox. First upgrade Console. Console will then automatically upgrade all* deployed Defenders for you.

If you’ve disabled Defender auto-upgrade or if Console fails to upgrade one or more Defenders, manually upgrade your Defenders.

*You must manaully upgrade App-embedded Defenders and PCF Defenders.

2. Upgrading Console

To upgrade Console, rerun the install script for the latest version of Prisma Cloud. Use this method for any Console that was originally installed with the twistlock.sh script.

  1. Download the latest recommended release.

  2. Unpack the downloaded tarball.

    Optional: you may wish to unpack the tarball to a different folder than any previous tarballs.

    $ mkdir twistlock_<VERSION>
    $ tar -xzf prisma_cloud_compute_edition_<VERSION>.tar.gz -C twistlock_<VERSION>/

    The setup package contains updated versions of twistlock.sh and twistlock.cfg.

  3. Check the version of Prisma Cloud that will be installed:

    $ grep DOCKER_TWISTLOCK_TAG twistlock.cfg
  4. Upgrade Prisma Cloud while retaining your current data and configs by using the -j option. The -j option merges your current configuration with any new configuration settings in the new version of the software.

    You must use the same install target in your upgrade as your original installation. There are two install targets: onebox and console, where onebox installs both Console and Defender onto a host and console just installs Console.

    To upgrade your onebox install, run:

    $ sudo ./twistlock.sh -syj onebox

    To upgrade your console install, run:

    $ sudo ./twistlock.sh -syj console
  5. Go to Manage > Defenders > Manage and validate that Console has upgraded your Defenders.