Docker Swarm
1. Overview
Upgrade Prisma Cloud running in your Swarm cluster.
First upgrade Console. Console will then automatically upgrade all deployed Defenders for you.
If you’ve disabled Defender auto-upgrade or if Console fails to upgrade one or more Defenders, manually upgrade your Defenders.
You must manaully upgrade App-Embedded Defenders. |
2. Upgrading Console
To upgrade Console in a Docker Swarm cluster, rerun the install procedure with the latest Prisma Cloud release. Use the same configuration options in twistlock.cfg and twistcli as you used in the initial install.
Prerequisites: You know how you initially installed Prisma Cloud, including all options set in twistcli.cfg and parameters passed to twistcli.
-
Get a link to the current recommended release.
-
Connect to your master node.
$ ssh <SWARM-MASTER>
-
Download the latest recommended release to the master node.
$ wget <LINK_TO_CURRENT_RECOMMENDED_RELEASE_LINK>
-
Unpack the Prisma Cloud release tarball.
$ mkdir twistlock_<VERSION> $ tar xzf twistlock_<VERSION>.tar.gz -C twistlock_<VERSION>/ $ cd twistlock_<VERSION>
-
If you customized twistlock.cfg during the original install, port those changes forward to twistlock.cfg in the latest release. Otherwise, proceed to the next step.
-
Update the Prisma Cloud Console by running the same twistcli command used during the original install.
$ ./linux/twistcli console install swarm --volume-driver <DRIVER>
-
Go to Manage > Defenders > Manage and validate that Console has upgraded your Defenders.