1. Overview

Upgrade Prisma Cloud running in your Swarm cluster.

First upgrade Console. Console will then automatically upgrade all* deployed Defenders for you.

If you’ve disabled Defender auto-upgrade or if Console fails to upgrade one or more Defenders, manually upgrade your Defenders.

*You must manaully upgrade App-embedded Defenders and PCF Defenders.

2. Upgrading Console

To upgrade Console in a Docker Swarm cluster, rerun the install procedure with the latest Prisma Cloud release. Use the same configuration options in twistlock.cfg and twistcli as you used in the initial install.

Prerequisites: You know how you initially installed Prisma Cloud, including all options set in twistcli.cfg and parameters passed to twistcli.

  1. Get a link to the current recommended release.

  2. Connect to your master node.

    $ ssh <SWARM-MASTER>
  3. Download the latest recommended release to the master node.

    $ wget <LINK_TO_CURRENT_RECOMMENDED_RELEASE_LINK>
  4. Unpack the Prisma Cloud release tarball.

    $ mkdir twistlock_<VERSION>
    $ tar xzf twistlock_<VERSION>.tar.gz -C twistlock_<VERSION>/
    $ cd twistlock_<VERSION>
  5. If you customized twistlock.cfg during the original install, port those changes forward to twistlock.cfg in the latest release. Otherwise, proceed to the next step.

  6. Update the Prisma Cloud Console by running the same twistcli command used during the original install.

    $ ./linux/twistcli console install swarm --volume-driver <DRIVER>
  7. Go to Manage > Defenders > Manage and validate that Console has upgraded your Defenders.