Upgrade Prisma Cloud running in your Kubernetes cluster.
First upgrade Console. Console will then automatically upgrade all deployed Defenders for you.
If you’ve disabled Defender auto-upgrade or if Console fails to upgrade one or more Defenders, manually upgrade your Defenders.
|You must manaully upgrade App-Embedded Defenders.|
Since Prisma Cloud objects can be specified with configuration files, we recommend declarative object management for both install and upgrade.
You should have kept good notes when initially installing Prisma Cloud. The configuration options set in twistlock.cfg and the parameters passed to twistcli in the initial install are used to generate working configurations for the upgrade.
Prerequisites: You know how you initially installed Prisma Cloud, including all options set in twistcli.cfg and parameters passed to twistcli.
Download the latest recommended release to the host where you manage your cluster with kubectl.
If you customized twistlock.cfg, port those changes forward to twistlock.cfg in the latest release. Otherwise, proceed to the next step.
Generate new YAML configuration file for the latest version of Prisma Cloud. Pass the same options to twistcli as you did in the original install. The following example command generates a YAML configuration file for the default basic install.
$ <PLATFORM>/twistcli console export kubernetes --service-type LoadBalancer
If you’re upgrading from 19.03, then you must first delete the old ReplicationController. Starting with 19.07, Prisma Cloud Console is managed by a Deployment controller.
This is a one time step only. After upgrading to 19.07, you no longer need to manually delete the ReplicationContoller when upgrading to newer versions of Prisma Cloud.
$ kubectl delete rc twistlock-console -n twistlock
Update the Prisma Cloud objects.
$ kubectl apply -f twistlock_console.yaml
Go to Manage > Defenders > Manage and validate that Console has upgraded your Defenders.