1. Upgrading Console

To upgrade Console, rerun the install script for the latest version of Twistlock. Use this method for any Console that was originally installed with the twistlock.sh script.

Procedure

  1. Download the latest Twistlock release package from Releases.

  2. Unpack the downloaded tarball.

    Optional: you may wish to unpack the tarball to a different folder than any previous tarballs.

    $ mkdir twistlock_<VERSION>
    $ tar -xzf twistlock_<VERSION>.tar.gz -C twistlock_<VERSION>/

    The setup package contains updated versions of twistlock.sh and twistlock.cfg.

  3. Check the version of Twistlock that will be installed:

    $ grep DOCKER_TWISTLOCK_TAG twistlock.cfg
  4. Upgrade Twistlock while retaining your current data and configs by using the -j option. The -j option merges your current configuration with any new configuration settings in the new version of the software.

    You must use the same install target in your upgrade as your original installation. There are two install targets: onebox and console, where onebox installs both Console and Defender onto a host and console just installs Console.

    To upgrade your onebox install, run:

    $ sudo ./twistlock.sh -syj onebox

    To upgrade your console install, run:

    $ sudo ./twistlock.sh -syj console

You can now upgrade all your Defenders from the Console UI.

2. Upgrading Container Defenders

The Console user interface lets you upgrade all Defenders in a single shot. This method minimizes the effort required to upgrade all your deployed Defenders.

Alternatively, you can select which Defenders to upgrade. Use this method when you have different maintenance windows for different deployments. For example, you might have an open window on Tuesday to upgrade thirty Defenders in your development environment, but no available window until Saturday to upgrade the remaining twenty Defenders in your production environment. In order to give you sufficient time to upgrade your environment, older versions of Defender can coexist with the latest version of Defender and the latest version of Console.

Prerequisites

  • You have already upgraded Console.

Procedure

  1. Open Console.

  2. On the left menu bar, go to Manage > Defender > Manage and click Defenders to see a list of all your deployed stand-alone Container Defenders.

  3. Upgrade your stand-alone Defenders. You can either:

    • Upgrade all Defenders at the same time by clicking Upgrade all.

    • Upgrade a subset of your Defenders by clicking the individual Actions > Upgrade button in the row that corresponds to the Defender you want to upgrade.

      The Restart and Decommission buttons are not available for DaemonSet Defenders. They are only available for stand-alone Defenders.