You can install AppDefense Guest Module on guest Linux virtual machines (VM) where your application workloads are running using the VMware package repository. The Linux VM (or server that is used to supply binaries to VMs) must be able to access https://packages.vmware.com. The installation of AppDefense Guest Module installs the AppDefense package, and the Guest Introspection package.

Perform the steps as applicable for your Linux distribution. You can upgrade to a specific Linux distribution by running the command provided in the Note section. You must have administrator rights on the Linux VM.

Prerequisites

  • You must complete the prerequisites before the actual installation. For details, refer to Guest Module Install Prerequisites for Linux Systems.
  • The Linux VM (or server that is used to supply binaries to VMs) must have access to https://packages.vmware.com. To verify accessibility to packages.vmware.com, use the ping packages.vmware.com command. Then run the curl -Is https://packages.vmware.com/appdefense command. The curl request returns the HTTP/1.1 200 OK status code.

Procedure

  1. For Ubuntu systems:
    1. Obtain and import the VMware packaging public keys using the following commands.
      curl -L https://packages.vmware.com/appdefense/key/VMWARE-APPD-PACKAGING-GPG-RSA-KEY.pub --output VMWARE-APPD-PACKAGING-GPG-RSA-KEY.pub
      apt-key add VMWARE-APPD-PACKAGING-GPG-RSA-KEY.pub
    2. Create a file named appdefense.list under /etc/apt/sources.list.d.
      Note: The Linux VM, where you want to deploy AppDefense, must have the netfilter dependency installed. If not, the VM must have access to the OS repository to install the netfilter package.
    3. Create or edit /etc/apt/sources.list.d/appdefense.list with the following content.
      deb [arch=amd64] https://packages.vmware.com/appdefense/latest/ubuntu trusty main
      deb [arch=amd64] https://packages.vmware.com/appdefense/latest/guest-introspection-for-vmware-nsx/ubuntu trusty main
    4. Install the AppDefense Guest Module package using the following commands.
      apt-get update
      apt-get install vmw-glx
    Note: To upgrade or install a specific version, run the following command:
    apt-get install vmw-glx=<version> guest-introspection-for-vmware-nsx

    OR

    apt-get install --only-upgrade vmw-glx guest-introspection-for-vmware-nsx

    See Ubuntu upgrade limitation for 2.3 version in Known Limitation With Linux VMs.

  2. For RHEL systems:
    1. Obtain and import the VMware packaging public keys using the following commands.
      wget https://packages.vmware.com/appdefense/key/VMWARE-APPD-PACKAGING-GPG-RSA-KEY.pub
      
      rpm --import VMWARE-APPD-PACKAGING-GPG-RSA-KEY.pub
    2. Create a file named appdefense.repo under /etc/yum.repos.d.
    3. Edit the /etc/yum.repos.d/appdefense.repo file with the following content.
       
      [repo-appdefense]
      name=AppDefense repo
      baseurl=https://packages.vmware.com/appdefense/latest/
      enabled=1
      gpgcheck=1
      
      [guest-introspection-for-vmware-nsx]
      name=Guest Introspection for VMware NSX
      baseurl=https://packages.vmware.com/appdefense/latest/guest-introspection-for-vmware-nsx/rhel/x86_64/
      enabled=1
      gpgcheck=1
    4. Install the AppDefense Guest Module package using the following command.
      yum install vmw-glx
      Note: To upgrade or install a specific version, run the following command.
      • Clear the previous repository cache using the yum clean all command.
      • To install a specific version:
        yum install vmw-glx-<version> Guest-Introspection-for-VMware-NSX
      • To upgrade to the latest version:
        yum install vmw-glx Guest-Introspection-for-VMware-NSX
  3. For CentOS systems:
    1. Obtain and import the VMware packaging public keys using the following commands.
      wget https://packages.vmware.com/appdefense/key/VMWARE-APPD-PACKAGING-GPG-RSA-KEY.pub
      
      rpm --import VMWARE-APPD-PACKAGING-GPG-RSA-KEY.pub
    2. Create a file named appdefense.repo under /etc/yum.repos.d.
    3. Edit the /etc/yum.repos.d/appdefense.repo file with the following content.
       
      [repo-appdefense]
      name=AppDefense repo
      baseurl=https://packages.vmware.com/appdefense/latest/
      enabled=1
      gpgcheck=1
      
      [guest-introspection-for-vmware-nsx]
      name=Guest Introspection for VMware NSX
      baseurl=https://packages.vmware.com/appdefense/latest/guest-introspection-for-vmware-nsx/centos/x86_64/
      enabled=1
      gpgcheck=1
    4. Install the AppDefense Guest Module package using the following command.
      yum install vmw-glx
      Note: To upgrade or install a specific version, run the following command.
      • Clear the previous repository cache using the yum clean all command.
      • To install a specific version:
        yum install vmw-glx-<version> guest-introspection-for-vmware-nsx
      • To upgrade to the latest version:
        yum install vmw-glx guest-introspection-for-vmware-nsx
  4. For SLES systems:
    1. Obtain and import the VMware packaging public keys using the following commands.
      wget https://packages.vmware.com/appdefense/key/VMWARE-APPD-PACKAGING-GPG-RSA-KEY.pub
      
      rpm --import VMWARE-APPD-PACKAGING-GPG-RSA-KEY.pub
    2. Add the following repository:
      zypper ar "https://packages.vmware.com/appdefense/latest/" appdefense
      
      zypper ar https://packages.vmware.com/appdefense/latest/guest-introspection-for-vmware-nsx/sles/x86_64/" guest-introspection-for-vmware-nsx
    3. Install the AppDefense Guest Module package using the following command.
      zypper install vmw-glx
      Note: To upgrade or install a specific version, run the following commands.
      • Update repository using zypper refresh command.
      • Upgrade using following commands:
        zypper install vmw-glx-<version> guest-introspection-for-vmware-nsx
        zypper update guest-introspection-for-vmware-nsx
  5. To verify if AppDefense Guest Module is installed, run the following command with the root privilege.
    /etc/init.d/vmw_glxd status
  6. To verify if the Guest Introspection is installed, run the following command with the root privilege.
    /etc/init.d/vmw_conn_notifyd status

Results

The status is running.

What to do next

If you cannot access the VMware package repository (https://packages.vmware.com), then install AppDefense Guest Module using the Downloads (https://appd-dl.vmware.com/repository/) repository.

If you are facing issues using the above steps to install or upgrade, you can use a script to perform all the install tasks for you. For details, refer to Issues with Linux Guest Module Install or Upgrade .