The first step in the upgrade process is the AppDefense Appliance upgrade. Starting from the AppDefense Appliance 2.3 release, you can now upgrade AppDefense Appliance using the Fail-Safe upgrade feature. If there is an upgrade failure, the Fail-Safe appliance upgrade feature reverts the appliance version to the previous running version.

Prerequisites

If database disk on the appliance has less space available, then expand the disk space before upgrading. For more details on how to expand disk space, refer to How to Increase the Appliance Database Storage.

Make sure AppDefense Appliance virtual machine has a minimum memory of 24 GB.
Note: Upgrading AppDefense Appliance from can take 15–30 minutes depending on the size of existing database partition. Schedule the AppDefense Appliance upgrade in the maintenance window of the vCenter Server, or when you expect less activity on the vCenter Server user interface.

Procedure

  1. Clean up appliance disk space as follows.
    1. Go to https://appd-dl.vmware.com/repository/cleanup_appliance.sh. The cleanup_appliance.sh script is downloaded.
    2. SSH to AppDefense Appliance using the admin credentials. For example, ssh admin@<Appliance_IP_Address>.
    3. Download and run the following script.
      curl -s https://appd-dl.vmware.com/repository/cleanup_appliance.sh | sudo bash
  2. Log in to the AppDefense Appliance VA GUI at https://<appliance ip address> using the admin credentials or using the vSphere user credentials.
  3. With 2.3 version, you have two ways to upgrade.
  4. Go to the Configuration > Upgrade tab.
  5. Download an upgrade bundle. For details, refer to Download Appliance Upgrade Bundle.
  6. The New Upgrade Available section becomes available with the Upgrade Now option.

    Note: The timeout for AppDefense Appliance is 30 minutes. If you get a Session Expired message, log in to the AppDefense Appliance again with the same admin credentials.
  7. Click Upgrade Now. The Upgrade is in progress message appears. Appliance reboots automatically. AppDefense Appliance remains unreachable during this time. Ignore any errors from Appliance UI during this time.
    When the upgrade is in-progress, AppDefense Appliance restarts all the services.
    Important:
    Appliance is upgraded as per the available upgrade bundle.

    Note: When Fail-Safe upgrade is supported, upgrade failure reverts the appliance version to the previous running version.

    If previously failed and rolled back, resolve the problem and re initiate upgrade as normal upgrade. For more details, refer to the Troubleshooting section. You can contact the VMware support team at https://www.vmware.com/support/contacts.html with the error message displayed in the Error in last Appliance upgrade task section.

  8. After the upgrade is complete, log in to AppDefense Appliance again. You can verify the Appliance version on the Appliance Dashboard page.

Results

The Current Bundle Information section appears at the bottom of the AppDefense Appliance Upgrade page and displays the version details. For the upgraded appliance version, the corresponding versions that are available for the host module and guest module are displayed.

What to do next

Upgrade AppDefense Host Module and then AppDefense Guest Module.

If you have enabled AppDefense Service (SaaS), verify upgrade as follows.

  1. Log in to AppDefense Manager.
  2. Click the settings () icon, and then click Appliances. Make sure that the appliance status is Active, and the Version column displays the upgraded version. For example, 2.3.0.0-<build number>.
  3. Go to Inventory > Hosts tab. Verify the status of the hosts. If the status is not active, click the required host, and then click Config Sync. This action sync up the hosts with the new appliance configuration. This action is mostly applicable to the host module that is not upgraded to the latest version. After the sync is complete, the status of the host must be Active.
  4. Go to Inventory > VMs tab. After the host status becomes Active, verify that the Guest Module status is also Active.