The first step in the upgrade process is the AppDefense Appliance upgrade. Starting from the AppDefense Appliance 2.3 release, you can now upgrade AppDefense Appliance using the Fail-Safe upgrade feature. If there is an upgrade failure, the Fail-Safe appliance upgrade feature reverts the appliance version to the previous running version.
If database disk on the appliance has less space available, then expand the disk space before upgrading. For more details on how to expand disk space, refer to How to Increase the Appliance Database Storage.
- Clean up appliance disk space as follows.
- Go to https://appd-dl.vmware.com/repository/cleanup_appliance.sh. The cleanup_appliance.sh script is downloaded.
- SSH to AppDefense Appliance using the admin credentials. For example, ssh admin@<Appliance_IP_Address>.
- Download and run the following script.
curl -s https://appd-dl.vmware.com/repository/cleanup_appliance.sh | sudo bash
- Log in to the AppDefense Appliance VA GUI at https://<appliance ip address> using the admin credentials or using the vSphere user credentials.
- With 2.3 version, you have two ways to upgrade.
- Regular Upgrade: Take a snapshot of the appliance virtual machine (VM) before the upgrade. For details, refer to Back Up AppDefense Appliance VM Before Upgrade.
- (Optional) Fail-Safe Upgrade: If there is an upgrade failure, the Fail-Safe appliance upgrade feature reverts the appliance version to the previous running version. For the Fail-Safe upgrade feature, add an extra disk as described in Add an Additional Disk for Appliance VM.
For the Fail-Safe appliance upgrade compatibility, refer to Fail-Safe Appliance Upgrade Compatibility.
- Go to the tab.
- Download an upgrade bundle. For details, refer to Download Appliance Upgrade Bundle.
- The New Upgrade Available section becomes available with the Upgrade Now option.
Note: The timeout for AppDefense Appliance is 30 minutes. If you get a Session Expired message, log in to the AppDefense Appliance again with the same admin credentials.
- Click Upgrade Now. The Upgrade is in progress message appears. Appliance reboots automatically. AppDefense Appliance remains unreachable during this time. Ignore any errors from Appliance UI during this time.
When the upgrade is in-progress, AppDefense Appliance restarts all the services.Important:
Appliance is upgraded as per the available upgrade bundle.Note: When Fail-Safe upgrade is supported, upgrade failure reverts the appliance version to the previous running version.
- If you encounter any disk space issue during upgrade, resolve as described in Disk Space Issues During Appliance Upgrade.
If previously failed and rolled back, resolve the problem and re initiate upgrade as normal upgrade. For more details, refer to the Troubleshooting section. You can contact the VMware support team at https://www.vmware.com/support/contacts.html with the error message displayed in the Error in last Appliance upgrade task section.
- After the upgrade is complete, log in to AppDefense Appliance again. You can verify the Appliance version on the Appliance Dashboard page.
What to do next
Upgrade AppDefense Host Module and then AppDefense Guest Module.
If you have enabled AppDefense Service (SaaS), verify upgrade as follows.
- Log in to AppDefense Manager.
- Click the settings () icon, and then click Appliances. Make sure that the appliance status is Active, and the Version column displays the upgraded version. For example, 220.127.116.11-<build number>.
- Go to Inventory > Hosts tab. Verify the status of the hosts. If the status is not active, click the required host, and then click Config Sync. This action sync up the hosts with the new appliance configuration. This action is mostly applicable to the host module that is not upgraded to the latest version. After the sync is complete, the status of the host must be Active.
- Go to Inventory > VMs tab. After the host status becomes Active, verify that the Guest Module status is also Active.