How to Perform an Offline Air-Gapped Server Installation or Upgrade
search cancel

How to Perform an Offline Air-Gapped Server Installation or Upgrade

book

Article ID: 288102

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

How to install or upgrade an air-gapped Carbon Black EDR server that does not have internet access. 

Environment

  • Carbon Black EDR Server: All Supported Versions
  • Linux OS: All Supported Versions

Resolution

A. Prerequisite

  • An Internet facing caching server is required to download the rpm packages necessary to perform the EDR Installation and Upgrades. 
    • Must match the same OS and kernel version of the air-gapped server. Failure to do this will cause yum to fail on version dependencies. 
    • This machine does not need to meet the Operating Environment Requirements (OER).
    • Do not install or configure the EDR application on the caching server, this can cause issues with downloading all the required packages for future upgrades. 
  • An air-gapped server that meets the OER sizing guide

B. Configure the Caching Server

  1. Install the appropriate OS on the caching server.
  2. Download the license RPM from the entitlements support.broadcom.com portal and install per the instructions. Copy this file to the air-gapped server also. 
    Download the License RPM
  3. Download the package generation, follow the steps to get the script, your authentication token and run the generate_cbserver_repo.sh script per the instructions. Copy this file to the air-gapped server also. 
    Authenticate to Packages Repository
  4. Install the following utilities required to create the repo.  
    yum install yum-utils -y
yum install createrepo -y
  5. Add these two configs into /etc/yum.conf  
    keepcache=1
cachedir=/var/cache/yum/$basearch/$releasever
  6. Make the cache directory. Note: Where 8 is the major version of the OS you are on. 
    mkdir -p /var/cache/yum/x86_64/8/CarbonBlack
  7. Change into the cache directory the remainder of the steps require you to be in this working directory, 
    cd /var/cache/yum/x86_64/8/
  8. Clean the yum cache 
    yum clean all
  9. For OS version 8 and higher, run the following command.  
    sudo yum module disable postgresql redis python38 python39
  10. Download the application directly to the directory  
    yum install cb-enterprise --downloadonly --downloaddir=/var/cache/yum/x86_64/8/CarbonBlack
  11. Run the create repo to generate the repodata required for the air gapped server to use the files  
    createrepo CarbonBlack
  12. Gzip the directory and move it to the air gapped server.  
    tar --selinux -cvzf /tmp/edr_yum_cache.tar.gz CarbonBlack/

     

C. Configure the Air-Gapped Server

For clustered instance, the same steps will need to be performed on each node. 

  1. Move the license RPM downloaded from the entitlements support.broadcom.com portal onto this box and install it via the instructions here.
    Download the License RPM
  2. Copy the package run on the internet facing server that contains the generate_cbserver_repo.sh script. Extract the files and run the script.
  3. Open the /etc/yum.repos.d/CarbonBlack.repo file for editing. Modify the baseurl= to the following: 
    baseurl=file:///var/cache/yum/$basearch/$releasever/CarbonBlack
  4. Clean the yum cache  
    yum clean all
  5. Make the cache directory. Note: Where 8 is the major version of the OS you are on. 
    mkdir -p /var/cache/yum/x86_64/8
  6. Change into the cache directory the remainder of the steps require you to be in this working directory, 
    cd /var/cache/yum/x86_64/8/
  7. Extract the repo files from the internet facing tar capture  
    tar --selinux -xvzf /tmp/edr_yum_cache.tar.gz
  8. For OS version 8 and higher, run the following command.  
    sudo yum module disable postgresql redis python38 python39

Installation on the Air-Gapped Server

Do not follow these steps for upgrade. Running cbinit will result in a loss of data. 

  1. Run the following command to install the RPM files  
    yum install cb-enterprise --disablerepo="*" --enablerepo="CarbonBlack"
  2. Follow the official documentation for initialization and adding minion nodes (for clustered)
    1. Initialize and Configure a New Server
    2. Cluster Installation and Management
  3. Start the EDR Server services upon completion. 
    How to Start, Stop and Restart EDR Application Services

 

Upgrading an Air-Gapped Server

  1. Stop the EDR Server Services.
    How to Start, Stop and Restart EDR Application Services
  2. Update the application on each server node. 
    yum update cb-enterprise --disablerepo="*" --enablerepo="CarbonBlack"
  3. Finalize with cbupgrade on each server node. 
    /usr/share/cb/cbupgrade
  4. Start the EDR server services upon completion. 
    How to Start, Stop and Restart EDR Application Services

 

Additional Information

  • This staging/caching server must be the same OS (CentOS, RHEL, Rocky, Alma), OS version and patches as the actual target EDR server.
    • This guide does not cover upgrading the air-gapped machines OS related packages. Please see OS documentation for steps to perform OS level upgrades on an air-gapped server.  
    • Any OS level updates need to be performed on both servers simultaneously 
  • Can a Direct Download Link be Provided for an Air-gapped Server?
Powered by Wolken Software