How to Perform an Offline Air-Gapped Server Upgrade

search cancel

book

calendar_today

Carbon Black EDR (formerly Cb Response)

To upgrade Carbon Black EDR server onto air gapped (offline) Linux servers that do not have access to the public internet.

Install the Carbon Black EDR License RPM, this file can be found in your entitlements section under licenses.

sudo rpm -ivh <carbon-black-release-file>

Example file name: carbon-black-release-1.0.5-1-My_Company.x86_64.rpm

Edit /etc/yum.conf, and set:

[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=1

Tar up the Yum cache directory. (the files are saved in a directory specified in /etc/yum.conf cachedir key value)

sudo version=$(sed 's/^[^0-9]*\([0-9]*\).*/\1/' /etc/system-release); tar --selinux -cvzf yumcache.tar.gz -C /var/cache/yum/x86_64/$version/ .

Take the resulting file (yumcache.tar.gz) and move it to the desired offline server.
Log into the offline EDR server CLI

If necessary, create the following folder hierarchy:

sudo version=$(sed 's/^[^0-9]*\([0-9]*\).*/\1/' /etc/system-release); mkdir /var/cache/yum/x86_64/$version/

Untar the file to the local offline server:

sudo version=$(sed 's/^[^0-9]*\([0-9]*\).*/\1/' /etc/system-release); tar -xvzf yumcache.tar.gz -C /var/cache/yum/x86_64/$version/

Stop the EDR services. How to Start, Stop and Restart EDR Application Services
Upgrade the EDR application using the local cache.
```
yum update cb-enterprise
```
Finalize the upgrade
```
/usr/share/cb/cbupgrade
```
Follow the same steps for a clustered instance by upgrading the minion nodes.
Start the EDR services after upgrade has completed. How to Start, Stop and Restart EDR Application Services

This staging/caching server must be the same OS (CentOS, RHEL) as the actual target EDR server. Any updates/installs done to the caching server may result in dependency issues if the package was installed prior to saving to local cache.

thumb_up Yes

thumb_down No