1. Home
    2. Security Operations
    3. Cortex XSOAR
    4. Cortex XSOAR Multi-Tenant Guide
    5. Install Cortex XSOAR for a Multi-Tenant Deployment
    6. Upgrade Your Multi-Tenant Deployment

    Upgrade Your Multi-Tenant Deployment

    Upgrading a Cortex XSOAR multi-tenant deployment including preparation, upgrade and post upgrade steps.
    The upgrade process makes changes to the data in the database which can introduce version incompatibility between the Cortex XSOAR service version and the database version during upgrade. To maintain version compatibility at any point, make sure to do the following during the upgrade process:
    • Stop the main server before starting the host server(s) upgrades.
    • Upgrade one host server at a time. Other host servers can continue to run while each host upgrades.
    Cortex XSOAR v6.5 with Elasticsearch requires one additional index per tenant, host group, and main account. If you are using Elasticsearch, verify you have sufficient available shards before upgrading to Cortex XSOAR v6.5.
    Upgrade Multi-Tenant with High Availability
    To make sure at any given moment that the Cortex XSOAR services in the same High Availability (HA) group and the database version are compatible you need to:
    • Stop the main server(s) before starting the host upgrades. Do not restart the main server until all hosts are upgraded.
    • You can upgrade all the HA groups in parallel or one at a time.
    • Stop all host servers in the same HA group before starting the upgrade to avoid old host processes using the newer database version. Host servers in other HA groups can continue to run, and their tenants can be accessed directly through the host.
    Upgrade Multi-Tenant with Disaster Recovery
    For Disaster Recovery (DR), you have primary servers for the main and host servers and secondary (backup) servers for the main and host servers. The secondary (backup) servers need to be up and running when the primary servers are in upgrade, so you should always upgrade the secondary (backup) servers before the primary servers. The order for upgrade is therefore:
    • Stop the main primary server.
    • Stop the main secondary (backup) server.
    • For each host, stop the primary host server, stop the secondary (backup) host server, upgrade the secondary host server and then upgrade the primary host server.
    • Upgrade the main secondary (backup) server and then upgrade the main primary server.
    1. Prepare for Upgrade.
      1. Back up your data.
      2. Download the new installer and copy it to all the servers that will be upgraded by running the following command.
        wget -O demisto.sh "<downloadLink>"
        You can use the original URL that was sent to you when installing Cortex XSOAR by adding
        &downloadName=<version>_latest
         to the URL. For example, for v6.5, type the following:
        https://download.demisto.works/download-params/?token=xxxxxxx&email=user@paloaltonetworks.com&downloadName=6_5_latest&eula=accept
        If you do not have the original URL, open a Customer Support ticket and select the
        Download Link
         option. The link is then sent automatically.
      3. Run the following command to allow the
        .sh
         file to run as an executable file.
        chmod +x demisto.sh
    2. (
      Multi-tenant DR and HA only
      ) Stop the main server.
      sudo service demisto stop
      For multi-tenant HA, stop all the main app servers.
      For multi-tenant DR, after stopping the main primary server, stop the main secondary (backup) server.
    3. Upgrade the host servers.
      Repeat this step for all host servers.
      (
      Multi-tenant HA
      ) Repeat this step for all HA groups.
      1. Stop the host server(s).
        sudo service demisto stop
        (
        Multi-tenant HA
        ) Stop all host servers in the same HA group.
        (
        Multi-tenant DR
        ) Stop host secondary (backup) servers.
      2. Run the installer.
        sudo ./demisto.sh -- -multi-tenant
        Cortex XSOAR uses the
        /tmp
         folder for installation. If the folder is blocked by policy, you need to specify a new directory or use
        /var/tmp
         directory by adding the
        -target
         argument to installation before any other flag. For example,
        sudo ./demisto.sh -target /var/tmp --multi-tenant
        (
        Multi-tenant HA
        ) Choose a host server in the HA group and run the installer on it. After checking the host is up and running, repeat on all host servers in the same HA group.
        (
        Multi-tenant DR
        ) Run the installer on the host secondary (backup) server. After checking the host secondary server is up and running, run the installer on the host primary server.
    4. Upgrade the main servers.
      sudo ./demisto.sh -- -multi-tenant
      (
      Multi-tenant HA
      ) Choose a main app server and run the installer on it. After checking the main app server is up and running, run the installer on the other main app servers.
      (
      Multi-tenant DR
      ) Run the installer on the main secondary (backup) server. After checking the main secondary (backup) server is up and running, run the installer on the main primary server.
    5. Validate the upgrade.
      1. (
        Multi-tenant HA
        ) Check that the server is accessible through the load balancer as before upgrade.
      2. Check that all tenants are accessible through the main server.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo