Upgrade DaemonSet Defenders

Upgrade Defender DaemonSets in your environment.

Upgrade Defender DaemonSets with twistcli

Delete the Defender DaemonSet, then rerun the original install procedure.
Prerequisites:
You know all the parameters passed to
twistcli
when you initially deployed the Defender DaemonSet. You’ll need them to recreate a working configuration file for your environment.
  1. Delete the Defender DaemonSet.
    $ {orchestrator-cmd} -n twistlock delete ds twistlock-defender-ds $ {orchestrator-cmd} -n twistlock delete sa twistlock-service $ {orchestrator-cmd} -n twistlock delete secret twistlock-secrets
  2. Determine the Console service’s external IP address.
    $ {orchestrator-cmd} get service -o wide -n twistlock
  3. Generate a
    defender.yaml
    file. Pass the same options to
    twistcli
    as you did in the original install. The following example command generates a YAML configuration file for the default install.
    The following command connects to Console’s API (specified in
    --address
    ) as user <ADMIN> (specified in
    --user
    ), and retrieves a Defender DaemonSet YAML config file according to the configuration options passed to
    twistcli
    . In this command, there is just a single mandatory configuration option. The
    --cluster_address
    option specifies the address Defender uses to connect to Console, and the value is encoded in the DaemonSet YAML file.
    • <PLATFORM> can be linux or osx.
    • <ADMIN_USER> is the name of an admin user.
  4. Deploy the Defender DaemonSet.
    $ {orchestrator-cmd} create -f defender.yaml
  5. In Prisma Cloud, go to
    Manage > Defenders > Manage > DaemonSets
    to see a list of deployed Defenders.

Upgrade Defender DaemonSets from Console

Upgrade the DaemonSet Defenders directly from the Console UI.
If you can’t access your cluster with {orchestrator-cmd}, then you can upgrade Defender DaemonSets directly from the Console UI.
Prerequisites:
You’ve created a kubeconfig credential for your cluster so that Prisma Cloud can access it to upgrade the Defender DaemonSet.
  1. Log into Prisma Cloud Console.
  2. Go to
    Manage > Defenders > Manage
    .
  3. Click
    DaemonSets
    .
  4. For each cluster in the table, click
    Actions > Upgrade
    .
    The table shows a count of deployed Defenders and their new version number.

Recommended For You