Applying updates to support actions in an air-gapped cluster

You can apply the latest QRadar® Suite Software support action changes in an air-gapped environment.

Before you begin

To complete this task, you must be a Red Hat® OpenShift® cluster administrator.

Review the Planning for installation section to ensure that you meet the hardware, system, storage, and other requirements.

Before you install QRadar Suite Software, review and take the following prerequisite steps for a successful installation.

Install Windows Subsystem for Linux (WSL)

Windows only If you are using a Windows computer, you must install Windows Subsystem for Linux® (WSL).

For more information about installing WSL, see Install WSL.

Install Red Hat OpenShift CLI 4.14 or later

The Red Hat OpenShift CLI client helps you develop, build, deploy, and run your applications on any Red Hat OpenShift or Kubernetes cluster. It also includes the administrative commands for managing a cluster under the adm subcommand.

Procedure

Download Red Hat OpenShift CLI 4.14 or later from https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/stable-4.14/. The file to download is called openshift-client-<platform>-<version>.tar.gz.
Extract the binary file that you downloaded by typing the following command, where <oc_cli_archive_file> is the name of the archive file that you downloaded.
```
tar -xf <oc_cli_archive_file>
```
Modify the permissions of the binary file by typing the following command, where <oc_cli_binary> is the name of the Red Hat OpenShift binary that you extracted from the archive.
Move the binary file to the /usr/local/bin directory by typing the following command.
```
mv <oc_cli_binary> /usr/local/bin/oc
```
Tip: If this command returns a No such file or directory or Not a directory error message, create the /usr/local/bin directory by typing the following command.
```
sudo mkdir /usr/local/bin
```
Ensure that the Red Hat OpenShift CLI client is working by typing the following command.
```
oc version
```
Tip: MacOS users might see a message that this tool cannot be opened because it is from an unidentified developer. Close this message and go to System Preferences > Security & Privacy. On the General tab, click Open Anyway or Allow Anyway. Repeat the oc version command.

Install Cloud Pak CLI 3.23.1 or later

Procedure

Download Cloud Pak CLI from https://github.com/IBM/cloud-pak-cli/releases.
Extract the binary file that you downloaded by typing the following command, where <archive_file> is the name of the archive file that you downloaded.
```
tar -xf <archive_file>
```
Modify the permissions of the binary file by typing the following command, where <binary_file> is the name of the Cloud Pak binary file that you extracted from the archive.
```
chmod 755 <binary_file>
```
Move the binary file to the /usr/local/bin directory by typing the following command.
```
mv <binary_file> /usr/local/bin/cloudctl
```
Tip: If this command returns a No such file or directory or Not a directory error message, create the /usr/local/bin directory by typing the following command.
```
sudo mkdir /usr/local/bin
```
Ensure that Cloud Pak CLI is working by typing the following command.
```
cloudctl version
```
Tip: MacOS users might see a message that this tool cannot be opened because it is from an unidentified developer. Close this message and go to System Preferences > Security & Privacy. On the General tab, click Open Anyway or Allow Anyway. Repeat the cloudctl version command.

Applying updates to support actions in an air-gapped cluster

Apply the latest support action changes in an air-gapped environment.

About this task

For more information about support actions, see Support actions.

Procedure

Download the QRadar Suite Software archive file and extract it locally.
1. Create and go to the cp4s_install working directory by typing the following command.
```
export CP4S_DIR=$HOME/cp4s_install &&
mkdir $CP4S_DIR && cd $CP4S_DIR
```
  Important: If you already installed a version of cp4s_install in your $HOME directory, before you run the command you must rename or delete the directory.
2. Download and extract the QRadar Suite Software archive file by typing the following command.
```
cloudctl case save \
  --repo https://github.com/IBM/cloud-pak/raw/master/repo/case \
  --case ibm-cp-security \
  --version 1.0.58 \
  --outputdir $CP4S_DIR \
  -t 1 \
  && tar -xf $CP4S_DIR/ibm-cp-security-1.0.58.tgz
```
Log in to your Red Hat OpenShift Container Platform cluster by typing either of the following commands, where <openshift_url> is the URL for your Red Hat OpenShift Container Platform environment.
- Using a username and password.
```
oc login <openshift_url> -u <username> -p <password>
```
- Using a token.
```
oc login --token=<token> --server=<openshift_url>
```

To mirror images from icr.io into the local registry, mirror the support action pod image by using the case action mirrorICRImages.

The command to run the mirrorICRImages action has the following parameters.

Parameter	Description
--registry	The local docker registry endpoint, for example, `<local_registry>:5000`
--icrImages	The image name and tag.
--namespace	The namespace where QRadar Suite Software is installed.

cloudctl case launch --case ibm-cp-security --inventory ibmSecurityOperatorSetup --namespace <cp4s_namespace> --action mirrorICRImages --args "--registry <local_registry>:5000 --icrImages cp-serviceability:latest" -t 1 <local_registry>:5000 --icrImages cp-serviceability:latest" -t 1

Results

To check the outcome of the command, look for output similar to the following example:

...
info: Planning completed in 350ms
sha256:072cf26743bf9380a550af10b21c60be5d3a9cdb539d49b11b6416b7a017d284 ocp4-agp-bastion.ocpdev.stg.secops.ibmcloudsecurity.com:5000/ibm-cp-security/cp-serviceability:latest
info: Mirroring completed in 10ms (0B/s)
[✓] CASE launch script completed successfully
OK