Preparing to patch or upgrade Guardium Data Security Center
As of IBM Guardium Data Security Center Version 3.6.0, OCP and OpenShift® Data Foundation (ODF) Version 4.16 are now supported.
Before you begin
- Version 3.2.x can be upgraded to a maximum of version 3.3.0.
- Version 3.3.x can be patched to latest version 3.3.y (where y is greater than x). Do not shut down Guardium Insights when you patch the product.
Procedure
- If you are running Guardium
Insights
Version 3.2.0 or 3.2.1, patch your environment to Guardium
Insights Version 3.2.2. This update includes changes to the data ingestion pipeline, performance improvements, and schema changes.
After you complete this step, your environment consists of:
- Guardium Insights Version 3.2.2
- IBM Cloud Pak® foundational services Version 3.19
- OCP Version 4.10
- ODF Version 4.10
- If you are running Guardium
Insights
Version 3.2.2 to 3.2.7, patch your environment to Guardium
Insights Version 3.2.8. This update includes support for OCP Version 4.12.
After you complete this step, your environment consists of:
- Guardium Insights Version 3.2.8
- Cloud Pak foundational services Version 3.19
- OCP Version 4.10
- ODF Version 4.10
- Upgrade OCP to Version 4.12 and
upgrade ODF to Version 4.11.
After you complete this step, your environment consists of:
- Guardium Insights Version 3.2.8
- Cloud Pak foundational services Version 3.19
- OCP Version 4.12
- ODF Version 4.11
- If you are running Guardium
Insights
Version 3.2.8 to 3.2.11, patch your environment to Guardium
Insights Version 3.2.12. This patch includes an upgrade of Db2® to Version 11.5.8.cn3.
After you complete this step, your environment consists of:
- Guardium Insights Version 3.2.12
- Cloud Pak foundational services Version 3.19
- OCP Version 4.12
- ODF Version 4.11
- If you are running Guardium
Insights
Version 3.2.12 or 3.2.13, upgrade your environment to Guardium
Insights Version 3.3.0 by following these
instructions.
- Download the 2.3.0 CASE bundle. In these instructions, replace
2.2.0
with2.3.0
. - Patch Guardium Insights. In Step 16, edit the CR version to 3.3.0.
- Download the 2.3.0 CASE bundle. In these instructions, replace
- If you are running Guardium
Insights Version 3.2.14 and later versions of
3.2.x, upgrade your environment to Guardium
Insights Version 3.3.0 by completing the following instructions.
- Download the 2.3.3 CASE bundle. For more information, see Downloading the CASE bundle.
- Patch Guardium Insights. In Step 16, edit the CR version to 3.3.0.
- If you want to update Guardium
Insights to the latest version of Version 3.3.x,
complete the following steps.
- Patch Guardium Insights from Version 3.3.0 to Version 3.3.4 or
later. Important:
- Version 3.4When you run the
pre-install script for Guardium
Insights
installation, you need to prepare your Guardium
Insights for ODF Version 4.14 if you are using ODF by setting the
-q | --custom-scc
parameter totrue
:-q | --custom-scc: If you specify 'true', Guardium Insights pods will use a custom scc with a default name of 'gi-odf-scc'. If you pass in another value, it will apply that value as the scc name. For a list of available SCCs you can run 'oc get scc'. Guardium Insights normally runs in restricted-v2 SCC. Defaults to 'false' with no custom scc applied.
This parameter is only required for Guardium Insights installations that resides on ODF installations with non-ROSA and non-ARO deployments.
- Edit the custom resource (CR) and update the version number.
- Add this to the CR
ssh-service
:serviceAccount: insights-odf-ssh-service-sa
- Upgrade ODF to Version 4.12.
After you complete this step, your environment consists of:
- Guardium Insights Version 3.3.4 or later
- Tenant Minisnif and Tenant GUC Custom Resources Version 3.3.4 or later
- Cloud Pak foundational services Version 3.19
- OCP Version 4.12
- ODF Version 4.12
- Version 3.4When you run the
pre-install script for Guardium
Insights
installation, you need to prepare your Guardium
Insights for ODF Version 4.14 if you are using ODF by setting the
- Manually shut down Guardium Insights.
- Upgrade OCP and ODF to Version 4.13. When prompted, run this script:
oc -n openshift-config patch cm admin-acks \ --patch '{"data":{"ack-4.12-kube-1.26-api-removals-in-4.13":"true"}}' --type=merge
Important: When you run this script, the OpenShift console displays a command that you must run to proceed with the upgrade.After you complete this step, your environment consists of:
- Guardium Insights Version 3.3.4
- Cloud Pak foundational services Version 3.19
- OCP Version 4.13
- ODF Version 4.13
- Upgrade OCP and ODF to Version 4.14. When prompted, run the following script.
oc -n openshift-config patch cm admin-acks \ --patch '{"data":{"ack-4.13-kube-1.27-api-removals-in-4.14":"true"}}' \ --type=merge
Important: When you run this script, the OpenShift console displays a command that you must run to proceed with the upgrade.After you complete this step, your environment consists of:
- Guardium Insights Version 3.3.4
- Cloud Pak foundational services Version 3.19
- OCP Version 4.14
- ODF Version 4.14
- Patch Guardium Insights from Version 3.3.0 to Version 3.3.4 or
later.
- If you want to update Guardium
Insights
to Version 3.4.0, complete the following steps.
- Upgrade from Version 3.3.0 to Version
3.4.0 or later.
- Download the 2.4.0 CASE bundle. For more information, see Downloading the CASE bundle.
- Patch Guardium Insights. In Step 13, edit the CR version to 3.4.0.
After you complete this step, your environment consists of:
- Guardium Insights Version 3.4.0
- IBM Cloud Pak foundational services Version 4.5.x (where x is the latest released version)
- OCP Version 4.14
- ODF Version 4.14
- Upgrade from Version 3.3.0 to Version
3.4.0 or later.
- If you want to update Guardium
Insights
to Version 3.5.0, complete the following steps.
- Download the 2.5.0 CASE bundle. For more information, see Downloading the Guardium Insights CASE file.
- Upgrade to Guardium Insights Version 3.5.0.
- Shut down Guardium Insights.
- Upgrade OCP and ODF to Version 4.13.
After you complete this step, your environment consists of:
- Guardium Insights Version 3.5.0
- Cloud Pak foundational services Version 4.6.x
- OCP Version 4.15
- ODF Version 4.15
- Upgrade OCP and ODF to Version 4.16.
After you complete this step, your environment consists of:
- Guardium Insights Version 3.5.0
- Cloud Pak foundational services Version 4.6.x
- OCP Version 4.16
- ODF Version 4.16
- If you want to update Guardium Data Security Center to
Version 3.6.0, complete the following steps.
- Download the 2.6.0 CASE bundle. For more information, see Downloading the Guardium Data Security Center CASE file and set up your environment for dependencies.
- Upgrade to Guardium Insights Version 3.5.0.
After you complete this step, your environment consists of:
- Guardium Data Security Center Version 3.6.0
- Cloud Pak foundational services Version 4.6.x
- OCP Version 4.16
- ODF Version 4.16
- Restart Guardium Data Security Center and monitor for errors.