Upgrade Remediate on offline nodes
Upgrading to new version of Puppet Remediate on offline machines can be done with a few simple commands.
To upgrade to the latest version of Remediate on an offline node:
-
On a node with internet connectivity:
- Download the offline Remediate image bundle (https://storage.googleapis.com/remediate/stable/latest/offline/images.tar.gz)
- Download the offline docker-compose.yml file (https://storage.googleapis.com/remediate/stable/latest/offline/docker-compose.yml)
Note: Skip this step if you are using your own custom Docker registry. -
Optionally, you can verify the image bundle and offline
docker-compose.yml files signatures:
With each Puppet Remediate release, a digital signature is created using the private key portion of an asymmetric key. You can manually validate the signature using the public key portion of the same asymmetric key.
- Download the offline docker-compose.yml file signature and the image bundle signature, along with the public key to the same directory as your license file.
-
Run the following commands:
openssl dgst -sha256 -verify puppet-remediate-signing-key.pub -signature docker_compose_signature docker-compose.yml
And:
openssl dgst -sha256 -verify puppet-remediate-signing-key.pub -signature images_signature images.tar.gz
If the signature is valid, you get the following response for each command:
Verified Ok
- Copy the Remediate image bundle and offline docker-compose.yml file to the offline node where you want to install Remediate.
-
Run the Docker
load
command:docker load -i images.tar.gz
-
Stop Remediate:
docker-compose run remediate stop
-
Use the following command to start Remediate (replacing your-license.json with your own
license):
docker-compose run remediate start -o --license-file ./your-license.json