Background
This document will guide you through the upgrade of a Virtru Gateway.
Requirements
This document assumes that you have a fully functioning Gateway.
Skip to:
- Quick Upgrade to version latest version
- Recommended
- Verify Gateway Version
- Prerequisites
- Linux Server Upgrade
- Kubernetes Deployment via Helm Charts
Quick upgrade to version latest version listed on our release notes page:
Note
If you are running gateway version before 2.12.0 then follow the steps to upgrade here
To check the version of gateway that you are running use the following commands
sudo docker ps
# The output should look similar to this
Container ID Image
000000000000 virtru/gateway:v<version-number>
Update Script
Edit the setup script(s) (Standard Gateway) Check here first for latest version number
sudo chown -R 149:149 /var/virtru/vg/queue/*
sudo find /var/virtru/vg/scripts -type f -name "*.sh" -exec sed -i 's|virtru/gateway:[^ ]*|containers.virtru.com/gateway:v<new version number>|g' {} +
sudo chown -R 149:149 /var/virtru/vg/queue/*
sudo find /var/virtru/vg/scripts -type f -name "*.sh" -exec sed -i 's|virtru/gateway-fips:[^ ]*|containers.virtru.com/gateway-fips:v<new-version-number>|g' {} +
cd /var/virtru/vg/scripts
cat <script name.sh>
Verify your gateway version number matches the latest in docker hub (the script below is an example output from 'cat <script name.sh>')
docker run \ --env-file /var/virtru/vg/env/vg01.env \ -v /var/virtru/vg/tls/:/etc/postfix/tls \ -v /var/virtru/vg/dkim/:/etc/opendkim/keys \ --publish 9001:25 \ --interactive --tty --detach \ --restart unless-stopped \ --log-opt max-size=100m \ --log-opt max-file=10 \ containers.virtru.com/gateway:v<version-number>
Note:
If using the FIPS-validated image, use:
containers.virtru.com/gateway-fips:v<version-number>
Steps to deploy the new gateway version
Stop and remove all running docker containers
docker stop $(docker ps -a -q)
docker rm $(docker ps -a -q)
Run setup script(s)
cd /var/virtru/vg/scripts
sh <setup-version-port.sh>
# If running multiple versions run the following command to execute all of the scripts
sh <setup-version-port.sh> && sh <setup-version-port.sh> ... etc.
Verify version number is running
sudo docker ps
# The output should look similar to this
Container ID Image
000000000000 containers.virtru.com:v<new-version-number>
Recommended(Version 2.11.0 or older):
Copy the following variables out of your current env file located in "/var/virtru/vg/env" you will use these variables during a new installation.
GATEWAY_HOSTNAME=<copy me>
GATEWAY_ORGANIZATION_DOMAIN=<copy me>
GATEWAY_TRANSPORT_MAPS=*=><[copy me]>
GATEWAY_MODE=<copy me>
GATEWAY_TOPOLOGY<copy me>
GATEWAY_API_TOKEN_NAME=<copy me>
GATEWAY_API_TOKEN_SECRET=<copy me>
GATEWAY_AMPLITUDE_API_KEY=<copy me>
Then run through the same steps as a new installation referenced here:
Customer Hosted: Install Gateway
This will ensure that you have the latest scripts and variables.
Note
If you want to update just the version number in the setup script you can follow the directions below. If you are upgrading from gateway version 2.15 or before please follow the recommended steps above.
Verify Version
docker ps
If below 2.0.0
Example:
Please contact your Virtru Customer Success Manager.
If above 2.0.0
Example:
See instructions below.
Prerequisites
- Docker Hub Login
- Rights to the Virtru Docker Hub Repositories
Upgrade (Version 2.12.0 or newer)
Actions
- Update Setup Script
- Remove Container
- Start Container
Update Script
Edit the setup script
Note:
The setup scripts will have different names, our example below is an example of the format used.
Use the command "ls" to view the shell scripts in the directory once you are in the directory.
cd /var/virtru/vg/scripts/Existing File:
nano <setup-oe-9001.sh>
docker run \
--env-file /var/virtru/vg/env/vg01.env \
-v /var/virtru/vg/tls/:/etc/postfix/tls \
-v /var/virtru/vg/dkim/:/etc/opendkim/keys \
--hostname gateway.example.com \
--publish 9001:25 \
--interactive --tty --detach \
--restart unless-stopped \
--log-opt max-size=100m \
--log-opt max-file=10 \
virtru/gateway:2.0.14
Change to:
docker run \ --env-file /var/virtru/vg/env/vg01.env \ -v /var/virtru/vg/tls/:/etc/postfix/tls \ -v /var/virtru/vg/dkim/:/etc/opendkim/keys \ --publish 9001:25 \ --interactive --tty --detach \ --restart unless-stopped \ --log-opt max-size=100m \ --log-opt max-file=10 \ containers.virtru.com/gateway:v<new-version-number>
Note:
If using the FIPS-validated image, use:
containers.virtru.com/gateway-fips:v<version-number>
Note:
We also removed the line containing "--hostname gateway.example.com \" from the original run script in this example. This line no longer belongs in the setup script as of version 2.1.67 If you have this in the run script then remove the line from the setup script and add the env variable GATEWAY_HOSTNAME= gateway.example.com" to the env file located here:
cd /var/virtru/vg/env
Reference for the Current Gateway Version can be found here.
Remove Container
- Find Container
- Stop Container
- Remove Container
docker ps -a docker stop <Container-Id> docker rm <Container-Id>
Start New Container
cd /var/virtru/vg/scripts sh <setup-oe-9001.sh>
Follow these steps if running the Customer-Hosted Gateway Upgrade in Kubernetes via Helm charts