Upgrading Central Node installed on a server

Before installing the application upgrade package, it is recommended to first create a backup of the current state of each Central Node server to be updated and download it to the hard drive from the application administrator menu. If installing an application upgrade package fails, or if you need to reinstall Kaspersky Anti Targeted Attack Platform, you can use the backup copy of the application.
We also recommend learning about the limitations of the version to which you are upgrading.

If you are using the distributed solution and multitenancy mode, you need to upgrade each Central Node in accordance with the following procedure without disconnecting the SCNs from the PCN.

The disconnection of SCNs from the PCN is irreversible, you cannot reconnect an SCN to any PCN server.

The upgrade is delivered as an upgrade package. The package is included in the application distribution kit.

To upgrade Central Node installed on a server:

  1. Remove connectors and integration servers if any have been added.

    We recommend saving the settings of removed connectors and integration servers however you prefer. After upgrading the application, you can restore these settings manually.

    All steps described below must be performed on servers in Technical Support Mode after elevating user privileges using the sudo -i command.

  2. If you have upgraded Central Node to version 7.0.3 from version 6.1 or earlier, run the following commands:

    rm -rf /data/upgrade/

    rm -rf /opt/upgrade_venv

    If you never upgraded to version 7.0.3, skip this step.

  3. Place the application upgrade package on the Central Node server in the /data directory.
  4. Sign in to the management console of the Central Node server where you want to perform the upgrade via SSH or through the terminal.
  5. Make sure that the /dev/sda2 file system has more than 100 GB of free space.
  6. Unpack the update archive:
    • To upgrade to version 7.1.1:

      tar xvf /data/kata-upgrade-7.1.1.531-x86_64_en-ru-zh.tar.gz -C /data/

    • To upgrade to version 7.1.2:

      tar xvf /data/kata-upgrade-7.1.2.532-x86_64_en-ru-zh.tar.gz -C /data/

  7. Install the upgrade package by running the following commands:

    cd /data/upgrade/

    ./run_kata_upgrade.py

    The user name entry window is displayed.

  8. In the displayed window, in the Username field, enter the name of the user with administrator rights, select the OK button and press Enter.

    Default value: admin.

  9. In the displayed window, in the Password field, enter the password of the user with administrator rights, select the OK button and press Enter.

    This opens the window for entering the path to the update archive.

  10. This opens a window; in that window, in the Data directory field, enter the path to the update archive, select the OK button and press Enter.

    Default value: /data/upgrade

  11. In the displayed window, select the localization language for the NDR functionality.

    Parts of the application related to NDR functionality will be displayed in the selected language.

    After some time, the console will display a message prompting you to power off the server.

  12. After the message prompting you to power off the server is displayed, run the following command:

    poweroff

  13. Mount the Ubuntu-based ISO image of Kaspersky Anti Targeted Attack Platform 7.1.1 (kata-cn-7.1.1.531-inst.x86_64_en-ru-zh.iso). If you are using Kaspersky Anti Targeted Attack Platform based on the Astra Linux operating system, follow the instructions to create an ISO image.
  14. Boot from the device that has the mounted iso image.
  15. In the GRUB menu, select Upgrade KATA 7.0.3.
  16. Follow the remaining steps of the wizard to complete the upgrade on the server.

The Central Node component is upgraded.

After upgrading, you must log in again to the Central Node server management console over SSH or through the terminal.

Special considerations involved in upgrading Central Node 7.0.3 on an Astra Linux server

When upgrading Central Node 7.0.3 on an Astra Linux server, more disk space may be required. If there is not enough disk space, the upgrade process is aborted and a message about insufficient disk space is displayed.

To resume the upgrade if there is not enough disk space:

  1. Create a backup copy of Central Node and download it to your hard drive from the administrator menu of the application.
  2. Clean up the disk using the utility.

After cleaning up the disk, you can resume the upgrade.

Restoring the Embedded Sensor after the upgrade in distributed solution and multitenancy mode

Embedded Sensor may be missing after upgrading a Central Node component that had been used in the distributed solution or multitenancy mode to version 7.1.1 or 7.1.2.

To remove the limitation:

  1. Sign in to the management console of the Central Node server on which you want to upgrade the Embedded Sensor over SSH or using a terminal.
  2. When the system prompts you, enter the administrator user name and the password that was specified during installation of the component.

    The application component administrator menu is displayed.

  3. In the application administrator menu, select Technical Support Mode.
  4. Press ENTER.
  5. This opens the Technical Support Mode confirmation window.
  6. Confirm that you want to manage the application in Technical Support Mode. To do so, select Yes and press ENTER.
  7. Run the following command:

    docker service update --cap-add=CAP_DAC_OVERRIDE --cap-add=CAP_IPC_LOCK --cap-add=CAP_SYS_PTRACE kata_product_main_1_preprocessor_span

The Embedded Sensor is restored.

Page top