Upgrading the Darksite Trust Center¶

Upgrading Darksite Trust Center is similar to upgrading an internet-connected Trust Center. However, since there is no internet access within a darksite, you must do the following:

Prepare the Trust Center installation bundle,
Run the prepare command on an internet-connected machine with necessary content to perform the upgrade,
Upgrade an existing darksite Trust Center, and
Upload OTA packages on a darksite Trust Center.

Step I: Preparing a Trust Center Bundle¶

You can use an internet-connected machine to prepare for a darksite installation. Before you begin, you must prepare an installation bundle as described in Bundler System Requirements.

Info

The version upgrade compatibilities follow the same guidelines as an internet-connected Trust Center install. Only attempt to upgrade a Trust Center by one major release, for which the Anyware team currently provides support. The upgrade compatibility process will be revised in the future, removing the need for incremental upgrades.

Current Trust Center Version	Allowed Upgrade Trust Center Version
23.12	24.03
24.03	24.07
24.07	24.10
24.10	25.03

Step II: Prepare the Internet-connected Machine¶

Run the following command to prepare a darksite Trust Center bundle for upgrade:
```
sudo ./trust-center-ctl prepare upgrade
```
Example output of running TC Prepare command:
Transfer the following files to the bare VM using the SCP command:
- anyware-trust-center-bundle.tar
- anyware-trust-center-bundle.sha
- trust-center-ctl

Step III: Upgrade Trust Center¶

To upgrade an existing darksite Trust Center, run the following command:

sudo ./trust-center-ctl upgrade darksite

Example output of running a Darksite Upgrade command:

TC upgrade output

Step IV: Upload OTA packages to a Darksite Trust Center¶

Since a darksite Trust Center cannot access external internet, OTA updates cannot be retrieved automatically.

Consequently, the following steps must be performed before uploading the OTA packages to the Darksite Trust Center:

The token required to download the firmware must be obtained first obtained from the website.
Firmware packages must be downloaded from an internet-connected Trust Center.
Info

The trust-center-ctl command is used for the following purposes:
- To download the firmware packages on the internet-connected Trust Center.
- To upload the firmware on the darksite Trust Center.
On the Downloads site, go to Downloads and scripts > Darksite OTA update tokens, and click Generate upgrade token to obtain the time-limited token for the firmware of your interest.
Copy the token to a text file.
To list the firmware available to download into your Trust Center, run this command on the internet-connected Trust Center:
```
sudo ./trust-center-ctl firmware list --token {token}
```
On the internet-connected Trust Center, run the following command to download firmware:
```
sudo ./trust-center-ctl firmware download --token <token> <version>
```
Copy the tc_firmware.tar.gz file to the darksite Trust Center.
On the darksite Trust Center, run the following command to upload firmware (use --help to see available flags):
```
sudo ./trust-center-ctl firmware upload --file tc_firmware.tar.gz --ca-file tc-api-ca.crt
```
Info

This command uploads the firmware, and also saves the CA certificate to the tc-api-ca.crt file. If you do not see the certificate at this file, run the following command to obtain it:
```
sudo ./trust-center-ctl get-api-ca
```

Logs¶

The following table lists the logs and the locations where they are available.

Location	Description
/var/log/teradici/trust-center-ctl/install_.log	Trust Center log for internet-connected or darksite installation.
/var/log/teradici/trust-center-ctl/upgrade_.log	Trust Center log for internet-connected or Darksite upgrade.
/var/log/teradici/trust-center-ctl/prepare_.log	prepare log for installation or upgrade of darksite Trust Center.