Skip to content

Upgrading the Darksite Trust Center

Upgrading Darksite Trust Center is similar to upgrading an internet-connected Trust Center. However, since there is no internet access within a darksite, you must do the following:

  • Prepare the Trust Center installation bundle,
  • Run the prepare command on an internet-connected machine with necessary content to perform the upgrade,
  • Upgrade an existing darksite Trust Center, and
  • Upload OTA packages on a darksite Trust Center.

Step I: Preparing a Trust Center Bundle

You can use an internet-connected machine to prepare for a darksite installation. Before you begin, you must prepare an installation bundle as described in Bundler System Requirements.

Info

The version upgrade compatibilities follow the same guidelines as an internet-connected Trust Center install. Only attempt to upgrade a Trust Center by one major release, for which the Anyware team currently provides support. The upgrade compatibility process will be revised in the future, removing the need for incremental upgrades.

Current Trust Center Version Allowed Upgrade Trust Center Version
23.12 24.03
24.03 24.07
24.07 24.10
24.10 25.03

Step II: Prepare the Internet-connected Machine

  1. Run the following command to prepare a darksite Trust Center bundle for upgrade:

    sudo ./trust-center-ctl prepare upgrade
    

    Example output of running TC Prepare command:

    TC preparation output

  2. Transfer the following files to the bare VM using the SCP command:

    • anyware-trust-center-bundle.tar
    • anyware-trust-center-bundle.sha
    • trust-center-ctl

Step III: Upgrade Trust Center

To upgrade an existing darksite Trust Center, run the following command:

sudo ./trust-center-ctl upgrade darksite

Example output of running a Darksite Upgrade command:

TC upgrade output

Step IV: Upload OTA packages to a Darksite Trust Center

Since a darksite Trust Center cannot access external internet, OTA updates cannot be retrieved automatically.

Consequently, the following steps must be performed before uploading the OTA packages to the Darksite Trust Center:

  • The token required to download the firmware must be obtained first obtained from the website.
  • Firmware packages must be downloaded from an internet-connected Trust Center.

    Info

    The trust-center-ctl command is used for the following purposes:

    • To download the firmware packages on the internet-connected Trust Center.
    • To upload the firmware on the darksite Trust Center.
  • On the Downloads site, go to Downloads and scripts > Darksite OTA update tokens, and click Generate upgrade token to obtain the time-limited token for the firmware of your interest.

  • Copy the token to a text file.

  • To list the firmware available to download into your Trust Center, run this command on the internet-connected Trust Center:

    sudo ./trust-center-ctl firmware list --token {token}
    
  • On the internet-connected Trust Center, run the following command to download firmware:

    sudo ./trust-center-ctl firmware download --token <token> <version>
    
  • Copy the tc_firmware.tar.gz file to the darksite Trust Center.

  • On the darksite Trust Center, run the following command to upload firmware (use --help to see available flags):

    sudo ./trust-center-ctl firmware upload --file tc_firmware.tar.gz --ca-file tc-api-ca.crt
    

    Info

    This command uploads the firmware, and also saves the CA certificate to the tc-api-ca.crt file. If you do not see the certificate at this file, run the following command to obtain it:

    sudo ./trust-center-ctl get-api-ca
    

Logs

The following table lists the logs and the locations where they are available.

Location Description
/var/log/teradici/trust-center-ctl/install_.log Trust Center log for internet-connected or darksite installation.
/var/log/teradici/trust-center-ctl/upgrade_.log Trust Center log for internet-connected or Darksite upgrade.
/var/log/teradici/trust-center-ctl/prepare_.log prepare log for installation or upgrade of darksite Trust Center.