Update TufinOS 4.x to 4.40

Overview

This procedure is for updating TufinOS 4 to the latest version.

TufinOS updates are additions to the current version of the operating system. Unlike upgrades, where you replace the operating system completely, an update is used for enhancing TufinOS with the latest security and performance features as well as address any issues in order to provide a better working experience.

This procedure does not require reinstalling TOS.

The type of procedure you need to perform will depend on your deployment:

  • High Availability:

    • Without downtime - Update the worker nodes, and then update TufinOS on each data node separately. For more information on HA, see High Availability.

      After updating a data node, run tos status and check if the System Status is ok and all the items listed under Components appear as ok. If this is not the case, wait for the database to sync before proceeding to update the next node.
    • With downtime - Power down TOS on all nodes in the cluster and then proceed to update TufinOS on all your nodes.

  • Single data node cluster: First update the worker nodes and then update the data node. During the update itself, there will be some downtime as all TOS processes will need to be stopped and then restarted.

  • High Availability Central Cluster + Remote Collector clusters:

    • Central Cluster - See High Availability bullet above

    • Remote Collector Clusters - First update the worker nodes, and then update TufinOS on the data node. Repeat for each remote cluster. For more information on Remote Collector clusters, see Remote Collectors.

    High availability is not supported for Remote Collector clusters.
  • Single data node cluster + Remote Collector clusters: First update the central cluster: worker nodes and then data node. Afterwards, repeat for each Remote Collector cluster.

Some steps are meant to be performed only on the primary data node while others are also for worker nodes, if present on your cluster.

Preliminary Preparations

Downloads

  1. Download the TufinOS 4.40 update package from the Download Center to your local machine.

  2. Log in to the node you are updating as the tufin-admin user.

  3. Transfer the TufinOS update package to /opt/misc.

  4. Extract the TOS run file the archive.

    [<ADMIN> ~]$ sudo tar xzvf <FILENAME>.tgz
    sudo tar xzvf <FILENAME>.tgz

    The run file name includes the release, version, and build number.

    TufinOS update file example: TufinOS-4.20-639387-x86_64-8.8-Final-Update.run.tgz

  5. Verify the integrity of the TufinOS installation package.

    [<ADMIN> ~]# sha256sum -c TufinOS-4.20-639387-x86_64-8.8-Final-Update.run.sha256
    sha256sum -c TufinOS-4.20-639387-x86_64-8.8-Final-Update.run.sha256

    The output should return OK

Update TufinOS

Update TufinOS in a High Availability Cluster

  • Update without downtime

Update TufinOS in Single Data Node Cluster

Update TufinOS in a High Availability Cluster with Remote Collector Clusters

Follow the procedures above to update the nodes in the Central cluster and the Remote Collector clusters.

After updating all nodes:

Update TufinOS in Single Data Node Cluster with Remote Collector Clusters

Follow the procedures above to update the nodes in the Central cluster and the Remote Collector clusters.

After updating all nodes: