Sensu Upgrade Notes update

Reposerver Notes.md

@@ -28,7 +28,7 @@ rpm --import 'name of key'
 rpm -qa 'name of key'*
 
 # visit site to view original hash of package via URL in this example for Sensu Go Agent 6.7; then download package
-wget --content-disposition https://packagecloud.io/sensu/stable/packages/el/7/sensu-go-agent-6.7.2-6283.x86_64.rpm/download.rpm
+wget --content-disposition https://packagecloud.io/sensu/stable/packages/el/7/sensu-go-agent-6.7.4-6494.x86_64.rpm/download.rpm
 
 # validate package signature with name of the package downloaded
 rpm -K 'name of package'

Sensu Go Upgrade Notes.md

@@ -17,6 +17,7 @@
  - [MSOCI-1969 ticket - Upgrade Sensu to 6.6.1](https://jira.xdr.accenturefederalcyber.com/browse/MSOCI-1969)
  - [MSOCI-2027 ticket - Upgrade Sensu to 6.7.0](https://jira.xdr.accenturefederalcyber.com/browse/MSOCI-2027)
  - [MSOCI-2173 ticket - Upgrade Sensu to 6.7.2](https://jira.xdr.accenturefederalcyber.com/browse/MSOCI-2173)
+ - [MSOCI-2244 ticket - Upgrade Sensu to 6.7.4](https://jira.xdr.accenturefederalcyber.com/browse/MSOCI-2244)
 
 ### Sensu Go Upgrade Process
 ---
@@ -26,38 +27,43 @@ Starting with Moose and Internal infra within `GC TEST`.  After deployment is ve
 
 1. Download latest packages for `Sensu backend`, `Sensu agents`, `Sensuctl` (Sensu CLI) to `Repo server` and run `yum clean all` on `Sensu Backend` server - See [Reposerver](Reposerver%20Notes.md) notes.
 
-2. If needed, update Salt states to ensure they are up-to-date
+2. If needed, update Salt states to ensure they are up-to-date - [Salt Upgrade Notes](Salt%20Upgrade%20Notes.md)
+   ```
+   salt sensu* state.sls salt_minion.minion_upgrade --output-diff test=true
+   ```
 
 > :warning: Remember to silence Sensu alerts before restarting services
 
 3. Sensu first; Login to `GC TEST` Salt-Master and Stop Sensu services on `Sensu Backend` server; do the same process for `GC PROD` afterwards
     ```
-    salt -C sensu* cmd.run 'systemctl stop sensu-agent'
-    salt -C sensu* cmd.run 'systemctl stop sensu-backend'
+    salt sensu* cmd.run 'systemctl stop sensu-agent'
+    salt sensu* cmd.run 'systemctl stop sensu-backend'
     ```
 
 4. Update `Sensu Backend` server
     ```
-    salt -C sensu* cmd.run 'yum update -y sensu-go-backend'
-    salt -C sensu* cmd.run 'yum update -y sensu-go-cli'
-    salt -C sensu* cmd.run 'yum update -y sensu-go-agent'
-    salt -C sensu* cmd.run 'systemctl daemon-reload'
+    salt sensu* cmd.run 'yum clean all && yum makecache fast'
+    salt sensu* cmd.run 'yum --disablerepo="*" --enablerepo="msoc" list available'
+    salt sensu* cmd.run 'yum update -y sensu-go-backend'
+    salt sensu* cmd.run 'yum update -y sensu-go-cli'
+    salt sensu* cmd.run 'yum update -y sensu-go-agent'
+    salt sensu* cmd.run 'systemctl daemon-reload'
     ```
 5. Restart the Sensu services and check the Status 
     ```
-    salt -C sensu* cmd.run 'systemctl start sensu-backend'
-    salt -C sensu* cmd.run 'systemctl start sensu-agent'
+    salt sensu* cmd.run 'systemctl start sensu-backend'
+    salt sensu* cmd.run 'systemctl start sensu-agent'
 
-    salt -C sensu* cmd.run 'systemctl status sensu-backend'
-    salt -C sensu* cmd.run 'systemctl status sensu-agent'
+    salt sensu* cmd.run 'systemctl status sensu-backend'
+    salt sensu* cmd.run 'systemctl status sensu-agent'
     ```
 6. `GC Test` first; `GC PROD` second; From target servers; clean out the cache
     ```
     # XDR Infrastructure - be sure to note the different Salt minions to target between TEST and PROD
-    salt -C '* not ( afs* or nga* or ma-* or dc-c19* or la-c19* or bas-* or ca-c19* or frtib* or dgi* or threatq* or vmray* or sensu* or rhsso-0* or fm-shared-search-0* )' cmd.run 'yum clean all && yum makecache fast'
+    salt -C '* not ( afs* or nga* or ma-* or dc-c19* or la-c19* or bas-* or ca-c19* or frtib* or dgi* or vmray* or sensu* )' cmd.run 'yum clean all && yum makecache fast'
 
     # From target servers; view the available packages
-    salt -C '* not ( afs* or nga* or ma-* or dc-c19* or la-c19* or bas-* or ca-c19* or frtib* or dgi* or threatq* or vmray* or sensu* or rhsso-0* or fm-shared-search-0* )' cmd.run 'yum --disablerepo="*" --enablerepo="msoc" list available'
+    salt -C '* not ( afs* or nga* or ma-* or dc-c19* or la-c19* or bas-* or ca-c19* or frtib* or dgi* or vmray* or sensu* )' cmd.run 'yum --disablerepo="*" --enablerepo="msoc" list available'
 
     # Customer Slices Search Heads Only
     salt -C '*-sh* and not *moose* and not fm-shared-search*' cmd.run 'yum clean all && yum makecache fast'
@@ -102,9 +108,9 @@ Starting with Moose and Internal infra within `GC TEST`.  After deployment is ve
 7. Stop / Update / Reload daemon / Start agent on minions `systemctl stop sensu-agent && yum update -y sensu-go-agent && systemctl daemon-reload && systemctl start sensu-agent`
     ```
     # XDR Infrastructure 
-    salt -C '* not ( afs* or nga* or ma-* or dc-c19* or la-c19* or bas-* or ca-c19* or frtib* or dgi* or threatq* or vmray* or sensu* or rhsso-0* or fm-shared-search-0* )' cmd.run 'sensu-agent version'
+    salt -C '* not ( afs* or nga* or ma-* or dc-c19* or la-c19* or bas-* or ca-c19* or frtib* or dgi* or vmray* or sensu* )' cmd.run 'sensu-agent version'
     
-    date; salt -C '* not ( afs* or nga* or ma-* or dc-c19* or la-c19* or bas-* or ca-c19* or frtib* or dgi* or threatq* or vmray* or sensu* or rhsso-0* or fm-shared-search-0* )' cmd.run 'systemctl stop sensu-agent && yum update -y sensu-go-agent && systemctl daemon-reload && systemctl start sensu-agent'
+    date; salt -C '* not ( afs* or nga* or ma-* or dc-c19* or la-c19* or bas-* or ca-c19* or frtib* or dgi* or vmray* or sensu* )' cmd.run 'systemctl stop sensu-agent && yum update -y sensu-go-agent && systemctl daemon-reload && systemctl start sensu-agent'
 
     # LCPs
     salt -C '* not *.local not *.pvt.xdr.accenturefederalcyber.com' cmd.run 'systemctl stop sensu-agent && yum update -y sensu-go-agent && systemctl daemon-reload && systemctl start sensu-agent'