|
|
@@ -49,9 +49,9 @@ salt -t 60 -G 'os:Windows' win_wua.list summary=True skip_installed=True install
|
|
|
|
|
|
#### Step 2 (Day 1): Splunk, Kali, Bastion, etc. Instances
|
|
|
|
|
|
-> :warning: This may upgrade Salt!
|
|
|
+> :warning: This may upgrade Salt! There is a Salt state to upgrade the Salt minions: `salt '*' state.sls caasp.salt-minion`
|
|
|
|
|
|
-NOTE: Upgrading Docker will stop or restart the Jenkins and Phoenix containers.
|
|
|
+NOTE: Upgrading Docker may stop or restart the Jenkins and Phoenix containers.
|
|
|
|
|
|
```
|
|
|
salt -C 'not ( vic-* or VIC-* )' test.ping --out=txt
|
|
|
@@ -68,9 +68,9 @@ salt -C 'not ( vic-* or VIC-* )' pkg.upgrade
|
|
|
|
|
|
Ensure the Docker container for Jenkins is still running:
|
|
|
- [Jenkins Dashboard](https://build.caasp.accenturefederalcyber.com/)
|
|
|
-- OR `ssh` to `caasp-build-01` and run `sudo -u docker docker container ls`
|
|
|
+- OR `tsh ssh` to `caasp-build-01` and run `sudo -u docker docker container ls`
|
|
|
|
|
|
-If it is not running, `ssh` to `caasp-build-01` and run:
|
|
|
+If it is not running, `tsh ssh` to `caasp-build-01` and run:
|
|
|
|
|
|
```
|
|
|
sudo -iu docker
|
|
|
@@ -111,11 +111,11 @@ Post to Slack [#xdr-patching Channel](https://afscyber.slack.com/archives/CJ462R
|
|
|
```
|
|
|
|
|
|
```
|
|
|
-# Reboot the dev search head, hf, and cm
|
|
|
-date; salt -L 'caasp-splunk-sh-dev,caasp-splunk-hf,caasp-splunk-cm' system.reboot
|
|
|
+# Reboot the dev search head, HF, CM, and Phantom
|
|
|
+date; salt -L 'caasp-splunk-sh-dev,caasp-splunk-hf,caasp-splunk-cm,caasp-phantom' system.reboot
|
|
|
|
|
|
# Wait for them ...
|
|
|
-watch "salt -L 'caasp-splunk-sh-dev,caasp-splunk-hf,caasp-splunk-cm' status.uptime --out=txt"
|
|
|
+watch "salt -L 'caasp-splunk-sh-dev,caasp-splunk-hf,caasp-splunk-cm,caasp-phantom' status.uptime --out=txt"
|
|
|
|
|
|
# Reboot the search head
|
|
|
date; salt caasp-splunk-sh system.reboot
|
|
|
@@ -188,7 +188,7 @@ salt -L 'caasp-kali,caasp-build-01,caasp-bastion,caasp-oscdns,caasp-phoenix-01,c
|
|
|
## Patching or Upgrading the Jenkins Container
|
|
|
|
|
|
|
|
|
-The CaaSP Jenkins container uses the `jenkins/jenkins-lts` image published on Docker Hub. When you log in to Jenkins and see that there's a new LTS release, it is recommended to upgrade the container. The way to see if a new update is available is to look at the notifications bell in the upper right hand part of the screen. The notification will state, `"New version of Jenkins (2.277.1) is available for download."`
|
|
|
+The CaaSP Jenkins container uses the `jenkins/jenkins-lts` image published on Docker Hub. When you log in to Jenkins and see that there's a new LTS release, it is recommended to upgrade the container. The way to see if a new update is available is to look at the notifications bell in the upper right hand part of the screen. The notification will state, `"New version of Jenkins (x.yyy.z) is available for download."`
|
|
|
|
|
|
If needed, post to Slack to notify of the Jenkins Upgrade in the [#xdr-patching](https://afscyber.slack.com/archives/CJ462RRBM) channel:
|
|
|
```
|
Colby Williams