3. Upgrade WAPT Server¶
If your WAPT Server is a virtual host, take a snapshot of the VM. This way, you will be able to go back easily in the rare case that the update fails.
Attention
After each WAPT Server update, update your WAPT Console, then regenerate the WAPT Agent.
Before upgrading WAPT Server, please refer to the following upgrading compatibility chart:
To WAPT 2.4 |
|
---|---|
From WAPT 1.8.2 |
|
From WAPT 2.0 |
|
From WAPT 2.1 |
|
From WAPT 2.2 |
|
From WAPT 2.3 |
Warning
If upgrading from a version older than WAPT 2.1, the licence activation process has changed.
3.1. Switching of WAPT Edition (Community, Discovery, Enterprise)¶
WAPT Community is no longer supported. If you want to upgrade from WAPT 1.8.2 Community you can upgrade to WAPT Discovery or WAPT Enterprise. Please note that WAPT Discovery is limited to 300 clients.
To upgrade from a WAPT Community setup to WAPT Discovery or Enterprise follow the standard 1.8.2 to 2.4 upgrade documentation.
The WAPT Server will make the appropriate changes.
To upgrade WAPT Discovery to WAPT Enterprise simply upload a valid licence to the WAPT Server from the WAPT Console.
If your Enteprise licence expire, it will fall back on the Discovery Edition. If you are running WAPT Discovery and you have more that 300 client computers in your inventory, the WAPT Console will stop working and will only give you the option to delete computer entries from the inventory. The WAPT Console will return to working condition when the inventory returns below the 300 computer limit.
3.2. Minor upgrade¶
3.2.1. Upgrading from version 2.4 to latest 2.4¶
To do a minor upgrade please follow the procedure corresponding to your server operating system.
Update the underlying distribution and upgrade WAPT Server.
export DEBIAN_FRONTEND=noninteractive
apt update && apt upgrade -y
apt install tis-waptserver tis-waptsetup -y
unset DEBIAN_FRONTEND
Launch the post-configuration step post-configuration step
Once completed your WAPT Server is ready.
Update the underlying distribution and upgrade WAPT Server.
yum update -y
yum install tis-waptserver tis-waptsetup -y
Launch the post-configuration step post-configuration step
Once completed your WAPT Server is ready.
Download and execute
waptserversetup.exe
.
Attention
The installation of the WAPT Server MUST be done using a Local Administrator account on the host
Choose the language for the WAPT installer.
Click on OK to go on to the next step.
Accept the licence terms and click on Next to go to next step.
Choose additional configuration tasks (leave the default if not sure).
Do not change the password for the WAPT Server (if not necessary).
Click on the Install to launch the installation, wait for the installation to complete.
Click on Finish to close the window.
Once completed your WAPT Server is ready.
3.2.2. Upgrading from version 2.x to 2.4¶
Note
Before upgrading, ensure that installation requirements are met.
WAPT 2.4 needs PostgreSQL 10 or above. If you have upgraded from a older Debian or Ubuntu version with PostgreSQL 9.6, be sure to follow the OS documentation to upgrade PostgreSQL to latest version.
If you are using WAPT WADS, please note that WAPT 2.3 WADS WinPE and WAPT 2.4 WADS WinPE are not compatible and you need to recreate WinPE File using the “upload WinPE” button in the OS Deployment tab.
Indeed, WAPT changed OpenSSL version from 1.1.1 to 3.x.
First of all, update the underlying distributionand install the WAPT Server packages.
apt update && apt upgrade -y
apt install apt-transport-https lsb-release gnupg
Then the update the package repository and import the GPG key from the repository.
wget -O - https://wapt.tranquil.it/$(lsb_release -is)/tiswapt-pub.gpg | apt-key add -
echo "deb https://wapt.tranquil.it/$(lsb_release -is)/wapt-2.4/ $(lsb_release -c -s) main" > /etc/apt/sources.list.d/wapt.list
Update the repository and install the packages.
export DEBIAN_FRONTEND=noninteractive
apt update
apt install tis-waptserver tis-waptsetup -y
unset DEBIAN_FRONTEND
Launch the post-configuration step post-configuration step
First of all, update the underlying distribution and necessary packages.
yum update -y
yum install epel-release redhat-lsb-core -y
Then add or update the package repository WAPT packages and import the GPG key from the repository.
RH_VERSION=$(cat /etc/system-release-cpe | awk -F: '{ print $5}')
cat > /etc/yum.repos.d/wapt.repo <<EOF
[wapt]
name=WAPT Server Repo
baseurl=https://wapt.tranquil.it/redhat${RH_VERSION}/wapt-2.4/
enabled=1
gpgcheck=1
EOF
wget -q -O /tmp/tranquil_it.gpg "https://wapt.tranquil.it/redhat${RH_VERSION}/RPM-GPG-KEY-TISWAPT-${RH_VERSION}"; rpm --import /tmp/tranquil_it.gpg
And finally upgrade the WAPT Server.
yum install tis-waptserver tis-waptsetup cabextract -y
Download and execute waptserversetup.exe.
Choose the language for the WAPT installer.
Click on OK to go on to the next step.
Accept the licence terms and click on Next to go to next step.
If old folder installation found, this message appear. Click on Yes to go on to the next step.
Select additional task if needed.
Change the WAPT Server password if needed, then press Next.
Click on the Install to launch the installation, wait for the installation to complete.
Click on Finish to close the window.
Attention
DO NOT use the WAPT Console on the WAPT Server. DO NOT install nor run your WAPT package development tools on the WAPT Server.
The WAPT Server on your Windows server or workstation is ready.
Your WAPT Server is now ready. You may now go to the documentation on Installing the WAPT management Console.
3.3. Upgrading from version 1.8.2 to 2.4¶
The changement between WAPT 1.8.2 (not possible from a older version, please upgrade to 1.8.2 beforehand) and 2.4 are numerous. First of all, 1.8.2 was in Python2, we changed to Python3. A lot of new features are available too (essentially in Enterprise version).
3.3.1. Before upgrading¶
Ensure that installation requirements are met.
Backup your WAPT Private and Public certificates which allows you to deploy your WAPTAgent and packages. Usually, it is located in C:\private
on your computer where the WAPT Console is set. If you don’t remember what this key is please refer to the section about generating the Administrator’s certificate for signing WAPT packages for better understandment.
In this documentation, your WAPT certificate’s name will be wapt-private.crt.
3.3.2. Upgrading¶
Note
If you are running on Debian9 Stretch, you have first to upgrade to Debian10 or Debian11 before upgrading to WAPT 2.x. The WAPT Server 2.x is not available for Debian9.
It is even recommended to upgrade to Debian 11 Bullseye. In this case, upgrade from Debian 9 => Debian 10 => Debian 11.
First of all, update the underlying distribution and install the WAPT Server packages.
apt update && apt upgrade -y
apt install apt-transport-https lsb-release gnupg
Then update the package repository and import the GPG key.
wget -O - https://wapt.tranquil.it/$(lsb_release -is)/tiswapt-pub.gpg | apt-key add -
echo "deb https://wapt.tranquil.it/$(lsb_release -is)/wapt-2.4/ $(lsb_release -c -s) main" > /etc/apt/sources.list.d/wapt.list
Update the repository and install the packages.
export DEBIAN_FRONTEND=noninteractive
apt update
apt install tis-waptserver tis-waptsetup -y
unset DEBIAN_FRONTEND
Launch the post-configuration step post-configuration step.
First of all, update the underlying distribution and necessary packages.
yum update -y
yum install epel-release -y
Then add or update the package repository WAPT packages and import the GPG key from the repository.
RH_VERSION=$(cat /etc/system-release-cpe | awk -F: '{ print $5}')
cat > /etc/yum.repos.d/wapt.repo <<EOF
[wapt]
name=WAPT Server Repo
baseurl=https://wapt.tranquil.it/redhat${RH_VERSION}/wapt-2.4/
enabled=1
gpgcheck=1
EOF
wget -q -O /tmp/tranquil_it.gpg "https://wapt.tranquil.it/redhat${RH_VERSION}/RPM-GPG-KEY-TISWAPT-${RH_VERSION}"; rpm --import /tmp/tranquil_it.gpg
And finally upgrade the WAPT Server.
yum install tis-waptserver tis-waptsetup cabextract -y
Launch the post-configuration step post-configuration step.
Download and execute waptserversetup.exe.
Choose the language for the WAPT installer.
Click on OK to go on to the next step.
Accept the licence terms and click on Next to go to next step.
If an old folder installation is found, this message appears. Click on Yes to go on to the next step.
Select additional task if needed.
Change the WAPT Server password if needed, then press Next.
Click on the Install to launch the installation, wait for the installation to complete.
Click on Finish to close the window.
The WAPT Server on your Windows server or workstation is ready.
Attention
DO NOT use the WAPT Console on the WAPT Server. DO NOT install nor run your WAPT package development tools on the WAPT Server.
Your WAPT Server is now ready.
3.3.3. The WAPT management Console¶
To download the waptsetup.exe
file, point your web browser to your waptserver url https://srvwapt.mydomain.lan, then click on the WAPTSetup link on the right-hand side of the WAPT Server web page.
The WAPT Server home page only provides basic server status information and the download link for the WAPT Console.
3.3.3.1. Installing the WAPT Agent on the Administrator’s computer¶
Attention
If the WAPT Agent is not compiled and installed on your computer, you need to run de WAPT Agent installer to open and configure the WAPT Console.
Start the executable installer as Local Administrator on the Administrator’s workstation.
Choose the language for the WAPT installer.
Click on OK to go on to the next step.
Accept the licence terms and click on Next to go to next step.
Choose additional configuration tasks (leave the default if not sure).
Settings |
Description |
Default value |
---|---|---|
Install WAPT service checkbox |
Enables the WAPT service on this computer. |
Checked |
Launch notification icon upon session opening checkbox |
Launches the WAPT Agent in systray on host startup. |
Not checked |
Disable hiberboot, and increase shutdown GPO timeout (recommended) checkbox |
Disables Windows fast startup for stability, it increases the timeout for the WAPT Exit utility. |
Checked |
Install the certificates provided by this installer checkbox |
Installs Tranquil IT certificate on this computer. |
Not checked |
Use a random UUID to identify the computer instead of BIOS checkbox |
For more information, check the documentation on BIOS UUID bugs |
Not checked |
Set up the WAPT Server URL.
Check Static WAPT Informations and set:
WAPT repository URL: http://srvwapt.mydomain.lan/wapt.
WAPT Server URL: https://srvwapt.mydomain.lan.
Choosing the WAPT repository and the WAPT Server
Choose the WAPT repository and the WAPT Server; click Next.
Check Don’t change current setup, then click Next.
The WAPT repository and the WAPT Server are already set
Get a summary of the WAPT Console installation.
Click Install to launch the installation, wait for the installation to complete, then click on Finish (leave default options).
Uncheck Show installation documentation.
3.3.3.2. Starting the WAPT Console¶
Launch the WAPT Console:
By looking for the binary.
C:\Program Files (x86)\wapt\waptconsole.exe
Or using the Start Menu.
Log into the WAPT Console with the SuperAdmin login and password.
If you have any issue logging into the WAPT Console, please refer to the FAQ: Error message when opening the WAPT Console.
It is recommended to launch the WAPT Console with a Local Administrator account to enable local debugging of WAPT packages.
For Enterprise version, it is possible to authenticate with Active Directory.
Danger
After the upgrade, please be sure your certificate (in this documentation wapt-private.crt) is still present at your WAPT install location : C:\Program File (x86)\wapt\ssl
Since you come from WAPT 1.8.2 which was in python2, you’ll have to re-sign all your WAPT Packages using the WAPT Console, or using the command line (only if you encounter package size issue with the WAPT Console way).
3.3.4. Re-signing Host packages¶
This method for re-signing all host packages is useful when the underlying cryptographic method or library changes, as this is the case when upgrading from WAPT 1.8.2 (Python 2.7 based) to WAPT >= 2.0 (Python 3.x based).
Use the Administrator’s certificate for re-signing packages.
Select all host.
Right-click on the selected hosts.
Select Re-sign Host packages.
Confirm re-signing the selected hosts.
Then, enter you private key password.
The selected WAPT host packages are now all re-signed using the new cryptographic method required with Python3.
3.3.5. Re-signing other types of WAPT package¶
Open the repositories in your WAPT Console.
Select all packages in the repository, then right-click on the selection.
Select Re-sign packages.
To launch the signature process, click on Re-sign packages.
After processing, which may take some time, all packages will have been re-signed.
Attention
If the error Access violation appear it may mean that the WAPT package is too big.
You can resign this packages using the command line.
And if it’s still not working, you can still manually edit the package and visit this procedure for signing large WAPT packages.