Container Inventory clusters that use
cloudone-container-security-helm must be upgraded to use visionone-container-security-helm. Starting with version 3.0.0, Helm chart is also in a new location in GitHub: https://github.com/trendmicro/visionone-container-security-helm. |
ImportantThis Helm chart upgrade does not work if any of your Container Protection policies
include Block actions. Change your policies to Log actions before you upgrade Helm.
|
Update firewall exceptions
Before you upgrade your clusters, you must add and remove the following firewall exceptions.
These updated exceptions can also be seen in Firewall exception requirements for Trend Vision One.
| Region | Add new exceptions | Remove outdated exceptions |
| Americas |
|
|
| India |
|
|
| Singapore |
|
|
| Australia |
|
|
| Japan |
|
|
| Europe |
|
|
| Middle East and Africa |
|
|
Upgrade manually registered clusters
Users with manually registered clusters can upgrade from the Trend Vision One console.
 |
NoteTo check to see if any clusters require an upgrade from the console, navigate to . A warning message is displayed for any clusters that require an upgrade.
|
-
From the console, follow the How to upgrade modal instructions.If you don't have the Helm chart values you used during initial installation, you can retrieve them with the following command:
helm get values --namespace trendmicro-system trendmicro -o yaml
-
Replace the following values:
cloudOne: apiKey: <your api key> endpoint: <endpoint>With the new Trend Vision One values:visionOne: bootstrapToken: <new bootstrap token> endpoint: <new endpoint>
bootstrapToken: This value replaces theapiKey. The bootstrap token is automatically generated when you click How to upgrade.After upgrading, the token is automatically renewed by Container Security components.Note
If the token is not used within 24 hours, it expires, but a new token can be generated by clicking How to upgrade again.endpoint: Updated to a new URL in the console.
-
Run the following command to upgrade:
helm upgrade \ trendmicro \ --namespace trendmicro-system \ --values overrides.yaml \ https://github.com/trendmicro/visionone-container-security-helm/archive/main.tar.gz
Upgrade automatically registered clusters
Users with automatically registered clusters most modify their overrides YAML file
to upgrade.
-
Open the overrides file (
overrides.yaml) to be modified.If you don't have the Helm chart values you used during initial installation, you can retrieve them with the following command:helm get values --namespace trendmicro-system trendmicro -o yaml
-
Replace the following endpoint value:
cloudOne: endpoint: <old endpoint>With the new Trend Vision One endpoint value in the table listed below, based on your region:visionOne: endpoint: <new endpoint from the list above> # Replace with the appropriate endpoint based on your region
-
Run the following command to upgrade:
helm upgrade \ trendmicro \ --namespace trendmicro-system \ --values overrides.yaml \ https://github.com/trendmicro/visionone-container-security-helm/archive/main.tar.gz