How to keep SKUDONET Application Delivery Controller appliances up-to-dated

POSTED ON 20 July, 2023

Overview

The goal of this article is to explain how SKUDONET Subscriptions work and how to configure SKUDONET subscriptions to maintain updated SKUDONET appliances in a very automatic way.

Architecture

The SKUDONET appliances require to have connectivity to two services: certs.skudonet.com and repo.skudonet.com

SKUDONET apppliance connects to https://certs.skudonet.com/ in order to check your Subscription Plan or Support status and once this system confirms the access is granted, then it connects to https://repo.skudonet.com/ in order to check the package updates.

For this reason, it’s important to ensure that the ADC is able to reach both remote points. If due to any reason, the connection to the Internet from ADC is not allowed to those sites the ADC can be configured to add an HTTP and HTTPS proxy. Ensure to have enabled the following destination rules in your data center:

For Firewall sysadmins: Allow From the SKUDONET IP to DNS resolution of certs.skudonet.com and repo.skudonet.com port 443 (HTTPS protocol)
For Proxy sysadmins: Allow From the SKUDONET IP to https://certs.skudonet.com/* and https://repo.skudonet.com/* (HTTPS protocol)

Configuration Procedure

Please follow the next steps in order to enable your Subscription Plan or Support in the SKUDONET ADC Enterprise Edition appliances.

Firstly, please ensure you have the appliances deployed and activated, from SKUDONET 6.3.0 the suscription to our repository is done automatically at the moment the appliance is updated, but use the following procedure in case you experience some connectivity issues or want to ensure the system is properly connected to our systems.

1. Connect to your SKUDONET appliance in a ssh console and ensure that at least the release SKUDONET 6 is installed:

root@skudonet-adc:~# dpkg -l | grep skudonet
ii  skudonet                        6.3.0                      amd64        SKUDONET Load Balancer Enterprise Edition

Applying package updates and hotfixes

SKUDONET appliances are fully integrated with the Linux operating system based in a GNU/Debian environment,

Since SKUDONET 6 the system includes a tool called checkupgrades which check if any package update is pending and gives information about the system status as follows:

root@skudonet-adc:~# checkupgrades 
SKUDONET Packages are up-to-date.

or via web GUI:

Search a certain package in the local database.

root@zvnlb:~# apt-cache search skudonet
cherokee - SKUDONET cherokee
gdnsd - SKUDONET gdnsd
health-checks - SKUDONET health checks
pound - SKUDONET pound reverse proxy
ssyncd - SKUDONET Ssyncd
skudonet - SKUDONET Load Balancer Enterprise Edition
skudonet-web-gui - Web GUI of SKUDONET Enterprise
skudonet-ipds - Security updates to feed IPDS module of skudonet Load Balancer

Read the contents and information for a certain package.

root@zvnlb:~# apt-cache show skudonet-web-gui

Update a certain package.

root@zvnlb:~# apt-get install skudonet-web-gui

Update the whole system.

root@zvnlb:~# apt-get --with-new-pkgs upgrade

Offline updates

SKUDONET Load Balancer is able to be updated even if the load balancer is not allowed to connect to the Internet, so the latest SKUDONET updates also are accessible in ISO format, this ISO file can be downloaded from the Support Portal ZVNCentral.

The procedure for the offline updating process is the following.
1. Ensure that the load balancer has an active support contract.
2. Download the latest SKUDONET Update ISO file from the KB section of ZVNCentral portal, direct link here.
3. Copy the ISO file in the load balancer path /usr/local/skudonet/updates/.
4. Run the command checkupgrades, this command will check in first place the connectivity to our private system, if the connection is not possible, then the command will check if there are update ISO files in the updates path.
5.If there are pending updates, a message will be shown in order to confirm with the updating process.

Considerations

SKUDONET 6 configures the subscription by default at the moment of appliance activation, so please ensure that the load balancer has internet connectivity before to activate it,.

Compatibility and Security

SKUDONET Load Balancer is based on a GNU/Debian system and fully integrated with the APT repository services. Although, it doesn’t mean that SKUDONET packages are fully compatible with Debian mainstream packages, as this has been designed to be optimized and ready for high availability, scalability, and security of applications.

It is capable to add third parties APT repositories for certain packages, but use this at your sole responsibility. System updates and upgrades are only supported by the official SKUDONET APT repositories. In addition, for security reasons, only accept updates from signed package repositories.

SKUDONET Team are responsible of keeping the SKUDONET ADC Appliances out of any vulnerability using the official SKUDONET repositories, so please keep the SKUDONET systems up-to-dated with our suscriptions plans and support levels.

Share on:

Documentation under the terms of the GNU Free Documentation License.

Was this article helpful?

Related Articles