Hi I'm looking into the possibility of automating as much of the MX export/import process as possible.
We will be using version 14.4.0.16 running on demand instances in AWS.
From this version it appears that Imperva have taken a different approach to patching.
Instead of patching the MX online from the public ftp site, the new method follows the blue/green approach.
A new MX is created, the export from the current MX is imported, and the two are swapped over.
The rough steps go as follows.
Export
- Log onto MX from jumpbox using pem and passphrase.
- Unlock MX with a command and the licence key.
- Log off and on again.
- Switch to root user.
- Get AWS access keys.
- Run export command using AWS access keys. This copies export to s3.
Import
- Log onto MX from jumpbox using pem and passphrase.
- Unlock MX with a command and the licence key.
- Log off and on again.
- Switch to root user.
- Get AWS access keys.
- Run import command using AWS access keys.
- Page through the license agreement and type ACCEPT at the end.
- Reboot when import is finished.
Has anyone attempted to automate this? Any tips?
Can you perform the import silently? i.e. without having to page through and accept the licence agreement?
#On-PremisesWAF(formerlySecuresphere)------------------------------
Rick Bowden
Infrastructure/DevOps Engineer
Aviva
Eastleigh
------------------------------