Overview / Introduction
The Internal Scanner VM is a critical component of our environment, responsible for running vulnerability and network scans within our infrastructure. Periodic upgrades ensure that the scanner remains secure, compatible with new features, and fully supported.
This guide walks you through upgrading the Internal Scanner VM via the Footprint UI. The process is designed to be simple, but a maintenance window is required due to the scanner being unavailable during the upgrade process.
Prerequisites
Access to the Footprint UI
Confirmation that the target VM is online and reachable
Check that Toolkit version is at least
3.10.30and Controller version at least1.5.0
If the Toolkit Version is outdated, you can run the following command in order to force update and run:
cd /var/coda/ && ./toolkit_updater.sh && ./coda_toolkit
Maintenance window scheduled
(Optional) Access to the Internal Scanner SSH shell (for debugging / log collection)
-
Ensure the ISVM has access to the following repositories which provide the necessary packages and updates required during the upgrade process. Verify that no firewall rules are blocking the connections to the required repositories.
https://download.docker.com,http://archive.ubuntu.comandhttps://changelogs.ubuntu.comYou can test this by running
curl -i <test URL here>, for examplecurl -I https://download.docker.com
-
If the operating system upgrade was initiated prior to granting access to the necessary repositories, it's recommended to restart the upgrade process to ensure all required packages are correctly installed. To do this, execute the following commands:
sudo reboot now(wait until the system is fully back online) then run
touch /var/coda/internalscanner/OS_UPGRADE && cd /var/coda && ./coda_toolkit
Upgrade steps
When the Footprint platform detects that the operating system of an internal scanner is outdated, it will show it in a separate group in the Agentless Scan Surface → Deployed Scanners page.
You can start the upgrade process by following the next steps:
-
Set up a maintenance window
Scanner OS upgrades may take up to
3 hoursdepending on the network speed. The download size is approximately 5 GB.The scanner will NOT process any scans or tasks during the upgrade process
-
Hit the
Start upgradebutton in the platformThis will pop up a confirmation window to begin the process:
The scanner will start the upgrade process, and you can monitor its progress by following the logs:
When the process finishes, the scanner will return to the active state, and the user that initiated the upgrade will receive a confirmation e-mail.
Post-Upgrade Verification
After completing the upgrade, perform the following checks to verify the scanner is healthy:
Confirm the scanner shows as Active in the UI
Run a test scan to ensure scan tasks complete successfully
Verify the scanner operating system version reflects the expected upgrade result - Ubuntu 24.04
Troubleshooting Tips
If you encounter issues during or after the upgrade, try the following steps:
Scanner appears offline after the upgrade
Verify the VM is powered on and network connectivity is stable
Check firewall rules to ensure the scanner can communicate with the platform
Restart the VM if needed
Upgrade appears stuck or fails
Review the upgrade log in the UI for more details
Collect the upgrade logs (
Download logsbutton) and share them with the CODA Support team
Scans fail after upgrade
Reboot the VM as a precaution and re-run the test scan
If repeated failures occur, contact CODA Support with the scanner name and error details
Support
If issues persist or you’re unsure how to proceed, please contact the CODA Intelligence Support team at support@codaintelligence.com or by opening a ticket.
Comments
0 comments
Please sign in to leave a comment.