Skip to content

Upgrading the Wallarm Docker NGINX- or Envoy-based image

These instructions describe the steps to update the running Docker NGINX- or Envoy-based image to the version 2.18.

Using credentials of already existing Wallarm node

We do not recommend to use the already existing Wallarm node of the previous version. Please follow these instructions to create a new filtering node of the version 2.18 and deploy it as the Docker container.

Requirements

  • Access to the account with the Deploy or Administrator role and two‑factor authentication disabled in Wallarm Console in the US Cloud or EU Cloud

  • Access to https://us1.api.wallarm.com:444 if working with US Wallarm Cloud or to https://api.wallarm.com:444 if working with EU Wallarm Cloud. Please ensure the access is not blocked by a firewall

Step 1: Download the updated filtering node image

docker pull wallarm/node:2.18.1-5
docker pull wallarm/envoy:2.18.1-3

Step 2: Stop the running container

docker stop <RUNNING_CONTAINER_NAME>

Step 3: Run the container using the updated image

When running the container using the updated image, you can pass the same configuration parameters that were passed when running a previous image version. If some parameters are deprecated or added in the new Wallarm node version, the appropriate information is published in the list of the new version changes.

There are two options for running the container using the updated image:

Step 4: Test the filtering node operation

  1. Send the request with test SQLI and XSS attacks to the protected resource address:

    curl http://localhost/?id='or+1=1--a-<script>prompt(1)</script>'
    
  2. Open the Wallarm Console → Attacks section in the US Cloud or EU Cloud and ensure attacks are displayed in the list.
    Attacks in the interface

Step 5: Delete the filtering node of the previous version

If the deployed image of the version 2.18 operates correctly, you can delete the filtering node of the previous version in the Wallarm Console → Nodes section.