sdpctl is a command line tool designed to streamline the management of Collectives. As well as performing critical tasks such as upgrading and backing up a Collective, there are several other functions available. For the full scope of what sdpctl can do, see the documentation hosted in GitHub.
Using sdpctl
To use sdpctl:
Download the latest version here. This site is not linked to AppGate ZTNA versions, so check GitHub before using sdpctl to see if there is a newer version available.
Copy the relevant version of sdpctl to the system where it will run, which will be outside of the AppGate ZTNA Collective.
Before you start
Note your primary Controller and its hostname. You will connect to its admin interface and will need to reference this Controller if you must revert your upgrade.
NOTE
Do not use a load-balanced address or hostname, as sdpctl needs to work consistently with the same Controller.
Get the CA cert file from the Controller's Certificate Authority page (System > Certificate Authority). This will ensure there is a mutually-trusted TLS connection established between sdpctl and the Controller when the self-signed certificate is still in use for the admin/API access.
Create a suitable admin user account for sdpctl to use with proper admin role privileges: Upgrade on the Controller or Backup on other appliances.
Create a policy for the admin user and select the proper admin role for it.