NSX Bytes: 6.1 Upgrade Part 3|4 – Clusters, Logical Switches, Edges and Guest Introspection
In Part 1 and Part 2 we went through the relatively straight forward upgrade of the NSX Manager and the more involved upgrading the NSX Controllers. To complete things…in this post we will upgrade the rest!
NSX components must be upgraded in the following order:
The upgrade process is managed by the NSX Manager. If the upgrade of a component fails or is interrupted and you need to repeat or restart the upgrade, the process begins from the point at which it stopped; it does not start over from the beginning
3. Clusters and Logical Switches:
Once you have updated the NSX Manager and Controllers you need upgrade the Clusters and their ESXi Hosts. During the host upgrade it will need to be put into Maintenance Mode and the NSX Manager will work through vCenter to perform a rolling upgrade of all hosts in the Cluster.
Go to the Installation Tab of the Networking & Security Menu in the Web Client and click on the Host Preparation Tab. You should see and Upgrade option in the Installation Status Column.
If you do run into an issue with any of the host updates an alert will show up which you can click into to get details of the error…this typically would be due to a time-out while trying to put the host into Maintenance Mode…if that happens click Resolve to rerun and complete the upgrade.
What we have effectively upgraded during this process are the NSX Kernel Modules for Port Security, VXLAN, Distributed Firewall, Switching and Routing up to the latest 6.1 install bundles.
4. NSX Edge and Guest Introspection:
The final steps is to upgrade any NSX Edges and what was previously vShield Endpoints (which is now rather interestingly called Guest Introspection) In the Networking & Security Menu go to NSX Edges. Right Click on each Edge that needs upgrading as shown below and select Upgrade Version as shown below:
During the upgrade a new OVF Appliance will be deployed and the config from the existing Edge will be imported into the new updated instance…there may be 1-5 seconds of downtime during this process. Once done the version number will show 6.1
Moving onto the final part of the upgrade…if you are running Services that require vShield Endpoints pre NSX you might be a little confused with the whole separate Agent VM thing let alone the renaming of vShield Endpoint to Guest Introspection in 6.1…from what I can read there isn’t any functional change from 6.0.x but the renaming completes the evolution from vCNS to NSX.
To upgrade On the Installation tab, click on Service Deployments and any previous Endpoints you had should have an Upgrade Available Message and Icon in the Installation Status column.
Select the service and click on the Upgrade Icon and you will be presented with a Confirm Upgrade Window which gives you options to modify Storage, Portgroup and IP Pool details if you wish. You can also schedule the upgrade is desired.
Working through the upgrade it was interesting to see what was happening in vCenter to the existing Endpoint VMs. As you can see below the process is similar to the Edge Upgrades where a new OVF is deployed and the config copied over finished off with a VM name change.
Once deployed the Guest Introspection version should sit at 6.1 as shown below:
At this point NSX has been fully upgrades to 6.1 and the new features can be accessed and exploited.