General steps:

1. Login into the support portal and navigate to Support -> Downloads -> Firmware Download -> Select Product -> FortiAnalyzer-BigData -> Download -> Look for the target version -> Download the bootloader image .out (For example: FAZBD_Bootloader-v7-build0510-FORTINET.out).
2. Note down the image checksum value as well from the support portal.
3. Once the bootloader image is downloaded, run SCP to transfer the bootloader image into the controller IP address. How to identify the controller IP address, see the KB article Technical Tip: How to locate the controller IP address of the FortiAnalyzer BigData.

In this example, transfer the bootloader image into path /mnt/boot/package/ of the controller, and the active controller, here, is blade 3 which is indicated in the SSH login as root@blade-10-0-1-3. It is possible to verify the image upload as well as the checksum value as follows.

In this example, run MD5 checksum in the controller itself against the image and the return checksum value should match the one in step (2) above to confirm the image is clean and free of errors.  

[root@blade-10-0-1-3 ~]$ ls -lh /mnt/boot/package/
total 78M
-rw-r--r-- 1 root root 77M Aug 10 10:24 FAZBD_Bootloader-v7-build0510-FORTINET.out

[root@blade-10-0-1-3 ~]$ md5sum /mnt/boot/package/FAZBD_Bootloader-v7-build0510-FORTINET.out
0186686303deb5dfac3898522fd53b1b /mnt/boot/package/FAZBD_Bootloader-v7-build0510-FORTINET.out

4. Check the current running bootloader version with fazbdctl show version in the controller. Bootloader version information is available in the CLI on the controller and all blades after version 7.2.2. If the current running version is prior to 7.2.2, ignore this step.

    

   For this example, the current bootloader version is in 7.2.1 GA build0485 while the whole system has already upgraded to 7.2.2 GA build0510. 

    

   [root@blade-10-0-1-3 ~]$ fazbdctl show version
   Security Event Manager: FortiAnalyzer-BigData-4500F 7.2.2 GA build0510
   Bootloader: FortiAnalyzer-BigData-Bootloader 7.2.1 GA build0485

    

   After this step of verification, proceed to upgrade the bootloader. There are two methods to upgrade locally, see the steps below. 

    

Method 1: Direct Upgrade via CLI.

1. SSH into the controller and run the CLI command as follows, the upgrade takes less than a minute and the bootloader image will be sent to all blades for the upgrade. The bootloader upgrade CLI command only run once in the controller. 

Syntax: 

fazbdctl upgrade bootloader -U <full local path that store the bootloader file>

Sample output: 

[root@blade-10-0-1-3 ~]$fazbdctl upgrade bootloader -U /mnt/boot/package/FAZBD_Bootloader-v7-build0510-FORTINET.out
Going to upgrade [bootloader] from [/mnt/boot/package/FAZBD_Bootloader-v7-build0510-FORTINET.out]. Are you sure? [Y]es/[N]o/[C]ancel : Y
2023/08/10 11:16:56.664621 upgrade.go:448: RunUpgradeFAZBDBackground: [INFO] running upgrade process in background...
2023/08/10 11:16:56.748350 upgrade.go:339: RunUpgradeFAZBDForeground: [INFO] upgrade process in progress...
2023/08/10 11:16:56.751406 network.go:567: DownloadImage: [INFO] Obtaining image from /mnt/boot/package/FAZBD_Bootloader-v7-build0510-FORTINET.out, please wait...
2023/08/10 11:16:56.890995 bd_bootloader.go:84: UpgradeBootloader: [INFO] Extracted /mnt/boot/.tmp/FAZBD_Bootloader-v7-build0510-FORTINET.out to /mnt/boot/.tmp
2023/08/10 11:16:56.891115 bd_bootloader.go:88: UpgradeBootloader: [INFO] Running bootloader install script to /mnt/boot/syslinux
2023/08/10 11:16:56.932045 bd_bootloader.go:98: UpgradeBootloader: [INFO] Installed bootloader. Backing up bootloader images...
2023/08/10 11:16:56.932264 bd_system.go:207: storeAndBackupImage: [INFO] finished storing and backup images: /mnt/boot/package/bootloader.out /mnt/boot/package/bootloader.out.bak
syncing all members up with the bootloader
Done: upgraded bootloader on 10.0.1.10
Done: upgraded bootloader on 10.0.1.11
Done: upgraded bootloader on 10.0.1.12
Done: upgraded bootloader on 10.0.1.13
Done: upgraded bootloader on 10.0.1.14
Done: upgraded bootloader on 10.0.1.2
Done: upgraded bootloader on 10.0.1.4
Done: upgraded bootloader on 10.0.1.5
Done: upgraded bootloader on 10.0.1.6
Done: upgraded bootloader on 10.0.1.7
Done: upgraded bootloader on 10.0.1.8
Done: upgraded bootloader on 10.0.1.9

2. Run fazbdctl show version to verify whether the bootloader version is upgraded correctly. 

    

   [root@blade-10-0-1-3 ~]$ fazbdctl show version
   Security Event Manager: FortiAnalyzer-BigData-4500F 7.2.2 GA build0510
   Bootloader: FortiAnalyzer-BigData-Bootloader 7.2.2 GA build0510

    

Method 2: Interactive Upgrade via CLI.

1. SSH into the controller and run the CLI command as follows, the CLI will interactively prompt for the input for each of the required parameters to complete the upgrade process.
   The upgrade takes less than a minute and the bootloader image will be sent to all blades for the upgrade. The bootloader upgrade CLI command only run once in the controller. In the initial prompt, the user selects the protocol LOCAL.

Syntax:  

fazbdctl upgrade bootloader 

Sample output:

[root@blade-10-0-1-3 ~]$ fazbdctl upgrade bootloader
Use the arrow keys to navigate: ↓ ↑ → ←
? Please select protocol:
FTP
SFTP
HTTP
HTTPS
↓ ▸ LOCAL

✔ LOCAL
✔ Please input the image file path: /mnt/boot/package/FAZBD_Bootloader-v7-build0510-FORTINET.out

✔ LOCAL
Please input the image file path: /mnt/boot/package/FAZBD_Bootloader-v7-build0510-FORTINET.out
✗ You input [/mnt/boot/package/FAZBD_Bootloader-v7-build0510-FORTINET.out]. Are you sure? [Y]es/[N]o/[C]ancel : Y
✔ Going to upgrade [bootloader] from [/mnt/boot/package/FAZBD_Bootloader-v7-build0510-FORTINET.out]. Are you sure? [Y]es/[N]o/[C]ancel : Y
2023/08/10 11:28:54.467807 upgrade.go:448: RunUpgradeFAZBDBackground: [INFO] running upgrade process in background...
2023/08/10 11:28:54.547385 upgrade.go:339: RunUpgradeFAZBDForeground: [INFO] upgrade process in progress...
2023/08/10 11:28:54.550044 network.go:567: DownloadImage: [INFO] Obtaining image from /mnt/boot/package/FAZBD_Bootloader-v7-build0510-FORTINET.out, please wait...
2023/08/10 11:28:54.682945 bd_bootloader.go:84: UpgradeBootloader: [INFO] Extracted /mnt/boot/.tmp/FAZBD_Bootloader-v7-build0510-FORTINET.out to /mnt/boot/.tmp
2023/08/10 11:28:54.682995 bd_bootloader.go:88: UpgradeBootloader: [INFO] Running bootloader install script to /mnt/boot/syslinux
2023/08/10 11:28:54.730846 bd_bootloader.go:98: UpgradeBootloader: [INFO] Installed bootloader. Backing up bootloader images...
2023/08/10 11:28:54.730985 bd_system.go:207: storeAndBackupImage: [INFO] finished storing and backup images: /mnt/boot/package/bootloader.out /mnt/boot/package/bootloader.out.bak
syncing all members up with the bootloader
Done: upgraded bootloader on 10.0.1.10
Done: upgraded bootloader on 10.0.1.11
Done: upgraded bootloader on 10.0.1.12
Done: upgraded bootloader on 10.0.1.13
Done: upgraded bootloader on 10.0.1.14
Done: upgraded bootloader on 10.0.1.2
Done: upgraded bootloader on 10.0.1.4
Done: upgraded bootloader on 10.0.1.5
Done: upgraded bootloader on 10.0.1.6
Done: upgraded bootloader on 10.0.1.7
Done: upgraded bootloader on 10.0.1.8
Done: upgraded bootloader on 10.0.1.9

2. Run fazbdctl show version to verify whether the bootloader version is upgraded correctly. 

    

   [root@blade-10-0-1-3 ~]$ fazbdctl show version
   Security Event Manager: FortiAnalyzer-BigData-4500F 7.2.2 GA build0510
   Bootloader: FortiAnalyzer-BigData-Bootloader 7.2.2 GA build0510