|
An uninterrupted upgrade occurs without interrupting communication in the cluster.
By default cluster firmware upgrades proceed as uninterruptable upgrades that do not interrupt traffic flow.
In earlier versions, during the upgrade with the default HA settings (uninterruptible-upgrade enabled) primary sends firmware image to the secondary and waits for approximately 12 minutes only and starts the primary upgrade, it is okay for small configuration but if the configuration is large, which requires more time and the secondary is still in process and 'System is starting', it will interrupt the traffic. To resolve this, a new feature was added with v7.0.2.
config system ha
set uninterruptible-primary-wait <integer>
end
Configure a timeout value in minutes (1 - 300, default = 30) where the primary HA unit waits before the secondary HA unit is considered upgraded.
Change this setting if uninterruptible upgrades take too much time.
config system ha
set uninterruptible-upgrade disable
end
'uninterruptible-upgrade' is enabled by default.
If it is disabled, the cluster still upgrades the firmware on all cluster units, but all cluster units are upgraded at once.
Note: In FortiOS v7.4.1 and onward, uninterruptible-upgrade has been changed to upgrade-mode, and additional features have been added:
config system ha
set upgrade-mode {simultaneous | uninterruptible | local-only | secondary-only}
end
The default setting for upgrade-mode is uninterruptible, which follows the same behavior as the previous set uninterruptible-upgrade enable. Similarly, the behavior of set uninterruptible-upgrade disable is now mapped to set upgrade-mode simultaneous.
For more information on this expanded setting, see the following:
Caution.
If the interruptible upgrade is enabled, it will interrupt traffic flow because all Cluster units are upgrading at the same time.
Related document:
New features or enhancements - FortiGate 7.2.0
|
