|
This error is triggered when the fabric upgrade is enabled on the HA devices and after targeted firmware upgrade is finished, but the the cluster still goes out-of-sync.
While hovering over the HA device, it will show 'system.federated-upgrade' has a mismatch in checksum values.
If HA reservation management is enabled, log in to the secondary device via the GUI and disable the Fabric upgrade.
The following is what the configuration looks like:
FortiGate-60F # config global
FortiGate-60F (global) # config system federated-upgrade
FortiGate-60F (federated-upgrade) # sh
config system federated-upgrade
set status ready
set upgrade-id 2
set ha-reboot-controller "FGT60FTK2000YYYY"
config node-list
edit "FGT60FTK2000YYYY"
set timing scheduled
set time 05:25 2025/06/12 UTC
set setup-time 11:56 2025/06/11 UTC
set upgrade-path 7-2-11
next
end
end
But while deleting from CLI, it returns the error:
FortiGate-60F # config global
FortiGate-60F (global) # config system federated-upgrade
FortiGate-60F (federated-upgrade) # config node-list
FortiGate-60F (node-list) # delete FGT60FTK20006777
Federated upgrade cannot be configured directly.
Please use 'execute federated-upgrade ...' to configure.
command_cli_delete:6898 delete table entry FGT60FTK2000YYYY unset oper error ret=-39
Command fail. Return code -39
Solution:
To disable the fabric-upgrade execute the following command:
FortiGate-60F (global) # execute federated-upgrade cancel
This will cancel the upgrade. If the upgrade is immediate or scheduled to happen very soon,
some nodes may have already gone down for upgrade.
Do you want to continue? (y/n)y
FortiGate-60F (global) # show system federated-upgrade
config system federated-upgrade
set status disabled
end
Once the command is executed the status will be changed to disabled, wait for a while and HA status will show in-sync.
For more information on Fabric-upgrades, refer to Upgrading all devices - FortiGate 7.6.3 administration guide
To sync HA manually, refer to Technical Tip: Procedure for HA manual synchronization
|
