This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Update in hot standby

Hi,

I have a question regarding the updates.

We have 2 SG310 in Active/Passive mode. when an update is relaese we just install it on the Active UTM and then automatically is installed on the slave node.

in the current config I can see that option "Keep node(s) reserved during the update" is not selected.

could someone tell me if we should enable this option or not? and if we select this option how we must update the slave node?

Thanks

This thread was automatically locked due to age.

Parents

0 offn over 9 years ago

I always use this option, because it is very usefull.

I do it like this:
* restart slave
* wait for "fully functional" mail
* restart master (master changes to slave)
* wait for "fully functional" mail
* restart is not necessary but may prevent from problems during up2date
* upgrade to latest version now (slave is updated and changes back to master)
* test functionality
* wait at least one work day

case: good
* management > High Availability > Slave > upgrade node
* wait for "fully functional" mail

case: fail
* if loosing quarantined mail is not critical
* switch off master with new version
* slave with old version changes back to master
* downlad the ISO from current version
* disconnect the device with the new (problem) version from network
* reimage the device to the old (working) version
* reconnect the reimaged device
* wait for "fully functional" mail
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 offn over 9 years ago

I always use this option, because it is very usefull.

I do it like this:
* restart slave
* wait for "fully functional" mail
* restart master (master changes to slave)
* wait for "fully functional" mail
* restart is not necessary but may prevent from problems during up2date
* upgrade to latest version now (slave is updated and changes back to master)
* test functionality
* wait at least one work day

case: good
* management > High Availability > Slave > upgrade node
* wait for "fully functional" mail

case: fail
* if loosing quarantined mail is not critical
* switch off master with new version
* slave with old version changes back to master
* downlad the ISO from current version
* disconnect the device with the new (problem) version from network
* reimage the device to the old (working) version
* reconnect the reimaged device
* wait for "fully functional" mail
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 AreshAreshi over 9 years ago in reply to offn

Hi Offn,

Thanks for your detailed info, really appreciate it. I thought if we use this option and then something goes wrong we dont need to re image the de device, but it looks like that we have to re image it after all.

If I understood you correctly after enableing the option to install the updates,

1. as you said the restart is bot neccery.
2. install the update and this will update the slave.
3. slave will reboot and become the master.
4. Master node become the slave.
5. leave this for a week or so.
6. management > High Availability > Slave > upgrade node.
7. updated node reboot and stay slave.

is these steps correct?

Thanks
Cancel
Vote Up 0 Vote Down

Cancel
0 offn over 9 years ago in reply to AreshAreshi

The steps are correct.

I always restart before upgrading, because some people, that didn't restart their devices befor upgrading, reported troubles at restart after upgrade...
Cancel
Vote Up 0 Vote Down

Cancel
0 AreshAreshi over 9 years ago in reply to offn

Thanks for the reply again,

you mean before installing the update just go ahed and restart the Master right?

Thanks
Cancel
Vote Up 0 Vote Down

Cancel
0 offn over 9 years ago in reply to AreshAreshi

like I described in my first post...
Cancel
Vote Up 0 Vote Down

Cancel