The duration for the NSX-T Data Center upgrade process depends on the number of components you have to upgrade in your infrastructure. It is important to understand the operational state of NSX-T Data Center components during an upgrade.

The upgrade process is as follows:

NSX Edge cluster > Hosts > Management plane.

Check NSX-T Data Center Components

You can perform an automated pre-check to verify whether the NSX-T Data Center components are ready for upgrade. The pre-check process scans for the component activity, version compatibility, component status of the hosts, NSX Edge, and management plane. Resolve any warning notifications to avoid problems during the upgrade.
NSX Cloud Note: Starting with NSX-T Data Center 2.5.1, NSX Cloud supports communication on port 80 between the Cloud Service Manager appliance installed on-prem with the NSX Public Cloud Gateway installed in your public cloud VPC/VNet. NSX-T Data Center versions 2.5.0 and earlier require port 7442 for this communication. During the upgrade from versions 2.5.0 and earlier to 2.5.1, keep port 7442 open. See Enable Access to Ports and Protocols in the NSX-T Data Center Installation Guide for more information.
Note: Starting with NSX-T Data Center 2.5.0, the NSX Messaging channel TCP port from all Transport and Edge nodes to NSX Managers has changed to TCP port 1234 from port 5671. With this change, make sure all NSX-T Transport and Edge nodes can communicate on both TCP ports 1234 to NSX Managers and TCP port 1235 to NSX Controllers before you upgrade to NSX-T Data Center 2.5. Also make sure to keep port 5671 open during the upgrade process.

The NSX Manager must have 200 GB disk space available for the upgrade.

NSX Edge Cluster Upgrade

During Upgrade After Upgrade
  • During the NSX Edge upgrade, you might experience the following traffic interruption:
    • North-south datapath is affected if the NSX Edge is part of the datapath.
    • East-west traffic between tier-1 routers using NSX Edge firewall, NAT, or load balancing.
    • Temporary Layer 2 and Layer 3 interruption.
  • Configuration changes are not blocked on NSX Manager but might be delayed.
  • Configuration changes are allowed.
  • Upgraded NSX Edge cluster is compatible with the upgraded hosts and older versions of the Management plane.
  • New features introduced in the upgrade are not configurable until the Management plane is upgraded.

Hosts Upgrade

During Upgrade After Upgrade
  • For standalone ESXi hosts or ESXi hosts that are part of a disabled DRS cluster, place hosts in maintenance mode.

    For ESXi hosts that are part of a fully enabled DRS cluster, if the host is not in maintenance mode, the upgrade coordinator requests the host to be put in maintenance mode. The vSphere DRS tool migrates the VMs to another host in the same cluster during the upgrade and places the host in maintenance mode.

    Note: Before you place your ESXi host in maintenance mode, power off any NSX Edge VMs that may be residing on the host and ensure that the NSX Edge VMs continue to reside on the same host.
  • For ESXi host, for an in-place upgrade you do not need to power off the tenant VMs.
  • For a KVM host, for an in-place upgrade you do not need to power off the VMs. For a maintenance mode upgrade, power off the VMs.
  • Configuration changes are allowed on NSX Manager.
  • Power on or return the tenant VMs of standalone ESXi hosts or ESXi hosts that are part of a disabled DRS cluster that were powered off before the upgrade.
  • Upgraded hosts are compatible with non-upgraded hosts, NSX Edge cluster and Management plane.
  • New features introduced in the upgrade are not configurable until the Management plane is upgraded.
  • Run post checks to make sure that the upgraded hosts and NSX-T Data Center do not have any problems.
Note: Before you place your ESXi host in maintenance mode, power off any NSX Edge VMs that may be residing on the host and ensure that the NSX Edge VMs continue to reside on the same host.
  • If you are only upgrading your hosts and not NSX-T Data Center, manually install the NSX kernel module that is compatible with your existing version of NSX-T Data Center, after the host upgrade is complete. See Upgrade Hosts for more information.
  • Upgrade for NSX-T Data Center on vSphere fails if your exception list for vSphere lockdown mode includes expired user accounts. Ensure that you delete all expired user accounts before you begin upgrade. For more information on acounts with access privileges in lockdown mode, see Specifying Accounts with Access Privileges in Lockdown Mode in the vSphere Security Guide.

Limitations on In-Place Upgrade

For NSX-T Data Center, in-place upgrade of a host is not supported in the following scenarios:

  • More than one N-VDS switch is configured on the host.
  • More than 100 vNICs are configured on the host N-VDS switch.
  • ENS is configured on the host N-VDS switch.
  • CPU use for the hostd, nsxa, or the config-agent service is high.
  • vSAN(with LACP) is configured on the host N-VDS switch.
  • VMkernel interface is configured on the overlay network.

NSX Controller Cluster Upgrade

Note: In the NSX-T Data Center 2.4 release, the NSX Controller is merged with the NSX Manager during upgrade.

Management Plane Upgrade

Note: Before you configure your NSX-T Data Center 2.4 NSX Manager for upgrade, you must backup the NSX Manager. See the NSX-T Data Center Administration Guide.
During Upgrade After Upgrade
  • Configuration changes are not blocked on the Management plane. Do not to make any changes during the Management plane upgrade.
  • API service is momentarily unavailable.
  • User interface is unavailable for a short period.
  • Configuration changes are allowed.
  • New features introduced in the upgrade are configurable.