NSX Edges can be upgraded without any dependency on the NSX Controller cluster or host cluster upgrades. You can upgrade an NSX Edge even if you have not yet upgraded the NSX Controller cluster or host clusters.

About this task

During the upgrade process, a new Edge virtual appliance is deployed alongside the existing one. When the new Edge is ready, the old Edge's vNICs are disconnected and the new Edge's vNICs are connected. The new Edge then sends gratuitous ARP (GARP) packets to update the ARP cache of connected switches. When HA is deployed, the upgrade process is performed two times.

This process can temporarily affect packet forwarding. You can minimizing the impact by configuring the Edge to work in ECMP mode.

OSPF adjacencies are withdrawn during upgrade if graceful restart is not enabled.

Prerequisites

  • Verify that NSX Manager has been upgraded to 6.2.x.

  • Verify that there is a local segment ID pool, even if you have no plans to create NSX logical switches.

  • Verify the hosts have enough resources to deploy additional NSX Edge Services Gateway appliances during the upgrade, particularly if you are upgrading multiple NSX Edge appliances in parallel. See the System Requirements for NSX for the resources required for each NSX Edge size.

    • For a single NSX Edge instance, there will be two NSX Edge appliances of the appropriate size in the poweredOn state during upgrade.

    • Starting in NSX 6.2.3, when upgrading an NSX Edge instance with high availability, both replacement appliances are deployed before replacing the old appliances. This means there will be four NSX Edge appliances of the appropriate size in the poweredOn state during upgrade of a given NSX Edge. Once the NSX Edge instance is upgraded, either of the HA appliances could become active.

    • Prior to NSX 6.2.3, when upgrading an NSX Edge instance with high availability, only one replacement appliance is deployed at time while replacing the old appliances. This means there will be three NSX Edge appliances of the appropriate size in the poweredOn state during the upgrade of a given NSX Edge. Once the NSX Edge instance is upgraded, usually the NSX Edge appliance with HA index 0 becomes active.

  • Understand the operational impact of the NSX Edge upgrade while the upgrade is in progress. See Operational Impacts of NSX Upgrades.

  • If you have L2 VPN enabled on an NSX Edge you must delete the L2 VPN configuration before you upgrade. Once you have upgraded, you can reconfigure L2 VPN.

  • If you are upgrading from NSX 6.2.x to NSX 6.2.3 and load balancer is configured, see this Knowledge Base article to avoid problems with the upgrade: https://kb.vmware.com/kb/2145887

Procedure

  1. In the vSphere Web Client, select Networking & Security > NSX Edges.
  2. For each NSX Edge instance, double click the edge, and click Manage > VPN > L2 VPN and check if L2 VPN is enabled. If it is, take note of the configuration details and then delete all L2 VPN configuration.
  3. For each NSX Edge instance, select Upgrade Version from the Actions menu.

    If the upgrade fails with the error message "Failed to deploy edge appliance," make sure that the host on which the NSX edge appliance is deployed is connected and not in maintenance mode.

Results

After the NSX Edge is upgraded successfully, the Status is Deployed, and the Version column displays the new NSX version.

If an Edge fails to upgrade and does not rollback to the old version, click the Redeploy NSX Edge icon and then retry the upgrade.

What to do next

Reconfigure any L2 VPN configurations. See L2 VPN Overview in the NSX Installation Guide.