During the upgrade process, a new Edge virtual appliance is deployed alongside the existing one.

About this task

When the new Edge is ready, the old Edge's vNICs are disconnected and the new Edge's vNICs are connected. The new Edge then sends gratuitous ARP (GARP) packets to update the ARP cache of connected switches. When HA is deployed, the upgrade process is performed two times.

This process can temporarily affect packet forwarding. You can minimize the impact by configuring the Edge to work in ECMP mode.

OSPF adjacencies are withdrawn during upgrade if graceful restart is not enabled.

Prerequisites

  • Verify that NSX Manager has been upgraded.

  • Verify that the NSX Controller cluster and host preparation have been upgraded before upgrading logical routers.

  • Verify that there is a local segment ID pool, even if you have no plans to create NSX logical switches.

  • If you have any vCloud Networking and Security 5.5 or earlier vShield Edge appliances, you must upgrade them to NSX 6.2.x or later before upgrading to NSX 6.4.

  • Verify the hosts have enough resources to deploy additional NSX Edge Services Gateway appliances during the upgrade, particularly if you are upgrading multiple NSX Edge appliances in parallel. See the System Requirements for NSX for the resources required for each NSX Edge size.

    • For a single NSX Edge instance, there are two NSX Edge appliances of the appropriate size in the poweredOn state during upgrade.

    • For an NSX Edge instance with high availability, both replacement appliances are deployed before replacing the old appliances. This means there are four NSX Edge appliances of the appropriate size in the poweredOn state during upgrade of a given NSX Edge. Once the NSX Edge instance is upgraded, either of the HA appliances could become active.

  • Verify that the host clusters listed in the configured location and live location for all NSX Edge appliances are prepared for NSX and that their messaging infrastructure status is GREEN.

    You must do this even if you do not intend to upgrade all NSX Edge appliances to NSX 6.4.

    If the configured location is not available, for example, because the cluster has been removed since the NSX Edge appliance was created, then verify the live location only.

    • Find the ID of the original configured location (configuredResourcePool > id) and the current live location (resourcePoolId) with the GET https://NSX-Manager-IP-Address/api/4.0/edges/{edgeId}/appliances API request.

    • Find the host preparation status and the messaging infrastructure status for those clusters with the GET https://NSX-Manager-IP-Address/api/2.0/nwfabric/status?resource={resourceId} API request, where resourceId is the ID of the configured and live location of the NSX Edge appliances found previously.

      • Look for the status corresponding to the featureId of com.vmware.vshield.vsm.nwfabric.hostPrep in the response body. The status must be GREEN.

        <nwFabricFeatureStatus>
          <featureId>com.vmware.vshield.vsm.nwfabric.hostPrep</featureId>
          <featureVersion>6.3.1.5124716</featureVersion>
          <updateAvailable>false</updateAvailable>
          <status>GREEN</status>
          <installed>true</installed>
          <enabled>true</enabled>
          <allowConfiguration>false</allowConfiguration>
        </nwFabricFeatureStatus>
      • Look for the status corresponding to the featureId of com.vmware.vshield.vsm.messagingInfra in the response body. The status must be GREEN.

        <nwFabricFeatureStatus>
          <featureId>com.vmware.vshield.vsm.messagingInfra</featureId>
          <updateAvailable>false</updateAvailable
          <status>GREEN</status>
          <installed>true</installed>
          <enabled>true</enabled>
          <allowConfiguration>false</allowConfiguration>
        </nwFabricFeatureStatus>

    If the hosts are not prepared for NSX, do the following:

    • Navigate to Installation and Upgrade > Host Preparation and prepare the hosts for NSX.

    • Verify that the messaging infrastructure is GREEN.

    • Redeploy the NSX Edges on the host.

    If the hosts are not prepared for NSX, do the following:

    • Navigate to Installation > Host Preparation and prepare the hosts for NSX.

    • Verify that the messaging infrastructure is GREEN.

    • Redeploy the NSX Edges on the host.

  • Understand the operational impact of the NSX Edge upgrade while the upgrade is in progress. See "Operational Impacts of NSX Upgrades" in the NSX Upgrade Guide.

Procedure

  1. In the vSphere Web Client, select Networking & Security > NSX Edges.
  2. For each NSX Edge instance, select Upgrade Version from the Actions () menu.

    If the upgrade fails with the error message "Failed to deploy edge appliance," make sure that the host on which the NSX Edge appliance is deployed is connected and not in maintenance mode.

Results

After the NSX Edge is upgraded successfully, the Status is Deployed, and the Version column displays the new NSX version.

If an Edge fails to upgrade and does not roll back to the old version, click the Redeploy NSX Edge icon. A new NSX Edge appliance is deployed, which has the same version of NSX as the NSX Manager. No further upgrade is needed.

What to do next

After you upgrade your 6.2.4 or earlier NSX Edges to 6.2.5 or later, you must turn off vSphere Virtual Machine Startup for each NSX Edge in a cluster where vSphere HA is enabled and Edges are deployed. To do this, open the vSphere web client and find the ESXi host where NSX Edge virtual machine resides. Click Manage > Settings and under Virtual Machines, select VM Startup/Shutdown, click Edit, and make sure that the virtual machine is in Manual mode (that is, make sure it is not added to the Automatic Startup/Shutdown list).