This section provides important information to consider prior to upgrading the Orchestrator, as well as how the image-based upgrade works. Contact VMware Support
to assist you with the 5.4 to 6.0 upgrade.
Note: The Orchestrator OS, database, and several other dependent components currently in use have reached their end of life, and will no longer be supported.
Note: The benefit to upgrading to the 6.0 release is better security due to components with active LTS.
Consider the following when upgrading to the 6.0 Release:
- This upgrade work does not modify any existing APIs.
- Just like other releases, there are schema changes with the 6.0 release. However, these changes will not impact the upgrade process.
The OS for the
SASE Orchestrator virtual appliance specific upgrades include the following:
- The OS version is changing from Ubuntu 18.04 to 22.04.
- Image based upgrade instead of a Debian based upgrade.
Important Notes for Upgrading from 5.4 to 6.0
With the 6.0 release, the Orchestrator is adopting an image-based upgrade approach, which will introduce the following important differences compared to previous upgrades.
- Any non-supported binaries installed on top of Orchestrator will be removed. These can include the off-the-shelf monitoring applications, remote access applications, etc.
- Back up any configurations if you want to continue using them. After the upgrade, you must reinstall them manually and configure them accordingly.
- For a successful upgrade, a reboot of the Orchestrator is required.
- The upgrade process requires a mandatory system-level REBOOT of the Orchestrator.
- After a successful upgrade, the Orchestrator does not support rolling back to the previous release. Therefore, ensure you have backups of the entire system, including /store, /store2, /store3, and so forth, before upgrading.
- At least 30GB of free space is required on the physical disk before upgrading the Orchestrator from 5.4.0 to 6.0.0.
Image-based Upgrade Process
This section describes how the image-based upgrade process works.
- An Ubuntu 22.04-based VCO image is prepared with all required binaries with LVM partitions “/” and “/var/"
- The “/” and “/var/” LVM partitions are "snapshotted" to represent new image rooftfs
- These snapshots are packaged with upgrade scripts as shown in the below diagram to serve two primary functions:
- Transferring specific configurations, notably those associated with mysql, nginx, ssh, and their respective keys, from the existing system to the new snapshots.
- Adjusting the boot configuration to ensure the system boots using the new LVM partitions, thus ensuring the upgrade is complete and effective.
- As seen in the above diagram, the image-based upgrade replaces the old file system with a new one. As mentioned, this might result some unsupported files and packages being lost. Contact VMware Support before upgrade to ensure a safe and successful upgrade.
Best Practices/Recommendations:
Listed below are some upgrade best practices:
- From the System Properties page in the Orchestrator, make a note of the value of the edge.heartbeat.spread.factor system property. Then, change the heartbeat spread factor to a relatively high value for a large Orchestrator (e.g. 20, 40, 60). This will help reduce the sudden spike of the resource utilization (CPU, IO) on the system. Make sure to verify that all Gateways and Edges are in a connected state before restoring the previous edge.heartbeat.spread.factor value from the System Property page in the Orchestrator.
- Leave the demoted SASE Orchestrator up for a few hours before complete shutdown or decommission.
- Freeze configuration modifications to avoid any additional configuration changes until the upgrade process is completed.