You can upgrade firmware on all nodes in a cluster from the primary node.
The following process occurs when you perform the HA upgrade procedure:
- The primary node pushes the firmware image to the member nodes.
- The primary node notifies the member nodes of the upgrade, and it takes their user traffic during the upgrade.
- The upgrade command is run on the member nodes, the systems are rebooted, and the member nodes send the primary node an acknowledgment that upgrade has been completed.
- The upgrade command is run on the primary node, and it reboots. When the system is rebooting, a member node assumes primary status, and the traffic fails over from the former primary node to the new primary node.
After the upgrade process is completed, the system determines whether the original node becomes the primary node, according to the HA Override setting:
- If Override is enabled, the cluster considers the Device Priority setting. Both nodes usually make a second failover in order to resume their original roles.
- If Override is disabled, the cluster considers uptime first. The original primary node will have a smaller uptime due to the order of reboots during the firmware upgrade. Therefore it will not resume its active role; instead, the node with the greatest uptime will remain the new primary node. A second failover will not occur.
Reboot times vary by the appliance model, and also by differences between the original firmware version and the firmware version you are installing.
The administrator procedure for an HA cluster is similar to the procedure for installing firmware on a standalone appliance. To ensure minimal interruption of service to clients, use the following steps. The same procedure applies to both active-active and active-passive clusters.
|If downgrading to a previous version, do not use this procedure. The HA daemon on a member node might detect that the primary node has older firmware, and attempt to upgrade it to bring it into sync, undoing your downgrade.
Instead, switch out of HA, downgrade each node individually, then switch them back into HA mode.
Before you begin:
- Download the firmware file from the Fortinet Customer Service & Support website: https://support.fortinet.com/
- Read the release notes for the version you plan to install.
- Back up your configuration before beginning this procedure. Reverting to an earlier firmware version could reset settings that are not compatible with the new firmware.
- You must have super user permission (user admin) to upgrade firmware.
- Verify that the cluster node members are powered on and available on all of the network interfaces that you have configured. If required ports are not available, HA port monitoring could inadvertently trigger an additional failover, resulting in traffic interruption during the firmware update.
To upgrade the firmware for an HA cluster:
- Log into the web UI of the primary node as the
- Go to System > Settings.
- Click the Maintenance tab.
- Scroll to the Upgrade Firmware button.
- Click Choose File to locate and select the file.
- Enable the HA Sync.
- Click to upload the firmware and start the upgrade process.
After the new firmware has been installed, the system reboots.
When you update software, you are also updating the web UI. To ensure the web UI displays the updated pages correctly:
In most environments, press Ctrl-F5 to force the browser to get a new copy of the content from the web application. See the Wikipedia article on browser caching issues for a summary of tips for many environments: