HA cluster firmware upgrades
All of the FIMs and FPMs in a FortiGate-7000F HA cluster run the same firmware image. You upgrade the firmware from the primary FIM in the primary FortiGate-7000F.
If uninterruptible-upgrade
and session-pickup
are enabled, firmware upgrades should only cause a minimal traffic interruption. Use the following command to enable these settings; they are disabled by default. These settings are synchronized.
config system ha
set uninterruptible-upgrade enable
set session-pickup enable
end
When these settings are enabled, the primary FortiGate-7000F primary FIM uploads firmware to the secondary FortiGate-7000F primary FIM, which uploads the firmware to the secondary FIM and the FPMs in the secondary FortiGate-7000F. Then the FIMs and FPMs in the secondary FortiGate-7000F upgrade their firmware, reboot, and resynchronize.
Then all traffic fails over to the secondary FortiGate-7000F which becomes the new primary FortiGate-7000F. Then the FIMs and FPMs in the new secondary FortiGate-7000F upgrade their firmware and rejoin the cluster. Unless override is enabled, the new primary FortiGate-7000F continues to operate as the primary FortiGate-7000F.
Normally, you would want to enable uninterruptible-upgrade
to minimize traffic interruptions. But uninterruptible-upgrade
does not have to be enabled. In fact, if a traffic interruption is not going to cause any problems, you can disable uninterruptible-upgrade
so that the firmware upgrade process takes less time.
As well, some firmware upgrades may not support uninterruptible-upgrade
. Make sure to review the release notes before running a firmware upgrade to verify whether or not enabling uninterruptible-upgrade
is supported to upgrade to that version.
To make sure a FortiGate-7000F firmware upgrade is successful, before starting the upgrade Fortinet recommends you use health checking to make sure the FIMs and FPMs are all synchronized and operating as expected. If you are following a multi-step upgrade path, you should re-do health checking after each upgrade step to make sure all components are synchronized before the next step. You should also perform a final round of health checking after the firmware upgrade process is complete. For recommended health checking commands, see the following Fortinet community article: Technical Tip: FortiGate-6000/7000 Chassis health check commands. |