Fortinet black logo

Cookbook

Upgrading FortiGates in an HA cluster

Copy Link
Copy Doc ID 30be976a-bbb3-11ee-8673-fa163e15d75b:247944
Download PDF

Upgrading FortiGates in an HA cluster

You can upgrade the firmware on an HA cluster in the same way as on a standalone FortiGate. During a firmware upgrade, the cluster upgrades the primary unit and all of the subordinate units to the new firmware image.

Caution

Before upgrading a cluster, back up your configuration (Configuration backups), schedule a maintenance window, and make sure that you are using a supported upgrade path (https://docs.fortinet.com/upgrade-tool).

Uninterrupted upgrade

An uninterrupted upgrade occurs without interrupting communication in the cluster.

To upgrade the cluster firmware without interrupting communication, the following steps are followed. These steps are transparent to the user and the network, and might result in the cluster selecting a new primary unit.

  1. The administrator uploads a new firmware image using the GUI or CLI. See Firmware for details.
  2. The firmware is upgraded on all of the subordinate units.
  3. A new primary unit is selected from the upgraded subordinates.
  4. The firmware is upgraded on the former primary unit.
  5. Primary unit selection occurs, according to the standard primary unit selection process.

If all of the subordinate units crash or otherwise stop responding during the upgrade process, the primary unit will continue to operate normally, and will not be upgraded until at least one subordinate rejoins the cluster.

Interrupted upgrade

An interrupted upgrade upgrades all cluster members at the same time. This takes less time than an uninterrupted upgrade, but it interrupts communication in the cluster. Interrupted upgrade is disabled by default.

To enable interrupted upgrade:
config system ha
    set uninterruptible-upgrade disable
end

Upgrading FortiGates in an HA cluster

You can upgrade the firmware on an HA cluster in the same way as on a standalone FortiGate. During a firmware upgrade, the cluster upgrades the primary unit and all of the subordinate units to the new firmware image.

Caution

Before upgrading a cluster, back up your configuration (Configuration backups), schedule a maintenance window, and make sure that you are using a supported upgrade path (https://docs.fortinet.com/upgrade-tool).

Uninterrupted upgrade

An uninterrupted upgrade occurs without interrupting communication in the cluster.

To upgrade the cluster firmware without interrupting communication, the following steps are followed. These steps are transparent to the user and the network, and might result in the cluster selecting a new primary unit.

  1. The administrator uploads a new firmware image using the GUI or CLI. See Firmware for details.
  2. The firmware is upgraded on all of the subordinate units.
  3. A new primary unit is selected from the upgraded subordinates.
  4. The firmware is upgraded on the former primary unit.
  5. Primary unit selection occurs, according to the standard primary unit selection process.

If all of the subordinate units crash or otherwise stop responding during the upgrade process, the primary unit will continue to operate normally, and will not be upgraded until at least one subordinate rejoins the cluster.

Interrupted upgrade

An interrupted upgrade upgrades all cluster members at the same time. This takes less time than an uninterrupted upgrade, but it interrupts communication in the cluster. Interrupted upgrade is disabled by default.

To enable interrupted upgrade:
config system ha
    set uninterruptible-upgrade disable
end