In this article, we discuss about upgrading NSX-V to 6.4.13 for the vSphere system by using the VMware NSX Manager user interface and VMware vSphere Client. NSX for vSphere also called as NSX Data Center for vSphere
Before upgrading NSX-V, it is essential to validate all necessary components. It is valid not only for the minor upgrade that we will be performing VMware NSX for vSphere 6.4.10 to VMware NSX for vSphere 6.4.13 – but for all versions. The checklist below will assist you in preparing your environment for an upgrade.
Prerequisite for upgrading NSX-V to 6.4.13:
- NSX Manager should be backed up before upgrading to latest version.
- Check the MD5 of the NSX upgrade bundle after downloading it.
- Make sure EAM agent must be running state (Health Status is Green Color).
- Take snapshot of NSX manager.
- Minimum 5GB free space is required on NSX manager.
- Ensure that vCenter server meets NSX requirements, you can check by using interoperability.
- Ensure compatibility before upgrading Guest Introspection services. login into NSX Manager and click on NSX Controller Cluster, you can see Host Clusters at the Distributed Logical Routers you could find Guest Introspection if it is configured.
- Prior to upgrading to NSX 6.4.x, all NSX Edge appliances running NSX 5.5 or earlier must be upgraded to NSX 6.x.
- It is not possible to downgrade NSX Manager once it has been upgraded successfully to the desired version
Verify the NSX Working State
1. vSphere ESX Agent Manager (EAM): Help to automates the deployment and management of Networking and Security services, as well as expanding the ESXi host function to provide additional services required by a vSphere solution. Make sure EAM agent must be running state (Health Status is Green Color).
2. Verify vsfwd Status :ESXi host establish the socket to connect NSX Manager using vShield Stateful Firewall (vsfwd) check by using below two commands.
In order to check port connection run in the ESXi host.
esxcli network ip connection list |grep 5671
To check service in the ESXi host.
/etc/init.d/vShield-Stateful-Firewall status
3. Verify netcpad Status: Control Plane Agent (netcpad) used for the communicating between NSX Manager and Controller cluster.
To check port connection in ESXi host
esxcli network ip connection list |grep 1234
In order to check service in ESXi host
/etc/init.d/netcpad status
4. NSX modules: Note of the output of below command which is used for Configuration changes to NSX modules options take effect at startup of the ESXi host.
esxcli system module list |grep nsx esxcli software vib get --vibname esx-nsxv
upgrading NSX-V to 6.4.13
The following is the order in which NSX components to perform upgrading NSX-V to 6.4.13
- NSX Manager appliance
- NSX Controller cluster
- Host clusters
- NSX Edge
- Guest Introspection
1. NSX Manager Upgrade:
Create, configure, and monitor NSX-v Data Center components including logical switches, logical routers, load balancer, and firewalls with the NSX Manager GUI and REST API
Firstly, login to the NSX Manager from the home page, click Upgrade
To start the upload, Click Upgrade then click Choose File and browse.tar.gz file
2. NSX Controller Cluster Upgrade:
As part of the NSX architecture, the NSX Controller is a highly available virtual appliance that is responsible for installing virtual networks.
Impact during the NSX Controller upgrade is Logical network creation and modifications are blocked during the upgrade process.
While the NSX controller cluster is being upgraded, do not make any logical network configuration changes.
3. Host Upgrade:
The host preparation process involves installing kernel modules on ESXi hosts in vCenter clusters and building the control-plane and management-plane fabrics.
Enter the host into maintenance mode one by one, automatically esx-vsip & esx-vxlan VIB’s get installed in each host.
As soon as the NSX Managers and the NSX Controller cluster have been upgraded, you can upgrade the host clusters.
New features of the NSX for vSphere version installed on NSX Manager appear in the vSphere Web Client and the API but might not function until the host VIBs are upgraded.
As soon as the VIBs have been upgraded and the host has been taken out of maintenance mode.
4. NSX Edge Upgrade:
It provides access to all NSX Edge services such as firewalls, NATs, DHCPs, VPNs, and load balancing.
Login into vSphere Web Client, select Networking & Security–> NSX Edges. For each NSX Edge instance, you have to click Actions –> Upgrade Version.
Before upgrading logical routers, ensure that the NSX Controller cluster and host preparation are up to date. It is important to verify that a local segment ID pool exists, even if you are not planning to create logical switches in NSX. Configuration changes are blocked on the NSX Edge device currently being upgraded.
Host Preparation using Resolve action:
If you want to automate the host upgrade procedure, Keep VMware vSphere Distributed Resource Scheduler (DRS) in Fully Automated mode on the cluster level and navigate VMware vCenter Server–>Network and Security->Host Preparation->Select required cluster on the left side and click on ACTIONS you will find option called Resolve.
By using the Resolve option, it will automatically keep the host into maintenance mode and install/upgrade NSX-V VIB’s into the host. After upgrading NSX VIB’s it will automatically exit from maintenance mode. It will perform one after another ESXi hosts under the selected cluster.
Post-Upgrade Tasks:
Ensure that all post-upgrade tasks are completed, check below key point to verify.
- After you upgrade NSX Manager, make a backup of it
- On each ESXi host, verify that the NSX VIB install status by using below command
esxcli software vib get esx-nsxv
- if you find any error on NSX cluster use Resynchronize the host message bus.
If you have cross vCenter NSX-V environment, follow the same process below is the order
- Upgrade Primary NSX Manager appliance
- All secondary NSX Manager appliances need to be upgraded
- NSX Controller cluster
- Host clusters
- NSX Edge
- Guest Introspection
Conclusion:
upgrading NSX-V to 6.4.13 has been completed successfully. NSX-V End of Support Life (EOS) and End of Technical Guidance dates were announced by VMware in 2018. VMware announced NSX-V End of Support Life (EOS) in 2022.You will no longer be able to provision new vCenter Server instances with NSX-V instances after 21 June 2022, but you will still be able to add hosts and clusters to existing NSX–V deployments.
Therefore, migrate your workload from VMware NSX for vSphere to NSX-T. For a successful outcome, you need to be familiar with both NSX-V and NSX-T. Please check out NSX-T introduction document.