Upgrade F5 Deploy Hotfix deployment

Hi Jomedusa,

You cannot install on a current working partition.

So use a unused partition or rewrite unused partition.

Now you must upoad the necessary base OS files and Hotfixes in F5 /shared/images using WINSCP  as shown below in images or using your GUI which so ever is convenience to you, dont forget to take a Backup and license reactivation on standby else it will cause failover , do only ne box at a time if oyu are doing in a cluster, and once one box done make it primary and then primary to standby then ony do the 1st box , and check your boxes are covered under F5 Support before moving to OS installation on a new partition:

We call it a OS upgrade but in technical we install a new partition with new OS and Hotfix and then reboot the F5 to the new partition, and never touch the present working partiotn as it can be used for any contingency or OS failure then for restore purpose by boting back to old working partition, Please be informed during the entire proecess present working partition is not touched for any changes.

1. To install the hotfix image, use the following command syntax:

   Note: Include the create-volume option if you are adding a new volume to the system for the hotfix installation.

   install sys software hotfix <hotfix_name>.iso volume <volume_name> [create-volume]

   For example, to install a hotfix on HD1.1, the command appears similar to the following example in tmsh mode it will install the base file automatically conditionally all the OS file and HotFix and Enginnering HF must be available in F5 /shared/images before starting instation on a new partition.:

   install sys software hotfix Hotfix-BIGIP-16.1.4.1.0.50.5-ENG.iso volume HD1.1

    

   

    

    

   

    

   

   Post installation test:

    

   root@(TEST_LAB-002)(cfg-sync Disconnected)(Standby)(/Common)(tmos)# show sys software

   --------------------------------------------------------------------
   Sys::Software Status
   Volume Product Version Build Active Status Allowed Version
   --------------------------------------------------------------------
   HD1.1 BIG-IP 16.1.4.1 0.50.5 yes complete yes
   HD1.2 BIG-IP 16.1.3.5 0.0.5 no complete yes

   ---------------------------
   Sys::Software Update Check
   ---------------------------
   Check Enabled true
   Phonehome Enabled true
   Frequency weekly
   Status none
   Errors 0

   root@(TEST_LAB-002)(cfg-sync Disconnected)(Standby)(/Common)(tmos)# load sys config verify
   Validating system configuration...
   /defaults/asm_base.conf
   /defaults/config_base.conf
   /defaults/ipfix_ie_base.conf
   /defaults/ipfix_ie_f5base.conf
   /defaults/low_profile_base.conf
   /defaults/low_security_base.conf
   /defaults/policy_base.conf
   /defaults/analytics_base.conf
   /defaults/apm_base.conf
   /defaults/apm_oauth_base.conf
   /defaults/apm_pua_ssh_base.conf
   /defaults/apm_saml_base.conf
   /defaults/app_template_base.conf
   /defaults/classification_base.conf
   /var/libdata/dpi/conf/classification_update.conf
   /defaults/ips_base.conf
   /var/libdata/ips/ips_update.conf
   /defaults/daemon.conf
   /defaults/pem_base.conf
   /defaults/profile_base.conf
   /defaults/sandbox_base.conf
   /defaults/security_base.conf
   /defaults/urldb_base.conf
   /usr/share/monitors/base_monitors.conf
   /defaults/cipher.conf
   /defaults/ilx_base.conf
   Validating configuration...
   Loading schema version: 16.1.3.5
   /config/bigip_base.conf
   /config/bigip_user.conf
   /config/bigip.conf
   Loading schema version: 16.1.4.1
   There were warnings:
   diffie-hellman-group-exchange-sha256 not supported. Replacing with default "ECDH_SHA2_NISTP256"

   I have done 1000+ OS upgrades in last many years , please let me know if i can be of any help to answer your queries in regard to OS upgrade and , i will be glad to assist you.

   Reference document link

   https://my.f5.com/manage/s/article/K13123

   HTH

   🙏