Forum Discussion

ka_49032's avatar
Icon for Nimbostratus rankNimbostratus
Feb 15, 2012

v11 upgrade without downtime for active/standby pair?




Were running active/standby pairs of v10.2.3 that are connected with the fail-over serial cable.



I've upgraded a couple BIGIP's to v11 using the guide F5 provides:



The guide describes a procedure which involves shutting down interfaces on the BIGIP devices, and at one point both the active and passive unit have all their interfaces shut down, which of course means that there is an interruption to the service.



The problem is that I need to upgrade environments where downtime is hard to schedule.


Does anyone know of a way to avoid downtime for the pair?



Thanks in advance,







9 Replies

  • i do not think mirroring works between v10 and v11. so, it will have service interruption anyway.
  • Hamish's avatar
    Icon for Cirrocumulus rankCirrocumulus
    Although if all your profiles have loose-initiation (Or there's no active connections) and there's no passive style persistence, then you should be able to get away with it... But it's a big if because anything relying on source IP for persistence for example won't have the persistence state.



    Although you could gets round that by ensuring that before the upgrade only 1 pool member was enabled... Then there's no trouble for re-selecting. That and loose-init might get you through it. Might be more than you're willing to change though.



  • For a major version upgrade, I would prepare my users for possible downtime. You might be able to do it without affecting users, but I wouldn't assume it.



  • Due the introduction of ScaleN in v11 the HA configuration has completely changed from a sync peer to a sync group, for this reason the mirroring will break and you may also be required to make some modifications to the HA configuration.



    Even if it is just mirroring that is broken they you need to bear in mind how the back end application will handle the re-connections, i have a client with (peak) 20K concurrent Exchange users, if connection mirroring failed upon failover then you would have 20K clients initiating a connection to the backend Exchange servers, I'm not sure that many applications/infrastructures can handle this.




    Play safe and arrange an hours downtime and test the upgrade before attending site on a strongbox with there config on always best to be prepared for any likelihood!


  • @KA, i hade the same issue for 4 Month ago,


    i tried the Upgrade from 10.2 0 to 11.1. .. if your enverment Activ/standby . it´s easy to do upgrade without DOWntime...


    i said easy, :) .


    start with Standby Box First.


    1>> diconnect both of F5 Boxes so as not to do Failover.


    2>> if your are trying upgrade disable all your Vlan (on standby Box). and only your managment Port (on your Standby )must /should be Activ.



    best Regards.




  • I am attempting to upgrade a 10.2 active/standby pair to 11.1 HF2. I am following the guide referenced in this URL.



    After upgrading and rebooting the 10.2 standby box, the new 11.1 installation came up in a "ONLINE (STANDBY)" state. If I browse to Network -> Traffic Groups, I see a message that says:



    "Upgrading Device Trust - Device trust is still being upgraded. Please do not make modifications to Device Management or Traffic Groups pages while this message is displayed."



    My device group contains it'e self and a dummy device. According to the documentation, shouldn't this box show an "ACTIVE" state? Once I disable the 10.2 active boxes interfaces, and re-enable the new 11.1 boxes interfaces, it should start processing traffic in an ACTIVE state, correct?






    • danteampdc_1740's avatar
      Icon for Nimbostratus rankNimbostratus
      We actually just did an upgrade recently and ran into the same problem when upgrading to 11.6. We followed the directions to upgrade an active/standby but when rebooting into 11.6 we also got the ONLINE (STANDBY) and we could not get the 11.6 device to handle traffic. The solution was actually as simple as going to the ACTIVE node (the one not upgraded yet) and force it to standby. Even though both devices reported they were in standalone mode this actually did work. Once we toggled the standby unit to active we were able to update the 2nd unit and the rest of the upgrade went fairly well.
  • Josh



    Does this dummy device has the mgmt ip of the partner it had in ltm 10 ?





  • Just as the guys say I would prepare for downtime as well. V11.0 had some nasty GUI bugs (I was using configuration utility not tmsh) to recreate the device groups.



    I don't know if its been fixed in v11.1 and onwwards but I gather youre better off to do a lot of this from tmsh if possible.