Hello,
Could not find any reference for this situation, I have a pair with Fortigates in HA, each one has a VDOM that it is active, for example:
Master has VDOM 1 active on its unit
Slave has Vdom 2 active on its unit.
Before upgrading the firmware I assume that I need to select a master for both VDOMs and then apply the update, since the uninterruptable-upgrade feature it will perform the update on the subordinate first.
Am I in the correct path ?
Solved! Go to Solution.
I dont know which FortiOS you are running, but i suppose that the Cluster might have the inteligence to handle this properly, BUT i wouldn' t count on this.
If i were you i would act exactly as you wrote down. Move all active VDOMs to one box. Then upgrade !
--------------------------------------------
If all else fails, use the force !
I dont know which FortiOS you are running, but i suppose that the Cluster might have the inteligence to handle this properly, BUT i wouldn' t count on this.
If i were you i would act exactly as you wrote down. Move all active VDOMs to one box. Then upgrade !
--------------------------------------------
If all else fails, use the force !
I haven't done split active vdoms between units in a-p mode. But I would assume the upgrade process would work from the unit that has an active management vdom (default is root). I would open a TAC case to verify my assumption is correct.
So if your doing vcluster2 than you can set the vdom to be on any node in the cluster and upgrade that former active node if your worried. Once the node comes back, you can push all of the vdom to the cluster2-node and upgrade the other nodes.
It overall very simple and no impact.
ken
PCNSE
NSE
StrongSwan
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.