I haven’t been writing much about NSX so far, but I am working on an Internet of Things (IoT) Project where NSX is one of the core products. In Today post Step by Step NSX Upgrade, I would like to show you how NSX upgrade should be done.

Before we upgrade

It is very important to validate all necessary components before NSX is upgraded. It is not only valid for a minor upgrade which we will be doing - 6.2.2 to 6.2.3, but for every version. Checklist below will help you to prepare your environment to upgrade:

• Download NSX upgrade bundle and check MD5.
• There is known bug which affects EDGE upgrade when incorrect ciphers are configured. VMware KB NSX Edge is unmanageable after upgrading to NSX 6.2.3 explain steps needed to check it and/or change it before the upgrade.
• Familiarize yourself with Update sequence for vSphere 6.0 and its compatible VMware products.
• Backup of components:
• Take a backup of NSX Manager (if you are not doing it regularly) before the upgrade.
• Before upgrading download technical support logs.
• Export of vSphere Distributed Switches configuration. Check out my Git repository for the detailed script.
• Create a backup of vCenter Server database.
• Take a snapshot of vCenter Server and vCenter Server database.
• Take a snapshot of NSX Manager (without quiescing VMware Tools, because it is not supported and it might crash your NSX Manager).

3, 2, 1 - Go!

Upgrade of NSX Manager

1. Download NSX upgrade bundle.
   
2. Login to NSX Manager and go to Upgrade section.
3. Click on Upgrade button, specify a location of upgrade bundle and click Continue.
4. It will take few minutes to upload it.
   
5. Choose if you want to enable SSH and participate in Customer Experience Improvement Program (CEIP). Click Upgrade to proceed.
6. Upgrade takes a while so be patient. In my lab, it took 15 minutes.
7. GUI reports that upgrade was done.
8. Go back to vSphere Web Client and go to Networking&Security. After logging in I immediately noticed new section Dashboard.

NSX Controllers Upgrade

1. To continue upgrade click on Installation and hit Upgrade Available button.
2. Confirm that we want to proceed with Controllers upgrade.
   
3. It will take few moments to upgrade controllers. In my case, it was ~15 minutes per controller.
4. Once all controllers upgraded and the reboot is finished, green status is displayed.

VMware ESXi NSX VIBs Upgrade

1. Navigate to Installation section and click Host Preparation.
2. Click on Upgrade Available in every cluster you are using NSX and confirm Upgrade by clicking Yes.
   
3. In vSphere Client uninstalls and install tasks are visible.
4. To finish with upgrade ESXi hosts have to be rebooted.

NSX Edge Services Gateway and Distributed Logical Router Upgrade

1. Next step is to upgrade Edge Services Gateway and Distributed Logical Router. In my environment, I have only ESG deployed so we will proceed with the upgrade of it.
2. Please remember that there might be service interruption depending on a configuration used in environment.
3. In vSphere Web Client in current tasks, it is visible, that two temporary new Edge Services Gateways deployment is in progress.
4. After two minutes Edge Services Gateways upgrade to 6.2.3 is completed.
5. Same procedure should be used to perform an upgrade of Distributed Logical Routers.

Post-Upgrade Checklist

• Check if NSX Manager is working.
• Check if NSX Manager backup is working.
• Check if NSX VIBs are installed on ESXi host.
• Resynchronize the host message bus.
• Remove snapshot from NSX Manager.
• Remove snapshot from vCenter Server.
• Remove snapshot from vCenter Server database.

Documentation:

• Upgrade from NSX 6.1.x or 6.2.x to NSX 6.2.x
• Update sequence for vSphere 6.0 and its compatible VMware products
• NSX Edge is unmanageable after upgrading to NSX 6.2.3