The information below is a living document about the use of VMware’s NSX. As always, double-check the official documentation as this page may be out of date over time.
- NSX 6.3.3 converts controllers to Photon OS
How to check the NSX Controller Status
Login to the console or SSH directly to each controller:
show control-cluster status
- Join status should be Join Complete
- Majority Status should be Connected to cluster majority
- Cluster ID should be equal on all nodes in the cluster.
- Configured Status should all be enabled
- Active Status should all be activated
Upgrade Order and Notes
- Upgrade other components (View/PSC/VRA/VCM/VRB/VCD). Check the official VMware update sequence KB.
- Upgrade NSX Manager
- Upgraded with an update tar file by connecting directly to https on the NSX manager VM. There’s an update option within there. Be sure to restart the vSphere Web Client service so the new NSX web client plugin is updated.
- Upgrade NSX Controller Cluster
- vCenter Web Client – Home – Networking & Security – Installation – Management tab. Click Upgrade Available in the Controller Cluster Status.
- Upgrade other components (VDP/vCenter/vRO/VR/VUM/vROPs/VIN/vCC/vRLI/BDE/SRM/ESXi). Check the official VMware update sequence KB.
- Upgrade NSX Host Cluster agents on ESXi
- vCenter Web Client – Home – Networking & Security – Installation – Host preparation Tab. For each cluster click Upgrade Available.
- Check the status as you may need to maintenance mode the hosts and/or reboot them after the vibs are updated.
- Upgrade other components (vSAN/VMware Tools).Check the official VMware update sequence KB.
- Upgrade NSX Edges (Older NSX 6.0.x L2 VPN Config must be deleted before upgraded)
- vCenter Web Client – Home – Networking & Security – NSX Edges. For each Edge select Actions menu, then Upgrade Version.
- Upgrade NSX LFw, NSX Guest IDS, View Agent and Clients/vRLI Agents
- Guest Introspection
- vCenter Web Client – Home – Networking & Security – Installation – Service Deployments. Click the Upgrade icon on deployment you want to upgrade.
- Once upgraded you can upgrade partner solutions if needed.
- Upgrade NSX SSL VPN Clients if needed (Starting 6.2.3 TLS 1.0 deprecated so clients may need upgraded)
- Post Install
- Create a backup of NSX Manager within its https interface.
- Check VIBs on ESXi hosts
esxcli software vib get --vibname esx-vxlan
esxcli software vib get --vibname esx-vsip
- If guest introspection is installed
esxcli software vib get --vibname epsec-mux
- Resynch the host message bus
URL : https://<nsx-mgr-ip>/api/4.0/firewall/forceSync/<host-id> HTTP Method : POST Headers: Authorization : base64encoded value of username password Accept : application/xml Content-Type : application/xml