Upgrade Apstra on New VM (VM-VM)
By upgrading Apstra on a new VM, you'll receive Ubuntu Linux OS fixes, including security vulnerability updates. To upgrade the Apstra server you need Apstra OS admin user privileges and Apstra admin user group permissions.
Step 1: Pre-Upgrade Validation
Step 2: Deploy New Apstra Server
If you customized the /etc/aos/aos.conf
file in the old
Apstra server (for example, if you updated the metadb
field
to use a different network interface), you must re-apply the changes to the
same file in the new Apstra server VM. It's not migrated automatically.
Step 3: Import State
If you perform any API/GUI write operations to the old Apstra server after you've started importing the new VM, those changes won't be copied to the new Apstra server.
Step 4: Import State for Intent-Based Analytics
As of Apstra 5.0.0, we no longer assign tags to probes and stages or support
the evpn-host-flap-count
telemetry service.
To remove or disable any widgets or probes for intent-based analytics, add the
following arguments to the sudo aos_import_state
command.
-
To remove widgets that are not being used in any dashboards, add the
--iba-remove-unused widgets
argument. -
As of Apstra 5.0.0, we no longer assign tags to probes and stages. To remove tags from probes and stages, add the
--iba-remove-probe-and-stage-tags
argument. -
To add a serial number to non-unique probe labels, add the
--iba-number-non-unique-probe-labels
argument. -
To add a serial number to non-unique dashboard labels, add the
--iba-number-non-unique-dashboard-labels
argument. -
As of Apstra 5.0.0, we no longer support the
evpn-host-flap-count
service. To disable any non-predefined probes that use this service, add the
argument.--iba-disable-probe-with-evpn-host-flap-count-service
-
To remove any leading and/or trailing white space(s) from dashboard labels and their widget labels, add the
--iba-strip-dashboard-labels-widget-labels
argument. -
To remove any leading and/or trailing white space(s) from probe labels and their processor names, add the
--iba-strip-probe-labels-processor-names
argument.
Step 5: Keep Old VM's IP Address (Optional)
If you want to keep the old VM's IP address you must perform the following extra steps before changing the Operation Mode and upgrading the devices' agent.
Step 6: Change Operation Mode to Normal
When you initiate an Apstra server upgrade, the operation mode changes from Normal to Maintenance automatically. Maintenance mode prevents any offbox agents from going online prematurely. No configuration is pushed and no telemetry is pulled. At this point, if you decide to continue using the previous Apstra version instead of upgrading, you could just shut down the new Apstra server. If you decide to complete the upgrade, change the mode back to Normal.
Step 7: Upgrade Onbox Agents
The Apstra server and onbox agents must be running the same Apstra version. If versions are different the agents won't connect to the Apstra server.
If you're running a multi-state blueprint, especially 5-stage, we recommend that you upgrade agents in stages: first upgrade superspines, then spines, then leafs. We recommend this order because of path hunting. Instead of routing everything up to a spine, or from a spine to a superspine, it's possible for routing to temporarily go from leaf to spine back down to another leaf and back up to another spine. To minimize the chances of this happening, we recommend upgrading devices in stages.
Step 8: Shut Down Old Apstra Server
- Update any DNS entries to use the new Apstra server IP/FQDN based on your configuration.
- If you're using a proxy for the Apstra server, make sure it points to the new Apstra server.
-
Gracefully shut down the old Apstra server. You will have been asked if you
want the old Apstra server shut down; if you responded yes, then the
service aos stop
command is run automatically to shut down the old Apstra server for you. - If you're upgrading an Apstra cluster and you replaced your worker nodes with new VMs, shut down the old worker VMs as well.
If the NOS versions of your devices are not qualified on the new Apstra version, upgrade them to a qualified version. (See the Juniper Apstra User Guide for details.)