Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Software Installation and Upgrade Overview (Junos OS Evolved)

SUMMARY A Juniper Networks device is delivered with the Juniper Networks operating system (Junos OS Evolved) already installed. When you power on the device, it starts (boots) using the installed software. As new features and software fixes become available, you must upgrade your software to use them.

Before installing software, you must back up the system, including the configuration. You upgrade (or downgrade) the version of the operating system on a device by copying a software installation package to your device and then use the CLI to install the new software on the device. You then reboot the device, which boots from the newly installed software. After a successful upgrade, back up the new software and configuration. See Back up and Recover Software with Snapshots.

Note:

Before installing software on a device that has one or more custom YANG data models added to it, back up and remove the configuration data corresponding to the custom YANG data models from the active configuration. For more information see Managing YANG Packages and Configurations During a Software Upgrade or Downgrade.

To understand more about Junos OS Evolved Software Licensing, see the Juniper Licensing Guide. Please refer to the product Data Sheets accessible from Products & Services for details, or contact your Juniper Account Team or Juniper Partner.

The following sections introduce the overall considerations in upgrading and downgrading the software:

Types of Junos OS Evolved Installation

The two types of installations used to upgrade or downgrade your device are standard installation and recovery. The standard installation is the standard method of upgrading and downgrading the software. You perform a recovery installation when the software on the device is damaged or otherwise unable to accommodate a software upgrade or downgrade.

Standard Installation

A standard installation is the typical method used to upgrade or downgrade software on the server. This method uses the installation package that matches the installation package already installed on the system. For information on the different installation packages available, see Junos OS Evolved Installation Packages.

Recovery Installation

A recovery installation is the method used to repair a device with damaged software or a condition that prevents the upgrade or downgrade of the software.

Multiple Software Versions Available

Junos OS Evolved stores multiple versions of software on the storage media. To see the software packages installed on the system, use the show system software list operational mode command. Junos OS Evolved also allows you to roll back to any of the releases already stored on the system with the request system software rollback operational mode command.

Each version also stores the last configuration file that was running when that release was running. Junos OS Evolved supports a roll back to an alternate image with either the current configuration file or with the configuration snapshot from when the alternate image was last running, using the request system software rollback image-name with-old-snapshot-config operational mode command.

Node Software Synchronization for Dual-RE Systems

Junos OS Evolved ensures all nodes in a system are running the same software version.

If you insert an RE that has the same current software version as the primary RE into the system, the new RE joins the system. The system automatically synchronizes the configurations and the other software versions from the existing RE to the new RE, even if you have not configured theauto-sw-sync statement.

If you insert an RE that has a different software version into the system, the RE is kept outside the system and the system generates a software mismatch alarm. The alarm specifies the RE name and the version of software on the newly-inserted RE, similar to the following: Software Version Mismatch on re1:junos-evo-install-ptx-x86-64-20.4R2.6-EVO. You need to manually synchronize the REs to bring RE1 back into the system.

You can either manually or automatically synchronize the software versions and configurations to the new RE. Automatic software synchronization is disabled by default. We recommend that you enable automatic software synchronization.

  • To automatically always synchronize the software versions and configurations to the new RE, configure the auto-sw-sync enable statement at the [edit system] hierarchy level. When you configure the auto-sw-sync statement, the system detects the new RE, synchronizes all of the images to the new RE, and reboots the new RE so that the new RE boots up with the same software and the same configuration version as the primary RE and joins the system. Each software image contains the configuration running when that software image was last active.

  • To manually synchronize the software versions and configurations to the new RE, use the request system software sync all-versions operational mode command. All software images and configurations stored with the images are synchronized to the new RE and the system reboots the new RE. When the new RE comes back up, the new RE joins the system.

For a dual-RE system, when the secondary RE boots with a different current image than the primary RE's current image and you have configured the auto-sw-sync enable statement, the primary RE synchronizes the current image to the secondary RE. The primary RE also synchronizes the rollback software image and the other images to the secondary RE. If the current configuration file (juniper.conf.gz) from the primary RE matches the current configuration file on the secondary RE, then the primary RE does not synchronize the rescue configuration (rescue.conf.gz) to the secondary RE.

To synchronize the rescue configuration from the primary RE to the secondary RE, issue the file copy command on the primary RE:

For more information on replacing REs, see Replace a Routing Engine in a Dual-RE System.

Back up the Current System’s Files

Creating a backup of the current system on your device has the following advantages:

  • The device can boot from a backup and come back online in case a component fails or a power failure during an upgrade corrupts the primary boot device.

  • The backup copy of the system saves your active configuration files and log files.

  • The device can recover from a known, stable environment in case of an unsuccessful upgrade.

During a successful upgrade, the upgrade package completely re-installs the existing operating system. It retains the juniper.conf, rescue.conf, SNMP ifIndexes, /var/home, /config/scripts, SSH files, and other filesystem files. The upgrade process removes all other information. Therefore, you should back up your existing system in case you need to return to it after running the installation program.

You create copies of both the software and the configuration running on a device using the request system snapshot command. The request system snapshot command takes a “snapshot” of the files currently used to run the device—the complete contents of the /root, /soft, and /config file systems, which include the current and all rollback software images, the active configuration, and the rescue configuration—and copies all of these files into an alternate (internal solid-state drive) memory source. You can then use this snapshot to boot the device at the next boot up or as a backup boot option. When the backup completes, the current and backup software installations are identical. For a dual-RE system, you should create a snapshot on both the primary and the secondary RE, ensuring a snapshot is available, no matter which RE you use to reboot the device.

Note:

When you issue the request system snapshot command, the system backs up the /root file system and the /config file system to the secondary solid-state drive (SSD). The /root and /config file systems are on the device's primary SSD. The snapshot /root and /config file systems are on the device's secondary SSD.

Determine the Software Installation Package

Juniper Networks delivers software releases in signed packages that contain digital signatures to ensure official Juniper Networks software. To see the information about the software packages currently running on the device, use the show version operational mode command at the top level of the command-line interface (CLI).

Note:

The show version command does not show the software edition, only the release number of the software.

You download software to the /var/tmp directory of your device from the Juniper Networks Software Downloads webpage.

For more information about software packages, see Junos OS Evolved Installation Packages.

Connect to the Console

We recommend that you upgrade all individual software packages using an out-of-band connection from the console or the management Ethernet interface, because in-band connections can drop during the upgrade process.

Console ports allow root access to devices through a terminal or laptop interface, regardless of the state of the device, unless the device is off. By connecting to the console port, you can access the root level of the device, without using the network to which the device might or might not be connected. Connecting to the console port creates a secondary path to the device without relying on the network.

Using the terminal interface provides a technician, who is usually sitting in a NOC a long distance away, the ability to restore a device or perform an initialization configuration securely, using a modem, even if the primary network has failed. Without a connection to the console port, a technician must visit the site to perform repairs or initialization. A remote connection to the device through a modem requires the cable and connector (provided in the device accessory box), plus a DB-9 to DB-25 (or similar) adapter for your modem, which you must purchase separately. For more information about connecting to the console port, see the hardware guide for your particular device.

Validate the Installation Package with the Current Configuration

When you upgrade or downgrade software, we recommend that you validate the configuration with the request system software add operational mode command, to check that the candidate software is compatible with the current configuration. By default, when you add a package with a different release number, the system automatically performs the validation check.

Upgrade Method Impacts on Internal Media

Installation from the boot loader using a USB storage device re-formats the internal media before installation.

Installation using the CLI retains the existing partitioning scheme.

CAUTION:

Upgrade methods that re-format the internal media before installation wipe out the existing contents of the media and the configuration files. You must back up all configuration files in the /config directory and any important data before starting the installation process.

Boot Sequence

Juniper Networks devices start using the installed Junos OS Evolved software. Boot-able copies of the software are stored in two locations: the internal solid-state drive and the removable media (USB). The following subsections discuss the order of the locations the system checks for a valid boot-able operating system.

Boot Order

Junos OS Evolved devices attempt to boot from these storage media in the following order:

  1. Dual, internal SSD devices. First, the system tries to boot from the primary SSD device. If that SSD fails to boot, then the system attempts to boot from the secondary SSD device.

  2. USB device. (If you insert a USB emergency boot device, select USB00 from the Grub menu to boot from the USB device.)

Boot from an Alternate Boot Device

If the device boots from an alternate boot device, when you log in to the device, a message displays indicating the alternate boot device. For example, the following message shows that the software booted from the secondary SSD (/dev/sdb):

Note:

Do not select an emergency boot device during reboot under normal operations. The router does not operate normally when booted from an emergency boot device. Selecting the USB00 option on the Grub menu installs the image from the USB onto the SSD. You must then apply the user configuration.

The system boots from an alternate boot device when the system detects a problem with the primary boot device—usually the primary SSD (/dev/sda)—that prevents the device from booting. Consequently, the system boots from the alternate boot device (the secondary SSD, /dev/sdb). When the system boots from the alternate boot device, the system removes the primary boot device from the list of candidate boot devices. The problem is usually a serious hardware error. We recommend you contact the Juniper Networks Technical Assistance Center (JTAC).

When the device boots from the alternate boot device, the software and the configuration are only as current as the most recent snapshot (taken with the request system snapshot operational mode command).