VCIX-NV Objective 1.2 – Upgrade VMware NSX Components

This post is part of my VMware VCIX-NV Study Guide and covers the upgrade process from vCloud Networking and Security to the NSX Suite.

Documentation

Index

 

Content
 

Upgrade vShield Manager 5.5 to NSX Manager 6.x

Requirements:

  • vCenter 5.5+
  • vShield Data Security has been uninstalled
  • vShield Edges 5.5+

VMware Documentation: Upgrade to NSX Manager

It is possible to upgrade vShield Manager to NSX Manager. Upgrading from vShield to NSX keeps current virtual network configurations in place and enabling the advanced NSX features. The upgrade process is pretty easy and harmless, as described below.

Upgrade vShield Manager to NSX Manager

  • Make sure the requirements on the existing environment are met.
  • Get the vShield Manager Upgrade to NSX Manager bundle.
  • Login to the vShield Manager.
  • Navigate to “Settings & Reports” – “Updates” tab – “Upload Upgrade Bundle”
  • Click “Browse” and select the upgrade bundle, then click “Upload File”.
  • When the upload is finished, navigate to “Update Status” and click the “Install” button. Confirm the upgrade.
  • vShield Manager will use the bundle to upgrade itself, this will take a few minutes.
  • When it this process is done, you can login to the NSX Manager to confirm the upgrade.

 

Upgrade NSX Manager 6.0 to NSX Manager 6.0.x

VMware Documentation: Upgrade NSX Manager from version 6.0 to 6.0.x

Upgrading NSX Manager from 6.0 to 6.0.x is as easy as pie. In the same manner you can upgrade vShield Manager to NSX Manager, you can update NSX Manager to the next version.

NSX Manager 6.0 to NSX Manager 6.0.x

  • Get the NSX Manager upgrade bundle.
  • Login to NSX Manager.
  • Navigate to “Upgrade”, press the “Upgrade” button at the top right, select the upgrade bundle and press “Continue”.
  • Wait until the process completes and the login window reappears.
  • Login to NSX Manager and verify the version at the top right.

 

Upgrade Virtual Wires to Logical Switches

Requirements:

  • vShield Manager has been upgraded to NSX Manager.

VMware Documentation: Upgrade to Logical Switches and Install Network Virtualization Components

Existing Virtual Wires have to be upgrades to Logical Switches to use the NSX features. Even without Virtual Wires this procedure needs to be completed, before NSX features can be used on the ESXi hosts. This upgrade might cause service interruption for your Virtual Wires and ESXi hosts will be put in maintenance mode to install the NSX VIBs, so perform this during a maintenance window.

Upgrade Virtual Wires to Logical Switches

  • Login to your vSphere Web Client.
  • Navigate to “Networking & Security” and select the “Installation” menu. Choose the “Host Preparation” tab.
  • Any clusters coming from vCNS will have “legacy Update” in the “Installation Status” column.
  • Click “Update” and NSX Manager will start pushing the NSX VIBs to the ESXi hosts.
  • Wait until the update process is complete.

 

Upgrade vShield App to NSX Firewall

Requirements:

  • vShield Manager has been upgraded to NSX Manager.
  • vShield Apps are running version 5.5+
  • Your Virtual Wires have been upgrades to Logical Switches, or hosts have been prepared.

VMware Documentation: Upgrade to NSX Firewall

Upgrading the vShield App firewall to the NSX Distributed Firewall will migrate the existing policies. Objects with source ports will be migrated to application sets inside NSX. When the upgrade is finished, you have to edit the policies to make use of the newly created application sets.

Upgrade vShield App to NSX Firewall

  • Login to your vSphere Web Client.
  • Navigate to “Networking & Security” and select the “Installation” menu. Choose the “Host Preparation” tab.
  • After upgrading the Virtual Wires, the “Host Preparation” tab will show the message that the firewall is ready to upgrade.
  • Click the “Upgrade” button. This will take a moment.
  • When this process is done, the “Firewall” column should say “Enabled”.

After upgrading the firewall, check your firewall policies to make sure they are as expected and make any corrections if needed. Also move the object groups to the global scope instead of the policy scope.

 

Upgrade vShield 5.5 to NSX Edge 6.x

Requirements:

  • vShield Manager has been upgraded to NSX Manager.
  • Virtual wires have been upgraded to NSX Logical Switches.

VMware Documentation: Upgrade to NSX Edge

Upgrade your vShield appliances to NSX Edge appliances by using the following procedure.

Upgrade vShield to NSX Edge

  • Login to your vSphere Web Client.
  • Navigate to “Networking & Security” and select the “NSX Edge” menu.
  • The actions menu will display “Upgrade”, click that.
  • After the upgrade is complete, verify the upgrade by checking the version and deploy status next to the NSX Edges.

 

Upgrade vShield Endpoint 5.x to vShield Endpoint 6.x

Requirements:

  • A Distributed vSwitch has been created and all hosts are connected to it.
  • vShield Manager has been upgraded to NSX Manager.
  • Virtual wires have been upgraded to NSX Logical Switches.

VMware Documentation: Upgrade vShield Endpoint

Upgrade vShield Endpoint 5.x to 6.x

  • Login to your vSphere Web Client.
  • Navigate to “Networking & Security” and select the “Installation” menu. Choose the “Service Deployments” tab.
  • Click the “Upgrade Available” option next to your vShield Endpoints.
  • Select the target datastore and network during the upgrade window.

 

Upgrade to NSX Data Security

VMware Documentation: Upgrade to NSX Data Security

There is no upgrade path available for NSX Data Security. You have to uninstall the old vShield Data Security before upgrading to NSX, so before you even start an upgrade to NSX; remove Data Security. If you upgraded vShield Manager to NSX Manager without removing Data Security, you can only remove it using a REST API call to uninstall it.

Data Security policies and reports are migrated to the vSphere Web Client, however scanning is only possible after uninstalling vShield Data Security and installing vSphere Data Security 6.0.



Share the wealth!

1 Comment

  1. Thanks for sharing,

    Regards,

Leave a Reply

Your email address will not be published. Required fields are marked *

© 2024 Lostdomain

Theme by Anders NorénUp ↑