Overview
Before you upgrade the Cisco HX Data Platform and the Cisco UCS server firmware in your Cisco HyperFlex System, consider the guidelines, best practices, and recommendations listed in this chapter.
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Before you upgrade the Cisco HX Data Platform and the Cisco UCS server firmware in your Cisco HyperFlex System, consider the guidelines, best practices, and recommendations listed in this chapter.
See Resolved Caveats and Open Caveats before upgrading and review the New Features for this release. Refer to the latest Cisco HX Data Platform Release Notes.
Review supported versions and system requirements. See the following:
Important |
|
Back up the configuration into an All Configuration backup file. See Cisco UCS Manager Backing Up and Restoring the Configuration Guide for the detailed steps.
Before you perform firmware updates, use the Cisco UCS Manager Firmware Management interface to download relevant images to the fabric interconnect. Images are stored in bootflash partitions in the fabric interconnect. See Downloading Software for more details.
An ESXi upgrade may be required when upgrading to newer Cisco HyperFlex HX Data Platform versions. See the supported versions for each HX Data Platform version in Recommended FI/Server Firmware - 3.5(x) Releases.
Keep SSH enabled on all ESXi Hosts.
Disable Cisco HyperFlex Smart Call Home. For more information, see the Cisco HyperFlex Smart Call Home Quick Start Guide.
Only default TCP/IP stack is supported for vMotion vmkernel adapters.
Enable vMotion so that the VMs can be moved automatically during the upgrade and MTUs are set as required in the environment. See Configuring vMotion Interfaces for details on adding VMkernel interface.
Verify that the HyperFlex cluster is healthy. See HyperFlex Node Upgrade Validations for more details.
Verify that the cluster is in lenient mode. If not, set the cluster to lenient mode, refer Configure Lenient Mode.
HX REST API Access Token Management – Applications leveraging HX REST APIs should re-use access tokens when making API calls. Once obtained using the AAA Obtain Access Token API, access tokens are valid for 18 days (1,555,200 seconds). In a 15 minute window, /auth should be invoked (successfully) a maximum of 5 times only and a user should create a maximum of 8 unrevoked tokens. For more information, see Cisco HyperFlex Systems REST API Reference guide.
The following list is a highlight of critical criteria for performing an upgrade of your HyperFlex system.
Upgrade Considerations for configurations using SFP-H25G-CU3M or SFP-H25G-CU5M cables— If your configuration is a Fabric Interconnect 6400 connected to VIC 1455/1457 using SFP-H25G-CU3M or SFP-H25G-CU5M cables, then do not use the recommended UCS version of 4.0(4i) release. You must use UCS release 4.1(2a) with a qualified HXDP 3.5 or 4.0 version or the cluster may experience an outage. For information on any UCS issues that may affect your environment, see Release Notes for UCS Manager, Firmware/Drivers, and Blade BIOS.
Hypercheck Health Check Utility— Cisco recommends running this proactive health check utility on your HyperFlex cluster prior to upgrade. These checks provide early visibility into any areas that may need attention and will help ensure a seamless upgrade experience. For more information see the Hyperflex Health & Pre-Upgrade Check Tool TechNote for full instructions on how to install and run Hypercheck.
CPU upgrade from First Generation Intel Xeon Scalable Processors to Second Generation Intel Xeon Scalable Processors is not supported
—In place CPU upgrade or swap from First Generation Intel Xeon Scalable Processors to Second Generation Intel Xeon Scalable Processors (for example, HX-CPU-6148 to HX-CPU-I6248) is not supported for HX converged nodes.
Cluster Readiness for HX Release 3.5(2a) and later— Upgrades in HX 3.5(2a) and later are automatically bootstrapped using the HX Connect UI. For more information, see the Cisco HyperFlex Systems Upgrade Guide.
Upgrade to the latest Witness VM for Stretch Clusters only—For customers implementing stretch clusters on Cisco HX Data Platform release 3.5(2f), upgrading to the latest Witness VM - 1.0.6 is mandated.
Required vCenter upgrade—For enhanced security, Cisco HX Data Platform release 3.5(1a) or later requires the use of TLS 1.2. Therefore, vCenter must be upgraded to 6.0 U3f or later before upgrading to HX 3.5. In addition, ESXi should be upgraded as required to meet HX Data Platform compatibility requirements.
Complete your Upgrade―The self-healing (or rebalance) capability is disabled temporarily during the upgrade window; If the upgrade fails, you should complete the upgrade as soon as possible.
Unsupported Self-Encrypting Drives (SEDs)—If adding or replacing self-encrypting drives (SEDs) that have been recently qualified in newer versions of HX Data Platform, insert the new drives only after upgrading HX Data Platform to a compatible version.
Maintenance Window—If upgrading both HX Data Platform and UCS firmware, either a combined or split upgrade can be selected through the vSphere HX Data Platform Plug-in depending on the length of the maintenance window. Cisco UCS Manager infrastructure upgrade is only supported using AutoInstall and the direct server firmware upgrade should be performed only through the upgrade orchestration framework provided by the HX Data Platform Plug-in.
M4 Server Firmware Upgrades—Server firmware should be upgraded to ensure smooth operation and to correct known issues. Specifically, newer SAS HBA firmware is available in this release and is recommended for long-term stability.
Note |
|
M5 Server Firmware Upgrades—M5 generation servers must run firmware version 3.2(2d) or later.
Firmware Downgrades — Downgrading UCSM from the HX-installer is not supported.
Uplinks from the UCS Fabric Interconnects to all top of rack switch ports must configure spanning tree in edge trunk or portfast edge mode depending on the vendor and model of the switch. This extra configuration ensures that when links flap or change state, they do not transition through unnecessary spanning tree states and incur an extra delay before traffic forwarding begins. Failure to properly configure FI uplinks in portfast edge mode may result in network and cluster outages during failure scenarios and during infrastructure upgrades that leverage the highly available network design native to HyperFlex.
Upgrade Reminder for HyperFlex Clusters Running Versions 3.0(1x) or 3.5(1x)—HyperFlex versions 3.0(1x) and 3.5(1x) are unsupported and have been declared end-of-life as documented in the End-of-Life notice. For more information see Software Advisory for CSCvt22244.
Minimum HXDP version for upgrade—HX Data Platform clusters running 2.1(1x) or later may upgrade directly to 3.5 using the vCenter plug-in.
Initiating Upgrade―Use the HX Connect UI or CLI stcli
commands when upgrading from 2.5(1a) or later releases. Use either the CLI stcli
commands or the HX Data Platform Plug-in to the vSphere Web Client when upgrading from a pre-2.5(1a) release. The vCenter
plug-in should not be used for upgrades starting with the 2.5(1a) release.
Minimum HXDP version for upgrade—HX Data Platform clusters running 1.8(1f) or later may upgrade directly to 3.0.
HX Data Platform 1.7.x, 1.8.x, 2.0 and 2.1x clusters—Users from any version prior to 2.6(1a) must step through an intermediate version before upgrading to 3.5x or later releases. If you need to upgrade your environment from a Cisco HyperFlex HX Data Platform software release that is past the last date of support, to the latest suggested release on the Cisco Software Download site, see Cisco HyperFlex Systems Upgrade Guide for Unsupported Cisco HX Releases. For more information, see the Software Advisory for CSCvq66867: WARNING: Only Use HXDP 2.6(1e) Upgrade Package When Upgrading From HXDP 1.8(1a)-1.8(1e).
HX Data Platform 2.6(1x) and higher to 3.5(2x) clusters: Direct upgrade to 3.5(2x) is supported—Users from any version prior to 2.6(1x) must step through an intermediate version before upgrading to 3.5(2x) or later releases. If you need to upgrade your environment from a Cisco HyperFlex HX Data Platform software release that is past the last date of support, to the latest suggested release on the Cisco Software Download site, see Cisco HyperFlex Systems Upgrade Guide for Unsupported Cisco HX Releases. For more information, see the Software Advisory for CSCvq66867: WARNING: Only Use HXDP 2.6(1e) Upgrade Package When Upgrading From HXDP 1.8(1a)-1.8(1e).
Required vCenter upgrade—For enhanced security, Cisco HX Data Platform release 3.0(1a) and later requires the use of TLS 1.2. Therefore, vCenter must be upgraded to 6.0 U3c or later before upgrading to Cisco HX Data Platform release 3.0. In addition, ESXi should be upgraded as required to meet HX Data Platform compatibility requirements.
Cluster Readiness—Ensure that the cluster is properly bootstrapped and the updated plug-in is loaded before proceeding. Manual cluster bootstrap is required for HX releases earlier than 3.5(1a). For more information, see the Manual Bootstrap Upgrade Process in the Cisco HyperFlex Systems Upgrade Guide for VMware ESXi, Release 3.5. Do not skip this cluster bootstrap step, it is required for all upgrades until HX Release 3.5(1a). Auto bootstrap is supported beginning with HX release 3.5(1a). For more information, see the Auto Bootstrap Upgrade Process from HX Connect UI in the Cisco HyperFlex Systems Upgrade Guide for VMware ESXi, Release 3.5.
vSphere 5.5 Upgrades—Users on vSphere 5.5 must upgrade to 6.0 U3/6.5 U1 before starting HX Data Platform upgrade. vSphere 5.5 support was deprecated with HX Data Platform 2.5(1a) and upgrade fails if attempted.
For HX220 users running 5.5, contact TAC for upgrade assistance.
For HX240 users running 5.5, upgrade components in the following order.
Upgrade vCenter to 6.0 U3f or later. If upgrading to 6.5, you must upgrade your vCenter in place. Using a new vCenter 6.5 is not supported for users migrating from 5.5.
Upgrade ESXi to 6.0/6.5 using the offline zip bundle.
Note |
During upgrade, it might be necessary to reconnect ESXi host manually in vCenter after ESXi upgrade and host reboot. |
Upgrade HX Data Platform (and optionally the UCS firmware).
If Upgrading to vSphere 6.5:
Certain cluster functions such as native and scheduled snapshots, ReadyClones, and Enter or Exit HX Maintenance Mode will not operate from the time the upgrade is started until the HX Data Platform upgrade to 3.5 or later is complete.
After upgrading ESXi using the offline zip bundle, use the ESX Exit Maintenance Mode option. The HX Exit Maintenance Mode option does not operate in the vSphere Web Client until the HX Data Platform upgrade is complete.
vSphere 6.0 VMware’s last day of general support for vSphere 6.0 occurred on March 12, 2020. HXDP will continue to support vSphere 6.0 U3 on both 3.5(2x) and 4.0(2x) long lived releases. However, no bug or security fixes will be provided by VMware or Cisco for ESXi going forward due to reaching the last day of support. Cisco TAC will continue to support customers to the best of their ability on ESXi 6.0 builds that have already been released. Cisco strongly recommends upgrading as soon as possible to a supported VMware vSphere 6.5 or 6.7 release and follow Cisco’s recommendations as outlined in Recommended Cisco HyperFlex HX Data Platform Software Releases - for Cisco HyperFlex HX-Series Systems.
vSphere 6.0 Upgrades—Users on vSphere 6.0 migrating to 6.5, upgrade components in the following order:
Upgrade HX Data Platform and UCS firmware.
Upgrade HX Data Platform and ESXi.
Upgrade HX Data Platform only first, then upgrade ESXi or UCS firmware or both.
M4/M5 Mixed Domains—A mixed domain occurs when a new, separate M5 cluster is installed under the same UCS domain that contains existing M4 cluster(s). Under these conditions, orchestrated UCS server firmware upgrade will not operate until Cisco HX Data Platform, Release 2.6 or later is installed on the M4 clusters. Therefore, it is best practice to first upgrade UCS server firmware to the latest 3.1(3) or 3.2(2) patch release before adding a new M5 cluster to the existing UCS domain. Additionally, any 1.7 HX Data Platform clusters must first be upgraded before adding any new M5 clusters to the same domain.
Cisco HX Data Platform 2.1(1b) with Self-Encrypting Drives (SEDs)—Upgrading SED-ready systems running 2.1 requires UCS infrastructure and server firmware upgrades. For more information, see Field Notice (70234) and CSCvk17250.
Admin User Account - Users may need to reset the cluster admin password if upgrading from a cluster initially deployed with Cisco HX Data Platform, Release 1.7, or if the password was manually changed after deployment. For more information, see the Cisco HyperFlex Systems Upgrade Guide.
The HX components—Cisco HX Data Platform Installer, Cisco HX Data Platform, and Cisco UCS firmware—are installed on different servers. Verify that each component on each server used with and within an HX Storage Cluster are compatible.
HyperFlex does not support UCS Manager and UCS Server Firmware versions 4.0(4a), 4.0(4b), and 4.0(4c).
Important |
Do not upgrade to these versions of firmware. Do not upgrade to these versions of UCS Manager. |
Verify that the preconfigured HX servers have the same version of Cisco UCS server firmware installed. If the Cisco UCS Fabric Interconnects (FI) firmware versions are different, see the Cisco HyperFlex Systems Upgrade Guide for steps to align the firmware versions.
M4: For NEW hybrid or All Flash (Cisco HyperFlex HX240c M4 or HX220c M4) deployments, verify that Cisco UCS Manager 3.1(3k), 3.2(3i), or 4.0(2d) is installed.
M5: For NEW hybrid or All Flash (Cisco HyperFlex HX240c M5 or HX220c M5) deployments, verify that the recommended UCS firmware version is installed.
Important |
If you are upgrading Cisco UCS Manager 4.0(2a) or 4.0(2b) in the presence of more than one Nvidia GPUs, please remove the GPUs, perform the upgrade and reinstall. For more details, see CSCvo13678. |
Important |
For SED-based HyperFlex systems, ensure that the A (Infrastructure), B (Blade server) and C (Rack server) bundles are at Cisco UCS Manager version 4.0(2b) or later for all SED M4/M5 systems. For more details, see CSCvh04307. For SED-based HyperFlex systems, also ensure that all clusters are at HyperFlex Release 3.5(2b) or later. For more information, see Field Notice (70234) and CSCvk17250. |
To reinstall an HX server, download supported and compatible versions of the software. See the Cisco HyperFlex Systems Installation Guide for VMware ESXi, Release 3.5 for the requirements and steps.
HyperFlex Release |
M4 Recommended FI/Server Firmware *(be sure to review important notes above) |
M5 Recommended FI/Server Firmware *(be sure to review important notes above) |
M4/M5 Qualified FI/Server Firmware *(be sure to review important notes above) |
---|---|---|---|
3.5(2i) |
4.0(4k) |
4.0(4k) |
4.0(4k), 4.0(4l), 4.1(1d), 4.1(1e), 4.1(2a)*, 4.1(2c), 4.1(3b), 4.1(3c) |
3.5(2h) |
4.0(4k) |
4.0(4k) |
4.0(4k), 4.0(4l), 4.1(1d), 4.1(1e), 4.1(2a)*, 4.1(2c), 4.1(3b) |
3.5(2g) |
4.0(4k) |
4.0(4k) |
4.0(4h), 4.1(1d), 4.1(1e), 4.1(3b) |
3.5(2f) |
4.0(4e) |
4.0(4e) |
|
3.5(2e) |
4.0(4e) |
4.0(4e) |
4.0(4g), 4.1(3b) |
3.5(2d) |
4.0(4e) |
4.0(4e) |
4.1(3b) |
3.5(2c) |
Release Deferred |
||
3.5(2b) |
4.0(2d), 3.2(3i), 3.1(3k) |
4.0(2d) |
4.1(3b) |
3.5(2a) |
4.0(1c), 3.2(3i), 3.1(3k) |
4.0(1c) |
4.1(3b) |
3.5(1a) - Unsupported |
4.0(1b), 3.2(3h), 3.1(3j) |
4.0(1a) |
*UCS Server Firmware 4.1(2a) is not supported on clusters with self-encrypting drives (SED). For more information, see CSCvv69704.
Important |
If your cluster is connected to a Fabric Interconnect 6400 series using VIC 1455/1457 with SFP-H25G-CU3M or SFP-H25G-CU5M cables, only use UCS Release 4.0(4k) and later, or 4.1(2a) and later. Do not use the any other UCS version listed in the table of qualified releases. Using a UCS Release that is not UCS Release 4.0(4k) and later, or 4.1(2a) and later may cause cluster outages. Fore more information, see the Release Notes for UCS Manager, Firmware/Drivers, and Blade BIOS for any UCS issues that affect your environment and CSCvu25233. NOTE: If your current server firmware version is not on the recommendation list above, follow the upgrade procedure in the Cisco HyperFlex Systems Upgrade Guide for VMware ESXi, Known Issues chapter. |
If you want to upgrade from a release that is no longer supported, see the Cisco HyperFlex Systems Upgrade Guide for Unsupported Cisco HX Releases.
Cisco HyperFlex does not enforce, or have any dependency on the UCSM upgrade path. For more information about upgrading Cisco USC Manager see the Cisco UCS Install and Upgrade Guides.
Cisco HyperFlex does not enforce, or have any dependency on the VMware ESXi Upgrade path outside of the VMware upgrade guidelines. The recommended VMware ESXi download is located on the Cisco Software Downloads page with your Cisco HyperFlex Software download.
ESXi 5.5 support is deprecated with HXDP 2.5.
If running ESXi 5.5 U3 on HX220, contact TAC for upgrade guidance.
If running ESXi 5.5 U3 on HX240, see Guidelines and Limitations for further details.
If you have the ESXi 6.0 U1 version, we recommend an ESXi upgrade. There is a known VMware issue where the node becomes unresponsive due to a PSOD and OS crash. See VMware KB article, VMware ESXi 6.0, Patch ESXi600-201608401-BG: Updates esx-base, vsanhealth, vsan VIBs (2145664).
Attention |
Upgrade to vCenter 6.0 U3f or later is required, due to TLS 1.2 support. Be sure to upgrade vCenter prior to upgrading the HX cluster. |
Cisco UCS Manager Version |
Cisco HX Data Platform |
|||||||
---|---|---|---|---|---|---|---|---|
3.5(x) |
3.0(1x) |
2.6(1x) |
2.5(1x) |
2.1(1x) |
2.0(1x) |
1.8(1x) |
1.7.x |
|
4.0(1a) |
Yes Supports hybrid, All Flash, M4 and M5 servers |
Yes Supports hybrid, All Flash, M4 and M5 servers |
Yes Supports hybrid, All Flash, M4 and M5 servers |
— |
— |
— |
— |
— |
3.2(3g) |
Yes Supports hybrid, All Flash, M4 and M5 servers |
Yes Supports hybrid, All Flash, M4 and M5 servers |
Yes Supports hybrid, All Flash, M4 and M5 servers |
— |
— |
— |
— |
— |
3.2(3g) |
Yes Supports hybrid, All Flash, M4 and M5 servers |
Yes Supports hybrid, All Flash, M4 and M5 servers |
Yes Supports hybrid, All Flash, M4 and M5 servers |
— |
— |
— |
— |
— |
3.2(3d) |
Yes Supports hybrid, All Flash, M4 and M5 servers |
Yes Supports hybrid, All Flash, M4 and M5 servers |
Yes Supports hybrid, All Flash, M4 and M5 servers |
— |
— |
— |
— |
— |
3.2(2d) |
Yes Supports hybrid, All Flash, M4 and M5 servers |
Yes Supports hybrid, All Flash, M4 and M5 servers |
Yes Supports hybrid, All Flash, M4 and M5 servers |
Yes Supports hybrid, All Flash and M4 servers |
Yes Supports hybrid, All Flash, and M4 servers |
Yes Supports hybrid, All Flash and M4 servers |
Yes |
— |
3.1(3j) |
Yes Supports hybrid, All Flash, M4 and M5 servers |
Yes Supports hybrid, All Flash, and M4 servers |
Yes Supports hybrid and All Flash |
Yes Supports hybrid and All Flash |
Yes Supports hybrid and All Flash |
Yes Supports hybrid and All Flash |
Yes |
— |
3.1(3h) |
Yes Supports hybrid, All Flash, M4 and M5 servers |
Yes Supports hybrid, All Flash, and M4 servers |
Yes Supports hybrid and All Flash |
Yes Supports hybrid and All Flash |
Yes Supports hybrid and All Flash |
Yes Supports hybrid and All Flash |
Yes |
— |
3.1(3f) |
Yes Supports hybrid, All Flash, M4 and M5 servers |
Yes Supports hybrid, All Flash, and M4 servers |
Yes Supports hybrid and All Flash |
Yes Supports hybrid and All Flash |
Yes Supports hybrid and All Flash |
Yes Supports hybrid and All Flash |
Yes |
— |
3.1(3c) |
Yes Supports hybrid, All Flash, M4 and M5 servers |
Yes Supports hybrid, All Flash, and M4 servers |
Yes Supports hybrid and All Flash |
Yes Supports hybrid and All Flash |
Yes Supports hybrid and All Flash |
Yes Supports hybrid and All Flash |
Yes |
— |
3.1(2g) |
— |
— |
Yes Supports hybrid and All Flash |
Yes Supports hybrid and All Flash |
Yes Supports hybrid and All Flash |
Yes Supports hybrid and All Flash |
Yes |
— |
3.1(2f) |
— |
— |
— |
— |
— |
Yes Supports hybrid and All Flash |
Yes |
— |
3.1(2b) |
— |
— |
— |
— |
— |
Yes Supports hybrid |
Yes |
— |
SED-ready systems are HyperFlex clusters running HXDP 2.1(1b) with self encrypting drives (SEDs) installed. UCS Manager must be upgraded to 3.1(3c) or later. In addition, UCS server firmware (C-bundle) must be upgraded to 3.1(3c) or later. Either combined or split upgrade may be used, so long as all the cluster nodes are upgraded prior to enabling key management in HX Connect.
Caution |
During an upgrade, a flag-based check (True/False) is used to determine is the system is SED capable or not. If the system is SED-ready, this flag ( set to true) will not allow the non-SED systems to become part of the cluster. If there is an issue when SED capability information for cluster is gathered, the upgrade script might toggle this flag to the default value (False). In which case, all the SED drives on the node are replaced with non-SED disks and the upgrade proceeds with non-SED disks as well. Eventually, this may result in the risk of writing data on that node in unencrypted form. |
Before you begin upgrade of a Cisco HyperFlex System, consider the following cautions, guidelines, and limitations.
Important |
|
If you are running HyperFlex release 3.5(1a) or later, you can upgrade the Cisco HX Data Platform by performing the auto-bootstrap process from the HX Connect UI (Auto Bootstrap Upgrade Process from HX Connect UI).
Cisco recommends using GUI upgrade over CLI for ease of use and better reporting.
When Upgrade is complete, for each browser interface you use, empty the cache and reload the browser to page to refresh the HX content.
Ensure that all nodes (including compute nodes) are up and running and the cluster is healthy before starting an upgrade or other maintenance activities.
The Cisco HX Data Platform and Cisco UCS firmware bundles must be compatible. Refer UCS Hardware and Software Compatibility Matrix for more details.
For a split upgrade, Cisco HX Data Platform should be updated first before updating the Cisco UCS firmware.
During online upgrade, as one node is being upgraded (put into maintenance mode), the number of tolerated node failures is reduced based on the Data Replication Factor and Access Policy settings.
Only default TCP/IP stack is supported for vMotion vmkernel adapters.
All endpoints in a Cisco HyperFlex domain must be fully functional and all processes must be complete before you begin a firmware upgrade on those endpoints. For example, the firmware on a server that has not been discovered cannot be upgraded or downgraded. Each endpoint is a component in the Cisco HyperFlex domain that requires firmware to function.
In a three node cluster, if you shut down one node or put into maintenance mode it makes the cluster unhealthy, but the cluster is still online. If you need to perform manual maintenance, put the hosts in maintenance mode one at a time and move to the next host only after the cluster is healthy. For HXDP and UCS server firmware upgrades, this process is automatic.
Note |
You cannot remove a node from 3-node cluster by doing stcli node remove operation. To replace a node on a 3-node cluster, please contact Cisco TAC for assistance with the node replacement procedure. |