Upgrade Checklist of the Controller and Gateway Upgrade
This topic provides an overview of the upgrade to-do list of the tasks before you begin your upgrade, during your upgrade, and after the upgrade.
Before the Controller and Gateway Upgrade, perform the following steps:
Perform the Pre-upgrade Tasks for Controller and Gateways
Perform all the Pre-upgrade Tasks for Controller and Gateways before your upgrade.
Understanding the Release Contents
To understand the contents and potential impact of upgrading to a specific software release, see Aviatrix Controller and Gateway Image Release Notes.
To understand the contents and potential impact of upgrading to a specific image release, see Aviatrix Controller and Gateway Image Release Notes.
Verify DNS Settings
The Aviatrix Controller must have a reliable DNS resolution service available. Aviatrix recommends using the default 8.8.8.8 for the DNS IP address. Using the default address is not required, but your network must be able to resolve public names and have uninterrupted access to the DNS name resolver.
AWS and Azure DNS Settings
If the Controller is running on AWS or Azure, you can go to the controller Settings for the DNS and Disable the VPC or VNET DNS Server to force the Controller to use 8.8.8.8.
Verify Public Internet Access
Verify access to the public internet from the Aviatrix Controller. The Controller must be open for inbound traffic on port 443 and outbound traffic on port 22. Aviatrix recommends you enable security groups to restrict access. Go to the Network tab on the Diagnostics page under Troubleshooting and perform the following tasks.
-
Ping a widely known public hostname or IP address with the Controller Utility.
-
Ping security.aviatrix.com from the TCP/443 port with the Network Connectivity Utility.
-
Ping www.github.com from the TCP/443 port with the Network Connectivity Utility.
-
Ping www.github.com from outbound TCP/22 on Controller with the Network Connectivity Utility.
Verify Account Permissions and Access
Go to the Accounts page and perform the following tasks.
-
Go to the Accounts Audit tab under Accounts and perform an Account Audit. Correct any reported issues.
-
Verify all accounts can access all connected cloud resources.
-
Verify the Aviatrix primary access account is available and that the account credentials are valid.
-
The IAM policies must be configured as recommended by Aviatrix. For more information, see Controller Instance Requirements.
-
If you are migrating your Aviatrix Platform Controller to a new image, verify the new image has all required accounts and permissions before migrating the Controller. If you are restoring an image from a backup, the required accounts and permissions should all be available. Migration operations fail if there is not at least one Aviatrix backup file available.
Verify Controller and Gateway Status
Go to the Controller Dashboard and check the status of the Aviatrix Platform Controller and gateways.
-
Verify all gateways are up and the status is green.
-
Verify all tunnels are up and the status is green.
(AWS Specific) Upgrade Checklist
Verify Controller HA Version
You should be running the latest version of the Controller HA application before upgrading. If there is a newer version of Controller HA available, you should upgrade by disabling and re-enabling the Controller HA feature. For more information, see AWS High Availability.
Verify Controller HA is Disabled
If you use Controller HA you will need to disable your HA configuration before upgrading Controller. If you do not disable Controller HA before upgrading, the system deploys a new Controller and restores the most recent backup.
Settings for t2 and t3 Instances
If your Aviatrix Controller is in AWS and running on a t2 or t3 instance type and you are planning a platform image upgrade, you must set the T2/T3 Unlimited attribute to enabled. For more information, see Unlimited mode concepts.