To see other posts in this series go here.
This section deals with upgrading from older versions of vShield to NSX. The simple answer is there is a specific order that must be followed. Upgradeds from vShield require version 5.5. Most of it is in the GUI via vCenter except the vShield Manager which will be replaced by NSX Manager. Most of these processes roughly follow the documented process in this document.
Products name translation:
Roughly here are the old names to new names or new service providing function:
vShield Manager -> NSX Manager
Virtual Wires -> NSX Logical Switch
vShield App -> NSX Firewall
vShield -> NSX Edge
vShield Endpoint ->vShield Endpoint
Data security -> NSX Datasecurity
Practicing this process:
Unless you want to take a few hours configuring all vShield products it’s hard to practice. You can do the upgrade from vShield Manager to NSX manager really quickly. Just download the vShield Manager and setup with the following:
- Deploy OVF
- Power on
- Console login as admin with password of default
- type enable with password of default
- type setup
- Setup your IP settings
- Wait 5 minutes
- Login via IP with web browser and do upgrade
The rest of the upgrade requires you understand vShield products which is not required for NV so I vote you skip it and be familiar with process, order and requirements.
Objective 1.2 Denotes the following items:
Upgrade vShield Manager 5.5 to NSX Manager 6.x.
Upgrading vShield Manager to NSX Manager can only be done from version 5.5 of vShield. It also requires the following things:
- vCenter 5.5
- vShield Data Security uninstalled
- vShield Edges be upgraded to 5.5
Process:
- Download the NSX upgrade bundle called vCNS to NSX for vSphere xxx Upgrade Bundle
- Login to vShield Manager and click Settings & Reports
- Click Updates tab and click upload upgrade bundle
- Click Choose file Browse to the vCNS to NSX for vSphere xxx Upgrade Bundle and click open
- Click Upload file – this process will take some time
- Click Install to begin the upgrade process
- Click confirm install – this will reboot the vShield manager – none of the other components are rebooted
- After upgrade visit the ip address of your vShield manager again via https
- Login and look at summary page to confirm you are running NSX Manager
- Log off all windows and close your browser to clear cache
- Login to vSphere Web client
- Shutdown your NSX Manager vm and increase memory to 12GB and vCPU to 4
Upgrade NSX Manager 6.0 to NSX Manager 6.0.x
Upgrade Virtual Wires to Logical Switches
Virtual wires must be upgraded to NSX logical switches to use NSX features. The process is required even if you don’t use virtual wires. In order for this to work you need to upgrade your vShield manager to NSX manager and make sure it’s connected to vSphere.
Process
- Login to Web client
- Networking and Security Tab click install
- Click host prepare
- Virtual wires will show as Legacy
- Click update on each wire
- Wait for them to show green and no longer legacy
Upgrade vShield App to NSX Firewall
You can only upgrade vShield App 5.5 to NSX. It requires that vShield manager be upgraded to NSX manager and virtual wires upgraded to NSX logical switches.
- A pop up window should ask if you want to upgrade
- Click update and wait
- Done
Upgrade vShield 5.5 to NSX Edge 6.x
This upgrade requires the following:
- vShield 5.5
- NSX Manager
- Virtual wires upgraded to NSX logical switches
Processes:
- Login to web client
- Networking & Security tab
- NSX Edges button
- Select upgrade version from actions menu on each edge
- After compete check the version number tab
Upgrade vShield Endpoint 5.x to vShield Endpoint 6.x
This upgrade requires the following:
- vShield Manager upgraded to NSX Manager
- Virtual wires upgraded to NSX Logical switches
Process:
- Login to web client
- Networking & Security tab
- Click Installation
- Click Service deployments tab
- Click on upgrade available
- Select datastore (must be shared) and network and ok
Upgrade to NSX Data Security
There is no clean upgrade path you have to remove before install of NSX manager. You have to re-register the solution with NSX if available.