Upgrade the Virtual Appliance

Upgrade the Virtual Appliance

The upgrade process depends on the current version of your Virtual Appliance (VA). Netskope supports upgrading the software for up to two versions ahead of the current version.

Note

Modular upgrades for the OPLP and DPoP are also available. To learn more, see Installing Modular Upgrades for OPLP and DPoP.

Additional packages for appliances are automatically updated with each release, and you can schedule upgrades for these packages as well. To learn more, see: Upgrade the Additional Appliance Packages and Schedule Auto-Upgrade for the Content and Threat Feed Packages.

Appliance Software Version Support

Netskope Appliance software releases are available every 4-months and will have Netskope support up to two previous versions. Direct software upgrades are supported as long as the “from” and “to” software releases are within two versions apart.

To see the upgrade path for the version you wish to upgrade to, go to the Requirements in the Virtual Appliance Release Notes for that version.

Important

Before upgrading your appliance software, Netskope highly recommends that you save the existing configuration of your current appliance version as a backup by exporting the configuration. To learn more, see: Export or Import Configurations.

If your current appliance version is older than 110.0.0, you must upgrade the software up to two versions ahead at a time until you reach the target version. Alternatively, you can deploy a new VA and migrate your data to the latest version.

After upgrading your appliance software, if you want to revert to a previous version, you must install a new VA of the previous version, and import the configurations exported before the upgrade. This method of exporting and importing configuration to revert to a previous version can only be used to revert to versions 110.0.0 or later.

If you want to revert to a version older than 110.0.0, you must install a new VA and manually reconfigure the appliance. Rollback is not supported for some versions of the appliance software. In the appliance CLI, use the show version-info command to check which appliance versions support rollback. If rollback : Not installed is displayed, rollback is unavailable for that version. Use the rollback software-image command to revert back to a previous version.

Upgrading the VA

You can upgrade the VA in the appliance CLI. Run the show version-info command to check the current version of your appliance. You can also run the following command to check for the list of available software from Netskope: upgrade software list.

Before upgrading the VA, make sure of the following:

  • The current version is no older than 110.0.0.
  • Note

    If your current VA version is older than this version, use one of the following methods to upgrade the VA:

  • The upgrade occurs during a maintenance window. The upgrade may take up to an hour and requires a reboot of your system(s).
  • The size of the root partition is 64 GB or higher. For information on increasing the partition size, see Increase the Size of the Partition.
  • There’s at least 42 GB of free space on the /opt/ns/upgrades partition where the upgrade pkg is downloaded.
  • The log partition (/var/ns/docker/mounts/lclw/mountpoint) must have at least 20 GB of free space.
  • The urldbz package is installed on a DPoP appliance. You can verify this by running the show version-info command. For instructions to install the urldbz package, see Upgrade the Additional Appliance Packages.

Use the df command to check the available space on the upgrade and log partitions. If the output of the command shows high disk utilization, then you can delete the older version of the appliance by running the following command: upgrade software delete version <version software>.

Upgrading the Virtual Appliance Package

To upgrade the VA:

  1. Log in to the VA console and at the nsshell prompt, enter the upgrade software list command to check for the list of available software from Netskope.
  2. Enter the upgrade software download version <version number> command to download the software. To check the status of the download, enter the upgrade software status download command.
  3. After the download is complete, enter the upgrade software prepare version <version number> command to prepare the software package. To check the status of the prepare process, enter the upgrade software status prepare command. When the process is complete, the following is displayed: Status: SUCCESS.
  4. Enter the upgrade software install version command to install the new software package. To check the status of the install process, enter the upgrade software status install command. When the process is complete, the following is displayed: Status: SUCCESS.

To verify if the software was upgraded to the target version, run the status all or show version-info commands to view the software version. The UI also displays the updated version of the software under the On-Premises Infrastructure page (Settings > Security Cloud Platform).

Migrating the Virtual Appliance

In order to migrate to the target version of VA from a previous version, you must complete the following steps:

  1. Export the configurations from the current VA using the config-transporter script and save the configurations on an external storage. For details about exporting configurations, refer to Exporting Configurations.
  2. Install and deploy a new VA. Refer to Install a Virtual Appliance.
  3. Depending on the availability of IP addresses on the network, choose one of the following options:

Provision New IP Addresses for a New VA

Reuse IP Addresses from an Old VA

Share this Doc

Upgrade the Virtual Appliance

Or copy link

In this topic ...