How do the RAPs 'discover' the controllers? Is that a DNS record pointing to all 4 public IP addresses?
When you reboot the active anchor controller, the AP will switch to the standby anchor controller; if that has the old firmware it will keep working, if that controller has the upgraded firmware the AP should reboot in the pre-loaded firmware slot. If the AP then reboots and gets through round-robin DNS one of the old version controllers assigned, it will downgrade again. With that in mind, it sound like your plan to reboot the other 2 controllers as soon as the first two upgraded get online may have a slightly lower downtime; just make sure at no point when an AP reboots it will see an active controller with the old version.
There will be downtime while the APs reboot anyway, so if the boot time of the controllers is less than that of the APs, there should not be a real difference system downtime. It just 'feels scary' to reload all the controllers at the same time, but reloading 2 at a time may be as scary and increases the total time for the upgrade, but if you have fast booting APs the downtime may be lower (or higher if you reboot both AAC and SAC for an AP as it will downgrade again on the remaining controllers before the upgraded controllers are up).
You may ask TAC for a second opinion, but I would expect no significant difference in risk/downtime for either reloading 2/2 or 4 at a time; and in that case reloading all 4 may be easier/less complex to manage. If you have a global/DNS load balancer to assign the controller IPs, you may do something smart by creating 2 clusters and moving controllers/RAPs around better controlled by AP-group or geographical location. It also depends on how critical the deployment is, and how much downtime you can accept. Hope these thoughts help...
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Sep 04, 2022 10:48 AM
From: Michael Haring
Subject: RAP Cluster Upgrade Best Practices
Hey AirHeads,
We have a cluster of (4) Mobility Controllers supporting about 1,000 RAPs. We are currently running 8.6.0.5 and looking to upgrade to 8.6.0.18, but I understand that the traditional cluster live upgrade process is not support for RAPs. Given that, what is the recommended procedure for upgrading a RAP environment in AOS 8? My thought -
1. Upload new image to backup partition on Mobility Controllers
2. Pre-load image on RAPs
3. Reload 2 controllers, wait until they start pinging and reload the remaining 2 controllers
4. RAPs will contact the original 2 controllers and identify the firmware change, will reload into the new firmware
5. Second 2 controllers will come back online and once RAPs reload into 8.6.0.18, they will load balance normally
Does this process sound correct, is there any changes to that plan that would be recommended - ie. bring all 4 controllers down at the same time vs. 2 at a time?
Thanks all!
------------------------------
Michael Haring
------------------------------