Security

I normally upgrade in lockstep with releases so I seldom have to work out a best path, but due to nerves about changes during the holisays and the new licensing model etc. I've got choices.

We're running two servers (publisher/subscriber) on 6.6.8

I have a patch to 6.6.9 and two which lead to 6.7.0 (I presume 6.7.1 becomes available after 6.7.0 is in place)

Should I bother with 6.6.9 or just go to 6.7.0?

When I got to 6.7.0 it looks like I should run the Cluster Interface patch first and then upgrade the cluster, it that right?

Will 6.7.1 magically show up as available once I'm done with this round?

I would take the following path in your environment:

- Upgrade Publisher directly from 6.6.8 to 6.7.0 (6.7.1 will show up in updates after 6.7.0 is up and running)

- Install interface upgrade patch (if required for your environment, check release notes to confirm)

- Upgrade subcriber to 6.7.0

- Install interface upgrade patch (again, only if required)

- Upgrade Publisher to 6.7.1

- Upgrade Subscriber to 6.7.1

 Also, follow other best practices; ie. backup before upgrade, plan downtime accordingly, etc.

I have not yet upgraded to 6.7 in Production but remember the licensing has changed for 6.7+

I will likely get advice from TAC before I upgrade. to insure things go smoothly.

Thanks Bruce

I didn't mention it, but I've already got the license worries ironed out (I hope) we should be good on that front.

Great!

It is always better to be safe than sorry. I will probably upgrade my 5 25K appliances to 6.7.x this summer.

EDIT: I do not use the cluster upgrade tool in my environment. The servers are behind a load-balance switch so I can take them offline individually without impacting services.

Being VMs makes me a bit cavalier - just snapshot, test and rollback if there's any issue.

That said, I took two reposnses as "no reason to stop" and hit the cluster upgrade buttons. (after snapshots were made in VMware)

About an hour-and-a-half later they sers done. I watched both servers activity trackers as auth-requests moved back then forth.

All appears well and upgraded.

If there's no smoke in the morning, I'll update to 6.7.1.

Wish me luck!

Kudos & good luck.

There were no issues overnight with 6.7.0 so I updated the snapshots and used the cluster update tool to go to 6.7.1 this morning.

All seems AOK.

The update took longer than the 6.7.0 upgrade.

Thanks Clembo

I was rather hoping that the magic-cluster-upgrade tool would work as advertised, so I'll probably hit that button and cross my fingers.

Was hoping to scare up the "wiat, don't touch that!!" folks before I let my curiosity carry me away.