MS Firmware Upgrades
Click 日本語 for Japanese
Overview
While MS switches generally follow the Dashboard-wide firmware upgrades procedures, there are some firmware upgrade features that are specific to MS switches. MS Staged upgrades are explained here.
For general firmware upgrades information, refer to the Managing Firmware Upgrades.
Learn more with these free online training courses on the Meraki Learning Hub:
Staged Upgrades
Staged Upgrades allows administrators to divide a network of switches into smaller groups which can have firmware upgraded at separate times.
With Staged upgrades, administrators can schedule, defer, and rollback firmware upgrades in stages, allowing for more flexibility the upgrade process.
Platform Support | Minimum Firmware Required |
---|---|
All MS switches - Supported | N/A |
Monitor-mode Catalyst switches - see note below | N/A |
Use Case
The use cases for staged upgrades are typically one of two situations:
- The network has too many switches to upgrade in a single maintenance window
- More frequent maintenance windows are available for some devices than others. For instance, it may be reasonable to upgrade access-layer switches that connect end-user devices each night, but the data center switching that supports critical e-commerce services can only be upgraded once a month.
Staged Upgrades are not supported for networks assigned to a configuration template. In addition, Staged Upgrades are available only when a single switch network is selected for an upgrade.
Terms
Staged Upgrade Group | A group of switches that will be upgraded at the same time, which can also be referred to as a "stage" |
Default Staged Upgrade Group | An upgrade group that includes any switches that have not been assigned to any other group. |
Staged Upgrade Sequence | The sequence is a list of all of the groups in a network in the order that they will be upgraded. |
Staged Upgrade | A scheduled firmware upgrade using Staged Upgrades. A staged upgrade includes the time and dates for each group to be upgraded. |
Network Upgrade | The non-staged, firmware upgrade feature used to upgrade all of the devices in a Dashboard network at the same time. |
Scheduling a Firmware Upgrade
Scheduling a staged upgrade begins in the same way as scheduling a typical network upgrade. The entire process of managing groups and the sequence are included in a wizard-type walkthrough accessed from the Organization > Firmware Upgrades Page.
Navigate to the Organization > Firmware Upgrades menu, and select the "Schedule Upgrades" tab:
Select the switch network to schedule a staged upgrade for, and click the blue "Schedule upgrades" button. On the next page, choose the appropriate target firmware version to upgrade to, review the change log if required, and click "Next":
Choose only a single switch network to schedule a staged upgrade. If more than one network is selected then the Staged Upgrades option will not be available.
Firmware downgrades can be scheduled in the same manner by selecting a previous firmware version from the available options in the "Target firmware version"
Choose "Schedule staged upgrade", and click "Next":
Review the summary, and click "Schedule change for 1 network" in order to proceed to configure the groups, sequence, and schedule:
Clicking "Schedule change for 1 network" will automatically redirect to the Staged Upgrade wizard. This allows you to configure Staged Upgrade Groups and the Upgrade Sequence before proceeding to schedule the Staged Upgrade Event.
The following sections detail those steps further.
Note: You can convert the normally scheduled firmware upgrade to Staged Upgrade and get redirected to the Staged Upgrade wizard manually by going to Organization > Monitor > Firmware upgrade > Scheduled changes.
Configuring Staged Upgrade Groups
If you've already configured your groups, you can click "Next" to configure the Staged Upgrade Sequence.
By default, there is a single "Default Group" defined for the network, and all switches that are a part of the network belong to this group. On this page, you can create new groups and assign switches to them as needed.
You can also create and modify staged upgrade groups without scheduling a firmware upgrade by navigating to Switch > Staged Upgrades, and choosing the "Groups" tab.
- To create a new group, click on the "Create a group" tile.
- To modify or delete an existing group, click on the three dots (...) for the group tile and choose the appropriate option.
On the group create/edit view, give the group a name (and optionally a description), and add or remove the appropriate switches to the group as needed. When you're finished, click the "Update" or "Create" button as appropriate to return to the groups screen.
Switch Stacks
Switch stacks are treated as a single device when it comes to upgrades. That is, every switch in a particular switch stack must belong to the same upgrade group. Therefore, you assign the stack to the group rather than each switch.
Switch stacks can be expanded in the group member list to see details about the switches that belong to that stack.
The Default Group
One upgrade group must always exist in a network and that group will contain any switches that an administrator has not otherwise assigned to a group. You can edit the default group in the same manner as any other group, and you can also assign a different group as the default group. Another way of thinking about this is that all of the switches in the network must belong to a group.
Switches that have a firmware image locked by Meraki support are still included in an upgrade group, but will be skipped when that group is scheduled to upgrade. The upgrade is still considered complete if any switches are skipped.
Similarly, any monitor-mode Catalyst switches in the network must be in an upgrade group but staged upgrades will skip the monitor-mode switches when those groups upgrade.
When an administrator assigns a switch to any group (default group or other), that switch is explicitly assigned. When explicitly assigned, a switch will remain assigned to that group unless an administrator assigns it to a different group or deletes the group that the switch is currently assigned to.
For any switches that have not been explicitly assigned to a group, they are implicitly assigned to the default group, whichever group that is. In the groups tab, the default group is marked with a Default tag and has a blue highlight on the card.
A default group named "Default Group" is created by ... well by default; but the name is separate from actually being the default group. In the screenshot below, the default group is named "Unassigned Switches Here" and the original default group named "Default group" remains.
If you change the default group assignment, it is recommended to rename or delete the original "Default Group" to avoid confusion.
Switches (or switch stacks) that are implicitly assigned to the default group are grayed out in the member list, while switches that are explicitly assigned use regular text:
Implicit and Explicit Group Assignment Examples
- If you assign a switch to any group, it is explicitly assigned and remains in that group unless:
- You explicitly assign the switch to a different group
- You delete the group which implicitly re-assigns the switches in that group to the current default group
- If you have not assigned a switch to a group, it is implicitly assigned to the current default group unless:
- You change which group is marked as default which reassigns that switch to the new default group
- You explicitly assign the switch to a group.
- If a new switch is added to the network, it is assigned to the current default group
To change which group is marked as default, edit the group you want to make default. Click the "Default group" box, review the alert message, and click the "Update" button to save:
Configuring the Staged Upgrade Sequence
Once you've finished configuring Upgrade Groups, click the "Next" button to configure the Sequence. Drag each group into the desired order and click "Next" when finished:
You can also modify the staged upgrade sequence without scheduling a firmware upgrade by navigating to Switch > Staged Upgrades, and choosing the "Sequence" tab.
All Staged Upgrade Groups must be included in the Staged Upgrade Sequence. This includes any empty upgrade groups. We recommend deleting any empty groups from the network to remove them from the Staged Upgrade Sequence.
Scheduling the Staged Upgrade
Assign a time for each staged upgrade group to perform the firmware upgrade by choosing a time and date in the "Scheduled for" field:
Start times must be scheduled in the same order as the sequence (you cannot schedule a group for a start time earlier than another group which is higher up in the sequence.
When times have been entered for each group, click "Next" to review the upgrade configuration and proceed to schedule the upgrade:
During the initial release, there is no review screen. Clicking "Next" on the Scheduling page will immediately schedule the upgrade.
Monitoring Staged Upgrades
Once the upgrade is scheduled, Dashboard will load the monitoring page. Here you can monitor the upgrade status of each group as well as reschedule, rollback or cancel, and defer the staged upgrade.
You can monitor Staged Upgrades by navigating to Organization > Firmware upgrades > Scheduled changes or Switching > Staged Upgrades and clicking the link in the notice at the top of the page
As each group starts their upgrade stage, the status will update to reflect the group upgrade status:
- Scheduled: The staged upgrade group has not yet started the upgrade
- Started: This status is triggered once the scheduled start time for the upgrade group in question has arrived
- Completed: This status is triggered either 30 minutes after the upgrade stage starts, or once all of the switches in the upgrade group have reconnected to Dashboard running the configured firmware version; whichever happens first.
Dashboard is currently unable perform upgrades for monitor-mode Catalyst switches, so for upgrade groups that include any number of monitor-mode Catalyst switches, the upgrade group will not be marked complete until the 30 minute timeout passes.
We recommend grouping all monitor-mode Catalyst switches into a separate upgrade group in order to be able to accurately monitor the upgrade status for any other groups.
Managing Staged Upgrades
There are three options to manage scheduled staged upgrades:
- Reschedule - This option allows you to change the scheduled times for any groups that have not yet started the upgrade. Staged Upgrade Groups that have already started or complete an upgrade cannot be rescheduled.
- Rollback / Cancel - This option allows you to abort an upgrade. For groups have already started or completed, a scheduled time must be entered to rollback to the pre-upgrade firmware. For groups that are scheduled but that have not started, the upgrade is cancelled.
- Defer: This option will reschedule any groups that have not started by adding 1 week to the currently configured time for that upgrade group.
Note that firmware upgrades in general can be scheduled at most 1 month ahead of the current time. Therefore the maximum amount of time any upgrade group can be deferred is one month away from when the defer option is used. This can result in multiple upgrade groups being scheduled for the same time (one month from the current time) when adding 1 week would exceed the 1 month limit.
It is always advised to carefully review the scheduled times to ensure they meet the requirements of the situation.
API
Staged upgrades can be created and managed via the Meraki API as well as Dashboard. For information regarding the API endpoints and usage, consult the Dashboard API documentation by navigating to the Help > API Docs menu in Dashboard, and search for "Staged Upgrade" in the API V1 documentation.
Firmware Upgrade Status
Firmware upgrade status provides visual feedback on the firmware upgrade progress for switches to help reassure admins that firmware upgrades are progressing as expected. Update status flags will appear automatically in the firmware section of the switch details page and in the Upgrade Status column of the flex table on the Monitor > Switches page any time an upgrade is scheduled or in progress.
Platform Support | Minimum Firmware Required |
---|---|
All MS switches | N/A |
On the switch details page for an individual switch, the firmware section indicates the upgrade status for that particular switch:
On the Monitor > Switches page, you can enable the Upgrade status column for the flex table to see the upgrade status for multiple switches in the network at the same time:
The statuses match the upgrade group statuses used in staged upgrades:
- Scheduled: Indicates that a firmware upgrade that includes this switch has been scheduled to take place, but that the scheduled time has not yet arrived.
- Started: Indicates that the scheduled time has arrived and that the switch will begin the upgrade.
- Completed: After the upgrade starts, the completed flag appears when the first of the following two situations occurs:
- The switch appears back online in Dashboard running the upgraded version of firmware.
- 30 minutes has passed since the scheduled upgrade time.
- Canceled: Appears only if the switch belongs to a staged upgrade group whose upgrade stage has been canceled as part of a rollback. It remains until the staged upgrade rollback is complete.
- Skipped: Indicates that the switch has a firmware version locked by Meraki support and will not be upgraded.
Understand that "completed" is not the same as an upgrade being successful. The completed status indicates that the upgrade job has executed, and in most cases all of the switches in that job will be back online running the upgraded firmware before 30 minutes passes. Regardless, the job does eventually need to be marked complete.
If any individual switch is unable to successfully complete the firmware upgrade, Dashboard will indicate the discrepancy in the firmware version on the switch details page as well as the switch list (refer to the next section).
Dashboard is currently unable to monitor the upgrade status of monitor-mode Catalyst switches, and upgrades on those switches are not attempted, so the upgrade group will be marked complete after the 30 minute timeout passes.
We recommend grouping all monitor-mode Catalyst switches into a separate upgrade group in order to be able to accurately monitor the upgrade status for any other groups.
Firmware version column
The firmware version column on the switch list page will also reflect the firmware version status during the upgrade: