Good luck!

I am sorry that this will be a last question
We are currently planning to separate the firmware image distribution from the actual upgrade process using the scheduling feature in our ACI environment. This is to minimize potential impact by pre-loading the images to devices ahead of time and performing the upgrade during designated maintenance windows.
We have the following questions regarding this approach:
Is there a maximum number of devices that can be included in a single upgrade group when scheduling a firmware upgrade via APIC?
In one of our POPs, we have 57 switches (a mix of leaf and spine nodes). Would it be supported to include all 57 nodes in a single upgrade group?
Are there any known scalability limitations or best practices related to large upgrade groups, especially regarding APIC performance or device response?
Any clarification or official guidance would be greatly appreciated.
Best regards,

Thank you very much for your reply. Due to the special nature of this requirement, it cannot be implemented in the usual way within a short period of time — that's why I asked the question this way.
Here are the constraints:
Including rollback time, the upgrade is limited to just 2 hours, so the typical upgrade approach would result in a very long overall upgrade cycle.
The APIC cluster will be upgraded outside of the maintenance window. Then, during the maintenance window on that day, the OS will be distributed to all devices.
The upgrade will be done by groups based on service groups — for example, upgrading all server-connect Secondary devices within a 2-hour window on a given day.
This approach allows me to significantly reduce the time pressure caused by OS distribution during the upgrade process.

Thanks for the clarification — let me explain a bit more about our plan.
Q1: Are you planning to upgrade only one device group within a 2-hour window?
→ Not exactly — it's not limited to just one group. In each 2-hour window, we may upgrade multiple device groups, depending on redundancy and failover readiness.
Q2: Are there multiple 2-hour windows planned to complete the upgrade in batches?
→ Yes, that’s the approach. But our goal is to complete the entire upgrade in the least number of windows possible, while keeping risk under control.
Here’s some context on our environment:
3x Spine switches, 3x Border Leaf switches (L3-OUT)
Other Leafs are divided into service groups: Cloud connect, Server connect, ACI connect, and NMC service connect
No vPC involved
All links are Active/Standby, except for 2 devices using HSRP based on VLAN ID parity (odd/even)
Our tentative plan:
Day 1: Border Leaf #3, Spine #3, NMC connect Leaf (Standby), ACI connect Leaf (Standby)
Day 2: Border Leaf #2, Spine #2, NMC connect Leaf (Active), ACI connect Leaf (Active)
Day 3: Border Leaf #1, Spine #1, Cloud connect Leaf (Standby), Server connect Leaf (Standby)
Day 4: Cloud connect Leaf (Active), Server connect Leaf (Active)
Day 5: HSRP device connect Leafs

My main question is:
Does Cisco recommend a maximum number of devices to upgrade per window from a best practice point of view (e.g., for rollback safety or system stability)?
Any advice or field experience is appreciated!