Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2128
Views
15
Helpful
4
Replies

ISE upgrade with VM cloning.

sree.harsha.samineni@aa.com
Level 1
Level 1

‎02-25-2019 01:05 PM - edited ‎03-08-2019 07:14 PM

We are exploring unorthodox method of upgrading ISE from 2.2 to 2.4, we are thinking of cloning the ise VM  and then upgrade the cloned VM and flip the new upgraded  VM to production. So that we have old deployment available in case if we need to roll back.This seem to be less risky than the traditional approach and saves lot of down time.

Does this approach have any implications on ISE DB or any ISE components.

0 Helpful
4 Replies 4

Damien Miller
VIP Alumni
VIP Alumni

‎02-25-2019 01:49 PM

I've done something similar in the lab but had all the VM's powered down before taking that point in time VM backup. If you try to do this on a running ISE VM, the required snapshot will hang the ISE application forcing you to reboot it. I would not recommend it for a production set up.

Doing a parallel upgrade like you are wanting is common though. Take a backup from the production 2.2, restore it to a 2.2 or 2.4 VM, and it becomes a running working admin node for your new upgraded deployment. You can deploy new VM's for your deployment in parallel which means the old deployment is always there to roll back to if something goes wrong. Multiple ways to go about this, but preserving the old VM's is just a matter of turning them off, and deploying a new 2.4 vm in it's place with the same IP. It's some extra work but certainly doable, added benefit of doing everything in a supported manner which the cloning idea would not be. Assuming ISE was designed and deployed in a HA fashion, there should be no noticeable impact to endpoints.

sree.harsha.samineni@aa.com
Level 1
Level 1
In response to Damien Miller

‎02-25-2019 02:09 PM

Thank You, Damien.

0 Helpful

sree.harsha.samineni@aa.com
Level 1
Level 1
In response to Damien Miller

‎02-25-2019 02:15 PM

Does 2.4 VM accept the backup from 2.2 ?
0 Helpful

Damien Miller
VIP Alumni
VIP Alumni
In response to sree.harsha.samineni@aa.com

‎02-25-2019 02:19 PM

Yes it certainly does. I still recommend running the URT bundle first on your 2.2 secondary PAN node though. It will tell you if there will be any data issues going from 2.2 to 2.4. Then you can work with TAC to address anything before finding out there is an issue.

URT steps in the 2.4 upgrade guide.
https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/upgrade_guide/b_ise_upgrade_guide_24/b_ise_upgrade_guide_24_chapter_01.html#runtheurt
0 Helpful
Customers Also Viewed These Support Documents