If you are using VNS3:ms to manage your controllers, this guide is not necessary as MS automatically updates cloud routes during an HA event. This guide is ONLY applicable to VNS3 controllers hosted in Amazon Web Services (AWS).
The procedure outlined in this guide benefits those who are not using VNS3:ms to manage their VNS3 controller AND who have large cloud topologies with many cloud routing entires referencing the VNS3’s NIC. The only caveat with this approach from the original upgrade guide is a longer downtime window (5-20 minutes).
According to the upgrade guide (https://docs.cohesive.net/docs/upgrading/vns3-v4/), to transfer the public IP from an old VNS3 version to a newer version you must bring up the new controller "adjacent" to the old controller (same VPC, subnet, and security group), swap EIP to the new instance, and configure the controller via a snapshot. Then you would have to update your Routing table entries for any route that referenced the VNS3’s NIC as the route gateway.
This procedure will reuse the existing NIC object, which comes with its subnet placement, private IP, attached EIP, as well as VPC routes which point to it as the gateway to remote subnets.
1. Take a snapshot of you current controller and save it to a safe storage location. During part of this procedure, this will be the only copy of your VNS3 configuration, so make sure it is safe. We recommend using S3 for this.
2. Instantiate a new VNS3 controller adjacent to your current controller. This will be a “burner” instance used only to test the snapshot you just created. Do not move your EIP or anything else. We will be terminating this instance after we verify that the snapshot imports successfully.
3. Login to the “burner” VNS3 controller, download your snapshot file from the backup location, and import it into VNS3.
4. Confirm that the snapshot works (none of the connection should come up, but you should see your configuration such as Firewall rules, Routes, Clientpacks, and IPsec configuration). The purpose of this exercise is to guarantee that we have a working snapshot. Once VNS3 successfully imports your configuration from the snapshot, you can terminate the instance.
5. Navigate to Network Interfaces in your AWS EC2 console. Select the NIC associated with your live VNS3 instance. Select the “Actions” menu, then “Change Termination Behavior”. Uncheck the “Delete on Termination” box, and click "Save".
6. Terminate the old VNS3 instance. (Downtime begins)
5. Spin up another latest-version VNS3 in the same VPC, subnet, and AZ as the old one, just as before. On the Instance details page, disable Public IP allocation and select the Primary NIC of the old VNS3 controller for the eth0 interface.
7. Log into the VNS3 web UI and import your snapshot. (Downtime ends after VNS3 reboots.)
You will not need to change any of your cloud routing tables as the same exact NIC from your old controller is now attached to your new upgraded controller.
Please reach out to Cohesive Support at [email protected] if you have any further questions.