Upgrading Virtual Appliances

In every SDDC workshop I tried to persuade the audience that the virtual appliances (particularly per-application instances of virtual appliances) are the way to go. I usually got the questions along the lines of “who will manage and audit all these instances?” but once someone asked “and how will we upgrade them?”

Short answer: you won’t.

The beauty of running virtual machines is that it’s easy to destroy them and create new ones, so here’s how I would upgrade my virtual appliances (anyone vaguely familiar with properly-deployed cloud-based applications will immediately recognize the pattern):

  • Build a new VM template from the new software distribution (assuming the vendor doesn’t supply the appliance in a ready-to-use format);
  • Start the new VM in test environment and copy the current configuration into the new virtual machine.

In the ideal world, the appliance would fetch its configuration from a central database resulting in a completely stateless setup, but we’re not there yet.

  • Stress-test the new VM (you do have unit tests verifying whatever your appliance should be doing, right?)
  • When you’re ready for the change, disconnect the current appliance VM from the network and connect the VM with upgraded software (and identical configuration) to the network.
  • If the new software crashes (because $vendor QA) disconnect the new VM and reconnect the old one.
  • Once you’ve mastered all the steps, automate the process.

Want to learn how to do the last step? Why don’t you join the Building Network Automation Solutions online course?


  1. Hey Ivan, you missed the biggest "gotcha" in this process, which is licensing. In most common cases, licenses are tied to serial numbers, which change every time you destroy/build a new VM. You'll unfortunately need manual intervention to alleviate this (often even a phone call).
    Some vendors are now allowing you have one universal license to tackle this particular issue, but it comes with its own "cost".
    1. And you increased my "love" for certain $$$vendors by an order of magnitude. Next step: I'll start preaching the benefits of open-source :D
    2. Agreed, open source works perfect with this model
  2. And some vendors tie their right to use licenses to the MAC address of the physical host and when the IT group decides to go cloud, they spin up a VM and install the software and then have to spoof the MAC address in the vNIC. Otherwise they then have to fax a request to a reseller, wait a month to get the MAC address on the license changed. I call that Agile ;-)
Add comment