108 add support for activeactive ha upgrades in pan os upgrade #114
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Here's the updated GitHub pull request description for the feature enhancement:
Checklist for This Pull Request
🚨Please adhere to the guidelines for contributing to this repository.
Pull Request Description
This pull request introduces support for active/active HA upgrades to the pan-os-upgrade tool. The enhanced feature recognizes and handles different HA status types, including active-primary, active-secondary, and Tentative, and accounts for the HA3 interface unique to active/active HA configurations. It implements the proper active/active HA upgrade workflow, ensuring a smooth and automated upgrade process.
What does this pull request accomplish?
Are there any breaking changes included?
Changes made in this pull request
flatten_xml_to_dictto imports frompan_os_upgrade.components.utilities.handle_firewall_hafunction to:flatten_xml_to_dictto check the success of HA state suspension.check_ha_compatibilitybefore the suspension of the HA peer firewalls to prevent situations where a incompatible version was detected after the first firewall in a pair was suspendedResolves issue
Resolves #108
Motivation behind this feature
Currently, the pan-os-upgrade tool only supports HA upgrades for active/passive configurations. This limitation prevents users from efficiently upgrading their PAN-OS devices in active/active HA setups, requiring manual intervention and increasing the risk of errors.
The addition of active/active HA upgrade support greatly enhances the usability and versatility of the pan-os-upgrade tool. This feature benefits organizations running PAN-OS devices in active/active HA configurations, allowing them to automate their upgrade process and reduce the risk of human error. By encompassing both active/passive and active/active HA upgrades, pan-os-upgrade becomes a comprehensive solution for upgrading PAN-OS devices in various HA setups.
Is there anything the reviewers should know?
Please review the changes carefully, especially the modifications to the
handle_firewall_hafunction, to ensure proper handling of active/active HA configurations and the HA3 interface during the upgrade process. Thorough testing with various active/active HA setups is recommended to validate the functionality and compatibility of the new feature.