この記事は1年以上前に書かれたものです。
情報が古い可能性があります。
ひさびさにアップグレード。
Juniper のサポートサイトからダウンロード。アップグレード方法は親切にダウンロードページに書いてくれている。
SRX にダウンロード
ここでは /var/tmp は以下に junos22.4r2.tgz というファイル名でダウンロード。
file copy "https://cdn.juniper.net/software/junos/22.4R2.8/junos-srxsme-22.4R2.8.tgz?SM~(略)~" /var/tmp/junos22.4r2.tgz
コンフィグなどバックアップを取りましょう。
アップグレード
request system software add /var/tmp/junos22.4r2.tgz reboot
reboot オプションをつけていれば 特に問題がなければ自動で再起動して新しいバージョンになる。
no-copy, no-validate オプションをつければもう少し早いはず。
JUNOS 22.1R1.10 -> 22.4R2.8 へのアップグレードで 約17分 で通信復旧。SRX300 は CPU がへぼいので時間かかる。
以下ログ。
naoki@TYO_SRX1> file copy "https://cdn.juniper.net/software/junos/22.4R2.8/junos-srxsme-22.4R2.8.tgz?SM~(略)~" /var/tmp/junos22.4r2.tgz
/var/home/naoki/...transferring.file.........n100% of 398 MB 1089 kBps 00m00s
naoki@TYO_SRX1> request system software add /var/tmp/
^
'/var/tmp/' is ambiguous.
Possible completions:
<[Enter]> Execute this command
<package-name> URL or pathname of package
/var/tmp/appidd_cust_app_trace Size: 0, Last changed: Jun 02 2022
/var/tmp/appidd_trace_debug Size: 11960, Last changed: Jul 04 21:38:25
/var/tmp/cleanup-pkgs.log Size: 4635, Last changed: Jul 04 21:37:00
/var/tmp/dyn_filterd_trace_debug Size: 851, Last changed: Jul 04 21:38:13
/var/tmp/ebmq_authd_vty Last changed: Nov 19 2022
/var/tmp/eedebug_bin_file Size: 0, Last changed: Jul 04 21:38:04
/var/tmp/gksdchk.log Size: 34, Last changed: May 19 2022
/var/tmp/gres-tp/ Last changed: May 19 2022
/var/tmp/idp_license_info Size: 4, Last changed: Jun 02 2022
/var/tmp/install/ Last changed: May 19 2022
/var/tmp/junos-srx1k3k-12.3X48-D105.4-domestic.tgz Size: 276359204, Last changed: May 28 2022
/var/tmp/junos-srxsme-22.1R1.10.tgz Size: 414993564, Last changed: Jun 02 2022
/var/tmp/junos22.4r2.tgz Size: 418193747, Last changed: Nov 02 15:06:56
/var/tmp/kmdchk.log Size: 70, Last changed: Jul 04 21:35:27
/var/tmp/krt_rpf_filter.txt Size: 57, Last changed: Jul 04 21:39:04
/var/tmp/mmcq_authd Last changed: Nov 19 2022
/var/tmp/mmcq_bbeStatsdGetCollector Last changed: Nov 19 2022
/var/tmp/mmcq_mmdb_rep_mmcq Last changed: Jun 02 2022
/var/tmp/nsd_restart Size: 2, Last changed: Jul 04 21:39:28
/var/tmp/pfe-limit Size: 8, Last changed: Jul 04 21:40:34
/var/tmp/pfe_debug_commands Size: 111, Last changed: Jun 02 2022
/var/tmp/phone-home/ Last changed: Jun 02 2022
/var/tmp/pics/ Last changed: May 19 2022
/var/tmp/policy_status Size: 30, Last changed: Jul 04 21:40:28
/var/tmp/rtsdb/ Last changed: May 19 2022
/var/tmp/sd-upgrade/ Last changed: Jun 02 2022
/var/tmp/sec-download/ Last changed: May 19 2022
/var/tmp/spu_kmd_init Size: 0, Last changed: May 19 2022
/var/tmp/vi.recover/ Last changed: May 19 2022
/var/tmp/vpn_tunnel_orig.id Size: 0, Last changed: Jun 02 2022
naoki@TYO_SRX1> request system software add /var/tmp/junos22.4r2.tgz reboot ?
Possible completions:
<[Enter]> Execute this command
best-effort-load Load succeeds if at least one statement is valid
delay-restart Don't restart processes
no-copy Don't save copies of package files
no-validate Don't check compatibility with current configuration
on-primary Install image on primary partition while booted on secondary partition
partition Format and re-partition the media before installation
unlink Remove the package after successful installation
+ upgrade-with-config Additional configs ('text/xml' format) to be applied on upgrade
validate Check compatibility with current configuration
validate-on-host Remote host or user@host for configuration validation
validate-on-routing-engine Routing engine for configuration validation
| Pipe through a command
naoki@TYO_SRX1> request system software add /var/tmp/junos22.4r2.tgz reboot
NOTICE: Validating configuration against junos22.4r2.tgz.
NOTICE: Use the 'no-validate' option to skip this if desired.
Formatting alternate root (/dev/da0s2a)...
/dev/da0s2a: 2518.0MB (5156848 sectors) block size 16384, fragment size 2048
using 14 cylinder groups of 183.62MB, 11752 blks, 23552 inodes.
super-block backups (for fsck -b #) at:
32, 376096, 752160, 1128224, 1504288, 1880352, 2256416, 2632480, 3008544,
3384608, 3760672, 4136736, 4512800, 4888864
saving package file in /var/sw/pkg ...
Checking compatibility with configuration
Initializing...
cp: /var/etc/extensions.allow: No such file or directory
cp: /var/db/certs/common/certification-authority/*: No such file or directory
Verified manifest signed by PackageProductionECP256_2022 method ECDSA256+SHA256
Using junos-22.4R2.8 from /altroot/cf/packages/install-tmp/junos-22.4R2.8
Copying package ...
veriexec: cannot update veriexec for /cf/var/validate/c/junos/usr/lib/slax/extensions/db/db_driver_sqlite.so: Too many links
Verified manifest signed by PackageProductionECP256_2023 method ECDSA256+SHA256
Hardware Database regeneration succeeded
Validating against /config/juniper.conf.gz
cp: /cf/var/validate/c/var/etc/lighttpd.addresses and /var/etc/lighttpd.addresses are identical (not copied).
UTM Daemon: <xnm:warning xmlns="http://xml.juniper.net/xnm/1.1/xnm" xmlns:xnm="http://xml.juniper.net/xnm/1.1/xnm">
UTM Daemon: <source-daemon>utmd</source-daemon>
UTM Daemon: <message>You must reboot the system for Web-Filtering's default mode to take effect.
UTM Daemon: </message>
UTM Daemon: </xnm:warning>
mgd: commit complete
Validation succeeded
Validating against /config/rescue.conf.gz
Network security daemon: <xnm:warning xmlns="http://xml.juniper.net/xnm/1.1/xnm" xmlns:xnm="http://xml.juniper.net/xnm/1.1/xnm">
Network security daemon: <source-daemon>nsd</source-daemon>
Network security daemon: <message>You have disabled inet6 flow.
Network security daemon: You must reboot the system for your change to take effect.
Network security daemon: If you have deployed a cluster, be sure to reboot all nodes.</message>
Network security daemon: </xnm:warning>
UTM Daemon: <xnm:warning xmlns="http://xml.juniper.net/xnm/1.1/xnm" xmlns:xnm="http://xml.juniper.net/xnm/1.1/xnm">
UTM Daemon: <source-daemon>utmd</source-daemon>
UTM Daemon: <message>You must reboot the system for Web-Filtering's default mode to take effect.
UTM Daemon: </message>
UTM Daemon: </xnm:warning>
mgd: commit complete
Validation succeeded
Installing package '/altroot/cf/packages/install-tmp/junos-22.4R2.8' ...
Verified junos-boot-srxsme-22.4R2.8.tgz signed by PackageProductionECP256_2023 method ECDSA256+SHA256
Verified junos-srxsme-22.4R2.8-domestic signed by PackageProductionECP256_2023 method ECDSA256+SHA256
Verified manifest signed by PackageProductionECP256_2023 method ECDSA256+SHA256
JUNOS 22.4R2.8 will become active at next reboot
Saving state for rollback ...
Rebooting ...
shutdown: [pid 84017]
Shutdown NOW!
*** FINAL System shutdown message from root@TYO_SRX1 ***
System going down IMMEDIATELY
naoki@TYO_SRX1>
~ 再ログイン ~
Last login: Thu Nov 2 14:55:00 2023 from 172.17.x.xx
--- JUNOS 22.4R2.8 built 2023-05-30 04:21:39 UTC
naoki@TYO_SRX1> show version
Hostname: TYO_SRX1
Model: srx300
Junos: 22.4R2.8
JUNOS Software Release [22.4R2.8]
コメント