The current way of menu based patching of the gateway won’t work due to large number of servers spread across multiple sites. There has to be a better way to patch SSG servers than that the menu driven option. How to automate this task ?
Good suggestion, I've had the same question from several customers.
BTW: Don't forget to vote for your own idea!
I totally agree! Especially a cluster patch/upgrade is a real painfull and brittle process. It prevents us from patching every month our api gateways. It should be fully automated without downtime in a cluster.
Technically, the whole thing is already in the form of bash scripts, end it ends up calling /opt/SecureSpan/Appliance/libexec/patchcli_launch as the layer7 user to install a patch. I'm sure this could be automated with remote ssh calls.
Hi, I wanted to clarify whether users were looking for:
I'm also curious to know whether users have examples of upgrade processes for other "Gateway-like" products that they like, and if so, what did you like about those products?
I would like a cluster be easily upgraded. By example when patching a clusternode it will stop the ping (on just one node), break the database mirror, patch the node, joins the cluster and when operational again enables the ping. It is now a lot of handcrafting to patch a cluster (it takes us half a day for one cluster and we have 6 of them).
Retrieving data ...