Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
122 lines (78 sloc) 4.68 KB

Inline Software Upgrade

Aviatrix software is released frequently every 6 - 8 weeks.

When upgrading a controller software, all gateways are upgraded with the new software at the same time. This is done by controller pushing new software to gateways directly and automatically once requested.

How to upgrade software

Upgrades are done from the Controller UI. To check for an available update and perform an upgrade, follow these steps:

  1. Login to your Controller

  2. Expand Settings navigation menu item

  3. Click Maintenance

  4. Click Dry Run to make sure controller and gateway are in contact and allowed to download our software from our release server. If the Dry Run is unsuccessful, you may want to check controller/gateway security groups, VPC DNS settings to make sure their outbound traffic to Internet is allowed.

  5. Click Upgrade to the latest to upgrade your software to the latest version



If you have been provided a custom release version, please enter that version into the Release Version field and click Upgrade to a custom release button.

Inline and hitless software upgrade

Aviatrix software upgrade happens inline without taking down the controller.

In addition, gateway upgrades are hitless. That is, all gateway encrypted tunnels stay up during the upgrade process. There is no packet loss when upgrading the software.

Upgrade impact on OpenVPN® users

Most upgrades do not impact connected OpenVPN® users. In some cases, OpenVPN® service needs to be restarted as part of software upgrade, for example, upgrade to a new SSL version for security patch. In these cases, connected OpenVPN® users will be disconnected and will need to connect again.

When a release affects OpenVPN® users, the Release Note will make a note of it. Make sure you read Release Notes before applying an upgrade.

OpenVPN is a registered trademark of OpenVPN Inc.

How to update AWS-IAM-Policy

Please also keep your AWS IAM Policies updated to the latest (preferably before upgrading controller software).

Step 01: Login to your AWS GUI console


Step 02: Go to IAM service


A. Update “aviatrix-assume-role-policy”:

Step 03: Click "Policies" and search for the policy "aviatrix-assume-role-policy"

If you have not created "aviatrix-assume-role-policy", please see here.


Step 04: Click Edit Policy


Step 05: Click tab "JSON"

Step 06: Update Policy: copy and paste the policy text from this link and then click button "Review policy" and button "Save changes".

B. Update “aviatrix-app-policy”:

Step 07: Click "Policies" and search for the policy "aviatrix-app-policy"

If you have not created "aviatrix-app-policy", please see here.


Step 08: Click Edit Policy


Step 09: Click tab "JSON"

Step 10: Update Policy: copy and paste the policy provided by this link and then click button "Review policy" and button "Save changes".


Please also update the AWS-IAM-Policy for all Secondary Access Accounts.

.. disqus::