Patch Upgrade Process for Avi Vantage

Starting with release 17.2.3, Avi Vantage supports patch upgrades by which hot fixes may be placed into effect. This feature is accessible via the Avi CLI only. UI support is planned for a future release.

Process Overview

  • Download a patch package from the Avi Customer Portal.
  • For every patch release there can be as many as 4 packages. The first three listed below give the administrator the option to patch some, but not all aspects of the Avi Vantage Platform. The avi-patch can be used to apply all patches.
    1. controller_patch
    2. se_patch
    3. ui_patch
    4. avi_patch
  • Apply the desired patch using the patch shell command. A CLI example appears below.


  • One uploads the patch package to the Controller just as one would a full-release package.
  • Wherever possible, Avi patches are designed not to interrupt active services. In those cases where an interruption is unavoidable, the patch package will document the details.
  • The Avi Vantage configuration is locked during patch upgrades.
  • Since a patch is not a full package, one cannot upgrade between Avi Vantage maintenance releases. As an example, it is not possible to patch-upgrade from 17.2.3 to 17.2.4-1pJ (J is the Jth patch version).
  • Patches are cumulative. A patch can be applied on a patch.
  • With patch, Controllers need to be on the same base+patch version to form a cluster. To illustrate, suppose we have three Controllers on 17.2.4. One cannot form a cluster if one Controller is on 17.2.4 and another on 17.2.4-1p1.
  • Before clustering patched Controllers, run reboot clean CLI commands on each. For details, see Deploying an Avi Controller Cluster.

Patching a Controller via the Avi CLI

# on Controller Machine (which is running the base branch)
## check controller patch package is present in /tmp
root@<controller-ip>:/home/admin# ls /tmp/controller_patch.pkg
## login to shell using credentials
$ shell --user <controller username> --password <controller password>
## verify upgrade should not be running
$[admin:<controller-ip>]: > show upgrade status
| Field            | Value |
| in_progress      | False |
| controller_state |       |
|   in_progress    | False |
[admin:<controller-ip>]: >
## Apply patch using below command
[admin:<controller-ip>]: > patch system image_path /tmp/controller_patch.pkg
Uploading file to controller
Verifying upgrade package
Upgrade has started. Please use 'show upgrade status' to check the progress.
## check upgrade status using show upgrade status.
## At the finish of upgrade Upgrade status should be success and patch changes should reflect on controller.
## check for controller/SE version
## show version controller
## show version serviceengine