Reading time: 1 minute
Verify these on a Fortigate cluster. Commands for HA troubleshooting and things to watch for when upgrading a cluster.
To make sure that the primary always preempts. If the primary should always be the primary
config system ha
set override enable
end
Make sure that the upgrade will not cause downtime. With this command the backup will be upgraded first and then the primary. Should not cause downtime but don’t bet your life on it. ;-)
config system ha
set uninterruptible-upgrade enable
end
Connect to secondary Fortigate from the command-line. The question mark will show the cluster members
execute ha manage ?
Verify synchronization. The numbers must match on all members
diagnose sys ha checksum show
Command to show synchronization from the Primary
diagnose sys ha checksum cluster
If synchronization is out of whack run this command to force recalculation
diagnose sys ha checksum recalculate
