cdot65/pan-os-upgrade

Implement auto-commit status check and handling during upgrade process

Opened this issue · 0 comments

cdot65 commented

Is your feature request related to a problem? Please describe.
During the upgrade process of a PAN-OS firewall using the pan-os-upgrade utility, there might be situations where the upgraded firewall is undergoing an auto-commit operation. If the utility proceeds with further actions while an auto-commit is in progress, it can lead to unexpected behavior or conflicts. Currently, the utility does not have a mechanism to detect and handle auto-commit scenarios, which can result in upgrade failures or inconsistencies.

Describe the solution you'd like
Enhance the pan-os-upgrade utility to include a check for auto-commit status on the upgraded firewall and implement appropriate handling mechanisms. The utility should:

  1. After upgrading a firewall, check the status of the firewall to determine if an auto-commit operation is currently in progress.
  2. If an auto-commit is detected, the utility should pause the upgrade process and wait for a configurable amount of time (e.g., one minute) before checking the status again.
  3. Implement a maximum number of attempts (e.g., ten) to check for the auto-commit status. If the auto-commit is still ongoing after the maximum number of attempts, consider the upgrade as failed for that particular firewall.
  4. In case of a failure due to prolonged auto-commit, the utility should gracefully handle the situation by reporting the failure status and removing the peer firewall (if applicable) from the upgrade process.
  5. If no auto-commit is detected or if the auto-commit completes within the specified number of attempts, proceed with the normal upgrade flow.

Describe alternatives you've considered
An alternative approach could be to forcefully terminate the auto-commit operation on the upgraded firewall to allow the upgrade process to continue. However, this might lead to unexpected consequences and could potentially leave the firewall in an inconsistent state. It is safer to wait for the auto-commit to complete naturally and handle the situation gracefully if it exceeds a reasonable timeframe.

Additional context
Here are a few additional points to consider:

  • The number of attempts and the waiting time between attempts should be configurable to allow users to adjust the behavior based on their specific environment and requirements.
  • The utility should log the auto-commit status checks and provide informative messages to keep users informed about the progress and any delays encountered.
  • In case of a failure due to prolonged auto-commit, the utility should provide clear error messages indicating the reason for the failure and any necessary actions to be taken.
  • Update the project's documentation to include information about this new feature, explaining how it handles auto-commit scenarios and the configurable options available.

By implementing this feature, the pan-os-upgrade utility will be more resilient to auto-commit operations occurring during the upgrade process. It will prevent conflicts and ensure a smoother upgrade experience, while also handling failure scenarios gracefully.