Upgrading Apache Geode
To upgrade an existing installation to a new version of Apache Geode, follow these general steps:
- Back up your current system.
- Install the new version of the software.
- Stop your cluster using the current software.
- Restart the system using the new software.
In many cases, components running under the current version can be stopped selectively, then restarted under the new version so that the cluster as a whole remains functional during the upgrade process; this is known as a “rolling upgrade.”
In other cases, the entire system must be stopped in order to accomplish the upgrade, which will require some downtime for your system.
See Planning an Upgrade to choose the upgrade scenario that best suits your implementation and to understand the resources you will need to accomplish the upgrade. Then select the appropriate upgrade procedure for more detailed instructions that fit your specific needs.
This section discusses the upgrade paths for various Apache Geode versions, and it lists information you need to know before you begin the upgrade process.
A rolling upgrade allows you to keep your existing cluster running while you upgrade your members gradually.
An offline upgrade can handle the widest variety of software versions and cluster configurations, but requires shutting down the entire system for at least a short time.
When you upgrade your Geode server software, you may need to update your client applications in order to maintain compatibility with the upgraded servers.
For some users, issues regarding SSL protocols and their default values require a preparatory SSL protocol migration step when upgrading to Geode v1.15. Please read the following section carefully to determine whether your system requires this additional SSL protocol migration step.
To determine whether your system requires the SSL protocol migration preparatory step, see if your system meets both of the following conditions:
ssl-endpoint-identification-enabledis set to
ssl-protocolsis set to a value other than “any”, that is, it specifies a list of specific protocols, but does not include “SSLv2Hello”,
THEN your system requires the SSL protocol migration step.
How do I determine my system’s settings for the
SSL properties may be set in properties files or on the gfsh command line. To determine the settings for these parameters,
ssl-endpoint-identification-enabled=true. Also look for
ssl-use-default-context=true, which sets
Search system logs for these properties (using
grep, for example).
The preparatory SSL protocol migration process consists of replacing one property,
with two new properties,
ssl-server-protocols, then removing the old
ssl-protocols definition. Perform this substitution in whatever way the original
were defined: in
.properties files or on a command line.
- If your system is running JDK 8, upgrade to the latest version of JDK 8 before proceeding. This is necessary, even if you plan to perform the optional JDK upgrade step to JDK 11 or JDK 17.
- Shutdown a member (server or locator).
- Install Geode 1.15.
- Optionally install a new Java JDK.
- Add security property
ssl-client-protocolswith the same definition as the old
- Add security property
ssl-server-protocolswith the same definition as the old
ssl-protocolsproperty PLUS “SSLv2Hello”. For example, if the original value of
ssl-protocolsis “TLSv1.2”, then define
- Start the member.
- Verify successful cluster join.
- Repeat from step 1 for the next member.
Optionally, after your upgrade is complete, you may restore your original
and restart all your members to eliminate the
SSLv2Hello protocol support.