Rolling Updates
Rolling Updates automate the process of updating Proxmox VE nodes across a cluster sequentially, ensuring that workloads remain available throughout the update process. Instead of manually updating each node and handling migrations by hand, ProxCenter orchestrates the entire workflow.
Overview
Updating a Proxmox cluster typically involves: putting a node in maintenance, migrating VMs off, running apt upgrade, rebooting if needed, and moving VMs back. Doing this manually across 5, 10, or 50 nodes is tedious and error-prone. Rolling Updates handle this automatically with safety checks at every step.
Update Workflow
For each node in the cluster, ProxCenter performs the following steps in order:
1. Pre-Checks
Before starting, ProxCenter verifies:
- The cluster has enough capacity to absorb workloads from the node being updated
- No other node is already in maintenance or being updated
- All VMs on the node are migratable (no local-only resources blocking migration)
- The node is reachable via SSH
2. Workload Evacuation
Running VMs and containers are live-migrated to other nodes in the cluster. ProxCenter uses the DRS logic to select optimal target nodes based on current resource usage.
3. System Update
The node runs apt update && apt dist-upgrade to install the latest Proxmox packages. The full output is logged and visible in the Task Center.
4. Reboot (if required)
If a kernel update or other reboot-required package was installed, the node is rebooted. ProxCenter waits for the node to come back online and rejoin the cluster before proceeding.
5. Workload Restoration
After the node is updated and healthy, previously migrated VMs can optionally be migrated back to their original node.
6. Next Node
The process repeats for the next node in the cluster until all nodes are updated.
Configuration
| Setting | Description | Default |
|---|---|---|
| Reboot policy | Always reboot, only if needed, or never | Only if needed |
| Restore VMs | Migrate VMs back to their original node after update | Enabled |
| Parallel migrations | Number of VMs to migrate simultaneously during evacuation | 2 |
| Timeout | Maximum time to wait for a node reboot before marking it failed | 10 minutes |
Monitoring Progress
The Rolling Update dashboard shows:
- A visual overview of all nodes with their current state (pending, updating, rebooting, completed, failed)
- The current step being executed on the active node
- Live logs from the update and reboot process
- Estimated time remaining based on previous node durations
If a node fails to come back online after a reboot, the rolling update pauses and alerts you. It does not proceed to the next node to avoid risking cluster quorum.
Schedule rolling updates during a maintenance window. Even though VMs are live-migrated, there may be brief performance impacts during the migration and reboot phases.
Rolling Updates is available in the Enterprise edition.
Permissions
| Permission | Description |
|---|---|
node.manage | Required to execute updates and reboot nodes |
vm.migrate | Required to evacuate and restore workloads |