In last post we learn how to configure UMDS and how to enable VUM to use shared repository for downloading patches. If you are new to VUM/UMDS and by mistake landed directly on this page, I would encourage reading about them first from below links:
Also in past I have written one blog post on Creating Esxi hosts baselines and how to remediate host. You can read that post from here.
In this post I will be covering below objectives:
- Configure hosts/cluster settings
- Create VUM baseline group
- Manually download updates to a patch repository
- Import Host upgrade images and upgrade Esxi hosts.
- Configure Smart Rebooting for vApps
Lets get started.
1: Configure hosts/cluster settings
To configure hosts maintenance mode settings, Login to Web Client and Click on Update Manager icon from home page and naviate to Manage > Settings > Host and clusters settings >> Edit.
As per Update Manager best practices, if you are using VMware DPM, HA admission control, or Fault Tolerance, then it is adviseable to temporarily disable these to make sure that the remediation is successful.
You can opt for parallel remediation of hosts if you have a fully populated cluster with enough capacity to allow more than one host to go into maintenance mode at a time.
I have chose to disable media devices that can prevent a host from going into MM and thus causing remediation to fail. Also I chose to migrate powered-off/suspended VM’s to other host so that when a host is rebooted by VUM to apply patches, and something goes wrong (like host PSOD etc), I do not lose my VM’s or waste my time troubleshooting recovering those VM’s.
2: Create and modify VUM baseline groups
A baseline is a collection of one or more patches, extension or upgrades, that can be applied to an object in the vCenter Server. Baseline groups are assembled from existing baselines and can contain a combination of multiple patch and/or extension baselines.
When ESXi hosts, VMs and VA’s are scanned, they are evaluated against baselines and baseline groups to determine their level of compliance. VUM includes the following baselines by default:
- Critical host patches
- Non-critical host patches
- VMware Tools upgrade to match host
- VM Hardware upgrade to match host
- VA upgrade to latest
To create a new Baseline group, login to Web Client and navigate to Update Manager-> Manage-> Host Baselines and click the green plus sign.
Provide a name for the Baseline group, and select the patches, upgrades and/or extension baselines which you want to include in this group.
On ready to Complete page, review your selections and it Finish to complete the New Baseline Group creation wizard.
This newly created baseline group is ready and can now be attached to the Esxi hosts and/or clusters.
3: Manually download updates to a VUM repository
VMware periodically release updated patches for Esxi hosts. You can download these updated patches offline and then add them to the VUM repository. To see what are the updated patches available for Esxi host 6.0, visit this site
In my lab I am running Esxi host 6.0 build# 5050593 and following are the updates available for this build
Note: You can import offline bundles only for hosts running ESXi 5.x or later. The patches and extensions must be in ZIP format, and you require the Upload File privilege in vCenter Server.
To import an offline bundle, login to Web Client and navigate to Update Manager-> Manage-> Patch Repository and click Import patches
Click on browse and select the zip and click on upload file. You will see the upload progress in the opened window.
Once imported, the patch or extension will be available for selection in the VUM Baselines.
4: Import Host upgrade images and upgrade Esxi hosts
This method is used for direct upgrade of Esxi hosts to a higher version. We basically download newer version of Esxi iso and upload it to VUM and create a baseline with this iso.
In Web Client, navigate to Update Manager > Manage > Esxi Images tab and click on Import Esxi image.
Browse to the location where you have downloaded your iso file and click on import. Post import is completed, details about the uploaded iso will be displayed.
Navigate to Host baseline tab and click on green + button to add a new baseline. Select type as Host Upgrade.
Select the iso file which we just uploaded and hit next. On ready to complete page review your settings and hit finish to complete the wizard.
The newly created baseline will appear in list.
Attach baseline to objects
Right click on your cluster and from update manager menu select Attach baseline.
Select the newly created baseline from the list and hit OK.
Now from Host and Cluster view, select the Update Manager tab and verify the host compliance status. At this point status will be reported as Unknown/Non-Compliant.
Click on the Remediate button and select the newly created baseline.
Select the host/hosts which you want to upgrade.
In my lab I am running Esxi 6.0 U3 Build#5050593 and I am upgrading my host to Build#55722656 (Esxi 6.0 update 3a)
Hit Next and follow the wizard to provide additional info about upgrade schedule and Host/Cluster remediation options (we discussed this in beginning of this post).
On Ready to Complete page review your settings and hit finish.
Wait for remediation task to complete. Host will be put in MM and rebooted.
Post reboot of host verify that compliance status is changed to complaint. Overall status of the baseline is still non-compliant as all the objects (second host in my lab) has not been upgraded.
From host’s summary page I verified that host has been upgraded to a newer build.
5: Configure smart rebooting for vApps
I am sure you are familiar with concept of vApps in vSphere. A vApp is a pre-built software solution, consisting of one or more virtual machines and applications, which are potentially operated, maintained, monitored, and updated as a unit..
Smart Rebooting capability of VUM enables selective restart of the virtual machines in the vApp to maintain startup dependencies.
You may have a vApp for a 3 tier application which includes a web server, a DB server and application server. When you reboot such a vApp you might want services to be shutdown/startup in a specific sequence.
For e.g when vApp is powering on, you might want DB server to come online first before web server or application server.
Smart rebooting is enabled by default for vApps. If this is disabled, the VMs in the vApp will be restarted according to their individual remediation requirements, regardless of its startup dependencies.
To modify the smart rebooting, login to Web Client and navigate to Update Manager > Manage > Settings > vApp Settings and click Edit
And that’s it for this post.
I hope you find this post informational. Feel free to share this on social media if it is worth sharing. Be sociable 🙂