Patching ESXi hosts using VUM

In this post, let’s see how an ESXi host/ Cluster can be patched using vSphere Update Manager. Here we will be patching the entire cluster at a time and yes, VUM is goign to take a care of all the VM’s running on them. If you have not configured VUM yet, here is my post about adding VUM to VCSA. Once you are in the Update Manager, web client should show up your update manager server. Click on that.


On the next screen, you should see many tabs under the Manage tab. Click on Patch Repository to verify the patches downloaded and you can also import patches to the repository. Click on Import Patches and browse for the patch file.


Once the upload is complete. Go back to the Host Baselines tab and click on the green + to create a new baseline. Select the respective baseline type. Since i am using a patch to update the ESXi host, i select Host Patch and click Next.


Select the Fixed baseline, as this helps in keeping the hosts at same level. It would be easier to create a new baseline when a new patch is available based on the make and model of servers in the environment. That’s again purely based on the infrastructure.


The next screen shows the patches that are included in the uploaded patch and you can deselect any of them if you do not want to update it. Click on Next after making the selection.


Review the settings on the next screen and click on Finish. That completes the creation of baseline.


The next step is to attach the baseline to a Host or Cluster. Select the Host/Cluster you want to attach the Baseline to. On the right side, click on the Update Manager tab and click on the Attach Baseline button. Select the Baseline that we just created and click OK.


Once the baseline is attached, click on the Scan for Updates button to check how compliant your hosts are with the attached baseline. Non Compliant means, we are required to patch the server with that baseline.


Now, we are all set to update our hosts. Click on the Remediate button to start scheduling or patching the Hosts. You can also Stage (copy the patches to hosts) to make the remediation faster. Select the Baseline that you want to remediate here.


On the next screen, select the hosts from cluster that you want to remediate the patches to. Click Next


Select the patches you want to remediate. Click Next.


Here on the next screen, you are given an option to schedule the remediation or to run it immediately. I am going to select Run this action now. This is really cool actually because you don’t have to be really awake just to see if your patches are pushed.


Let the Update Manager know what to do with the VMs while taken down for maintenance. Default is Do Not Change VM Power State, that makes sense because we have vMotion  and Update Manager is intelligent enough to move the VM’s across the hosts in cluster to patch the Hosts.


On the next screen, based on your infrastructure and number of hosts that can sustain a failure, select the option here. Remember, HA Admission Control plays a role here.


Review the settings carefully and click on Finish.


Sit back and relax untill your Update Manager patches all the selected Hosts in Cluster.

Note: Hosts that were in maintenance mode prior to Remediation, will stay in maintenance mode even after the remediation.

Once done, you should now see that the Cluster is in complaince with the Baseline.

2016-07-25 11_36_55-vSphere Web Client.jpg

Hope this was informative. Thanks!


#baselines, #cluster-remediation, #esxi-6, #patches, #remediate, #vum