VMware Cloud Community
ricky73
Hot Shot
Hot Shot
Jump to solution

Howto use Update Manager

I'm going to update ESXi 5.5 hosts in my cluster but I don't know Update Manager component, so I ask if it's possibile to patch single host so that I can test VM on it and afterwards to extend update to the other hosts.

Do you suggest to apply all updates or it's usually to give priority to security updates? I'm using Vmware image of HP beacuse my hosts are blade Proliant servers.

How can I start? Do you have to suggest quick start guide?

1 Solution

Accepted Solutions
Sreekanth45
Enthusiast
Enthusiast
Jump to solution

Update Manager downloads the list of available patches from vmware.com. To set up frequency of the repository update, click Home. Click the Update Manager icon. Under the Configuration tab, click Patch Download Schedule.

To view the Patch Download scheduled task, click Home > Scheduled Tasks > VMware vCenter Update Manager Update Download.


Notes:

  • To manually run this task, right-click the task and click Run.

  • When running the task, you see Download Patch Definitions task in the Recent Tasks.

  • If the Download Patch Definitions task fails, ensure Update Manager can reach vmware.com. For more information

To attach the baselines to the ESX host:

  1. Click Home > Hosts and Clusters.

  2. Highlight the ESX host you want to update and click the Update Manager tab.

  3. Click Attach. Select Critical Host Patches and Non-Critical Host Patches baselines and click Attach.

    Note: To create custom baselines click Home > Update Manager > Baselines and Groups > Create.

To scan the ESX host for missing patches against the repository, right-click on the ESX host and click Scan for Updates > Patches and Extensions > Scan.

Notes:

  • Scan progress is shown by the Scan Entity task in the Recent Tasks.

  • The host scan does not affect running virtual machines.

  • If the scan fails, ensure the ports between Update Manager and the ESX host are open. For more information, seeVMware Update Manager network port requirements (1004543).

  • When the scan is complete you see the number of patches missing on the ESX host. If no patches are missing, you see Compliant.

To remediate the missing patches to the ESX host:

  1. Power off all virtual machines or vMotion them to a different ESX host.
  2. Place the ESX host into maintenance mode. Right-click on the ESX host, choose Enter Maintenance Mode, and click Yes.
  3. Right-click on the ESX host and choose Remediate > Critical Host Patches and Non-Critical Host Patches baselines and click Next.
  4. Choose which updates or patches to install, click Next > NextFinish.

Notes:

View solution in original post

10 Replies
MKBA
Enthusiast
Enthusiast
Jump to solution

You can use this KB for reference

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=101954...

Also It would be good to patch a single host & also you can patch at cluster level.If you are going to update your system to update releases you can have a single rollup bulletin which contains both bug fixes & security update.

If you want to patch only with security updates you can choose that option in update manger.

Reply
0 Kudos
mohdhanifk
Enthusiast
Enthusiast
Jump to solution

Reply
0 Kudos
KSethi
Enthusiast
Enthusiast
Jump to solution

Hello Ricky,

Update Manager works on 5 thumb Rules.

1- Create A Baseline ( Baseline is collection of your patches, Extenstions, Upgrades or any bug fixes). Two types ( Static and Dynamic ( Static does not get updated automatically if any patch of the similar type is added to the repository where in dynamic baseline gets automatically updated if any patch of the similar type is added to the repository.

2- Attach the baseline- So in your case once you have created the baseline based on the patches that u want for your esxi host its time to attach this baseline to your esxi host (Yes it can be attached to a single ESXI host also to the entire cluster.

3- Scan for compliance- Scan to check whether your esxi host is compliant or non compliant based on the baseline which is attached to it. If it is compliant you are all good but if it;s not compliant you need to proceed further.

4- Staging- This is process in which you download the actual patch it does not require any downtime for your esxi host, as it will downloading the patch to your repository because initially only information about the patch is downloaded.

5- Remediation-  This is the last stage which is actually patching your Esxi host ( Based on the patches you have added to your baseline your esxi may or may not reboot..

Rgds

Kanishk

Reply
0 Kudos
Sreekanth45
Enthusiast
Enthusiast
Jump to solution

Update Manager downloads the list of available patches from vmware.com. To set up frequency of the repository update, click Home. Click the Update Manager icon. Under the Configuration tab, click Patch Download Schedule.

To view the Patch Download scheduled task, click Home > Scheduled Tasks > VMware vCenter Update Manager Update Download.


Notes:

  • To manually run this task, right-click the task and click Run.

  • When running the task, you see Download Patch Definitions task in the Recent Tasks.

  • If the Download Patch Definitions task fails, ensure Update Manager can reach vmware.com. For more information

To attach the baselines to the ESX host:

  1. Click Home > Hosts and Clusters.

  2. Highlight the ESX host you want to update and click the Update Manager tab.

  3. Click Attach. Select Critical Host Patches and Non-Critical Host Patches baselines and click Attach.

    Note: To create custom baselines click Home > Update Manager > Baselines and Groups > Create.

To scan the ESX host for missing patches against the repository, right-click on the ESX host and click Scan for Updates > Patches and Extensions > Scan.

Notes:

  • Scan progress is shown by the Scan Entity task in the Recent Tasks.

  • The host scan does not affect running virtual machines.

  • If the scan fails, ensure the ports between Update Manager and the ESX host are open. For more information, seeVMware Update Manager network port requirements (1004543).

  • When the scan is complete you see the number of patches missing on the ESX host. If no patches are missing, you see Compliant.

To remediate the missing patches to the ESX host:

  1. Power off all virtual machines or vMotion them to a different ESX host.
  2. Place the ESX host into maintenance mode. Right-click on the ESX host, choose Enter Maintenance Mode, and click Yes.
  3. Right-click on the ESX host and choose Remediate > Critical Host Patches and Non-Critical Host Patches baselines and click Next.
  4. Choose which updates or patches to install, click Next > NextFinish.

Notes:

gopanaboena
Enthusiast
Enthusiast
Jump to solution

Sreekanth45 solution is step by step

Follow

Reply
0 Kudos
chay2263
Enthusiast
Enthusiast
Jump to solution

My sentiments exactly!

Chestin Hay vExpert;VCIX6-NV,VCP6-DCV;VCP6-NV,VCP6-CMA https://www.letsv4real.com https://www.twitter.com/letsv4real
Reply
0 Kudos
balarajugopinat
Enthusiast
Enthusiast
Jump to solution

I agree with Sreekanth steps because it's step by step procedure is there no need to go to KB's

Reply
0 Kudos
SavkoorSuhas
Expert
Expert
Jump to solution

Please follow the below document for sing Update Manager:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=101954...

Suhas

If you found this or any other answer useful please consider the use of the Helpful or Correct buttons to award points.

Don't Backup. Go Forward!
Rubrik

Reply
0 Kudos
ricky73
Hot Shot
Hot Shot
Jump to solution

I'm using vSphere web client and I think Update Manager server component is just installed in Virtual Center, I read it's necessary to install plug-in for my browser?

How can I verify if both browser plug-in and Update Manager server component is just installed? Excuse me for my dummy question :smileyconfused:

Reply
0 Kudos