After upgrading to ESXi 7 U3c, there is a warning message under the Updates tab for ESXi hosts
"Do not use the non-critical baseline to update ESXi 7.0GA - 7.0U3b hosts. Use a baseline created with an ESXi 7.0 U3c or higher ISO image or Critical Host Patches baseline before applying any other patches to these hosts."
I had questions and I didn't find much about it online, so I opened a support request with VMware and I was told that we should not use any pre-defined baselines to remediate ESXi 7.0 U3 hosts. We should actually upgrade using the latest ESXi iso (i.e. ESXi 7.0 U3f) to upgrade and not the Critical Host Patches, Non-Critical Host Patches and Host Security Patches pre-defined baselines.
So this would mean that patching is no longer an option for ESXi 7.0 U3 hosts. I just wanted to verify that this is the case.
Thanks
I just wanted to follow up to see if anyone had any further insight into this. I am unable to find any official documentation from VMware that the pre-defined patch baselines can no longer be used for ESXi 7 U3.
What doesn't make sense to me is that the warning specifies "Do not use the non-critical baseline to update ESXi 7.0GA - 7.0U3b hosts...". We are running ESXi 7.0 U3c, which based on the warning message, seems it would not apply to us.
This seems like a major issue that patching via Life Cycle Manager is no longer supported and you can only patch ESXi 7.0 hosts by upgrading using the latest ESXi 7 U3 iso. Has nobody here on this forum attempted to patch their ESXi 7 hosts? I would have expected a quick answer to this question since it seems like a major issue everyone here would be dealing with, but I'm not finding any documentation supporting what the VMWare support technician told me. I had planned to patch sometime in the next two weeks and want to make certain that the information I was given is correct.
From what I understand, applying non-critical patches to versions earlier than 7.0 U3c may/will cause issues by installing unwanted stuff (likely due to incorrect metadata). Once the hosts have been patched to U3c or later, you can proceed witch applying patches as before.
André
I've patched my entire environment the other day to 7.0 u3d with VUM baselines without any issues whatsoever. So you should be able to continue after 7.0 u3c.
Hi, I'm not sure if this helps but i am on the latest release of ESXi and vCenter and i still receive the same message.
We we're on ESXI 7.0 U3 and when the issues arose and guidance to move away from U3 we're announced we used the latest iso from VMWare to perform the upgrade. I believe we went to 3d with no issues.
Since then we see the message below which is the same message you see. Since 3d we have reverted back to Baselines as we did previously.
Hope this helps.
This was an answer directly from VMware Tech Support.
"The best way to go forward with the updates is to use the pre-defined baselines (critical, non-critical, host security). We had a few issues with using the pre-defined baselines only for versions up to 7.0u3b. For all further version, you can use the baselines to update your hosts."
-K
Just patch your cluster hosts with the latest release update. No need to install any other patches.
First of all, setup cluster image with latest bulid and select your hardware latest release drives as well.
Let me know if you have any questions or concern.
I'll be happy to help!
I used to do the same. I patch only the latest roll up update and the nic drivers , nothing more than that