We're completing our ESX 3.5/VC 2.5 architecture and plan to use Update Manager (UM) to deploy ESX hotfixes, but will use our existing configuration management tools for VM configurations (e.g., windows hotfixes).
We're still not clear how we want to handle updates to VMware tools. We have not included it in our CM environment because we use VIClient to deploy VMware tools when the VM is built/template deployed, and do ad-hoc updates to VMware tools after that. We're still in the lab/QA, but moving to production shortly so we'll have to be more rigourous and follow an established procedure.
So the question are these:
Will VMware tools updates be distributed through the ESX side of Update Manager (such as ESX 3.0.2 hotfix ESX-1002430) or through the windows/linux side of the update Manager?
If it will continue through the ESX side (which is our preference), will ESX Remediation deploy the tools to the VM's on the box? I would assume not since in a VMotion environment those VM's will be on another ESX server when the Remediation takes place.
Do most people "out there" use their CM to deploy updates to VMware tools or use the VMware processes?
We would rather not have to go through the Windows/Linux Update Manager for this, since we're actually using Download Manager (DM) and don't want to have to move all the irrevelent stuff across the boundary just for the sake of the VMware tools.
I may be misunderstanding this stuff as well.
Thanks for this.
PS: I'm very impressed with the DM and UM stuff so far. This has been very well thought out.
I'm very interested in this topic as well.
Normally we use Altiris / RDP for updating Windows hotfixes etc. for fysical and virtual servers.
At the installation of a new VM we deploy VMware Tools that is current at that time.
If updates for VMware Tools are needed, we manually install them or via an Altiris / RDP installation job.
For ESX updates we have a scripting solution since we are still at 3.0.2.
Unfortunatly i haven't been able to test and try with VI3.5, but from this site
I can see that there is an option for a VM to "check and upgrade VMware Tools before each power on".
So in theory you would be able to use your current CM solution and after applying hotfixes and rebooting VMware Tools should be updated if needed.
I don't know if you are able to test this right now, because i'm not sure that there are any VMware TOols update voor VI3.5. Please let us know
I'm pretty sure this question was asked at the VMworld session on VMware Update Manager and the answer was 'no, not at the moment'.
Initially update manager will patch hosts and Windows patches but not VMtools.
I hadn't seen that option in the VM configuration. I think that may do the trick.
For now, I'm going to assume VMware Tools updates will come through the ESX update Manager path like that ESX 3.0.2 patch I mentioned. We can test then pilot a VMware tools patch in the lab and QA through a separate baseline item, and put it into our primary UM baseline.
At the next VM boot (which the CM -in our case it's Microsoft SMS - does monthly to apply MS hotfixes), it will automatically receive the tool update. However, will definitely need testing because the VM setting implies this is done at power-on, not reboot.
It is "easy" to play with some of the new 2.5/3.5 features in a VM environment. I have an eval VC2.5 with Starwind iSCSI, ESX3.5 and ESX 3i running in VMware Workstation 6 and use the iSCSI for shared disk as has been described in many places in this forum. The only wrinkle related to ESX 3.5/3i under Workstation 6 is that you cannot start a VM within an ESX server as that causes a panic failure in VM workstation. All the other features seem to work fine, and I've played quite a bit.
Looks like you do need a power cycle for that switch, although I will confirm in the next couple of days.
You can also easily schedule the update using the VIToolkit for Windows Update-Tools cmdlet without having to cycle the power on the VMs
Get-VM | Update-Tools will blindly update (and reboot) all your VMs, so perhaps you might want to add some filter to phase that....
Let's assume a guest Server1 is hosted by esx1 and managed from vcs1. esx1 has been recently updated with a new version of VMware Tools
Install the VI Toolkit for Windows (download from the Tool tab on the Infrastructure 3 download page)
Log onto the VI Toolkit computer using an account with good permissions to the Virtual Center environment. Open VI Toolkit for Windows and type the following two commands:
get-vm -name server1 | update-tools
The VI Toolkit has a pretty good help file that is installed with it. There are lots of other things you can do with VI Toolkit for Windows.
If your VMs are in an Active Directory environment you can use Group Policy Software Distribution to install and update your VMware Tools.
Following the guide here we have setup a policy which is only applied to a group that contains the computer accounts of our VMs (because our VMs are across multiple OUs combined with physical hosts we couldn't just link it to the OU). The advantage of this is when you publish an updated version of the Tools through Group Policy the VMs only need a reboot for the upgrade to take effect - which for Windows VMs would likely be incorporated into your regular patch cycle.