VMware Cloud Community
Niyot1
Enthusiast
Enthusiast
‎02-18-2022 01:11 AM

vSAN Patchng

Hi All

 

When do you patch the vSAN environment.   

A- is it when VMware release monthly/critical patches for the ESXi hosts

B - Wait for the vSAN build recommendation engine via the release catalogue to recommend a patch release. 

If you look at the vSAN build numbers https://kb.vmware.com/s/article/2150753 you will see its 2 versions behind the ESXi host build numbers.   In the past i have just patched the vSAN ESXi hosts when the patches are released for ESXi hosts in a regular cluster.   Nothing has broken yet but want to know what is best practice. Thanks

 

0 Kudos
3 Replies
usmabison
VMware Employee
VMware Employee
‎02-21-2022 10:02 AM

Greetings Niyot1,

VSAN is delivered in the kernel of ESXi. That said, not every ESXi patch includes a VSAN update. I also track versioning using those KBs, and in my experience, they are not updated immediately .. e.g., VMware vSAN 7.0 Update 3 Release Notes there is a new version of VSAN - that kb just hasn't been updated yet. You are better served IMHO by subscribing to updates with your vmw acct, or simply look at release notes to see when updates are released.

0 Kudos
Niyot1
Enthusiast
Enthusiast
‎02-22-2022 08:43 AM

Thanks for your response.  So when i look at the latest ESX release notes, it lists vsan and vsanhealth as one of the affected vibs.   So I take it this means patch vsan to that revision then.  obviously making  sure vCenter is at the same or higher revision.     

0 Kudos
usmabison
VMware Employee
VMware Employee
‎02-23-2022 02:56 AM

Sure. Yes, latest ESXi Release Notes https://docs.vmware.com/en/VMware-vSphere/7.0/rn/vsphere-esxi-70u3c-release-notes.html includes an update for vSAN. My point though was that your reference to a KB to determine if you should patch is a not as timely as reviewing release notes, only b/c that particular KB does not always get updated when an update is released. Again, you'd be better served by subscribing to the release notes. It's easy enough to look to see if any are updated.

On an aside, there is a KB for ESXI (https://kb.vmware.com/kb/2143832), and one for VCSA (https://kb.vmware.com/kb/2143838) as well.

William Lam wrote an article years ago https://williamlam.com/2017/08/powercli-script-to-help-correlate-vcenter-esxi-vsan-buildversions-wo-... which describes a way to use these as a basis for functions to determine a build number. Updating the Functions (each time a new version is released) is a bit manual, but it works well enough (to identify the version/build of your vcsa/esxi/vsan) ...

0 Kudos