Hi vSphere Gurus,
In vsphere support matrix, it only says U1 host can join U2 vcenter.
However 6.5P02 7388607 host, which is a patch of U1 version, cannot join EVC enabled vCenter cluster 6.5 U2 8294253.
BUT 6.5 EP06 7967591 can join the U2 vCenter 8294253.
https://my.vmware.com/group/vmware/patch#search
I double check its information that EP06 only update the CPU CVE issue patch. link-> VMware Knowledge Base
Is any official limitation description document for the support list with these special patch?
Are there still host in the EVC cluster not updated?
The reason for this is that there are some changes been masked out with the patch and in such, the old EVC will still expose those feature in old EVC. The new EVC will then block out this feature and will not allow patched server to join this cluster.
You need to make sure all the host in the EVC Cluster is patched. If one is not patched, the EVC will not expose the new characteristic.
what is the error you are getting when adding host ? can you please post error message ?
I didn't found any official limitation description document for the support of those patches, but the problem You described is a repetitive one. Make sure that all hosts in EVC cluster have the same Spectre/Meltdown patches installed and then add them to the EVC enabled cluster.
Hi Vmrale,
Thanks for your response.
I just follow the interoperability matrix. Choose esxi and vcenter server.
https://www.vmware.com/resources/compatibility/sim/interop_matrix.php#interop&1=&2=
It says U1 esxi can join U2. VMware allows user to do this operation and it is official support in my opinion.
In my testing, 6.5EP06 can join 6.5U2. That means same patch is not a Must rule. At least, the join cluster operation should be workable.
We just need to find some document to support our testing result of the limitation.
Imaging that customer has a new 6.5U2 vcenter and a bunch of pre-installed ESXi 6.5P02. The mixed esxi node joining operation is reasonable.
We can solve the patch problem after the esxi node join into the cluster.
Are all hosts running the latest BIOS (Microcode)? Support for the the additional CPU instructions was introduced with build 7967591 (see e.g. https://esxi-patches.v-front.de/vm-6.5.0.html).
I ran into this same issue some time ago, and solved it by upgrading all the host's BIOS (Microcode), as well as ESXi to Update 1g (Build 7967591). After this I was able to add the hosts to the EVC enabled cluster.
André
Here is the attachment of error
I think cpu related patch is the root cause of the issue.
However, VMware doesn't provide document for the limitation about 6.5P2 cannot join U2 vcenter.
If the test result is ture. That means only U1G(EP06) can join U2 cluster.
a.p.
It may not be the root cause of the issue.
U1G can join U2 cluster but P02 cannot. Technically speaking, they are all belong to U1 series.
Technically speaking, they are all belong to U1 series.
That's correct, but the microcode update which added the new CPU instructions came with U1g.
André
Are there still host in the EVC cluster not updated?
The reason for this is that there are some changes been masked out with the patch and in such, the old EVC will still expose those feature in old EVC. The new EVC will then block out this feature and will not allow patched server to join this cluster.
You need to make sure all the host in the EVC Cluster is patched. If one is not patched, the EVC will not expose the new characteristic.
Hi tanwk,
Thanks for your reply.
Go through the link you provide, I visit the KB VMware Knowledge Base 52085.
and find the description:
In order to maintain this compatibility the new features are hidden from guests within the cluster until all hosts in the cluster are properly updated. At that time, the cluster will automatically upgrade its capabilities to expose the new features. Unpatched ESXi hosts will no longer be admitted into the EVC cluster.
Then we can regard it as an official description of limitation.