VMware Cloud Community
cfsullivan
Contributor
Contributor

Guest Full Shutdown Required?

Our ESXi 6.0 hosts are being upgraded to Build 7967664 and the physical microcode is being upgraded as protection against Meltdown/Spectre. All guests are at HW version 11.

Do either/both of these host upgrades require that the guests be fully shut down then started back up to be protected again Meltdown/Spectre? I thought I came across that at one point for at least the microcode, but I'm not able to get an answer on a quick Web search.

Thanks.

Reply
0 Kudos
5 Replies
daphnissov
Immortal
Immortal

Yes, that's correct.

Reply
0 Kudos
cfsullivan
Contributor
Contributor

Thanks for the quick reply. Is it needed because of the ESXi upgrade, or the microcode upgrade? (I'm guessing the latter, but want to confirm.)

Reply
0 Kudos
daphnissov
Immortal
Immortal

The ESXi upgrade, because of the microcode updates there.

Reply
0 Kudos
cfsullivan
Contributor
Contributor

Okay, thanks.

Reply
0 Kudos
a_p_
Leadership
Leadership

From what I understand, the VM power-cycle is required due to the microcode upgrade. ESXi will upgrade the microcode only if you've not done this previously by e.g. a vendor provided BIOS update.Anyway, there's more to this if you are running the hosts in an EVC enabled cluster. In this case, the new CPU features will only be presented to the VMs once all of the hosts in the cluster have the new microcode, and vCenter Server has been updated as well. What I've seen with such updates is that after the updates are done (vCenter Server as well as the hosts in the cluster), it was necessary to disable/enable EVC again, so that it reconfigured the EVC settings on the hosts.

André

Reply
0 Kudos