patch

Update the vCenter Server Appliance (VCSA) without internet

In this blog post I highlight how to patch or update a single vCenter Server Appliance (VCSA) without having an internet connection. The patch will be stored on a temporarily web server that is installed on a Windows machine. In this example we update the vCenter Server Appliance version from 6.0 Update 2 to 6.0 Update 3 build 5050593.

Here are the main steps:

1. On a Windows machine install a temporarily web server to host the VCSA patch.  As web server “Posh Server” (link) will be used. This is a small PowerShell web server. Download the Posh Server and install it on a Windows box. After the installation (use the default settings) open PowerShell (As Administrator) and execute the following commands:

Set-Executionpolicy unrestricted

Type “y” to confirm. Go to the “C:\Program Files\PoSHServer” folder.

Import-Module PoSHServer
Start-PoshServer -Port 9000

The Posh web server is started and listens on port 9000

2. Download the patch (zip file)  from the VMware website.

Extract the patch on the Windows machine in the web server folder under “C:\Program Files\PoSHServer\webroot\http\update“. Besides the patch file(ZIP), two folders are extracted (manifest and package-pool).

2. Before upgrading make sure you have a backup copy of the VCSA!

3. Open the vCenter Server Appliance web interface (https://VSCA-IP:5480). Go to the update tab and click settings, select use “Specified Repository”. Enter as location of the web server and update folder. In this example we use:

http://IP-web-server:9000/update

Click OK, check updates and use the “Check Repository” option. (tip: make sure to disable the proxy configuration in the VCSA)

The update displayed in available updates. Install the update.

When the update is finished, click OK and reboot the appliance.

5. After the reboot check the version and build version of the new patch.

The new way to patch the vCenter Server Appliance 6

The patching process in vCenter Server Appliance (vCSA) version 6 is changed from previous versions. It is not possible anymore to use the Virtual Appliance Management Interface (VAMI) and update the appliance using the User Interface. The new way to patch the vCenter Server Appliance involves the following steps:

  • Download the patch from the VMware Patch Download Center, link.
  • Choose vc and select version 6.x
  • Download the latest patch ISO

1_patch

  • Attach the *.ISO to the vCenter Server Appliance.
  • Open a console session or SSH (SSH must be enabled) to the appliance. In the console session press ALT + F1 and login.

vcsa

  • Stage the ISO using the following command
software-packages stage --iso  --acceptEulas
  • See the staged content
software-packages list --staged
  • Install the staged content
software-packages install --staged
  • Reboot the appliance
shutdown reboot -r
  • After the reboot check the new vCenter Server Appliance build version

vcsa version

The easy updating process that was used in the vCenter Server Appliance 5.x is gone. The new update process involves more manually steps. We hoping that the easy updating will return in further releases of the vCenter Server Appliance.

 

Ways to patch your VMware ESX(i) hosts

 

There are different ways to patch your VMware ESX(i) 4 hosts. The most common utilities are VMware Update Manager (VUM), vSphere Host Update Utility and the esxupdate command line utility (run from the Service Console) to patch your VMware environment. Here’s explained the differences between them.

VUM can be used to automated patch your complete environment without user intervention. ESX(i) host are automatically placed in maintenance mode and VM’s are migrated to other VMware ESX(i) host using VMotion and DRS techniques, the host is patched, rebooted and exiting maintenance mode.  VUM is used on enterprise environments.

vSphere Host Update Utility can be used to patch only VMware ESXi (not ESX) hosts. Normally this utility is used in small ESXi environments without VUM, VMotion and DRS.

image 
 

image
VUM utility vSphere Host Update Utility

ESXupdate command, this command line utility (in the service console) can be used to patch your standalone VMware ESX host, for example the vSphere Essentials edition. This small business version comes with for example VMware ESX, vCenter and VMware Update Manager. But when your vCenter server is installed virtually as VM you are not able to transfer the VM to another host because there is no VMotion in the license. All the VMs must be shutdown including the vCenter VM to put the host in maintenance mode. So you can’t use VMware Update Manager. Now you need the esxupdate command.  Here are the steps for using the ESXupdate command:

  • The first thing is to download the patch bundles. A bundle contains a metadata zip which defines the bulletins available for installation. This is a great improvement to earlier versions of VMware ESX. It’s possible to select all patch bundles and download them at once. The patch bundles can be found here.

image

  • Upload the patch bundles on the VMware ESX VMFS  or NFS partition (other options such as HTTP repository are also possible). This can be done by using the datastore browser in the vCenter client.

 image

  • Shutdown all VMs on the VMware ESX host to patch using the .vSphere client or the vmware-cmd command.
  • Put the host in maintenance mode using the vSphere client or the following command:

vimsh -n -e /hostsvc/maintenance_mode_enter

  • Check the integrity of the patch bundle with the esxupdate –check –bundle command. Do this for all patch bundles.
  • Install the patch using the esxupdate update –bundle command. Install all patch bundles beginning with the oldest patch bundle.
  • Exit maintenance mode by using the vSphere client of the following command: 
vimsh -n -e /hostsvc/maintenance_mode_exit
  • Reboot the hosts vSphere client of the following command:

shutdown –r now

Here’s a sample script:

vimsh -n -e /hostsvc/maintenance_mode_enter
esxupdate check --bundle ESX400-200906001.zip
esxupdate update --bundle ESX400-200906001.zip
esxupdate check --bundle ESX400-200907001.zip
esxupdate update --bundle ESX400-200907001.zip
esxupdate check --bundle ESX400-200909001.zip
esxupdate update --bundle ESX400-200909001.zip
esxupdate check --bundle ESX-4.0.0-update01a.zip
esxupdate update --bundle ESX-4.0.0-update01a.zip
esxupdate check --bundle ESX400-200912001.zip
esxupdate update --bundle ESX400-200912001.zip
esxupdate check --bundle ESX400-201002001.zip
esxupdate update --bundle ESX400-201002001.zip
vimsh -n -e /hostsvc/maintenance_mode_exit
shutdown -r now

[ad#verticaal]