Prevent corruption of the ESXi bootable SD card

In vSphere ESXi 6.0 U3 an optimization is added to reduce the wear on the bootable SD card. Without this optimization high read load of VMware Tools ISO images might cause corruption of the flash media. You can copy all the VMware Tools data into its own ramdisk. As a result, the data can be read from the flash media only once per boot.

To activate this feature the following advanced settings must be changed on each ESXi host:

  • Set the advanced ToolsRamdisk option to 1 by using this command:
    esxcli system settings advanced set -o /UserVars/ToolsRamdisk -i 1 
  • After changing the setting reboot the host.

I created a simple PowerCLI script that sets the advanced setting `toolsRamdisk` value to ‘1’ on all the ESXi hosts.

<# Author : Ivo Beerens Blog : www.ivobeerens.nl Twitter : @ibeerens Pre-requisite : ESXi 6.0 U3 Set : Set UserVars.ToolsRamdisk to the value 1 #>

Get-Module -ListAvailable VMware* | Import-Module
Connect-VIServer
    Foreach ($vmhost in Get-VMHost | where {$_.ConnectionState -eq "Connected"}) {
        Write-Host "Host: $($vmhost.name)" -ForegroundColor Green
        Get-AdvancedSetting -Entity $vmhost -Name UserVars.ToolsRamdisk | Set-AdvancedSetting -Value ‘1’ -Confirm:$false
        
    }

After running this script all the ESXi hosts must be rebooted.
More information: VMware KB: High frequency of read operations on VMware Tools image may cause SD card corruption (2149257), Link

Update the vCenter Server Appliance (VCSA) without internet

In this blog post I highlight how to patch or update a single vCenter Server Appliance (VCSA) without having an internet connection. The patch will be stored on a temporarily web server that is installed on a Windows machine. In this example we update the vCenter Server Appliance version from 6.0 Update 2 to 6.0 Update 3 build 5050593.

Here are the main steps:

1. On a Windows machine install a temporarily web server to host the VCSA patch.  As web server “Posh Server” (link) will be used. This is a small PowerShell web server. Download the Posh Server and install it on a Windows box. After the installation (use the default settings) open PowerShell (As Administrator) and execute the following commands:

Set-Executionpolicy unrestricted

Type “y” to confirm. Go to the “C:\Program Files\PoSHServer” folder.

Import-Module PoSHServer
Start-PoshServer -Port 9000

The Posh web server is started and listens on port 9000

2. Download the patch (zip file)  from the VMware website.

Extract the patch on the Windows machine in the web server folder under “C:\Program Files\PoSHServer\webroot\http\update“. Besides the patch file(ZIP), two folders are extracted (manifest and package-pool).

2. Before upgrading make sure you have a backup copy of the VCSA!

3. Open the vCenter Server Appliance web interface (https://VSCA-IP:5480). Go to the update tab and click settings, select use “Specified Repository”. Enter as location of the web server and update folder. In this example we use:

http://IP-web-server:9000/update

Click OK, check updates and use the “Check Repository” option. (tip: make sure to disable the proxy configuration in the VCSA)

The update displayed in available updates. Install the update.

When the update is finished, click OK and reboot the appliance.

5. After the reboot check the version and build version of the new patch.

Patch VMware ESXi hosts by command line

There a several ways to patch a VMware ESXi server. vSphere Update Manager (VUM) can update for example a complete ESXi host cluster fully automatic. vSphere Update Manager requires a vCenter Server. When you don’t have a vCenter Server patching can be done from the command line.

Here is a quick overview how to patch an ESXi 6.x host to the latest patch.

Step 1. Download the latest patch bundle from the VMware Web site, link. VMware ESXi patches are cumulative!  Each patch bundle (.zip archive) includes all the updates from prior patches.

Step 2. Upload the patch bundle (zip) to a (central) datastore with the vSphere Client (prior vSphere 6.5), vSphere Web Client, ESXi host client.

Step 3. Enable SSH

In the vSphere Web client start the SSH service and make a SSH session to the ESXi host

Step 4. Put the host in maintenance mode

vim-cmd hostsvc/maintenance_mode_enter

Step 5. Install the patch bundle

Using esxcli with the install method has the possibility of overwriting existing drivers. If you are using third-party ESXi images, VMware recommends using the update method to prevent an unbootable state. The following command will install the patch bunde:

esxcli software vib update -d /vmfs/volumes/datastore/patchbundle.zip

For example install HPE ESXi 6 Update 3:

esxcli software vib update -d /vmfs/volumes/VMFS01/VMware-ESXi-6.0.0-Update3-5050593-HPE-600.9.7.0.17-Feb2017-depot.zip

After the patch bundle is installed check the message. It must say “The update completed successfully, but the system needs to be rebooted for changes to be effective.”

Step 6. Reboot the host  by entering the following command:

reboot

Step 7. Make a SSH session to the ESXi host and exit maintenance mode

vim-cmd hostsvc/maintenance_mode_exit