How To Upgrade ESXi 6.5 to 6.7 Using VMware Update Manager
To patch an ESXI host, you can use the command line interface in ESXCLI. However, using ESXCLI commands to patch a large number of ESXi hosts can be time consuming, and hosts of different versions can make things even more complicated. In this blog post, we look at a different method to patch and upgrade multiple ESXi hosts – regardless of their version – from one interface using VMware vSphere Update Manager.
But first, let’s clarify the difference between the terms upgrade and update:
- Upgrade is to change the version of an ESXi host, vCenter Server, etc. from a minor version to a major version, for example, v.6.0 to v.6.5, v.6.5 to v.6.7, etc.
- Update or patch is to install patches designed to fix bugs on an existing major version. The build number changes, but the version remains the same after applying a patch. For example, by updating ESXi 6.7 to ESXi 6.7 U1, U2or U3, you keep the version 6.7.
What Is VMware Update Manager?
VMware vSphere Update Manager (VUM) is a vCenter plug-in (extension). It must be installed manually on vCenter Server versions older than vCenter 6.5. If vCenter Server 6.5 is installed on Windows, you should install VUM manually. VMware Update Manager can be installed on the machine with vCenter or on another Windows machine. VUM must have network connectivity with vCenter since it is tightly integrated with vCenter Server.
If you have installed vCenter Server Appliance (VCSA) version 6.5 or later, then vSphere Update Manager is pre-installed in vCenter by default and starts automatically. It is recommended that you install vCenter 6.7 as VCSA – in this case, vCenter is running as a virtual machine (VM) on an ESXi server.
VMware vCenter is the centralized management system for vSphere, and vSphere Update Manager is a centralized tool for updating/upgrading ESXi hosts, VMs, virtual appliances, and virtual applications (VMware vApps). You can also use VUM to install and update software such as drivers on ESXi hosts, upgrade VM hardware, install and update VMware Tools. VUM allows you to update/upgrade multiple entities at once.
Advantages of Using VMware Update Manager
The advantages of using VMware Update Manager include flexibility and the possibility to install VMware patches on multiple hosts at once, regardless of the host version. Such an approach also allows you to manage VMware patches centrally by using vCenter with VMware vSphere Client and helps you save time spent on vSphere administration. You can automate ESXi patches installation. VMware Update Manager is universal and allows you to install third-party patches such as Cisco distributed virtual switch, updated drivers for Hewlett-Packard servers, etc., as well as VMware patches.
Before starting the upgrading/updating process, be sure to check the compatibility of your current vCenter version with the new ESXi version, the compatibility of your current ESXi version with the upgrade version, and the compatibility of your backup software with new ESXi and vCenter versions that you will use after the upgrade/update. You can use VMware interoperability matrices on the VMware website. Also, be sure to check the compatibility of your hardware with ESXi patches before you install these patches.
How ESXi Patching and Upgrading Works
Basically, the workflow of ESXi patching consists of the following:
- Uploading the needed installation file to Update Manager
- Creating a custom baseline
- Attaching the baseline to the required entity (ESXi host, datacenter, cluster, etc.)
- Compliance check (optional)
- Remediation pre-check
Remember that in most cases, virtual machines must be shut down or migrated from ESXi hosts before starting remediation when you want to update or upgrade these hosts. ESXi hosts enter into maintenance mode automatically when remediating. When remediation is done, ESXi hosts exit maintenance mode, and a host reboot may be required. If you have chosen to remediate multiple ESXi hosts, second host remediation begins once the process of remediating the first ESXi host is finished.
Hence, the process for ESXi hosts is as follows next:
- An ESXi host is entered into maintenance mode.
- A patch is installed.
- The ESXi host is rebooted.
- The ESXi host is reconnected to vCenter.
- The ESXi host exits the maintenance mode.
- The process of ESXi patching starts for the next ESXi host.
How to Use vSphere Update Manager to Patch ESXi Hosts
Let’s now look at what’s involved in using VMware Update Manager for upgrading ESXi 6.5 to ESXi 6.7. In this example, vCenter 6.7 is used for managing three ESXi hosts. VMware vSphere Update Manager is pre-installed in VCSA 6.7 (vCenter Server Appliance).
Open VMware vSphere Client, go to Hosts and Clusters, and select the ESXi hosts that you would like to upgrade/update. You can select a VM folder, cluster, or the entire datacenter if necessary. In this example, the ESXi host with IP address 192.168.101.205 will be upgraded.
Upgrading ESXi 6.5 to ESXi 6.7
Select the required ESXi host and check the version and build number in the Summary tab.
Note the Updates tab that is present when VMware Update Manager is installed in vCenter.
You can also open the Updates tab to check the ESXi version and build. As you can see on the screenshot, ESXi 6.5 build 8294253 is used in the example (the IP address of the ESXi host is 192.168.101.205 and the IP address of vCenter is 192.168.101.103).
In the Updates tab, you can see a link to the VMware Update Manager page of vCenter.
You should have all the required packages before you can upgrade ESXi. Note that you should download the ESXi 6.7 ISO installer manually before updating ESX 6.5 in vSphere Update Manager.
Uploading the image for upgrade
- Go to VMware Update Manager (Home > Update Manager), select the ESXi images tab, and click Import to import the ESXi 6.7 installation ISO file to the repository of vSphere Update Manager.
- Click Browse and select the ESXi 6.7 installer ISO file. Click Import to import the image to a repository.
- Wait until the ISO image has been copied.
- Once your ESXi 6.7 installation image has been copied to the Update Manager repository, you should create a new baseline.
A baseline is like a preset that can be applied to multiple entities, such as ESXi hosts, at once. Baselines are divided into host baselines, VM (virtual machine) baselines, VA (virtual appliance) baselines. VM baselines and VA baselines cannot be created manually as they are predefined.
You can also create baseline groups. In this example, the baseline includes one ESXi image for upgrade. However, you can select multiple patches (updates), upgrades, or extensions to add to a baseline. Then you can use one baseline to install multiple patches on ESXi hosts simultaneously.
Creating a baseline in VMware Update Manager
In the ESXi images tab, hit New Baseline.
The Create Baseline wizard that is now open has three steps:
- Enter a name and description for a new baseline. In this example, the name is ESXi6-7upgrade. Hit Next to continue.
- Select an ESXi release image. The ESXi 6.7 Update1 ISO image is selected in this case. Hit Next.
- Check the summary and hit Finish.
The baseline has now been created, and it is displayed in the Baselines tab of VMware Update Manager. You can also see two predefined baselines (Non-Critical Host Patches and Critical Host Patches).
Attaching a baseline
- Go to Hosts and Clusters, select your host (ESXi 6.5), and select the Updates tab.
- In the Overview section, select Host Updates
- In the Attached Baselines section, hit Attach.
Note: You can select the entire datacenter, VM folder, or cluster if you wish to upgrade multiple ESXi hosts.
- Select your custom upgrade baseline (ESXi6-7upgrade in this case) and hit Attach.
- Go back to Hosts and Clusters.
- Select your ESXi host (datacenter, VM folder or cluster).
- Select the Updates tab. In the Updates tab, select Overview.
- Select Host Compliance and click Check Compliance.
The compliance check allows you to check the state of updates added to baselines and notifies you of any conflicts. If the update/upgrade is unsupported, VMware Update Manager will notify you when performing the check compliance.
In this example, the host compliance status is non-compliant, but the upgrade can be technically done for selected hosts.
Remediation pre-check should be performed to verify conditions and identify possible problems that may occur after remediating. If there are possible issues, the list of recommended actions is displayed. For example, if you are going to upgrade/update ESXi hosts and VMs are running in a cluster, you may need to disable DPM and HA admission control, and enable DRS, EVC, etc. As for VMs, you may need to disconnect a virtual DVD drive, disable Fault Tolerance for the VM in a cluster, etc. Pre-check remediation allows you to avoid terminating the update/upgrade process after starting.
- Go to Hosts and Clusters, select your ESXi host (hosts), right-click the host and in the context menu, select Update Manager > Pre-check Remediation.
- Wait for a while until the checking process is finished. If there are warnings after finishing the pre-check remediation process, perform the recommended actions to fix the issues.
- If everything is correct and no actions are needed to begin remediation, go to Hosts and Clusters, select your ESXi host, select the Updates tab, and open the Host Updates category in the Overview section. Select the required baseline (ESXi6-7upgrade in this case) and click Remediate.
- Read and accept the End Use License Agreement (EULA), select the appropriate checkbox, and hit OK.
- Select the ESXi hosts that need to be remediated, edit settings if needed (scheduling settings, remediation options), and click Remediate.
- All VMs must be shut down or migrated from the host before remediating. The host will enter into maintenance mode automatically. You can see the progress of the remediation process in the Recent Tasks tab. Wait until the process is finished. After upgrading an ESXi host, the host must reboot and exit the maintenance mode automatically.
- Once the ESXi upgrade process is finished and your ESXi host is rebooted, select this host in the Host/Cluster page and verify the version and build number. As you can see in the screenshot below, our ESXi host has been upgraded from v6.5 build 8294253 to version 6.7 build 10302608 (Update 1). You can compare your build number with the build number in the table and identify the version, release name, and release date.
The ESXi host has been upgraded successfully, and you can run VMs on this host again.
How to patch ESXi 6.7 to ESXi 6.7 Update 2
If you use ESXi 6.7 hosts, you cannot upgrade these hosts until a new version of vSphere has been released. At the moment of writing this blog post, vSphere 6.7 is the latest version. However, updates that contain security patches and other patches have been released by VMware.
ESXi 6.7 hosts can be updated to ESXi 6.7 Update 1, Update 2, and Update 3 as of the time of writing. Let’s consider how to update ESXi host version 6.7 Update 1 to version 6.7 Update 2 as an example. You can use this process to update your ESXi 6.7 Update 2 to ESXi 6.7 Update 3 by using VMware Update Manager as well as installing custom VMware patches. As you may recall, the current version of ESXi host considered in our example is version 6.7 Update 1 build 10302608.
Step 1: Open Update Manager
Open vSphere Update Manager (in vSphere Client go to Home > Update Manager) and select the Updates tab. You can see a list of available updates and patches, their severity, type, and category. The required VMware ESXi 6.7 Complete Update 2 is present in this list, hence, we can continue.
Step 2: Create a baseline
As in the previous example, first you have to create a new baseline. In VMware Update Manager, open the Baselines tab, click New > Baseline.
The Create Baseline wizard opens.
- Name and Description. Enter a name, for example ESXi6-7upd2, enter description (optional), and select the baseline type. In this case, the content type is Patch. Hit Next to continue.
- Select Patches Automatically. As we would like to install the necessary update manually, the “Automatically update this baseline with patches that match the following criteria” checkbox must be deselected. Otherwise, all available VMware patches will be suggested for installation.
- Select Patches Manually. Select the required VMware patches. VMware ESXi 6.7 Complete Update 2 has been selected in this example.
- Summary. Check your baseline settings and if everything is correct, hit Finish.
Now that a baseline has been created, you can see the new baseline in the Baselines tab of VMware Update Manager.
Step 3: Attach the baseline to the host
Now, go back to Hosts and Clusters, select the ESXi host that you would like to patch, and select the Updates tab. Click Host Updates and in the Attached Baselines section, click Attach.
In the popup window, select the required baseline (ESXi6-7upd2 in this example) and hit Attach.
Step 4: Remediate the ESXi host
Now the baseline has been attached to the ESXi host, and you should select this baseline. You should prepare your ESXi host for remediation and shut down or migrate VMs from the hosts which must be patched. Keep in mind that the ESXi host needs to enter the maintenance mode in order to install ESXi patches. Next, click Remediate to start updating the ESXi host.
In the newly opened window, confirm the host you would like to patch, and select this host by selecting the checkbox (the checkbox is selected by default). Configure additional options if needed, and hit Remediate to start patching the ESXi host.
Step 5: Verify that host was patched
Wait until the remediation process is finished. After that, select your ESXi host and, in the Summary tab, check the version and build number to ensure that the host has been patched successfully. Now our ESXi host has been updated to version 6.7.0 Update 2 Build 13006603.
Note that you can configure global settings for VMware Update Manager if needed by going to Update Manager > Settings.
VMware Update Manager is a useful module intended for managing and installing updates in VMware vSphere environments. VMware vSphere Update Manager (VUM) is tightly integrated with vCenter and is included with VCSA 6.5 and VCSA 6.7. It is especially recommended that you use VUM to update or upgrade components in large vSphere environments. Don’t forget to check the compatibility before installing patches and be aware of migrating or shutting down virtual machines running on ESXi hosts scheduled to be patched.
VMware backup software from NAKIVO supports the latest version of VMware vSphere and allows you to protect your VMs and instantly recover individual items and full VMs when needed.