In this post, we’ll learn about the latest version of vSphere Update Manager (VUM) present in the vSphere 6.7 U2 recently released by VMware. The tool has been enhanced and improved for usage with HTML5 web client. Previously, not all functions were possible through this client and the use of vSphere web client (Flash) was necessary. Today’s post title is VCP6.7-DCV Objective 7.15 – Utilize VMware vSphere Update Manager (VUM).
We’re in the last phase of our VCP-DCV 2019 Study guide which has 41 chapters to cover. It is a very large project, but currently, we have covered about 31 chapters so last 10 is to follow quickly. The official VMware blueprint has 41 chapters so we try to follow those guidelines.
The Professional vSphere 6.7 Exam 2019 validates that an individual can implement, manage, and troubleshoot a vSphere V6.7 infrastructure, using best practices to provide a powerful, flexible, and secure foundation for business agility that can accelerate the transformation to cloud computing.
Note: If you want to pass the Professional vSphere 6.7 Exam 2019, you have also a possibility to use our VCP6.5-DCV Study guide and pass VCP6.5-DCV: VMware Certified Professional 6.5 – Data Center Virtualization exam. You’ll still earn the VCP-DCV 2019 Certification.
VCP6.7-DCV Objective 7.15 – Utilize VMware vSphere Update Manager (VUM)
VUM provides centralized, automated patch and version management for ESXi hosts and virtual machines (VMs).
With Update Manager, you can perform the following tasks:
- Upgrade and patch ESXi hosts.
- Install and update third-party software on hosts.
- Upgrade virtual machine hardware and VMware Tools.
You can use Update Manager with either vCenter Server that runs on Windows or with the vCenter Server Appliance. While the VUM on Windows needs to be installed and configured in order to run, VUM on vCenter server appliance (VCSA) comes pre-installed and pre-configured. You have nothing to do.
You can install the Update Manager server component either on the same Windows server where the vCenter Server is installed or on a separate machine.
Note: If you want the Install config guide, I’d recommend getting VMware PDF called “vSphere Update Manager Installation and Administration Guide“. (Update 2).
Update Manager baselines are hosts baselines and virtual machine baselines. To upgrade objects in your vSphere inventory, you can use predefines baselines, system-managed baselines, or custom baselines that you create. When you scan hosts and virtual machines you evaluate them against baselines and baseline groups to determine their level of compliance.
VUM has two kinds of baselines: (there are more)
System managed baselines – The Update Manager displays system managed baselines that are generated by vSAN. These baselines appear by default when you use vSAN clusters with ESXi hosts of version 6.0 Update 2 and later in your vSphere inventory. You can see them only if you have vSAN in your cluster.
The system managed baselines automatically update their content periodically (needs internet connectivity). You can use the system managed baselines to upgrade your vSAN clusters to recommended critical patches, drivers, updates or latest supported ESXi host version for vSAN.
Predefined baselines – Predefined baselines cannot be edited or deleted, you can only attach or detach them to the respective inventory objects.
Under the Host Baselines tab in Update Manager Admin view, you can see the following predefined baselines:
- Critical Host Patches (Predefined) – Checks ESXi hosts for compliance with all critical patches.
- Non-Critical Host Patches (Predefined) – Checks ESXi hosts for compliance with all optional patches.
Custom Baselines – Custom baselines are the baselines you create. You can also delete them.
Baseline groups – Baseline groups are assembled from existing baselines. A baseline group might contain one upgrade baseline, and one or more patch and extension baselines, or might contain a combination of multiple patch and extension baselines. A baseline group consists of a set of non-conflicting baselines. Baseline groups allow you to scan and remediate objects against multiple baselines at the same time.
You must have the Manage Baseline privilege. To attach baselines and baseline groups, you must have the Attach Baseline privilege. Privileges must be assigned on the vCenter Server system with which Update Manager is registered.
How to create a baseline
You create and manage baselines in the Update Manager Client Administration view. Use the new Baseline wizard via New button.
Menu > Shortcuts > Update Manager > Baselines > New
Note: Update Manager also provides default baselines that you cannot edit or delete. Default baselines are the predefined baselines that contain patches for hosts and updates for VMs. The other type of default baselines is the system managed baselines that you can use to check if your vSAN clusters run the latest supported software.
Patch or Extensions Baselines
It is possible to remediate (update/upgrade) host against baselines that contains patches or extension.
Dynamic patch baselines contain a set of patches, which updates automatically according to patch availability and the criteria that you specify. Fixed baselines contain only patches that you select,
regardless of new patch downloads.
Extension baselines contain additional software modules for ESXi hosts. This additional software might be VMware software or also a third-party software. You can install additional modules by using extension baselines and update the installed modules by using patch baselines.
Attach Baselines and Baseline Groups to Objects
To view compliance information and scan objects in the inventory against baselines and baseline groups, you must first attach the respective baselines and baseline groups to the objects.
Select Host > go to Updates > Select Host updates > Attach Baseline or baseline group.
You can duplicate baselines and baseline groups in order to edit the copies without a risk of the compromise or the original baseline.
Remediate vSphere Object
You can remediate virtual machines and hosts using either user-initiated remediation or scheduled remediation.
To remediate vSphere objects, you need the Remediate to Apply Patches, Extensions, and Upgrades privilege.
And watch the progress…
For ESXi hosts in a cluster, the remediation process is sequential by default. With Update Manager, you can select to run host remediation in parallel. When you remediate a cluster of hosts sequentially and one of the hosts fails to enter maintenance mode, Update Manager reports an error, and the process stops and fails. The hosts in the cluster that are remediated stay at the updated level. The ones that are not remediated after the failed host remediation are not updated.
The host upgrade remediation of ESXi hosts in a cluster proceeds only if all hosts in the cluster can be upgraded.
I highly recommend consulting VMware PDF called “vSphere Update Manager Installation and Administration Guide”. (Update 2), as well as the whole documentation PDF set mentioned on the VCP6.7-DCV Study Guide Page.
To become VCP-DCV 2019 certified you have 3 different choices of exam:
- Professional vSphere 6.7 Exam 2019 (this page)
- VMware Certified Professional 6.5 – Data Center Virtualization exam (our VCP6.5-DCV Study Guide Page which is complete)
- VMware Certified Professional 6.5 – Data Center Virtualization Delta exam
Note: You must be VCP5, or VCP6. If, not, you must attend a class and have no “Delta” exam possibility.
Using VUM for Virtual Machine Upgrade
Use Update Manager to upgrade the hardware version of one or multiple virtual machines to the latest hardware version that the host supports.
You might not think of it as such, but it allows you to have additional security as VUM can roll back virtual machines and appliances to their previous state. You can manually upgrade the hardware of virtual machines immediately, or you can schedule.
You can also use Update Manager to upgrade VMware Tools to the latest version that the host supports. Navigate to Menu > Hosts and Clusters > Select a host or a cluster from the inventory and click the Updates tab > The Update Overview page appears > Select VMware Tools.
We haven’t covered everything here, but the essential. Use the VMware docs to read everything when studying for the exam.
More from ESX Virtualization
- What is Host Guardian Service?
- What is vCenter Embedded Linked Mode in vSphere 6.7?
- What is VMware Snapshot?
- VMware Tools Offline VIB for ESXi Host – Bundle Download and Install
- How to Patch VMware vCenter Server Appliance (VCSA) 6.7 Offline