Quite recently I had to do emergency ESXi patching due to the fact that one of the servers crashed at night for unknown reason. Troubleshooting and log analysis pointed to outdated firmware and drivers of HBA and NIC’s. In order to do driver update I quickly created baseline in vSphere Update Manager (VUM) and I would like to quickly show you how I did it.
vSphere Update Manager Baseline creation
- In vSphere Client go to Home \ Solutions and Applications and click Update Manager.
- First you you need to import patch you want to include in Baseline. In VUM click Patch Repository and click Import Patches.
- Unpack downloaded patch and browse for offline bundle.
- Click next and wait for file to be uploaded. At the end confirm import of patches into repository.
- Now we need to create Baseline. Click Create in Baselines for Hosts.
- Provide Name for Baseline and in section Host Baselines select Host Extension.
- In extensions use search field to find newly imported driver. In my case I knew what kind of driver I imported and this was bnx2.
- Select desired patched and use arrow to include them in Baseline.
- Click finish and wait for baseline to be created.
ESXi patching using VMware Update Manager
After we successfully created Baseline we simply need to attach it to desired host / cluster.
- Select desired host / cluster and navigate to Update Manager tab.
- Click Attach and select your Baseline.Once again click Attach.
- Click Scan and you will see if patches are installed or not on the ESXi host.
- In order to deploy patches click Remediate and new window will open. Select Extension Baselines and select your baseline.
- You can still select which patches to use. Select necessary patches and click Next.
- Use scheduler if you don’t want to deploy patches immediately.
- If needed adjust settings in Host Remediation Options. Personally I select Disable any removable media devices connected to the virtual machines on the host simply because host can’t enter maintenance mode.
- Review the summary and click Finish.
- Wait for host / cluster to be patched and afterwards you will see if your host / cluster is compliant (in simple words if patches are installed) to attached Baseline.
As you see on last screenshot host is compliant with attached Baseline.