Monday, May 09, 2016

Manually Patching VMware ESXi 5.X with vCLI esxcli

If you have purchased vSphere you can use Update Manager to Scan, Stage and Remediate patches to the machines running ESXi in your cluster. If you don't have vSphere you can always update ESXi manually. The instructions below give you one method to patch manually.

1. Determine which version of ESXi 5.X you are running. To do this - connect to the ESXi machine with the vSphere client typically as root. Help / About will show you your vSphere Client and VMware ESXi version and build numbers.

VMware Client Help About

2. Then proceed to the Download Patches page on VMware's website. You will need to login to the site to download patches. Now complete a search for ESXi (Embedded and Installable) for the appropriate version of ESXi 5.X. This will give you a list of patches as per the screenshots below. You now need to work out which patches you need to download (which can range in size from a 100-700MB.

VMware ESXi Patch Downloads

3. Once the patches have been downloaded, ensure you have downloaded and installed the VMware vSphere 5.5 CLI (vCLI).

4. Now place your ESXi machine to be patched in maintenance mode.

5. Upload the patch zip files (depots) to the local datastore of the ESXi box.

VMware vSphere Client Datastore Browser

6. Determine the complete path to the datastore. In the vSphere client, this can be obtained by clicking on the Configuration tab, Storage option and selecting the Local Disk. In this case the datastore path is /vmfs/volumes/datastore1.

ESXi datastore1

7. Next, open a command prompt and change directory to the vCLI bin directory which should be C:\Program Files (x86)\VMware\VMware vSphere CLI\bin.

 8. Now ensure you can read uploaded depots using the following vCLI command (you will be prompted for the root password):

esxcli --server=<servername> --username=root software sources vib list --depot=/vmfs/volumes/datastore1/

You should see output similar to the following:

Contents listing of an ESXi patch depot

9. Now apply the depot using the following command. You may have to reboot the ESXi box after the depot has been applied before applying the next depot.

esxcli --server=<servername> --username=root software vib update --depot=/vmfs/volumes/datastore1/

You should see output similar to the following:

Installing a VMware ESXi depot

10. ... and that's it - after the ESXi box reboots it will be running the version you just patched up to. Remember to delete the patches from the local datastore as they are no longer required. Also take the ESXi box out of maintenance mode. More information can also be found here.

Saturday, August 17, 2013

Configuring a Clustered NetApp Filer as an NFS Datastore for VMware ESXi Implementing Multiple VLANs, MTUs and IPs

On your NetApp filer you can easily configure multiple VLANs with differing MTU on the same LACP trunked 1GbE or 10GbE ports with stacked IPs on the storage VLAN network to assist with load balancing.  In this example, network 10.0.0/24 (VLAN 10, MTU 1500) is just the regular network. Network 10.0.1/24 (VLAN 20, MTU 9000) is the NFS storage network. On your switch create an LACP trunk to the filer's interfaces and then trunk VLANs 10 and 20. Your ESXi servers storage network would also be on VLAN 20 and use the load balancing policy of Route based on IP hash. On the switch you would create a static trunk (since ESXi 5 does not support LACP). The VMkernel port on the vSwitch would be untagged for the storage network. Here's /etc/rc:

hostname filer1
ifconfig e0a flowcontrol send
ifconfig e0b flowcontrol send
ifconfig e0c flowcontrol send
ifconfig e0d flowcontrol send
vif create lacp NETWORK -b ip e0a e0b e0c e0d
vlan create NETWORK 10 20
ifconfig NETWORK-10 `hostname`-NETWORK-10 netmask mtusize 1500 -wins partner
ifconfig NETWORK-20 `hostname`-NETWORK-20 netmask mtusize 9000 -wins partner
ifconfig NETWORK-20 alias `hostname`-NETWORK-20-ALIAS-1 netmask
ifconfig NETWORK-20 alias `hostname`-NETWORK-20-ALIAS-2 netmask
ifconfig NETWORK-20 alias `hostname`-NETWORK-20-ALIAS-3 netmask
route add default
routed on
options dns.enable on
options nis.enable off

Ensure /etc/hosts is populated correctly with the IP of both toasters in the event of failover/failback: localhost filer1 filer1-NETWORK-10 filer1-NETWORK-20 filer1-NETWORK-20-ALIAS-1 filer1-NETWORK-20-ALIAS-2 filer1-NETWORK-20-ALIAS-3 filer2 filer2-NETWORK-10 filer2-NETWORK-20 filer2-NETWORK-20-ALIAS-1 filer2-NETWORK-20-ALIAS-2 filer2-NETWORK-20-ALIAS-3

Ensure your VM exports (/etc/exports) are secured ensuring only access from your ESXi VMKernel port on the storage switch of each ESXi host - in this case there are 3 ESXi hosts. Additionally, individual IPs don't necessarily need to be used if an entire subnet requires rw and root access to the VM volumes:

/vol/root      -sec=sys,rw,anon=0,nosuid
/vol/root/home -sec=sys,rw,nosuid
/vol/downloads -sec=sys,rw,nosuid
/vol/vm00      -sec=sys,rw=,root=
/vol/vm01      -sec=sys,rw=,root=
/vol/vm02      -sec=sys,rw=,root=
/vol/vm03      -sec=sys,rw=,root=
/vol/iso       -sec=sys,rw=,root=

This configuration would be need to be made identically on filer1 and filer2 with the exception that on filer2 the hostname changes in /etc/rc.

Recent Posts



    Sign up for Product Updates and Discounts
    Captcha Image