Browse Month

October 2020

Patching\Upgrading ESXi 7 to ESXi7U1 via esxcli

With the latest release of ESXi7U1 i wanted to get my lab up to date. I dont have enough resources in my lab to migrate the vCenter to another ESXi server so i want to perform the upgrade via cli. More details about the release can found here

The first step was to open the firewall for outgoing traffic for http

esxcli network firewall ruleset set -e true -r httpClient

Second step was to list the updates by executing

esxcli software sources profile list -d | grep -i ESXi-7

This returned a list of updates that were available:

I reviewed the downloads website here to double check the version. Based on the information i found the ESXi-7.0.1-16850804-standard is the latest release

The next step was to run the update by executing

esxcli software profile update -p ESXi-7.0.1-16850804-standard -d

If you run in to the below error follow my other post here:

Once the upgrade was complete i was presented with this output:

The installation reports that a reboot is not required however the new version wasnt reflected in my vcenter so i went ahead and rebooted the server

After the server was back up, checking in vCenter, the server reports build 16850804

ESXi No space left on device error when upgrading

While i was trying to perform an upgrade to my ESXi installation i ran in to the below error:

The fix was pretty simple. The hypervisor doesnt have enough space to download and install the package so we need to enable one of the available datastores for the function.

For vCenter go to the host in question to Configure -> System -> System Swap

While reviewing the configuration i noticed that i had 2 options enabled

Clicking on the edit button on the right corner i noticed that i can add one of the datastores

After i Clicked ok i was able to continue with my upgrade

Upgrading VCF to

With the release of of VCF 4.1 i wanted to get my lab upgraded. The release blog can be found here and the release notes are here

In my case i pre downloaded the VMware Cloud Foundation Update by going to Repository -> Bundle management -> Download now

The next step is to upgrade VCF by going to Inventory -> Workload Domains -> Select the workload domain -> Update/Patches -> Update Now

Next we are taken to the Upgrade page where we can follow the upgrade for each one of the components

Once the upgrade is complete we can click Finish to be returned back to the main screen

Because we are changing the SDDC-Manager version i would strongly recommend to clear cache and log back in before going forward.

The next update is the configuration drift bundle. We can go to nventory -> Workload Domains -> Select the workload domain -> Update/Patches -> Download now

Once the download is complete click on update now

Once the upgrade started i got redirected tot he Update status page. Considering the update is only 204 MB the upgrade went through pretty quickly. Once its completed we can click finish to get back to the main sddc manager page

Next step is to upgrade NSX-T installation to NSX-T 3.0.2. Click on Download now from the same page as above

Once the download is complete click on Update Now

We can view the status and the steps by clicking on View Status. Once the upgrade is complete we are redirected back to the available upates page showing that the vCenter server is next

Click on Download now and wait for the download to complete. Once the download is complete click on update now

We can view the task by clicking on View Status

Once the upgrade is complete we are taken back to the previous page where we can see that the ESXi servers are next. Click on Download Now

Once the download is complete we can click on Update now

If we have multiple clusters we can enable Cluster-level selection and select the specific luster(s) we want to upgrade.

We can also enable sequential cluster upgrade as well as quick boot

We get to review the options once again before we click finish to to submit the task

Once submitted we can view the status by clicking on View Status

And with that we are finished with the workload domain. We can get back to the Update/Patches page to see that there are no more updates available

Next is the Workload domains where we can follow the same instructions as above. The process will be allot quicker because the upgrades are already downloaded

Unable to Sync Lifecycle Manager ‘integrity.fault.HostPatchInvalidVendorCode’

After upgrading my vCenter Server to the latest vSphere 7.0 Update 1, I was unable to see ESXi 7.0 Update 1 Image. When I attempted to sync the updates I got the error “Download patch definitions task failed while syncing depots. Error: ‘integrity.fault.HostPatchInvalidVendorCode’.”

Seeing as the error mentioned the depots, navigate to Menu->Lifecycle Manager and then select the Settings tab and then Patch Setup.

Select the radio button for Partner provided Addons for ESXi and click Disable. Proceed to click on Action and then Sync Updates. The sync should now complete successfully.

vCLS not starting with Insufficient resources message

With the release of vCenter 7 Update 1, VMware introuced the vCLS (vSphere Clustering Service). More information can be found here.

Looking at the error details it looks like it is looking for a feature called cpuid.mwait

Reviewing the VMX file it seems like EVC is enabled on the vCLS VMs. I didnt want to enable EVC on the whole cluster so i wanted to do it only on the specific VMs.

Doing some research i found that the VMs need to be at version 14. After upgrading the VM i was able to disable EVC on the specific VMs by following these steps:

In the vSphere Client, navigate to the virtual machine

Under the Actions -> Compatibility -> Upgrade VM compatibility

We can disable EVC on per VM level on version 14 and above, so in my case i chose ESXi 6.7 and later

Next go to the Configure Tab

Pick VMware EVC and click on Edit

Click on Yes

Click on Disable EVC and Click OK

The next time it tries to power on the VM it should go through.

Once the first VM starts up it will most likely deploy a few additional ones, follow the same steps as above again on the new VMs

Extracting SSL Thumbprint

I recently ran in to an issue where i had to re-register my NSX server with vIDM.

The ask was to extract the Thumbprint from vIDM. The command i ran to extract it was:

echo -n | openssl s_client -connect hostname:443 2>/dev/null | openssl x509 -noout -fingerprint -sha256

This can be used across multiple products where the Thumbprint needs to be extracted