After couple of months we had performed the patch activities for our ESX hosts and VM guests by using the Update Manager, here is my review of the Update Manager from VMware.
Update Manager had simplified the life of the system engineers who manage the VM farm with the huge number of VM guests and ESX hosts which may require a frequent patch update. Before the Update Manager released, most of the time we had patched the server by using satellite servers, Altiris, SMS and others patching tools. That will require additional cost required to be implemented on the VM guests or esx host due to the licensing agreement from the vendor.
Update Manager is fully compatible with VMware ESX patches update for ESX 3.0, 3.5 and ESX 3i. From the Host level, you will able to get all the patches downloaded by the update manager schedule task once the VMware had officially release their patch on their official system. Update Manager had also integrated well with Microsoft patches as well as others famous software patches like Red Hat, Adobe and etc. It even allow us to patch the template image which we store for deployment purpose, without manual interaction to convert the template back to virtual machine. If you try to patch a windows 2003 template image, the entire process is fully automated. This is really impressive. I had also patch my DR servers which is 30 miles away from my major Data Center, and we had 30 Mb MPLS across the WAN, it worked perfectly without any issue at all, and of course, the patching timing will be slightly longer due to the location of the DR servers.
To get the update manager deployed in your environment, here is couple of step you may need to configure or enable.
A dedicated DB for update manager in the SQL or Oracle - Depend on the choice of database servers you are using. This Database will store all the information and patches to be used for patching purpose. If you have proxy server in your environment, you need to configure the proxy address and port number in the virtual center configuration for Update Manager. Schedule task to refresh and check the latest patches release from the official site, recommend to run the schedule task at least once in a week. I do schedule it to be run on weekly basis, to ensure you getting the latest patches when you try to patch you VM guest or ESX host.
Baseline - baseline is been use to define the patches required for specify product or platform by the update manager. ESX host baseline is been built in by default and categorize under Critical and Non Critical. You are also require to create you own baseline for specify OS and software you are using.
Please make sure you had update manager plug-in install on your virtual infrastructure client. To attach the baseline to the ESX or VMs you would like to deploy, you need to switch the view mode to Virtual machines and template mode, then select the system you would like to patch, and click on the update manager tab on it, and start attach the suitable baseline on it.
After you attach the baseline, right click the virtual machine or ESX host and select Scan. Scan will not actually apply the patches, this is allow the update manager to compare the current patch level for the ESX hosts and Virtual Machines and preview of the number of patches needed to be applied to be compliance. After the scan result display, right click the machine and select remmediate. This will start to apply the patches automatically.
For ESX hosts, you need to Vmotion all the VM guests to another ESX host. This will provide 0 down time during the maintenance, thanks to the cool technology by vmware on Vmotion. This had worked for me all the time. Once the ESX hosts is ready, is recommend to send the ESX host to maintenance mode, then start the remediation after that. Once the patch is completed, it will show the ESX host at a different patch level or update code by vmware release. You can verify this with the VMware website information easily.
For VM guests patching, down time will be required as usual, due to the reboot require from the operating system perspective. Again, this tools is bundle together with the Virtual Infrastructure by VMware, is really useful for the VMware engineers to patch thier VM guests.
The only disadvantage at this moment, SUSE linux is not supported by update manager. According to the VMware, they will soon release the next version of update manager to support patch activities on SUSE Linux VMs.
Posts
No comments:
Post a Comment