| Task Name |
|
| Description |
|
| Prerequisites |
|
| Category | Workflow |
| Components | vSphere 6.5 / Workflow patched to 6.5 Update 1 |
| User Inputs |
Instructions for Regular Workflow Use:
- Download the attached .ZIP file below to your computer. *Remember the location of the saved file on your computer.
- Unzip the file on your computer. Should end up with a .WFD file.
- Log in to UCS Director as a user that has "system-admin" privileges.
- Navigate to "Policies-->Orchestration" and click on "Import".
- Click "Browse" and navigate to the location on your computer where the .WFD file resides. Choose the .WFD file and click "Open".
- Click "Upload" and then "OK" once the file upload is completed. Then click "Next".
- Click the "Select" button next to "Import Workflows". Click the "Check All" button to check all checkboxes and then the "Select" button.
- Click "Submit".
- A new folder should appear in "Policies-->Orchestration" that contains the imported workflow. You will now need to update the included tasks with information about the specific environment.
This is meant as and example on how to patch ESXi servers.
Version 1 of the workflow!
If you have better version please post and share with the rest of us.
!!! Note!!!
The patch from VMware has to be in a central location. In my case I placed it on my datastore (ISO datastore) that is mounted by all my servers. The file is called update-from-esxi6.5-6.5_update01.zip.
I used this document as a guide: Patching a Standalone ESXi Host
I realize there are many ways to patch, and I choose in version 1.0 of this workflow to do it this way. I am only dependent on one ssh task and not an array of other tools on other servers. Yes ssh would have to be enabled to all ESXi servers (There is a task for this as well and could be added to the workflow).
The other item I have hard coded right now it the image that is installed out of the zip file bundle. In my case ESXi-6.5.0-20170702001-standard.
Next version of this workflow these 2 items should be a global workflow variable and replaced in the ssh task with such.
The workflow:
.png)
The ESXi patching steps via CLI:
Test the current version;
esxcli system version get
Get the different version from zip file in my case located on my iso datastore
esxcli software sources profile list --depot="`df -h | sed -n '/ISO/{s/ */ /gp}' | cut -d" " -f6-7`/update-from-esxi6.5-6.5_update01.zip"
Testing with dry run
esxcli software profile update --depot="`df -h | sed -n '/ISO/{s/ */ /gp}' | cut -d" " -f6-7`/update-from-esxi6.5-6.5_update01.zip" --dry-run --profile=ESXi-6.5.0-20170702001-standard
The actual patch
esxcli software profile update --depot="`df -h | sed -n '/ISO/{s/ */ /gp}' | cut -d" " -f6-7`/update-from-esxi6.5-6.5_update01.zip" --profile=ESXi-6.5.0-20170702001-standard
Then a re-boot
reboot (-f) - this is done via UCSD task
You may wonder why the path for the ISO datastore is not hardcoded. In my case the datastore on my ESXi servers varies by a number (
/vmfs/volumes/UCSDISOStoreDS246 (7)). To workaround this I run: df -h | grep -i iso | awk '{print $6" "$7}'
[root@phorner1:~] df -h | sed -n '/ISO/{s/ */ /gp}' | cut -d" " -f6-7
/vmfs/volumes/UCSDISOStoreDS246 (7)
Workflow Run:
Note: I decided to turn off my VM's that are on a ESXi server. They could also be moved (vMotion Host-to-Host And Cluster-to-Cluster Custom Task v1.0). Again this is version 1 of the workflow.
I recently patched 32 ESXi servers in 3 hours and the following items I changed:
Copy update-from-esxi6.5-6.5_update01.zip to UCSD into /tmp
Then Copy zip file to datastopres that are common:
scp /tmp/update-from-esxi6.5-6.5_update01.zip root@172.16.33.20:/vmfs/volumes/UCSDRUSTYDC*CL*DSDS*/.
scp /tmp/update-from-esxi6.5-6.5_update01.zip root@172.16.33.28:/vmfs/volumes/UCSDRUSTYDC*CL*DSDS*/.
scp /tmp/update-from-esxi6.5-6.5_update01.zip root@172.16.33.36:/vmfs/volumes/UCSDRUSTYDC*CL*DSDS*/.
scp /tmp/update-from-esxi6.5-6.5_update01.zip root@172.16.33.44:/vmfs/volumes/UCSDRUSTYDC*CL*DSDS*/.
Changed in the ssh task ISO to DSDS
Here is a sub section of the above workflow with a new custom task to figure out the next ESXi server to move the VM's to:
Observer the next ESXi server is picked:
This could be used with with the vMotion task to move VM's to a new ESXi host:
vMotion Host-to-Host And Cluster-to-Cluster Custom Task v1.0
Here is the custom task code:
var LIST = input.List;
var LOOPINDEX = input.LoopIndex;
logger.addInfo("LIST: " + LIST);
logger.addInfo("LOOPINDEX: " + LOOPINDEX)
var array = LIST.split(",");
if(array != null && array.length > 0){
if(array.length == 1) {
logger.addInfo("List has only one item. No server to move to!")
} else {
for(var i = 0;i<array.length;i++){
logger.addInfo("List: " + i + " Item: " + array[i])
if(array[i] == LOOPINDEX){
if( i+1 < array.length){
var NEXTHOST = array[i+1];
logger.addInfo("Next Host: " + NEXTHOST);
output.ESXiServerToMoveTo = NEXTHOST;
} else {
var NEXTHOST = array[0];
logger.addInfo("Next Host: " + NEXTHOST);
output.ESXiServerToMoveTo = NEXTHOST;
}
}
}
}
} else {
logger.addInfo("List was empty!")
}
This is the next iteration of the above workflow to also upgrade VMware tools on the VM's
It checks this box on each turned off VM:
Workflow run:
The workflow:
.png)
