Hi,
Just looking for the best recommended approach to update a production vSAN Cluster:
- A Cluster is built from vendor custom ESXi image such as Dell.
- A vSAN Cluster has a recommended baseline that is automatically attached to it. (Assume this gets updated automatically also)
- More over there are Host Security and Critical Patches baselines that are also attached it.
What is the process of updating the Cluster?
I am referring specifically to the ESXi version, we can skip the step about verifying HCL as aware of that.
Should I stick to what the Baseline Group vSAN Cluster states and remediate the Cluster and stop there. (After all this is probably why there is this baseline to just stick to it as it will be well tested)
OR
Should I also apply Host Security and Critical Patches? If so, should I just tick both checkboxes to apply latest patches or should I create a more specific baseline for each with just the required rollup update/patch?