View Only
  • 1.  vSAN Patchng

    Posted Feb 18, 2022 09:12 AM

    Hi All


    When do you patch the vSAN environment.   

    A- is it when VMware release monthly/critical patches for the ESXi hosts

    B - Wait for the vSAN build recommendation engine via the release catalogue to recommend a patch release. 

    If you look at the vSAN build numbers https://kb.vmware.com/s/article/2150753 you will see its 2 versions behind the ESXi host build numbers.   In the past i have just patched the vSAN ESXi hosts when the patches are released for ESXi hosts in a regular cluster.   Nothing has broken yet but want to know what is best practice. Thanks


  • 2.  RE: vSAN Patchng

    Broadcom Employee
    Posted Feb 21, 2022 06:02 PM

    Greetings Niyot1,

    VSAN is delivered in the kernel of ESXi. That said, not every ESXi patch includes a VSAN update. I also track versioning using those KBs, and in my experience, they are not updated immediately .. e.g., VMware vSAN 7.0 Update 3 Release Notes there is a new version of VSAN - that kb just hasn't been updated yet. You are better served IMHO by subscribing to updates with your vmw acct, or simply look at release notes to see when updates are released.

  • 3.  RE: vSAN Patchng

    Posted Feb 22, 2022 04:43 PM

    Thanks for your response.  So when i look at the latest ESX release notes, it lists vsan and vsanhealth as one of the affected vibs.   So I take it this means patch vsan to that revision then.  obviously making  sure vCenter is at the same or higher revision.     

  • 4.  RE: vSAN Patchng

    Broadcom Employee
    Posted Feb 23, 2022 10:56 AM

    Sure. Yes, latest ESXi Release Notes https://docs.vmware.com/en/VMware-vSphere/7.0/rn/vsphere-esxi-70u3c-release-notes.html includes an update for vSAN. My point though was that your reference to a KB to determine if you should patch is a not as timely as reviewing release notes, only b/c that particular KB does not always get updated when an update is released. Again, you'd be better served by subscribing to the release notes. It's easy enough to look to see if any are updated.

    On an aside, there is a KB for ESXI (https://kb.vmware.com/kb/2143832), and one for VCSA (https://kb.vmware.com/kb/2143838) as well.

    William Lam wrote an article years ago https://williamlam.com/2017/08/powercli-script-to-help-correlate-vcenter-esxi-vsan-buildversions-wo-manual-vmware-kb-lookup.html which describes a way to use these as a basis for functions to determine a build number. Updating the Functions (each time a new version is released) is a bit manual, but it works well enough (to identify the version/build of your vcsa/esxi/vsan) ...