vCenter Server 7.0 Update 3e released

VMware has released a patch update 3e for vCenter. This is a maintenance release and primarily adds updates for vSphere with Tanzu. There are also separate release notes for vSphere with Tanzu.

What’s New?

  • Added Network Security Policy support for VMs deployed via VM operator service – Security Policies on NSX-T can be created via Security Groups based on Tags. It is now possible to create NSX-T based security policy and apply it to VMs deployed through VM operator based on NSX-T tags.
  • Supervisor Clusters Support Kubernetes 1.22 – This release adds the support of Kubernetes 1.22 and drops the support for Kubernetes 1.19. The supported versions of Kubernetes in this release are 1.22, 1.21, and 1.20. Supervisor Clusters running on Kubernetes version 1.19 will be auto-upgraded to version 1.20 to ensure that all your Supervisor Clusters are running on the supported versions of Kubernetes.

Check before update

If you upgraded vCenter Server from a version prior to 7.0 Update 3c and your Supervisor Cluster is on Kubernetes 1.9.x, the tkg-controller-manager pods go into a CrashLoopBackOff state, rendering the guest clusters unmanageable

Read KB 88443 for a workaround.

Test K8s Version

Make sure you’re on a supported K8s version.

Menu > Workload Management > Subervisor Clusters

The image above indicates we’re already on version 1.21, which is good for an update.

Update

Before updating your VCSA make sure you have a configuration backup! An optional VM snapshot is a good idea too. It might help to revert settings fast in case something goes wrong.

You can either apply the update from VAMI or from the shell. The image below shows an overview of the new packages with this update.

After the update is installed you will have an option to deploy a new Kubernetes version in your Supervisor Control Plane.

vSphere 7 Update 3 – What’s New

This blogpost was under embargo until 28th of September 2021 8:00am (PT) / 17:00 (CEST). The fact that you can read this now means that vSphere 7 Update 3 has (probably) already been released.

[Update 29th Sept 2021]: Download is not yet available. Maybe we need to wait until VMworld2021 next week.

What’s New

VMware vSphere 7 Update3 comes with a wide range of innovations. They can be categorized into the sections below:

  • Tanzu with Kubernetes
  • Lifecycle, Upgrade and Patching
  • Artificial Intelligence & Machine Learning
  • Resource Management
  • Availability & Resiliency
  • Security & Compliance
  • Guest OS and Workloads
  • Storage
  • Networking
  • vSphere Management & APIs

Another bunch of features goes into vSAN. But these features will be covered in an extra post.

Continue reading “vSphere 7 Update 3 – What’s New”

vCenter Server update planner at work

I’d like to point your attention to a new and useful feature which was introduced with vSphere 7 update 2. It is easily being overlooked in the abundance of new features, but it does a very good job in the prior to a vCenter update.

A requirement for the Update Planner is participation in the Customer Experience Improvement Program (CEIP).

The first sign of a new vCenter update is a notification banner at the top of vSphere Client.

Clicking on “View Updates” will take you directly to the Update Planner. This can also be found in the menu. To do this, select the vCenter in the Hosts & Clusters view and select “Updates” > vCenter Server > Update Planner in the menu bar at the top right.

All currently available updates are being displayed. In the case shown below, the vCenter is already at 7.0 Update 2, so only one possible update is listed. If several possible updates are available, the Update Planner can check the compatibility against all of them. To do this, select the radio button of the desired update (red box).

Once an update is selected, the action field “Generate Report” turns blue and shows the two possible sub-items “Interoperability” and “Pre-Update Checks“.

Interoperabilty Checks

The Interoperability Check verifies not only the ESXi hosts but also the compatibility with other VMware products registered in vCenter.

Continue reading “vCenter Server update planner at work”

Update error VCSA 7 – vCenter Server not operational

During patching of a vCenter server appliance (VCSA) problems can occur. Maybe contact to the update source was lost or the whole process has been cancelled by an operator. If you try to reapply the patch, you might see an error like in the picture below.

Update Installation failed. VCenter Server is not operational.

In the VAMI interface of vCenter everything looks fine. All services are up and running and ovarall status is green. Even a reboot of the appliance doesn’t help. The source of the problem lies in an interrupted update procedure which leaves a status file behind. We need to fix (remove) that manually.

To do so open a SSH shell to the vCenter server appliance and change to the directory where the file was left.

# cd /etc/applmgmt/appliance

You’ll see a file called software_update_state.conf. Under normal circumstances this file will be removed after an update. But something went wrong and it wasn’t cleaned up. Let’s have a brief look inside the file.

# cat software_update_state.conf
{
"state": "INSTALL_FAILED",
"version": "7.0.0.10700",
"latest_query_time": "2020-09-17T11:42:37Z"
}

We can see that there’s been a failed update to VCSA 7.0.0.10700. You can just remove the file.

# rm software_update_state.conf

If you now trigger a new patch installation it will work.