The Lowercase w

Post info:

Patching VMware ESXi Hosts via PowerCLI!

*** Updated 5/17/2017 – See below ***

This year, I’m trying something new…  Anything that I have to do more than 2-3 times, I’m going to attempt to automate it!

In keeping with this mantra, I recently had a task come across my plate to patch the 20+ ESXi Hosts in one of my production environments.  Along with installing the latest Host Updates, I also wanted to upgrade Dell’s Open Manage Server Administrator to the latest version.

In the past, these updates would have taken me a while as I’d install Host Updates, let the host reboot, come back to it some time later after realizing it was back, install the host extension, then wait for it to come back up, then remove it from Maintenance Mode.  In all, I was doing maybe 2 hosts a day.

In my environment, I have multiple vCenter servers one for QA, one for VDI, one for Production US, one for Production UK, and one for my Lab Environment.  So, at the start of my script, it lists these vCenter servers and I have to choose which one I want to connect to.  Once I choose the number and hit enter, it then connects to that vCenter and lists the hosts that belong to that vCenter.

image

image

image

Once I select the host I want to patch, it initiates a VUM Scan on the host, to make sure it brings the host to the most current level.

image

It then places the host into Maintenance Mode.

image

image

Then, vCenter vMotions the VMs off.  As you are probably aware, this part may take some time depending on how many VMs you have on your host.  A License level to be able to use vMotion is required for the automatic vMotions to occur.  Once in MM, the host patches are installed and the host is rebooted.

image

image

Once back online, the host extension is installed/upgraded and the host is rebooted again.

image

image

Once back online, the host is removed from Maintenance Mode.

image

image

Finally, a popup box is displayed to let me know it’s done.

image

Once I put all those tasks into a single script, I’m able to do both patch baselines (critical & non-critical updates) as well as the host extension (OMSA 8.2) and get the host back online in about 30-45 minutes.  This may change depending on how long it takes your server(s) to POST.  My Dell R920s can take a bit of time to do the memory test as they have 256gb of memory installed.  I’ve been able to get anywhere from 4-6 hosts patched a day using this script!

Enjoy!


########################################
#
# PowerCLI Script to Patch Hosts
# Created by BLiebowitz on 3/4/2016
#
########################################

# Select which vCenter you want to connect to
Write-host "Select which vCenter to connect to:"
Write-Host ""
Write-Host "1. vc01"
Write-Host "2. vc02"
Write-Host "3. vc03"
Write-Host "4. vc04"
Write-Host "5. vc05"

$Ivcenter = read-host “Select a vCenter Server. Enter Number “

if ($Ivcenter –eq 1) {
$vcenter = "vc01"
} elseif ($Ivcenter -eq 2) {
$vcenter = "vc02"
} elseif ($Ivcenter -eq 3) {
$vcenter = "vc03"
} elseif ($Ivcenter -eq 4) {
$vcenter = "vc04"
} else {
$vcenter = "vc05"
}

write-host ""
Write-Host "You Picked: "$vcenter
write-host ""
start-sleep -s 3

# connect to selected vCenter
connect-viserver $vcenter

# List hosts to select
write-host ""
Write-host "Choose which vSphere host to Deploy Patches to:"
write-host "(it may take a few seconds to build the list)"
write-host ""
$IHOST = Get-VMhost | Select Name | Sort-object Name
$i = 1
$IHOST | %{Write-Host $i":" $_.Name; $i++}
$DSHost = Read-host "Enter the number for the host to Patch."
$SHOST = $IHOST[$DSHost -1].Name
write-host "you have selected" $SHOST"."

# Scan selected host
Scan-inventory -entity $SHOST

# Place selected host into Maintenance mode
write-host "Placing host in Maintenance Mode"
Get-VMHost -Name $SHOST | set-vmhost -State Maintenance

# Remediate selected host for Host Patches
write-host "Deploying VMware Host Critical & Non Critical Patches"
get-baseline -name *critical* | remediate-inventory -entity $SHOST -confirm:$false

# Remediate selected host for OMSA 8.2
write-host "Deploying OMSA 8.2"
get-baseline -name "OMSA 8.2" | remediate-inventory -entity $SHOST -confirm:$false

# Remove selected host from Maintenance mode
write-host "Removing host from Maintenance Mode"
Get-VMHost -Name $SHOST | set-vmhost -State Connected

# Display Popup when finished.
[System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
[System.Windows.Forms.MessageBox]::Show("The Patching for " + $SHOST + " is now complete..")

Hope you find this useful!

Ben Liebowitz, VCP, vExpert
NJ VMUG Leader

 

*** UPDATE 5/17/2017 ***

With the release of PowerCLI 6.5 comes new VMware Update Manager cmdlets.

Scan-Inventory has been replaced with Test-Compliance. (you can see compliance results using Get-Compliance)
Remediate-Inventory has been replaced with Update-Entity.


########################################
#
# PowerCLI Script to Patch Hosts
# Created by BLiebowitz on 3/4/2016
#
########################################

# Select which vCenter you want to connect to
Write-host "Select which vCenter to connect to:"
Write-Host ""
Write-Host "1. vc01"
Write-Host "2. vc02"
Write-Host "3. vc03"
Write-Host "4. vc04"
Write-Host "5. vc05"

$Ivcenter = read-host “Select a vCenter Server. Enter Number “

if ($Ivcenter –eq 1) {
$vcenter = "vc01"
} elseif ($Ivcenter -eq 2) {
$vcenter = "vc02"
} elseif ($Ivcenter -eq 3) {
$vcenter = "vc03"
} elseif ($Ivcenter -eq 4) {
$vcenter = "vc04"
} else {
$vcenter = "vc05"
}

write-host ""
Write-Host "You Picked: "$vcenter
write-host ""
start-sleep -s 3

# connect to selected vCenter
connect-viserver $vcenter

# List Clusters
write-host ""
Write-host "Choose which Cluster the host you want to patch belongs to:"
write-host "(it may take a few seconds to build the list)"
write-host ""
$ICLUSTER = get-cluster | Select Name | Sort-object Name
$i = 1
$ICLUSTER | %{Write-Host $i":" $_.Name; $i++}
$HCLUSTER = Read-host "Enter the number for the host to Patch."
$SCLUSTER = $ICLUSTER[$HCLUSTER -1].Name
write-host "you have selected" $SCLUSTER"."
start-sleep -s 3

# List hosts to select
write-host ""
Write-host "Choose which vSphere host in $($SCLUSTER) to Deploy Patches to:"
write-host "(it may take a few seconds to build the list)"
write-host ""
$IHOST = Get-Cluster $SCLUSTER | Get-VMhost | Select Name | Sort-object Name
$i = 1
$IHOST | %{Write-Host $i":" $_.Name; $i++}
$DSHost = Read-host "Enter the number for the host to Patch."
$SHOST = $IHOST[$DSHost -1].Name
write-host "you have selected $($SHOST)."

# Scan selected host
test-compliance -entity $SHOST

# Display compliance results and wait 15 seconds
get-compliance -entity $SHOST
start-sleep -s 15

# Place selected host into Maintenance mode
write-host "Placing $($SHOST) in Maintenance Mode"
Get-VMHost -Name $SHOST | set-vmhost -State Maintenance

# Remediate selected host for Host Patches
write-host "Deploying VMware Host Critical & Non Critical Patches"
get-baseline -name *critical* | update-entity -entity $SHOST -confirm:$false

# Remediate selected host for OMSA 8.2
write-host "Deploying OMSA 8.2"
get-baseline -name "OMSA 8.2" | update-entity -entity $SHOST -confirm:$false

# Remove selected host from Maintenance mode
write-host "Removing host from Maintenance Mode"
Get-VMHost -Name $SHOST | set-vmhost -State Connected

# Display Popup when finished.
[System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
[System.Windows.Forms.MessageBox]::Show("The Patching for $($SHOST) is now complete..")

Make sure you update your scripts!

– Ben

27 thoughts on “Patching VMware ESXi Hosts via PowerCLI!

Leave a Reply

Your email address will not be published. Required fields are marked *