LucD notes

Today there was quite a bit of  activity on Twitter following Jason Boche‘s blog post titled VMware Update Manager Becomes Self-Aware.
The problem Jason discovered was that the VUM skipped the guests which are hosting the VUM server and the vCenter server. As a consequence you can not select a cluster, select “remediate” and go out for lunch anymore. The resolution was a rather cumbersome and error prone manual procedure.
But of course PowerCLI can help the human vSphere administrator

The following script finds the ESX host(s) that is/are running the VUM guest and/or the vCenter guest and will vMotion the guest(s) to another ESX host when needed.

The script uses the brand-new VUM cmdlets to do the actual patching.

Note that the script assumes that the hostnames of the VUM server and the vCenter server correspond with the names of the guests.

$clusName = "MyCluster"
$baseName = "Critical Host Patches"

$baseline = Get-Baseline -Name $baseName

# Find VUM server
$extMgr = Get-View ExtensionManager
$vumExt = $extMgr.ExtensionList | where {$_.Key -eq "com.vmware.vcIntegrity"}
$vumURL = ($vumExt.Server | where {$_.Type -eq "SOAP"}).Url
$vumSrv = ($vumUrl.Split("/")[2]).Split(":")[0]
$vumSrvShort = $vumSrv.Split(".")[0]
$vumVM = Get-VM -Name $vumSrvShort

# Find VC server
$vcSrvShort = $extMgr.Client.ServiceUrl.Split("/")[2].Split(".")[0]
$vcVM = Get-VM -Name $vcSrvShort

# Patch the cluster nodes
$hostTab = @{}
Get-Cluster -Name $clusName | Get-VMHost | %{
	$hostTab[$_.Name] = $_
}

$hostTab.Values | %{
	$vm = $null
	if($_.Name -eq $vumVM.Host.Name){
		$vm = $vumVM
	}
	if($_.Name -eq $vcVM.Host.Name){
		$vm = $vcVM
	}
	if($vm){
		$oldNode = $_
		$newNode = $hostTab.Keys | where {$_ -ne $oldNode.Name} | Select -First 1
		$vumVM = $vumVM | Move-VM -Destination $newNode -Confirm:$false -WhatIf
	}
	Remediate-Inventory -Entity $_ -Baseline $baseline -WhatIf
}

Line 1: The name of the cluster you want to patch.

Line 2: The name of the baseline you want to use.

Line 7-11: These lines retrieve the name of the VUM Server.

Line 15: This line retrieves the name of the vCenter.

Line 26-36: When the loop reaches the ESX server that hosts the VUM server or the vCenter it will take one of the other nodes and vMotion the VUM server to that node.

Line 32: The $vm variable will be $null when there is no VUM or vCenter guest running on the ESX host and the If statement will fail.

Line 35,37: These lines contain -WhatIf parameters which will allow you to first do a trial run to see what will be done. Once you are happy with the result remove the -WhatIf parameter from both lines.

Line 37: The actual patching of the node.

With help of the script it should again be possible to remediate a complete cluster even when one of the nodes hosts the VUM server or the vCenter.

A small step, but we can’t let Skynet take over the world