انجمن مدیران و راهبران شبکه

Network Managers and Administrators

انجمن مدیران و راهبران شبکه

Network Managers and Administrators

بروز رسانی و نصب وصله های امنیتی بر روی سرور VMWare vCenter Appliance که در مود HA(high available) پیکربندی شده

سلام، وقت بخیر.

Patch a vCenter High Availability Environment

رفرنس این پست  سایت شرکت VMWare هست . من لینک مستقیمشو اینجا براتون میزارم ولی با توجه به وضع قوانین  مضحک و محدودکننده تحریم ها که دسترسی IP کاربران داخل ایران رو به پایگاه دانش برخی شرکت های آمریکایی مسدود میکنه، سعی میکنم لیست دستورهای مورد نیاز رو اینجا هم کپی کنم.

https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vcenter.upgrade.doc/GUID-C27CD7DF-AB52-4A77-A6A6-A966498D5CA0.html


https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vcenter.upgrade.doc/GUID-5FCA78EC-8637-43A4-8B28-24624E4D5EBA.html#GUID-5FCA78EC-8637-43A4-8B28-24624E4D5EBA


Prerequisites

Verify that patching a vCenter HA configuration is supported for your version of vCenter Server Appliance. For certain vCenter Server 6.7 patch releases, you must remove the vCenter HA configuration and update the vCenter Server Appliance using either the vCenter Server Appliance Management Interface or the software-packages utility in the appliance shell of a vCenter Server Appliance. To learn if your version of vCenter Server Appliance can be patched using this procedure, see Knowledge Base article KB 55938.

Procedure

  1. Place the vCenter HA cluster in maintenance mode.
    1. In the vSphere Client inventory, click the Configure tab.
    2. Under Settings, select vCenter HA and click Edit.
    3. Select Maintenance Mode and click OK.
  2. Log in as root to the appliance shell of the Active node by using the public IP address.
  3. Patch the Witness node.
    1. From the appliance shell of the Active node, establish an SSH session to the Witness node.
      ssh root@Witness_node_IP_address
    2. From the appliance shell of the Witness node, patch the Witness node.
      Use the software-packages utility.
    3. Exit the SSH session to the Witness node.
      exit
  4. Patch the Passive node.
    1. From the appliance shell of the Active node, establish an SSH session to the Passive node.
      ssh root@Passve_node_IP_address
    2. From the appliance shell of the Passive node, patch the Passive node.
      Use the software-packages utility.
    3. Exit the SSH session to the Passive node.
      exit
  5. Log out from the appliance shell of the Active node.
  6. Initiate a vCenter HA failover manually.
    1. Log in to the Active node with the vSphere Client and click Configure.
    2. Under Settings, select vCenter HA and click Initiate Failover.
    3. To start the failover click Yes.

      A dialog box offers you the option to force a failover without synchronization. In most cases, performing synchronization first is best.

    You can see in the vSphere Client that the Passive node has become the Active node and the Active node has become the Passive node.

  7. Log in as root to the appliance shell of the new Active node by using the public IP address.
  8. Patch the new Passive node.
    1. From the appliance shell of the Active node, establish an SSH session to the Passive node.
      ssh root@Passve_node_IP_address
    2. From the appliance shell of the Passive node, patch the Passive node.
      Use the software-packages utility.
    3. Exit the SSH session to the Passive node.
      exit
  9. Log out from the appliance shell of the Active node.
  10. Exit the maintenance mode.
    1. In the vSphere Client inventory, click the Configure tab.
    2. Under Settings, select vCenter HA and click Edit.
    3. Select Turn On vCenter HA and click OK.


Install vCenter Server Appliance Patche

  1. software-packages stage --iso
  2. software-packages list	--staged
  3. software-packages install --staged
  4. shutdown reboot -r "patch reboot"