Adding VMware Tools Updates to vSphere Lifecycle Manager
Updated – 12/28/22 – based on user feedback I have updated this article.
There are times where VMware Tools updates are published outside of a vSphere release/update. This can be due to a bug fix or a security advisory (ie: VMSA-2022-0024)
This new VMware Tools package can be easily added to your ESXi hosts so your virtual machines can be updated. If you are still running vSphere 6.x, the VMware Tools package will be updated using Update Manager.
vSphere 7 introduced Lifecycle Manager which can now be used for this update. Here are the steps:
Login to vCenter, and navigate to Lifecycle Manager (click on the hamburger menu -> Lifecycle Manager)
Create the Baseline
Click on the Baselines menu and click New -> Baseline
Supply a Name for this baseline, choose Patch, and click Next
Uncheck the box to Automatically Update this Baseline with Patches
On the Add Patches Manually screen, turn off the Show Only Rollup Updates option. Click the filter option on the Name column and use VMware Tools as the criteria
You will want to find the VMware Tools release that matches the version you are trying to install. In my case, I am looking for VMware Tools 12.1.0 so I can remediate a VMware Security Advisory.
Check the box next to the VMware Tools 12.1.0 Async Release, and click Next
The Summary screen should list 1 patch – VMware Tools 12.1.0 Async Release. Click Finish.
This baseline has been created and can be attached to any Cluster or Host for remediation.
Patch the hosts using the new baseline
For this example, I will navigate to a vSphere Cluster and click on the Updates tab, and click on Attach -> Attach Baseline or Baseline Group in the Attached Baseline section
Check the box for the newly created baseline and click Attach
Click on Check Compliance to have Lifecycle Manager compare the attached baselines to the hosts in this cluster
After the Scan Entity task completes, scroll down to the Attached Baselines section and check the box for your new baseline, and click Remediate
A summary screen will be displayed so you can confirm the actions that will be taken. It should show 1 patch will be applied (VMware Tools 12.1.0 Async Release).
When you are ready to proceed – click Remediate. A new task will begin (which can be viewed in the Recent Tasks pane)
Host Reboot Not RequiredWhen applying an async update of the VMware Tools package to an ESXi host via LifeCycle Manager - a host reboot is not required.
Once the host(s) have been updated, the VMs on the host(s) will be show that a new version on of VMware Tools is available .
- Maintenance Mode – it was reported that the hosts were placed into maintenance mode when remediating the hosts with the new VMware Tools package
- Host Reboots – it has also been reported that the hosts did not show that updated versions of VMware Tools were available until after a reboot
8 thoughts on “Adding VMware Tools Updates to vSphere Lifecycle Manager”
Hi Arron,
I tried this on our ESXI 7.0.3 cluster but vCenter is still reporting that the current version is the most up to date for our VMs (11.3.5 version 11365)
Is there anything additional that needs to be done to have them report that an update is available? I have re-scanned the status as well.
Thanks,
Greig
The first few things that come to mind:
There are some pre-reqs for installing or upgrading VMware Tools. These can be found in the Before You Begin section of the release notes for each version (release notes for 12.1)
VMware does consider some Guest Operating Systems to be Legacy and no longer provides support for them in new VMware Tools versions – KB 2015161.
Check to make sure the configured OS for the VM (Guest OS Family and Guest OS Version) match what is actually running in the guest. I have seen VMs that were configured with older OS types. This is usually from an in-place upgrade or VMs that were built before vSphere officially supported that OS. These configured values can have an impact on the selection of VMware Tools ISO image – KB 2147454.
Hey Arron, I applied this to our dev environment (3 hosts, a few VM’s, 12.1.0) using the 12.1.0 Async Release (just like you), and it worked great for all three hosts – I even updated a dev VM and it upgraded just fine. Then I followed the same process for our test environment (9 hosts, 800+ VM’s) and started to remediate one host and it began by putting the host in maintenance mode (I canceled it when I saw it start to migrate VM’s). I did not expect this since it did not do this for my dev hosts and you indicated that a host reboot would not be necessary. Any idea why it would do this?
In my testing a reboot was not required. I don’t believe that my hosts entered maintenance mode when I made this change. I would be curious if a host actually did reboot had you let the process continue. I completely understand why you stopped it though! Could there have been any other baselines selected or other updates in the baseline you used?
I tried a third vCenter and the same thing happened. This time I let it proceed to put the host in maintenance mode. Once there it only took a few seconds to remediate and then it came right back out of maintenance mode. No reboot. So, it’s slightly annoying and time-consuming to have to do one host at a time, but not disruptive. To answer your question, I did not select any other baseline or updates in any of my tests. If I figure anything out, I’ll let you know. If you have any other ideas, let me know. Thanks!
So, it’s even more curious now. I remediated a host in this same vCenter/cluster, only this host had about 20 VM’s running on it. I watched Tasks and it started to put the host into MM and began migrating the first 8 VM’s. Then while that was happening, it installed the Tools baseline, completed it, and checked it. After it completed migrating those 8 VM’s, it said “maintenance mode was canceled by a user” (not me), and it did not migrate any more VM’s and it did not go into MM. The remediation was successful and the baseline was now compliant. So I don’t know – seems like strange behavior to me but I went back to our test vCenter/cluster with 800 VM’s in it and remediated a host there. It behaved exactly the same way. I went back to our dev cluster and looked at the Tasks thinking maybe it did the same thing there, but it hadn’t. It did not start to put the hosts in MM. So I don’t know what is different between these clusters (each on a different vCenter).
(Sorry, I know I did that last reply at the wrong level. Please fix if you like/can.) I continued upgrading hosts 2-6 one at a time and they all behaved the same. Then I had the idea to upgrade the last three hosts in the cluster all at the same by applying the baseline at the cluster level and selecting those three hosts. It actually upgraded all three of them (one at a time) without starting to put them in MM! So that is going to be my solution, I guess. Build the baseline in the vCenter, then apply it to a whole cluster at a time. I would rather do one host in a cluster before doing the rest in the cluster, but it seems like this works and is the least painful way to do it.
Looks like the hosts require a reboot for the VMs to acknowledge the new VMware tools version residing on the host. Only after a host reboot i got “A newer version of VMware Tools is available for this virtual machine.” No MM required during host remediation. Running on vSphere 8,