VMware vCloud Director Patching
Update management is a key factor in maintaining the health, performance, and security of the cloud infrastructure. Keeping an infrastructure updated can be a daunting task for IT administrators, who must frequently track patch levels and apply security fixes. However, the entire infrastructure is at risk if updates are not performed dependably and routinely.
8.3.1 VMware Update Manager
VMware vCenter Update Manager is implemented as part of the vSphere infrastructure to patch and update ESXi hosts and virtual machines. VMware administrators will evaluate and install patches/updates to vCenter Server and the vSphere Client when required.
VMware vCenter Update Manager (VUM) is an automated patch management solution that secures the datacenter against vulnerabilities and reduces downtime related to host patching. VUM can update VMware ESXi hosts, select virtual appliances as well as VMware Tools and VMware virtual hardware. Automated updates also provide consistent versioning between ESXi hosts.
8.3.2 vCenter Server Components
Administrators routinely check and evaluate new vCenter Server component updates. These are installed in a timely manner after proper testing. VMware vSphere Client, Web Client, Single Sign- on and Inventory Service updates should be manually installed whenever vCenter Server is updated. Using conflicting versions of vCenter components can cause unexpected results.
8.3.3 vCloud Director Cells
vCloud Director Cells are patched manually by running executable file. The updates must be tested prior production deployment. If the update requires database schema change the script that updates the database must be performed only on one cell in vCloud Director installation.
Red Hat Enterprise Linux operating system patching should make sure that its minor release version does not change to get out of vCloud Director supported RHEL releases.
8.3.4 NSX Manager and Edges
NSX Manager is patched manually by uploading a patch file to the appliance. The updates must be tested prior production deployment. Existing NSX Edges can be updated manually by resetting the NSX Edge vApp network or redeploying the Edge Gateway in the vCloud Director UI.
8.3.5 Operating System Updates
Standard AIS operational procedures for patching should be used. Prior to an operating system upgrade compatibility matrix must be checked in order to maintain supportability