VMware just released a security patch for vROps with severity critical. Here is a quick walkthrough on how you can do the patching from vRealize Suite Lifecycle manager.
Patching vROps with vRealize Suite Lifecycle Manager
First you must login to vRSLCM with admin@local account. Then go to Binary Mapping. Click on Patch Binaries and Check Patches Online to update vRSLCM with the latest patches.
When that is done you should have all the latest patches available in the Binary Mapping – > Patch Binaries view. To download the patch you need to click the download icon under Action.
Sadly it is not possible to sort by ReleaseDate or filter by year / month so you need to find it by looking through the pages or filtering by 8.3 in version.
When the patch is downloaded you can head over to the Environments section and find your vROps installations. Choose your deployment and navigate to Install Patch.
Attention: Make sure you have taken your cluster offline and created a snapshot before you proceed.
Select the patch and hit next
Review and click Install
The patch installation will take the cluster offline during the process
vRSLCM will now install the patch for you.
My installation took almost 1 hour but may vary between different setups. Also remember to remove the snapshot when you have verified that everything is working as is should.
When using the vRSLCM appliance to do patching and upgrades it makes your job easier and its less prone to errors or mistake. It is not perfect but its better than the alternative. I have also added my takeaways from the process and where it could improve.
My tips for improvement
- Missing the ability give full admin access to domain authenticated users.
- Sort by ReleaseDate option in Binary Mapping -> Patch Binaries view.
- Add built inn workflow to take vROps cluster offline, create snapshot and bring online within the upgrade and patch process.
- Missing ability to auto download of patches.
- Missing built in function to alert of new versions and patches through email. (this should be combined with the SMTP settings in the other products to have a single point of config for SMTP across vRealize.