Hi vAdmins,
Today I would like to start with my favorite subject, Lifecycle management.
I am truly impressed by the introduction of vSphere Live Patch, a remarkable new feature which comes by vSphere 8 update 3. I am confident that administrators will be equally excited about it, as it promises to streamline their lifecycle management. Instead of my usual practice of listing down all the new features of an update in a blog post, I am excited to shine a spotlight on a highly innovative inclusion named vSphere Live Patch.
vSphere Live Patch:
A significant feature introduced in vSphere 8.0 Update 3 is the capability to resolve critical bugs, focus on the virtual machine execution environment (VMX) without requiring a host reboot or evacuation.
See the 4 steps below for applying a vSphere Live Patch
Step 1: Host enters partial maintenance mode:
The proces for vSphere Live Patch will be initiated by the Lifecycle Manager
Step 2: New mount revision loaded:
When transitioning to partial maintenance mode, the system effectively establish a fresh instance of the ESXi area targeted for patching. This process involves loading a new mount provision comprising specific files and processes.
Step 3: New mount revision patched:
The system patch the newly Mount Revision.
Step 4: VMs fast-suspend resume to consume patched mount revision
The virtual machines take advantage of the newly patched instance go trough what’s called a fast suspend resume (FSR).
After the rapid completion of the suspend-resume process, the host becomes thoroughly patched and transitions out of the partial maintenance mode stage.
Keep in mind, there are a couple of VM configurations which are not (yet) compatible with FSR. VMs configured with vSphere Fault Tolerance, VMs using Direct Path I/O and vSphere Pods cannot use FSR and need to be manually remediated. Manual remediation can either be done by migrating the virtual machine or by power cycling the virtual machine
Partial Maintenance Mode
In summary, it is a state in which ESXi will be positioned to uphold its existing condition.
Partial maintenance mode allows existing VMs to continue to run but disallows the creation of new VMs on the host or for VMs to be migrated to or from the host.
The host is placed into Partial Maintenance Mode automatically by the Lifecycle Manager instead of the administrator, yet there is the possibility to exit this mode if needed.
Live Patch Update path
Not all patches in this release qualify for live patching. The system focuses on a specific part of ESXi that manages VM execution. Within the vSphere lifecycle manager, you can identify patches that are eligible for live deployment including the build you need to be on to be able to perform a live patch.
There is no hardware change or hardware certification required to consume vSphere live patch. Keep in mind this is just for patching the ESXi base component of the image. If you have to do any patching like vendor add-ons, firmware etc this is going to require a traditional maintenance mode and a reboot cycle.
Final thoughts
I am very curious about the impact of vSphere Live Patch in practice.
I believe this feature is a very useful improvement for the VMware virtualization platform. Perhaps just as revolutionary as the introduction of VMware vMotion! With this new functionality, administrators are now able to quickly patch VMware vSphere environments without the need for a maintenance window.
End of this post.
Disclaimer: Please note that the views expressed in this blog are solely my own and should be treated as personal opinions. This content does not hold any legal or authoritative standing.