The Async Patch Tool is a utility that allows you to apply critical patches to certain VMware Cloud Foundation components (NSX Manager, vCenter Server, and ESXi) outside of VMware Cloud Foundation releases. The Async Patch Tool also supports VxRail Manager patching of VMware Cloud Foundation on Dell VxRail.
For example, you could use the
Async Patch Tool to get a
vCenter Server patch that addresses a critical security issue as described in a VMware Security Advisory (VMSA). You use the
Async Patch Tool to download the patch and upload it to the internal LCM repository on the
SDDC Manager appliance. Then you use the
SDDC Manager UI to apply the patch.
Note: Patched components will have different versions than those listed in the Bill of Materials (BOM).
The
Async Patch Tool is supported with
VMware Cloud Foundation 4.2.1 and later. This release also supports VxRail Manager patching of VMware Cloud Foundation on VxRail.
Note: Standalone ESXi async patches are not supported with VMware Cloud Foundation on Dell VxRail. Applying a VxRail Manager async patch also patches ESXi.
The process for downloading and uploading patches varies depending on whether or not the
SDDC Manager appliance has access to the internet. If the
SDDC Manager appliance has access to the internet (online), you perform all
Async Patch Tool operations from the
SDDC Manager appliance. If the
SDDC Manager appliance does not have access to the internet (offline), you perform some operations from a computer with internet access and some operations from the
SDDC Manager appliance. See:
- Apply an Async Patch to VMware Cloud Foundation in Online Mode
- Apply an Async Patch to VMware Cloud Foundation in Offline Mode
Important:
SDDC Manager 5.2 and later support applying async patches directly from the SDDC Manager UI. See
"Patching the Management and Workload Domains".
After you apply an async patch, and one or more of the
VMware Cloud Foundation component versions deviates from the BOM, you may have to use the
Async Patch Tool to enable an upgrade to a later version of
VMware Cloud Foundation.
| Target version | Requires use of Async Patch Tool? |
|---|---|
| VMware Cloud Foundation 4.y | Yes. If you are upgrading an async patched system from VMware Cloud Foundation 4.x to 4.y, you must use the Async Patch Tool to enable the upgrade.
For example, if you apply a
vCenter Server patch to a
VMware Cloud Foundation 4.5.0 instance, you must use the
Async Patch Tool to enable an upgrade to
VMware Cloud Foundation 4.5.2. See:
|
| VMware Cloud Foundation 5.x | No.
If you are upgrading an async patched system from
VMware Cloud Foundation 4.x to 5.x or 5.x to 5.x, you do not need to use the
Async Patch Tool to enable the upgrade. Upgrades to 5.x are automatically enabled and you can upgrade using the
SDDC Manager UI or the Bundle Tranfer Utility. See the
VMware Cloud Foundation Lifecycle Management Guide.
Note: You should still use the
Async Patch Tool to deactivate all async patches and run an inventory sync before upgrading to
VMware Cloud Foundation 5.x. See
VCF Async Patch Tool Options for more information.
|
For information about known issues, see the Async Patch Tool Release Notes.
