Host remediation runs in different ways depending on the types of baselines you attach and whether the host is in a cluster or not.
Remediation of Hosts in a Cluster
For ESXi hosts in a cluster, the remediation process is sequential by default. With Update Manager, you can select to run host remediation in parallel.
When you remediate a cluster of hosts sequentially and one of the hosts fails to enter maintenance mode, Update Manager reports an error, and the process stops and fails. The hosts in the cluster that are remediated stay at the updated level. The ones that are not remediated after the failed host remediation are not updated. If a host in a DRS enabled cluster runs a virtual machine on which Update Manager or vCenter Server are installed, DRS first attempts to migrate the virtual machine running vCenter Server or Update Manager to another host, so that the remediation succeeds. In case the virtual machine cannot be migrated to another host, the remediation fails for the host, but the process does not stop. Update Manager proceeds to remediate the next host in the cluster.
The host upgrade remediation of ESXi hosts in a cluster proceeds only if all hosts in the cluster can be upgraded.
Remediation of hosts in a cluster requires that you temporarily disable cluster features such as VMware DPM and HA admission control. Also, turn off FT if it is enabled on any of the virtual machines on a host, and disconnect the removable devices connected to the virtual machines on a host, so that they can be migrated with vMotion. Before you start a remediation process, you can generate a report that shows which cluster, host, or virtual machine has the cluster features enabled. For more information, see Pre-Check Remediation Report.
When you perform remediation on a cluster that consists of not more than two hosts, disabling HA admission control might not be enough to ensure successful remediation. You might need to disable vSphere Availability (HA) on the cluster. If you keep HA enabled, remediation attempts on host in the cluster fail, because HA cannot provide recommendation to Update Manager to place any of the hosts into maintenance mode. The reason is that if one of the two hosts is placed into maintenance mode there is no failover host left available in the cluster. To ensure successful remediation on a 2-node cluster, disable HA on the cluster or place the hosts in maintenance mode manually and then perform remediate the two host in the cluster.
When you remediate a cluster of hosts in parallel, Update Manager remediates multiple hosts concurrently. During parallel remediation, if Update Manager encounters an error when remediating a host, it ignores the host and the remediation process continues for the other hosts in the cluster. Update Manager continuously evaluates the maximum number of hosts it can remediate concurrently without disrupting DRS settings. You can limit the number of concurrently remediated hosts to a specific number.
Update Manager remediates hosts that are part of a vSAN cluster sequentially even if you select the option to remediate them in parallel. The reason is that by design only one host from a vSAN cluster can be in a maintenance mode at any time.
For multiple clusters under a data center, the remediation processes run in parallel. If the remediation process fails for one of the clusters within a data center, the remaining clusters are still remediated.
Remediation Against Multiple Baselines or Baseline Groups
Since vCenter Server 6.7 Update 2, you can select multiple baselines instead of grouping them in a baseline group first. When you remediate hosts against multiple baselines or baseline groups containing an upgrade baseline and patch or extension baselines, the upgrade is performed first.
Host Upgrade Remediation
When you upgrade an ESXi 6.0 and ESXi 6.5 host to ESXi 6.7, all supported custom VIBs remain intact on the host after the upgrade, regardless of whether the VIBs are included in the installer ISO. This is because ESXi 6.x hosts are binary compatible.
You can upgrade hosts by using custom ESXi images that contain third-party modules for ESXi 6.7. In such a case, third-party modules that are compatible with ESXi 6.7 stay available on the upgraded host.
Host upgrade in a high-latency network in which Update Manager and the hosts are at different locations might take a few hours because the upgrade file is copied from the Update Manager server repository to the host before the upgrade. During this time, the host stays in maintenance mode.
Update Manager 6.7 supports upgrade from ESXi 6.0.x and ESXi 6.5.x to ESXi 6.7.
After you have upgraded your host to ESXi 6.7, you cannot roll back to your version ESXi 6.0.x or ESXi 6.5.x software. Back up your host configuration before performing an upgrade. If the upgrade fails, you can reinstall the ESXi 6.0.x or ESXi 6.5.x software that you upgraded from, and restore your host configuration. For more information about backing up and restoring your ESXi configuration, see vSphere Upgrade.
Host Patch Remediation
Update Manager handles host patches in the following ways:
If a patch in a patch baseline requires the installation of another patch, Update Manager detects the prerequisite in the patch repository and installs it together with the selected patch.
If a patch is in a conflict with other patches that are installed on the host, the conflicting patch might not be staged or installed. However, if another patch in the baseline resolves the conflicts, the conflicting patch is installed. For example, consider a baseline that contains patch A and patch C, and patch A conflicts with patch B, which is already installed on the host. If patch C obsoletes patch B, and patch C is not in a conflict with patch A, the remediation process installs patches A and C.
If a patch is in a conflict with the patches in the Update Manager patch repository and is not in a conflict with the host, after a scan, Update Manager reports this patch as a conflicting one. You can stage and apply the patch to the host.
When multiple versions of the same patch are selected, Update Manager installs the latest version and skips the earlier versions.
During patch remediation, Update Manager automatically installs the prerequisites of patches.
With Update Manager 6.7, you can remediate hosts of version ESXi 6.0 and ESXi 6.5 against offline bundles that you have imported manually.
You can stage patches before remediation to reduce host downtime.
Host Extension Remediation
During extension remediation, Update Manager does not automatically install the prerequisites of the extension. This might cause some remediation operations to fail. If the missing prerequisite is a patch, you can add it to a patch baseline. If the missing prerequisite is an extension, you can add it to the same or another extension baseline. You can then remediate the host against the baseline or baselines that contain the prerequisite and the original extension.
Remediation of PXE Booted ESXi Hosts
Update Manager lets you remediate PXE booted ESXi hosts. Update Manager does not apply patches that require a reboot to PXE booted ESXi hosts.
If there is any additional software installed on the PXE booted ESXi host, the software might be lost if the host restarts. Update your image profile with the additional software so that it will be present after the reboot.