General Considerations

• vSphere Lifecycle Manager supports the remediation of ESXi hosts against patch, extension, and upgrade baselines.
• You can initiate remediation manually or schedule a regular remediation task to run at a time that is convenient for you.
• You can remediate a single ESXi host or multiple hosts in a container object. You can initiate remediation at a folder, a cluster, a data center, and even vCenter Server level.
  Note: If you initiate remediation against a baseline for an object that contains clusters that use a single vSphere Lifecycle Manager image, remediation is not performed on those clusters.
• By default, the remediation process runs sequentially. That is, vSphere Lifecycle Manager remediates the hosts in a cluster or another container object one by one. However, you can configure vSphere Lifecycle Manager to remediate multiple hosts in parallel.
• If a vCenter Server instance is connected to other vCenter Server systems by a common vCenter Single Sign-On domain, you can remediate only the inventory objects managed by the vCenter Server system where the vSphere Lifecycle Manager instance that you use runs.
• To remediate vSphere objects against baselines or baseline groups, you must have the Remediate to Apply Patches, Extensions, and Upgrades privilege. For more information about managing users, groups, roles, and permissions, see the vSphere Security documentation.

  For a list of all vSphere Lifecycle Manager privileges and their descriptions, see vSphere Lifecycle Manager Privileges For Using Baselines.

• If a vCenter HA failover is initiated during the remediation of a cluster, the remediation task is canceled. After the failover finishes, you must restart the remediation task on the new node.

Orchestrated Upgrades of ESXi Hosts

You can use baseline groups to perform an orchestrated upgrade of the ESXi hosts in your environment. The baseline group might contain a single host upgrade baseline and multiple patch or extension baselines, or multiple patch and extension baselines. vSphere Lifecycle Manager first upgrades the hosts and then applies the patch or extension baselines. Because the upgrade runs first and patches are applicable to a specific host version, the orchestrated workflow ensures that no patches are lost during the upgrade.

Orchestrated upgrades can be performed at a host, cluster, folder, or a data center level.

Instead of creating a baseline group, you can select and work with multiple baselines instead of grouping them into a baseline group first.

Maintenance Mode

If the update requires it, vSphere Lifecycle Manager puts hosts into maintenance mode during remediation. Virtual machines cannot run when a host is in maintenance mode. To ensure a consistent user experience, vCenter Server migrates the virtual machines to other hosts within the cluster before the host is put in maintenance mode. vCenter Server can migrate the virtual machines if the cluster is configured for vMotion and if VMware Distributed Resource Scheduler (DRS) and VMware Enhanced vMotion Compatibility (EVC) are enabled. However, EVC is not a prerequisite for vMotion. EVC guarantees that the CPUs of the hosts are compatible. For container objects or individual hosts that are not in a cluster, migration with vMotion cannot be performed. After remediation, hosts exit maintenance mode. In case of failure during remediation, hosts might be unable to exit maintenance mode.

Parallel Remediation

You can enable vSphere Lifecycle Manager to remediate in parallel the hosts within a cluster that uses baselines. Parallel remediation reduces the time needed for patching or upgrading the hosts in your environment. You can remediate in parallel only ESXi hosts that are already in maintenance mode. During parallel remediation, hosts do not enter maintenance mode automatically. Similarly, after remediation finishes, the hosts do not exit maintenance mode automatically. To remediate hosts in parallel, you must manually enter and exit maintenance mode. If you enable parallel remedation, vSphere Lifecycle Manager does not remediate the ESXi hosts that are not in maintenance mode.

When you configure vSphere Lifecycle Manager to remediate hosts in parallel, you can set the maximum number of hosts to be remediated in a single remediation task. Alternatively, you can let vSphere Lifecycle Manager to remediate all hosts in maintenance mode in parallel.

When you remediate hosts in parallel, if the remediation of a single host fails, the remediation task for the entire cluster does not stop and the rest of the hosts are remediated successfully. After remediation finishes, vSphere Lifecycle Manager reports an error for the respective host.

Parallel remediation is deactivated by default, but you can enable it during remediation or in the vSphere Lifecycle Manager general remediation settings.

You cannot remediate in parallel hosts in a vSAN cluster.

Remediation Pre-Check

Before you remediate an object, you can perform a remediation pre-check on the object. During that check, vSphere Lifecycle Manager identifies possible issues that might prevent successful remediation and takes or suggests actions to fix the issues.

For more information about the possible issues that might prevent successful remediation, see Remediation Pre-Check Report.

Remediation of PXE Booted ESXi Hosts

vSphere Lifecycle Manager lets you remediate PXE booted ESXi hosts. vSphere Lifecycle Manager does not apply the patches that require a reboot to PXE booted ESXi hosts.

If there is any additional software installed on the PXE booted ESXi host, the software might be lost if the host restarts. Update your image profile with the additional software so that it will be present after the reboot.

To patch PXE booted ESXi hosts, you must enable the respective setting in the Edit Settings for Host Remediation dialog box, which you open from the Settings tab in the vSphere Lifecycle Manager home view.