When you set up or import a vSphere Lifecycle Manager image to use with a cluster or host, the software specified in the image is not immediately installed on the hosts in that cluster or on the standalone host. To apply the software specification from the image to the hosts, you must remediate the cluster or the standalone host against that image.

To initiate remediation of a cluster or host, you must have the required privileges. For a list of all vSphere Lifecycle Manager privileges and their descriptions, see vSphere Lifecycle Manager Privileges For Using Images. For more information about managing users, groups, roles, and permissions, see the vSphere Security documentation

During remediation, the image that you set up for the cluster is installed on all ESXi hosts in the cluster.

When you remediate a cluster that contains a single ESXi host or that has vSphere DRS deactivated or in manual mode, the remediation process cannot put that host into maintenance mode. So, to proceed with the remediation, you must power off the virtual machines that are running on the host, move them to another host, or select a user policy that allows the remediation process to power off the virtual machines. You can also set a user policy to power on the virtual machines after the host is remediated.

For vSAN clusters, the remediation operation includes a hardware compatibility check. Depending on how you configure the vSphere Lifecycle Manager remediation settings, vSphere Lifecycle Manager might not proceed with the remediation task if hardware compatibility issues exist. For information about configuring the global vSphere Lifecycle Manager remediation settings, see Configure vSphere Lifecycle Manager Remediation Settings for Clusters or Standalone Hosts that You Manage with a Single Image. For information about configuring the remediation settings for a particular cluster or standalone cluster, see Override the Global vSphere Lifecycle Manager Remediation Settings for a Cluster or Host That You Manage with a Single Image.

Maintenance Mode

If the update requires it, hosts are put into maintenance mode before remediation. Virtual machines cannot run when a host is in maintenance mode. To ensure a consistent user experience,vCenter Server migrates the virtual machines to other hosts within the cluster before a host is put into maintenance mode. vCenter Server can migrate the virtual machines if the cluster is configured for vMotion and if DRS and VMware Enhanced vMotion Compatibility (EVC) are enabled. EVC guarantees that the CPUs of the hosts are compatible, but it is not a prerequisite for vMotion.

You can configure vSphere Lifecycle Manager to deactivate HA admission control for the cluster before remediation. However, deactivating HA admission control before you remediate a two-node cluster that uses a single vSphere Lifecycle Manager image causes the cluster to practically lose all its high availability guarantees. The reason is that when one of the two hosts enters maintenance mode, vCenter Server cannot failover virtual machines to that host and HA failovers are never successful. For more information about HA admission control, see the vSphere Availability documentation.

Parallel Remediation

During the remediation of a cluster against a vSphere Lifecycle Manager image, the ESXi hosts in the cluster are remediated sequentially by default. So, if the remediation for a single host in the cluster fails, the remediation of the entire cluster stops. However, you can configure vSphere Lifecycle Manager to remediate in parallel the hosts within a cluster that uses images. Parallel remediation reduces the overall remediation time and optimizes the maintenance window for the cluster. You can remediate in parallel only ESXi hosts that are already in maintenance mode. During parallel remediation, hosts do not enter maintenance mode automatically. Similarly, after remediation finishes, the hosts do not exit maintenance mode automatically. To remediate hosts in parallel, you must manually enter and exit maintenance mode. If you activate parallel remediation, vSphere Lifecycle Manager does not remediate the ESXi hosts that are not in maintenance mode.

When you configure vSphere Lifecycle Manager to remediate hosts in parallel, you can set the maximum number of hosts to be remediated in a single remediation task. Alternatively, you can let vSphere Lifecycle Manager calculate the optimal number of hosts to remediate in parallel.

When you remediate hosts in parallel, if the remediation of a single host fails, the remediation task for the entire cluster does not stop and the rest of the hosts are remediated successfully. After remediation finishes, vSphere Lifecycle Manager reports an error for the respective host.

Parallel remediation is deactivated by default, but you can activate it during remediation or in the vSphere Lifecycle Manager general remediation settings. Parallel remediation and all other remediation settings apply to remediation tasks that you start in vCenter Server. Solutions such as NSX, for example, might have separate parallel remediation settings.

You cannot remediate in parallel the witness host and the hosts in the associated vSAN cluster. Parallel remediation is also not possible for clusters that are enabled for vSphere IaaS control plane or NSX.

Remediating a DPU-Backed Cluster or Standalone Host

During remediation, vSphere Lifecycle Manager applies VIBs to the ESXi version on the DPU, if the host has a DPU device and the image for the cluster or host contains components with VIBs applicable to the DPU.

Remediate a Cluster Against a Single Image

By remediating a cluster against an image, you apply the software specified in the image to all the hosts in the cluster. So, by remediating a cluster, you make the non-compliant hosts compliant with the image that you set for the cluster.

During remediation, the hosts in the cluster are remediated in sequence by default. You can configure vSphere Lifecycle Manager to remediate hosts in parallel.

The hosts that have the incompatible compliance state are not remediated.

If a vCenter HA failover is initiated during the remediation of a cluster, the remediation task is canceled. After the failover finishes, you must restart the remediation task on the new node.

Prerequisites

Verify that you have the proper privileges. See vSphere Lifecycle Manager Privileges For Using Images.

Procedure

  1. In the vSphere Client, navigate to a cluster that you manage with a single image.
  2. On the Updates tab, select Hosts > Image.
  3. In the Image Compliance card, click the Remediate All button.
    The Review Remediation Impact dialog box appears. The dialog box contains detailed information about all changes that remediation will enforce on the hosts in the cluster.
  4. In the Review Remediation Impact dialog box, review the impact summary, the applicable remediation settings, and the EULA.
  5. To save and review the impact details later, click Export Impact Details.
  6. Accept the EULA by selecting respective check box.
    The check box is selected by default.
  7. Click the Start remediation button.
    The Remediate Cluster task appears in the Recent Tasks pane. You can also observe the progress of the remediation task in the Image Compliance card. If remediation fails, vSphere Lifecycle Manager gives information about the reasons for the failure.

Remediate a Single Host Within a Cluster or a Standalone Host Against an Image

When you remediate a single host within a cluster or a standalone host against the image for the cluster or host, vSphere Lifecycle Manager applies the image to that host only. Remediation is the operation that makes a non-compliant host in the cluster or a standalone host compliant with the image that you use for that cluster or that host.

Prerequisites

Procedure

  1. In the vSphere Client, navigate to a cluster or host that you manage with a single image.
  2. On the Updates tab, select Hosts > Image.
  3. Remediate a host within the cluster or a standalone host.
    Option Action
    Remediate a single host within a cluster.
    1. In the Image Compliance card, select a host from the Hosts list.

      A card with information about the host appears on the right.

    2. Click Actions > Remediate > .

      The Review Remediation Impact dialog box appears. The dialog box contains detailed information about all changes that remediation will enforce on the host.

    Remediate a standalone host.
    1. In the Image Compliance card, click the Remediate button.

      The Review Remediation Impact dialog box appears. The dialog box contains detailed information about all changes that remediation will enforce on the host.

  4. Review the impact summary, the applicable remediation settings, and the EULA.
  5. If you remediate a single host in a cluster, to save and review the impact details later, click Export Impact Details.
  6. Accept the EULA by selecting respective check box.
    The check box is selected by default.
  7. Click the Start remediation button.
    The Remediate Cluster or the Remediate Host tasks appear in the Recent Tasks pane. You can also observe the progress of the remediation task in the Image Compliance card. If remediation fails, vSphere Lifecycle Manager gives information about the reasons for the failure.