vCenter 7.0 U3o upgrade process to vCenter 7.0 U3q

2024, Jul 17    

Table of Contents

Summary

This process is how to upgrade existing vCenters on version 7.0 to the latest 7.0 U3q build 23788036 for stability and security patches. Due to CVE-2024-37087 this is a critical update procedure. This procedure is written assuming the vCenter is 100% network isolated and does not have access to directly download from VMware.com to apply updates. My average upgrade time is around one hour however some are taking as long as three hours.

VMware Documentation

vCenter 7.0 Update 3q release notes.

Prerequisites

  1. Confirm the existing vCenter is working as expected and there are no errors or issues.
  2. All hypervisors have to be running ESXi 6.7 or newer.
  3. All VDS need to be at least 6.5.0. You can get the versions of DVS by running the command ‘Get-VDSwitch’ via PowerCLI.
  4. Make sure all of your hypervisors are connected to the vCenter. Any disconnected hypervisors or disabled hypervisors should be addressed prior to starting to ensure best possible outcome.
  5. Create the following as part of the backout/rollback plan:
    1. Create a manual backup of your vCenter through the VAMI.
    2. Create a clone of vCenter VM.
    3. Create a snapshot of the vCenter VM.
  6. Ensure you have plenty of storage on the vCenter virtual appliance by logging into the shell and running the commands ‘df -h’ and looking at the output. You can also run ‘du -x -d1 -h’ which can tell you where there is large space being consumed at. You can also sort files via total file size by using ‘ls -Shal’. Frequently you will find lots of files that can be purged in order to ensure you have plenty of space.
  7. If your root password of the appliance has not been recently changed then log in and confirm it has not expired. If it has then change it prior to starting the upgrade process. To do this log into the vCenter Appliance webpage at https://IP-Address:5480
  8. vCenter License - will NOT need to be upgraded.
  9. Download locations:
    1. vCenter 7.0 Update 3q
    2. Look the file ‘VMware-vCenter-Server-Appliance-7.0.3.01900-23788036-patch-FP.iso’

Upgrade vCenter 7.0 U3o to vCenter 7.0 U3q

  1. Attach the ‘VMware-vCenter-Server-Appliance-7.0.3.01900-23788036-patch-FP.iso’ file to the vCenter appliance CD-ROM.
  2. Log into the VAMI and click on ‘update’ and wait for it to display information. If nothing appears click on the ‘Check updates’ and select ‘Check CD ROM’. Ensure 7.0.3.01900 is selected and click on the ‘Stage and Install’. vCenter Server 7.0 U3q Image 1 vCenter Server 7.0 U3q Image 2
  3. Accept the EULA and select ‘next’. vCenter Server 7.0 U3q Image 3
  4. Allow the prechecks to run and complete. vCenter Server 7.0 U3q Image 4
  5. If asked join the CEIP program and select ‘next’.
  6. Ensure you have backed up the vCenter earlier and select that you have, then click finish. vCenter Server 7.0 U3q Image 5
  7. Allow the process to proceed. The vCenter will reboot at the very end of the process after which you can log back into the VAMI and vCenter. vCenter Server 7.0 U3q Image 6 vCenter Server 7.0 U3q Image 7 vCenter Server 7.0 U3q Image 8

    NOTE: If the conversion of data fails to complete in time then the update will typically spawn a ‘resume’ button. If it does then click the button to allow the process to proceed normally.

  8. Log into the vCenter to ensure it is working as expected. vCenter Server 7.0 U3q Image 9

Backout/Rollback Plan

  1. Revert to the snapshot created at the first upgrade step. Confirm the snapshot allowed the configuration to come back online, if it does not then proceed to next step.
  2. Restore the clone that was created in the second upgrade step. Confirm the clone allowed the configuration to come back online, if it does not then proceed to next step.
  3. Create a new vCenter appliance and restore backups created in VAMI interface. Confirm this step allows the vCenter to come back online, if it does not then proceed to next step.
  4. Contact VMware customer service by creating a new Service Request.