Whenever new image is released by VMware you may want to patch ESXi. This will be happening probably 4 or 5 times in year. In this case you just need to modify deploy rule, test it and repair it.
When you change deploy rule it applies to all ESXi hosts, instead first test the patch on test server.
Use Apply-ESXImageProfile for testing VIB/Updates. Apply-ESXImageProfile updates the associations between the host and image profile. Take one of the least important host, e.g. test host. Use below CMDLET
First you may want to create software depot as shown below
$NewImage=Get-EsxImageProfile –Name “NewImageName”
Apply-EsxImageProfile -$NewImage (Get-VMHost “Test ESXi Host”)
Reboot the host (evacuated any VM’s before you reboot)
Check the host stability after reboot
Check if the new image is applied by using following cmdlet
Get-VMHostImageProfile -Entity (Get-VMHost “Test ESXi Host”)
Follow below method for all other ESXi Host
Once new image looks stable you can proceed to apply ESXi image to other remaining hosts
Copy-DeployRule –DeployRule “NameOfYourRule” –ReplaceItem “NewImageName”
Use Test and Repair Rule compliance cmdlet now. This is necessary as ESXi host information is already stored in vCenter, so even if you update the rule, new rule will not be applied to already up & running hosts.
For large number of host, divide host as per cluster and check the compliance of all host per cluster
Get-Cluster | Get-VMhost | Test-DeployRuleSetCompliance | format-table –autosize
Repair the deploy rule using command
Check the compliance after repairing the rule, it is worth noting compliance has passed but actually image is not still yet used by ESXi. ESXi host will use this new image only when you reboot the host
Let’s check the image of ESXi host before rebooting the host
Reboot the host
ESXi version after reboot is updated as seen below