0% found this document useful (0 votes)

30 views

Vcf 52 Lifecycle

The VMware Cloud Foundation Lifecycle Management document provides comprehensive guidance on upgrading to VMware Cloud Foundation 5.2.x, including prerequisites, step-by-step instructions, and best practices. It covers the functionality of SDDC Manager during upgrades, the process of downloading upgrade bundles, and troubleshooting common issues. Users are advised to check compatibility and follow specific upgrade sequences to ensure a smooth transition to the new version.

Uploaded by

ThiagoDosSantosNunes

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

30 views

Vcf 52 Lifecycle

Uploaded by

ThiagoDosSantosNunes

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 132

VMware Cloud Foundation

Lifecycle Management
VMware Cloud Foundation 5.2
VMware Cloud Foundation Lifecycle Management

You can find the most up-to-date technical documentation on the VMware by Broadcom website at:

https://docs.vmware.com/

VMware by Broadcom
3401 Hillview Ave.
Palo Alto, CA 94304
www.vmware.com

©
Copyright 2019-2024 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc.
and/or its subsidiaries. For more information, go to https://www.broadcom.com. All trademarks, trade
names, service marks, and logos referenced herein belong to their respective companies.

VMware by Broadcom 2
Contents

1 Upgrading VMware Cloud Foundation to 5.2.x 6

SDDC Manager Functionality During an Upgrade to VMware Cloud Foundation 5.2 7
vSphere UI Client Plug-ins 10
Monitor VMware Cloud Foundation Updates 10
View VMware Cloud Foundation Update History 11
Access VMware Cloud Foundation Upgrade Log Files 12

2 Downloading VMware Cloud Foundation Upgrade Bundles 13

Connect SDDC Manager to a Software Depot for Downloading Bundles 14
Download Bundles Using SDDC Manager 15
Configure a Proxy Server for Downloading VMware Cloud Foundation Bundles 16
Offline Download of VMware Cloud Foundation 5.2.x Upgrade Bundles 17
Offline Download of Independent SDDC Manager Bundles 22
Offline Download of Async Patch Bundles 24
Offline Download of Flexible BOM Upgrade Bundles 27
HCL Offline Download for VMware Cloud Foundation 30
Download Bundles to an Offline Depot 32

3 VMware Cloud Foundation Upgrade Prerequisites 34

4 VMware Cloud Foundation 5.2.x Upgrade Overview 36

5 Upgrade the Management Domain to VMware Cloud Foundation 5.2.x 42

Perform Update Precheck - Versions Prior to SDDC Manager 5.0 43
Perform Update Precheck in SDDC Manager 46
Apply the VMware Cloud Foundation 5.2.x Upgrade Bundle 51
Apply VMware Cloud Foundation Configuration Updates 53
Upgrade VMware Aria Suite Lifecycle and VMware Aria Suite Products for VMware Cloud
Foundation 57
Upgrade NSX for VMware Cloud Foundation in a Federated Environment 58
Download NSX Global Manager Upgrade Bundle 58
Upgrade the Upgrade Coordinator for NSX Federation 59
Upgrade NSX Global Managers for VMware Cloud Foundation 60
Upgrade NSX for VMware Cloud Foundation 5.2.x 60
Upgrade vCenter Server for VMware Cloud Foundation 5.2.x 63
Upgrade ESXi for VMware Cloud Foundation 5.2.1 66
Upgrade ESXi with vSphere Lifecycle Manager Baselines for VMware Cloud Foundation 5.2
68

VMware by Broadcom 3
VMware Cloud Foundation Lifecycle Management

Upgrade vSAN Witness Host for VMware Cloud Foundation 69

Skip Hosts During ESXi Update 71
Upgrade ESXi with Custom ISOs 72
Upgrade ESXi with VMware Cloud Foundation Stock ISO and Async Drivers 75
Upgrade ESXi with vSphere Lifecycle Manager Images for VMware Cloud Foundation 5.2 77
Firmware Updates 83
Update License Keys for a Workload Domain 83
Upgrade vSphere Distributed Switch versions 84
Upgrade vSAN on-disk format versions 85

6 Upgrade VI Workload Domains to VMware Cloud Foundation 5.2.x 86

Plan VI Workload Domain Upgrade 87
Perform Update Precheck in SDDC Manager 88
Upgrade NSX for VMware Cloud Foundation in a Federated Environment 93
Download NSX Global Manager Upgrade Bundle 93
Upgrade the Upgrade Coordinator for NSX Federation 94
Upgrade NSX Global Managers for VMware Cloud Foundation 94
Upgrade NSX for VMware Cloud Foundation 5.2.x 95
Upgrade vCenter Server for VMware Cloud Foundation 5.2.x 98
Upgrade ESXi for VMware Cloud Foundation 5.2.1 101
Upgrade ESXi with vSphere Lifecycle Manager Baselines for VMware Cloud Foundation 5.2
103
Upgrade vSAN Witness Host for VMware Cloud Foundation 104
Skip Hosts During ESXi Update 106
Upgrade ESXi with Custom ISOs 107
Upgrade ESXi with VMware Cloud Foundation Stock ISO and Async Drivers 110
Upgrade ESXi with vSphere Lifecycle Manager Images for VMware Cloud Foundation 5.2 112
Firmware Updates 118
Update License Keys for a Workload Domain 118
Upgrade vSphere Distributed Switch versions 119
Upgrade vSAN on-disk format versions 120
Post Upgrade Steps for NFS-Based VI Workload Domains 120

7 Independent SDDC Manager Upgrade using the SDDC Manager UI 122

8 Flexible BOM Upgrade in VMware Cloud Foundation 124

9 Patching the Management and Workload Domains 127

10 Troubleshooting for Upgrading VMware Cloud Foundation 129

SDDC Manager Troubleshooting 129
On-demand pre-checks for vCenter bundle might fail 129

VMware by Broadcom 4
VMware Cloud Foundation Lifecycle Management

SDDC Manager bundle pre-check failure when upgrading to VMware Cloud Foundation 5.1
130
Extra RPM packages on SDDC Manager may cause upgrade failure 130
False warning for missing compatibility data in plan upgrade wizard 131
Updating licenses for a WLD shows insufficient license error 131
vCenter Troubleshooting 132
vCenter Server Upgrade Failed Due to Reuse of Temporary IP Address 132

VMware by Broadcom 5
Upgrading VMware Cloud
Foundation to 5.2.x 1
This VMware Cloud Foundation Lifecycle Management document describes how to manage the
lifecycle of a VMware Cloud Foundation environment. The information includes prerequisites,
step-by-step configuration instructions, and suggested best practices.

Note Review the VMware Interoperability Matrix to verify compatibility and upgradability before
planning and starting an upgrade.

You can perform a sequential or skip-level upgrade to VMware Cloud Foundation 5.2.x from
VMware Cloud Foundation 4.5 or later. If your environment is at a version earlier than 4.5,
you must upgrade the management domain and all VI workload domains to VMware Cloud
Foundation 4.5 or later before you can upgrade to VMware Cloud Foundation 5.2.x.

Caution vSphere with Tanzu enabled clusters, may require a specific upgrade sequence. See KB
92227 for more information.

The first step is to download the bundles for each VMware Cloud Foundation component that
requires an upgrade. After all of the bundles are available in SDDC Manager, upgrade the
management domain and then your VI workload domains.

n Chapter 5 Upgrade the Management Domain to VMware Cloud Foundation 5.2.x

n Chapter 6 Upgrade VI Workload Domains to VMware Cloud Foundation 5.2.x

Read the following topics next:

n SDDC Manager Functionality During an Upgrade to VMware Cloud Foundation 5.2

n vSphere UI Client Plug-ins

n Monitor VMware Cloud Foundation Updates

n View VMware Cloud Foundation Update History

n Access VMware Cloud Foundation Upgrade Log Files

VMware by Broadcom 6
VMware Cloud Foundation Lifecycle Management

SDDC Manager Functionality During an Upgrade to VMware

Cloud Foundation 5.2
During the upgrade to VMware Cloud Foundation 5.2, some SDDC Manager functionality may be
limited during each phase of the upgrade. Prior to initiating the upgrade determine if you will
need to perform any of these tasks.

Upgrade States and Terminology

n Source BOM - Prior to initiating the upgrade all components are at VMware Cloud Foundation
4.5.x, 5.0, or 5.1.

n SDDC Manager only - You have updated SDDC Manager to 5.2, but none of the other BOM
components.

n Split BOM - Management domain or VI Workload Domain is only partially updated to VMware
Cloud Foundation 5.2.

n Mixed 4.5.x/5.x BOM - Some workload domains (Management or VI) have been completely
upgraded to VMware Cloud Foundation 5.2 and at least one VI Workload Domain is at the
Source 4.5.x BOM version.

n Mixed 5.x BOM - Some workload domains (Management or VI) have been completely
upgraded to VMware Cloud Foundation 5.2 and at least one VI Workload Domain is at the
Source 5.0 or 5.1 BOM version.

n Target BOM - All components are at VMware Cloud Foundation 5.2.

When a VMware Cloud Foundation instance is in Source BOM or Target BOM, the features
available within SDDC Manager are as expected for that given release. However when in a Mixed
BOM the operations available vary per workload domain depending on which state the domain
itself is in.

The following table indicates the functions available within SDDC Manager during an upgrade.

Table 1-1. SDDC Manager Functionality During Upgrade

SDDC Manager Mixed 4.5.x/5.x
Category Feature only Split BOM BOM Mixed 5.x BOM

Backup / Restore Configure and Y Y Y Y

perform Backup /
Restore

CEIP Activate / Y Y Y Y
Deactivate CEIP

Certificate View/Generate/ Y Y Y Y
Management Upload/Install

NSX Edge Expand edge Y Y Y Y

Cluster cluster

DNS / NTP Validate / Y Y Y Y

configuration Configure DNS

VMware by Broadcom 7
VMware Cloud Foundation Lifecycle Management

Table 1-1. SDDC Manager Functionality During Upgrade (continued)

SDDC Manager Mixed 4.5.x/5.x
Category Feature only Split BOM BOM Mixed 5.x BOM

Validate / Y Y Y Y
Configure NTP

Hosts Commission / Y Y Y Y
Decommission
Host

Licensing Update License Y Y Y Y

Key Information

Add License Key Y Y Y Y

Relicensing Y Y Y Y

License check Y Y Y Y

LCM Connect to Y Y Y Y
VMware or
Dell Depot /
Download
Bundles

LCM Pre checks Y Y Y Y

Schedule Bundle Y Y Y Y
Download

Install vCenter Y Y Y Y
Patch

Install ESXi Patch Y Y Y Y

Install NSX Patch Y Y Y Y

Networking Create / Edit / Y Y Y Y

Delete Network
Pool

Password Rotate/Update/ Y Y Y Y
Management Retry/Cancel

User Operations Add / Remove Y Y Y Y

User / Group

Workload Add/Remove Y Y Y Y
Domain ESXi Host

Add/Remove Y Y Y Y
vSphere Cluster

VMware by Broadcom 8
VMware Cloud Foundation Lifecycle Management

Table 1-1. SDDC Manager Functionality During Upgrade (continued)

SDDC Manager Mixed 4.5.x/5.x
Category Feature only Split BOM BOM Mixed 5.x BOM

Add 4.5.x Y Y Y N/A

Workload If the If the If the
Domain management management management
domain is at domain is at domain is at
4.5.x. 4.5.x. 4.5.x.

Note Contact Note Contact Note Contact

Broadcom Broadcom Broadcom
Support for a Support for a Support for a
workaround if workaround if workaround if
the management the management the management
domain is at 5.x. domain is at 5.x. domain is at 5.x.

Add 5.x Y Y Y Y
Workload
Domain in ELM
mode

Add 5.x Isolated Y Y Y Y

Workload
Domain

Remove 4.5.x Y Y Y N/A

Workload
Domain

Remove 5.0 Y Y Y Y
Workload
Domain

Stretch a You cannot You cannot You cannot Y

vSphere Cluster stretch clusters stretch clusters stretch clusters
in 4.5.x workload in 4.5.x workload in 4.5.x workload
domains, but can domains, but can domains, but can
stretch cluster stretch cluster stretch cluster
in 5.x workload in 5.x workload in 5.x workload
domains. domains. domains.

Unstretch a You cannot You cannot You cannot Y

vSphere Cluster unstretch unstretch unstretch
clusters in clusters in clusters in
4.5.x workload 4.5.x workload 4.5.x workload
domains, but can domains, but can domains, but can
unstretch cluster unstretch cluster unstretch cluster
in 5.x workload in 5.x workload in 5.x workload
domains. domains. domains.

VMware by Broadcom 9
VMware Cloud Foundation Lifecycle Management

Table 1-1. SDDC Manager Functionality During Upgrade (continued)

SDDC Manager Mixed 4.5.x/5.x
Category Feature only Split BOM BOM Mixed 5.x BOM

Expand a You cannot You cannot You cannot Y

Stretched expand clusters expand clusters expand clusters
vSphere Cluster in 4.5.x workload in 4.5.x workload in 4.5.x workload
domains, but can domains, but can domains, but can
expand clusters expand clusters expand clusters
in 5.x workload in 5.x workload in 5.x workload
domains. domains. domains.

Shrink a You cannot You cannot You cannot Y

Stretched shrink clusters in shrink clusters in shrink clusters in
vSphere Cluster 4.5.x workload 4.5.x workload 4.5.x workload
domains, but can domains, but can domains, but can
shrink clusters shrink clusters shrink clusters
in 5.x workload in 5.x workload in 5.x workload
domains. domains. domains.

vSphere UI Client Plug-ins

Identify all vSphere UI client plug-ins prior to the upgrade.

It may be possible to upgrade some vSphere UI client plug-ins before upgrading to vSphere
8.0. Contact your 3rd Party vendor to determine the best upgrade path.

Monitor VMware Cloud Foundation Updates

You can monitor in-progress updates for VMware Cloud Foundation components.

Procedure

1 In the In-Progress Updates section, click View Status to view the high-level update progress
and the number of components to be updated.

2 Details of the component being updated is shown below that. The image below is an example
and may not reflect the actual versions.

VMware by Broadcom 10
VMware Cloud Foundation Lifecycle Management

3 Click the arrow to see a list of tasks being performed to update the component. As the task is
completed, it shows a green check mark.

4 When all tasks to update a component have been completed, the update status for the
component is displayed as Updated.

5 If a component fails to be updated, the status is displayed as Failed. The reason for the failure
as well as remediation steps are displayed. The image below is an example and may not
reflect the actual versions in your environment.

6 After you resolve the issues, you can retry the update.

View VMware Cloud Foundation Update History

The Update History page displays all updates applied to a workload domain.

Procedure

1 In the navigation pane, click Inventory > Workload Domains.

2 Click the name of a workload domain and then click the Update History tab.

All updates applied to this workload domain are displayed. If an update bundle was applied
more than once, click View Past Attempts to see more information.

VMware by Broadcom 11
VMware Cloud Foundation Lifecycle Management

Access VMware Cloud Foundation Upgrade Log Files

You can check the log files for failed upgrades to help troubleshoot and resolve issues.

1 SSH in to the SDDC Manager appliance with the vcf user name and enter the password.

2 To access upgrade logs, navigate to the /var/log/vmware/vcf/lcm directory.

n lcm-debug log file contains debug level logging information.

n lcm.log contains information level logging.

3 To create an sos bundle for support, see Supportability and Serviceability (SoS) Utility in the
VMware Cloud Foundation Administration Guide.

VMware by Broadcom 12
Downloading VMware Cloud
Foundation Upgrade Bundles 2
Before you can upgrade VMware Cloud Foundation, you must download the upgrade bundles for
each VMware Cloud Foundation component that requires an upgrade.

Online and Offline Downloads

If the SDDC Manager appliance can connect to the internet (either directly or through a proxy
server), you can download upgrade bundles from the VMware Depot using your Broadcom
Support Portal account.

If the SDDC Manager appliance cannot connect to the internet, you can use the Bundle Transfer
Utility or connect to an offline depot.

See Public URL list for SDDC Manager for information about the URLs that must be accessible to
download bundles.

Other Bundle Types

In addition to upgrade bundles, VMware Cloud Foundation includes the following bundle types:

n Install Bundles

An install bundle includes software binaries to install VI workload domains (vCenter Server
and NSX) and VMware Aria Suite Lifecycle. You download install bundles using the same
process that you use for upgrade bundles.

n Async Patch Bundles

An async patch bundle allows you to apply critical patches to certain VMware Cloud
Foundation components (NSX Manager, vCenter Server, and ESXi) when an update or
upgrade bundle is not available. If you are running VMware Cloud Foundation 5.1 or earlier,
you must use the Async Patch Tool to download an async patch bundle. See Async Patch
Tool. Starting with VMware Cloud Foundation 5.2, you can download async patches using the
SDDC Manager UI or Bundle Transfer Utility.

Read the following topics next:

n Connect SDDC Manager to a Software Depot for Downloading Bundles

n Download Bundles Using SDDC Manager

VMware by Broadcom 13
VMware Cloud Foundation Lifecycle Management

n Offline Download of VMware Cloud Foundation 5.2.x Upgrade Bundles

n Offline Download of Independent SDDC Manager Bundles

n Offline Download of Async Patch Bundles

n Offline Download of Flexible BOM Upgrade Bundles

n HCL Offline Download for VMware Cloud Foundation

n Download Bundles to an Offline Depot

Connect SDDC Manager to a Software Depot for

Downloading Bundles
SDDC Manager can connect to a software depot to download software bundles, compatibility
data, and more.

SDDC Manager supports two types of software depots:

n Online depot

n Offline depot

You can only connect SDDC Manager to one type of depot. If SDDC Manager is connected to an
online depot and you configure a connection to an offline depot, the online depot connection is
disabled and deleted.

Prerequisites

To connect to the online depot, SDDC Manager must be able to connect to the internet, either
directly or through a proxy server.

To connect to an offline depot, you must first configure it. See KB 312168 for information about
the requirements and process for creating an offline depot. To download bundles to an offline
depot, see "Download Bundles to an Offline Depot" in the VMware Cloud Foundation Lifecycle
Management Guide.

Procedure

1 In the navigation pane, click Administration > Depot Settings.

VMware by Broadcom 14
VMware Cloud Foundation Lifecycle Management

2 Connect SDDC Manager to an online depot or an offline depot.

Depot Type Configuration Steps

Online 1 Click Authenticate for the VMware Depot.

2 Type your Broadcom Support Portal user name and
password.
3 Click Authenticate

Offline 1 Click Set Up for the Offline Depot.

2 Enter the following information for the offline depot:
n FQDN or IP address
n Port number
n User name
n Password
3 Click Set Up.

SDDC Manager attempts to connect to the depot. If the connection is successful, SDDC
Manager starts looking for available bundles. To view available bundles, click Lifecycle
Management > Bundle Management and then click the Bundles tab. It may take some time
for all available bundles to appear.

Download Bundles Using SDDC Manager

After you connect SDDC Manager to an online or offline depot, you can view and download
available upgrade bundles.

VMware by Broadcom 15
VMware Cloud Foundation Lifecycle Management

If SDDC Manager does not have direct internet access, configure a proxy server or use the
Bundle Transfer Utility for offline bundle downloads.

n Configure a Proxy Server for Downloading VMware Cloud Foundation Bundles

n Offline Download of VMware Cloud Foundation 5.2.x Upgrade Bundles

When you download bundles, SDDC Manager verifies that the file size and checksum of the
downloaded bundles match the expected values.

Prerequisites

Connect SDDC Manager to an online or offline depot. See Connect SDDC Manager to a Software
Depot for Downloading Bundles.

Procedure

1 In the navigation pane, click Lifecycle Management > Bundle Management.

2 Click the Bundles tab to view available bundles.

Note If you just connected SDDC Manager to a depot, it can take some time for bundles to
appear.

All available bundles are displayed. Install bundles display an Install Only Bundle label. If the
bundle can be applied right away, the Bundle Details column displays the workload domains
to which the bundle needs to be applied to, and the Availability column says Available. If
another bundle must be applied before a particular bundle, the Availability field displays
Future.

To view more information about the bundle, click View Details. The Bundle Details section
displays the bundle version, release date, and additional details about the bundle.

3 For the bundle you want to download, do one of the following:

n Click Download Now for an immediate download.

The bundle download begins right away.

n Click Schedule Download to schedule a download.

Select the date and time for the bundle download and click Schedule.

4 Click the Download History tab to see the downloaded bundles.

Configure a Proxy Server for Downloading VMware Cloud

Foundation Bundles
If SDDC Manager does not have direct internet access, you can configure a proxy server
to download bundles. VMware Cloud Foundation 5.2 and later support proxy servers with
authentication.

VMware by Broadcom 16
VMware Cloud Foundation Lifecycle Management

Procedure

1 In the navigation pane, click Administration > Proxy Settings.

2 Click Set Up Proxy.

3 Toggle the Enable Proxy setting to the on position.

4 Select HTTP or HTTPS.

5 Enter the proxy server IP address and port number.

6 If your proxy server requires authentication, toggle the Authentication setting to the on
position and enter the user name and password.

7 Click Save.

What to do next

You can now download bundles as described in Download Bundles Using SDDC Manager.

Offline Download of VMware Cloud Foundation 5.2.x

Upgrade Bundles
If the SDDC Manager appliance does not have access to the VMware Depot, you can use the
Bundle Transfer Utility to download the bundles to a different computer and then upload them to
the SDDC Manager appliance.

Using the Bundle Transfer Utility to upgrade to VMware Cloud Foundation 5.2.x involves the
following steps:

n Download the latest version of the Bundle Transfer Utility.

n On a computer with access to the internet, use the Bundle Transfer Utility to download the
bundles and other required files.

n Copy the bundles and other required files to the SDDC Manager appliance.

n On the SDDC Manager appliance, use the Bundle Transfer Utility to upload the bundles and
other required files to the internal LCM repository.

If the computer with internet access can only access the internet using a proxy server, use the
following options when downloading:

VMware by Broadcom 17
VMware Cloud Foundation Lifecycle Management

Option Description

--proxyServer, --ps Provide the proxy server FQDN and port.

For example: --proxyServer proxy.example.com:3128.

--proxyHttps Add this option if the proxy server uses HTTPs.

To use this option, the proxy certificate must be added to
Bundle Transfer Utility JRE default trust store. For example:

./btuJre/lin64/bin/keytool -importcert
-file proxy.crt -keystore ./btuJre/lin64/lib/
security/cacerts

--proxyUser For a proxy server that requires authentication, enter the

user name.

--proxyPasswordFile For a proxy server that requires authentication, enter the

path to a file where the password for proxy authentication
is stored. The file content is used as the proxy password.
For example, --proxyPasswordFile ../../
password.txt.

Example that combines the options:

./lcm-bundle-transfer-util --download --manifestDownload --depotUser Username --proxyServer

proxy.example.com:3128 --proxyUser vmwuser --proxyPasswordFile ../../password.txt --
proxyHttps

Prerequisites

n A Windows or Linux computer with internet connectivity (either directly or through a proxy)
for downloading the bundles and other required files.

n Configure TCP keepalive in your SSH client to prevent socket connection timeouts when
using the Bundle Transfer Utility for long-running operations.

Note The Bundle Transfer Utility is the only supported method for downloading bundles. Do not
use third-party tools or other methods to download bundles.

Procedure

1 Download the most recent version of the Bundle Transfer Utility on a computer with internet
access.

a Log in to the Broadcom Support Portal and browse to My Downloads > VMware Cloud
Foundation.

b Click the version of VMware Cloud Foundation to which you are upgrading.

c Click Drivers & Tools.

d Click the download icon for the Bundle Transfer Utility.

VMware by Broadcom 18
VMware Cloud Foundation Lifecycle Management

e Extract lcm-tools-prod.tar.gz.

f Navigate to the lcm-tools-prod/bin/ and confirm that you have execute permission on all
folders.

2 Download bundles and other artifacts to the computer with internet access.

a Download the manifest file.

This is a structured metadata file that contains information about the VMware product
versions included in the release Bill of Materials.

./lcm-bundle-transfer-util --download --manifestDownload --depotUser Username

For --depotUser, enter your Broadcom Support Portal user name.

Note the location to which the Bundle Transfer Utility downloads the manifest. You will
use this as the --sourceManifestDirectory when you upload the manifest. For example:

b Download the compatibility data.

./lcm-bundle-transfer-util --download --compatibilityMatrix --depotUser Username

To specify a download location, use --outputDirectory followed by the path to the

directory.

c Download the vSAN HCL file.

./lcm-bundle-transfer-util --vsanHclDownload

VMware by Broadcom 19
VMware Cloud Foundation Lifecycle Management

d Download the upgrade bundles.

./lcm-bundle-transfer-util --download --outputDirectory absolute-path-output-dir --

depotUser Username --sv current-vcf-version --p target-vcf-version

where
absolute-path- Path to the directory where the bundle files should be downloaded. This directory folder
output-dir must have 777 permissions.
If you do not specify the download directory, bundles are downloaded to the default
directory with 777 permissions.

depotUser User name for the Broadcom Support Portal. You will be prompted to enter the user
password. If there are any special characters in the password, specify the password
within single quotes.

current-vcf- Current version of VMware Cloud Foundation. For example, 4.5.2.0.

version

target-vcf- Target version of VMware Cloud Foundation. For example, 5.2.1.0.

version

Follow the prompts in the Bundle Transfer Utility.

e Specify the bundles to download.

Enter one of the following options:

n all

n install

n patch

You can also enter a comma-separated list of bundle names to download specific
bundles. For example: bundle-38371, bundle-38378.
Download progress for each bundle is displayed. Wait until all bundles are downloaded
successfully.

3 Copy the following files/directories to the SDDC Manager appliance.

n Bundle Transfer Utility

n Manifest file

n Compatibility data file (VmwareCompatibilityData.json)

n vSAN HCL

n Entire bundle output directory

You can select any location on the SDDC Manager appliance that has enough free space
available. For example, /nfs/vmware/vcf/nfs-mount/.

VMware by Broadcom 20
VMware Cloud Foundation Lifecycle Management

4 Copy the bundle transfer utility to the SDDC Manager appliance.

a SSH in to the SDDC Manager appliance using the vcf user account.

b Enter su to switch to the root user.

c Create the lcm-tools directory.

mkdir /opt/vmware/vcf/lcm/lcm-tools

Note If the /opt/vmware/vcf/lcm/lcm-tools directory already exists with an older

version of the Bundle Transfer Utility, you need to delete contents of the existing
directory before proceeding.

d Copy the Bundle Transfer Utility file (lcm-tools-prod.tar.gz) that you downloaded in
step 1 to the /opt/vmware/vcf/lcm/lcm-tools directory.

e Extract the contents of lcm-tools-prod.tar.gz.

tar -xvf lcm-tools-prod.tar.gz

f Set the permissions for the lcm-tools directory.

cd /opt/vmware/vcf/lcm/

chown vcf_lcm:vcf -R lcm-tools

chmod 750 -R lcm-tools

5 From the SDDC Manager appliance, use the Bundle Transfer Utility to upload the bundles and
artifacts.

a Upload the manifest file.

./lcm-bundle-transfer-util --update --sourceManifestDirectory Manifest-Directory --

sddcMgrFqdn FQDN --sddcMgrUser Username

Use your vSphere SSO credentials for the --sddcMgrUser parameter.

b Upload the compatibility file.

./lcm-bundle-transfer-util --update --compatibilityMatrix --inputDirectory

compatibility-file-directory --sddcMgrFqdn FQDN --sddcMgrUser Username

VMware by Broadcom 21
VMware Cloud Foundation Lifecycle Management

c Upload the HCL file.

./lcm-bundle-transfer-util --vsanHclUpload --inputDirectory hcl-file-path --

sddcMgrFqdn sddc-manager-fqdn --sddcMgrUser user

d Upload the bundle directory.

./lcm-bundle-transfer-util --upload --bundleDirectory absolute-path-bundle-dir

Offline Download of Independent SDDC Manager Bundles

Once SDDC Manager is upgraded to 5.2 or later, new functionality is introduced that allows you
to get the latest SDDC Manager features and security fixes without having to upgrade the entire
VMware Cloud Foundation BOM. This procedure describes using the Bundle Transfer Utility to
download an SDDC Manager bundle released independently of the VMware Cloud Foundation
BOM when SDDC Manager is not connected to an online depot..

An independent SDDC Manager release includes a fourth digit in its version number, for example
SDDC Manager 5.2.0.1.

n On a computer with access to the internet, use the Bundle Transfer Utility to download the
independent SDDC Manager bundle and other required files.

n Copy the bundle and other required files to the SDDC Manager appliance.

n On the SDDC Manager appliance, use the Bundle Transfer Utility to upload the bundle and
other required files to the internal LCM repository.

If the computer with internet access can only access the internet using a proxy server, use the
following options when downloading:

Option Description

--proxyServer, --ps Provide the proxy server FQDN and port.

For example: --proxyServer proxy.example.com:3128.

--proxyHttps Add this option if the proxy server uses HTTPs.

--proxyUser For a proxy server that requires authentication, enter the

user name.

--proxyPasswordFile For a proxy server that requires authentication, enter the

path to a file where the password for proxy authentication
is stored. The file content is used as the proxy password.
For example, --proxyPasswordFile ../../
password.txt.

Example that combines the options:

./lcm-bundle-transfer-util --download --manifestDownload --depotUser Username --proxyServer

proxy.example.com:3128 --proxyUser vmwuser --proxyPasswordFile ../../password.txt --
proxyHttps

VMware by Broadcom 22
VMware Cloud Foundation Lifecycle Management

Prerequisites

n A Windows or Linux computer with internet connectivity (either directly or through a proxy)
for downloading the bundles and other required files.

n Configure TCP keepalive in your SSH client to prevent socket connection timeouts when
using the Bundle Transfer Utility for long-running operations.

n The computer with internet connectivity and the SDDC Manager appliance must have the
latest version of the Bundle Transfer Utility installed and configured. See Offline Download of
VMware Cloud Foundation 5.2.x Upgrade Bundles for more information.

Procedure

1 Download bundles and other artifacts to the computer with internet access.

a Download the manifest file.

This is a structured metadata file that contains information about the VMware product
versions included in the release Bill of Materials.

./lcm-bundle-transfer-util --download --manifestDownload --depotUser Username

For --depotUser, enter your Broadcom Support Portal user name.

b Download the compatibility data.

./lcm-bundle-transfer-util --download --compatibilityMatrix --depotUser Username

To specify a download location, use --outputDirectory followed by the path to the

directory.

c Download the independent SDDC Manager upgrade bundle.

./lcm-bundle-transfer-util --download --sddcMgrVersion four-digit-sddc-version --

depotUser Username --outputDirectory absolute-path-output-dir

where
depotUser User name for the Broadcom Support Portal. You will be prompted to enter the user
password. If there are any special characters in the password, specify the password
within single quotes.

four-digit-sddc- Target version of SDDC Manager. For example, 5.2.0.1.

version

absolute-path- Path to the directory where the bundle files should be downloaded. This directory folder
output-dir must have 777 permissions.
If you do not specify the download directory, bundles are downloaded to the default
directory with 777 permissions.

Follow the prompts in the Bundle Transfer Utility.

2 Copy the following files/directories to the SDDC Manager appliance.

n Manifest file

VMware by Broadcom 23
VMware Cloud Foundation Lifecycle Management

n Compatibility data file (VmwareCompatibilityData.json)

n Entire bundle output directory

You can select any location on the SDDC Manager appliance that has enough free space
available. For example, /nfs/vmware/vcf/nfs-mount/.

3 From the SDDC Manager appliance, use the Bundle Transfer Utility to upload the bundles and
artifacts.

a Upload the manifest file.

./lcm-bundle-transfer-util --update --sourceManifestDirectory Manifest-Directory --

sddcMgrFqdn FQDN --sddcMgrUser Username

Use your vSphere SSO credentials for the --sddcMgrUser parameter.

b Upload the compatibility file.

./lcm-bundle-transfer-util --update --compatibilityMatrix --inputDirectory

compatibility-file-directory --sddcMgrFqdn FQDN --sddcMgrUser Username

c Upload the bundle directory.

./lcm-bundle-transfer-util --upload --bundleDirectory absolute-path-bundle-dir

What to do next

After the upload completes successfully, you can use the SDDC Manager UI to upgrade SDDC
Manager. See Chapter 7 Independent SDDC Manager Upgrade using the SDDC Manager UI.

Offline Download of Async Patch Bundles

Once SDDC Manager is upgraded to 5.2 or later, a new option for patching VMware Cloud
Foundation components is available in the SDDC Manager UI. This procedure describes using the
Bundle Transfer Utility to download async patches when SDDC Manager is not connected to an
online depot.

Offline download of async patches involves the following steps:

n On a computer with access to the internet, use the Bundle Transfer Utility to download the
async patch bundle and other required files.

n Copy the bundle and other required files to the SDDC Manager appliance.

n On the SDDC Manager appliance, use the Bundle Transfer Utility to upload the bundle and
other required files to the internal LCM repository.

If the computer with internet access can only access the internet using a proxy server, use the
following options when downloading:

VMware by Broadcom 24
VMware Cloud Foundation Lifecycle Management

Option Description

--proxyServer, --ps Provide the proxy server FQDN and port.

For example: --proxyServer proxy.example.com:3128.

--proxyHttps Add this option if the proxy server uses HTTPs.

--proxyUser For a proxy server that requires authentication, enter the

user name.

--proxyPasswordFile For a proxy server that requires authentication, enter the

path to a file where the password for proxy authentication
is stored. The file content is used as the proxy password.
For example, --proxyPasswordFile ../../
password.txt.

Example that combines the options:

./lcm-bundle-transfer-util --download --manifestDownload --depotUser Username --proxyServer

proxy.example.com:3128 --proxyUser vmwuser --proxyPasswordFile ../../password.txt --
proxyHttps

Prerequisites

n A Windows or Linux computer with internet connectivity (either directly or through a proxy)
for downloading the bundles and other required files.

n Configure TCP keepalive in your SSH client to prevent socket connection timeouts when
using the Bundle Transfer Utility for long-running operations.

Procedure

1 Download bundles and other artifacts to the computer with internet access.

a Download the manifest file.

This is a structured metadata file that contains information about the VMware product
versions included in the release Bill of Materials.

./lcm-bundle-transfer-util --download --manifestDownload --depotUser Username

For --depotUser, enter your Broadcom Support Portal user name.

b Download the compatibility data.

./lcm-bundle-transfer-util --download --compatibilityMatrix --depotUser Username

To specify a download location, use --outputDirectory followed by the path to the

directory.

VMware by Broadcom 25
VMware Cloud Foundation Lifecycle Management

c Download the product version catalog.

./lcm-bundle-transfer-util --depotUser Username --download productVersionCatalog --

outputDirectory directory-path

d List the available async patches.

./lcm-bundle-transfer-util --listAsyncPatchBundles --depotUser Username

e Download an async patch.

./lcm-bundle-transfer-util --download --bundle bundle-number --depotUser Username

For example:

./lcm-bundle-transfer-util --download --bundle bundle-12345 --depotUser

[email protected]

2 Copy the following files/directories to the SDDC Manager appliance.

n Manifest file

n Compatibility data file (VmwareCompatibilityData.json)

n Entire bundle output directory

You can select any location on the SDDC Manager appliance that has enough free space
available. For example, /nfs/vmware/vcf/nfs-mount/.

3 From the SDDC Manager appliance, use the Bundle Transfer Utility to upload the bundles and
artifacts.

a Upload the manifest file.

./lcm-bundle-transfer-util --update --sourceManifestDirectory Manifest-Directory --

sddcMgrFqdn FQDN --sddcMgrUser Username

Use your vSphere SSO credentials for the --sddcMgrUser parameter.

b Upload the compatibility file.

./lcm-bundle-transfer-util --update --compatibilityMatrix --inputDirectory

compatibility-file-directory --sddcMgrFqdn FQDN --sddcMgrUser Username

VMware by Broadcom 26
VMware Cloud Foundation Lifecycle Management

c Upload the product version catalog.

./lcm-bundle-transfer-util --upload productVersionCatalog --inputDirectory directory-

path --sddcMgrFqdn FQDN --sddcMgrUser Username

d Upload the bundle directory.

./lcm-bundle-transfer-util --upload --bundle bundle-number --bundleDirectory absolute-

path-bundle-dir

n Replace number with the bundle number you are uploading. For example: 12345 for
bundle-12345.

n Replace absolute-path-bundle-dir with the path to the location where you copied the
output directory. For example: /nfs/vmware/vcf/nfs-mount/upgrade-bundles.

What to do next

After the upload completes successfully, you can use the SDDC Manager UI to apply the async
patch. See Chapter 9 Patching the Management and Workload Domains.

Offline Download of Flexible BOM Upgrade Bundles

Once SDDC Manager is upgraded to version 5.2 or later, new functionality is introduced to
the upgrade planner that allows you to select specific target versions for each VMware Cloud
Foundation component you want to upgrade. This procedure describes using the Bundle
Transfer Utility to download the bundles for a flexible BOM upgrade when SDDC Manager is
not connected to an online depot.

After you download the bundles, you can use the upgrade planner in the SDDC Manager UI to
select any supported version for each of the VMware Cloud Foundation BOM components. This
includes async patch versions as well as VCF BOM versions.

Offline download of flexible BOM upgrade bundles involves the following steps:

n On a computer with access to the internet, use the Bundle Transfer Utility to download the
required files.

n Copy the required files to the SDDC Manager appliance.

n On the SDDC Manager appliance, use the Bundle Transfer Utility to upload the required files
to the internal LCM repository.

n Plan the upgrade using the SDDC Manager UI.

n On the SDDC Manager appliance, use the Bundle Transfer Utility to generate the
plannerFile.json.

n Copy plannerFile.json to the computer with internet access.

n On the computer with access to the internet, download bundles using plannerFile.json.

VMware by Broadcom 27
VMware Cloud Foundation Lifecycle Management

n Copy the bundle directory to the SDDC Manager appliance and use the Bundle Transfer
Utility to upload the bundles to the internal LCM repository.

If the computer with internet access can only access the internet using a proxy server, use the
following options when downloading:

Option Description

--proxyServer, --ps Provide the proxy server FQDN and port.

For example: --proxyServer proxy.example.com:3128.

--proxyHttps Add this option if the proxy server uses HTTPs.

--proxyUser For a proxy server that requires authentication, enter the

user name.

--proxyPasswordFile For a proxy server that requires authentication, enter the

path to a file where the password for proxy authentication
is stored. The file content is used as the proxy password.
For example, --proxyPasswordFile ../../
password.txt.

Example that combines the options:

./lcm-bundle-transfer-util --download --manifestDownload --depotUser Username --proxyServer

proxy.example.com:3128 --proxyUser vmwuser --proxyPasswordFile ../../password.txt --
proxyHttps

Prerequisites

n A Windows or Linux computer with internet connectivity (either directly or through a proxy)
for downloading the bundles and other required files.

n A Windows or Linux computer with access to the SDDC Manager appliance for uploading the
bundles.

n To upload the manifest file from a Windows computer, you must have OpenSSL installed and
configured.

n Configure TCP keepalive in your SSH client to prevent socket connection timeouts when
using the Bundle Transfer Utility for long-running operations.

n The computer with internet connectivity and the SDDC Manager appliance must all have the
latest version of the Bundle Transfer Utility installed and configured. See Offline Download of
VMware Cloud Foundation 5.2.x Upgrade Bundles for more information.

Procedure

1 Download the required files to the computer with internet access.

./lcm-bundle-transfer-util --download --manifestDownload --depotUser Username --

outputDirectory directory-path

The manifest is a structured metadata file that contains information about the VMware
product versions included in the release Bill of Materials.

VMware by Broadcom 28
VMware Cloud Foundation Lifecycle Management

For --depotUser, enter your Broadcom Support Portal user name.

./lcm-bundle-transfer-util --download --bundleManifests --depotUser Username --

bundleManifestsDir directory-path

./lcm-bundle-transfer-util --download --compatibilityMatrix --depotUser Username --pdu

dell_depot_email --outputDirectory directory-path

./lcm-bundle-transfer-util --depotUser Username --download productVersionCatalog --

outputDirectory directory-path

2 Copy the entire output directory to the SDDC Manager appliance.

You can select any location on the SDDC Manager appliance that has enough free space
available. For example, /nfs/vmware/vcf/nfs-mount/.

3 On the SDDC Manager appliance, upload/update the files.

./lcm-bundle-transfer-util --update --sourceManifestDirectory directory-path --

sddcMgrFqdn FQDN --sddcMgrUser Username

Use your vSphere SSO credentials for the --sddcMgrUser parameter.

./lcm-bundle-transfer-util --upload --bundleManifests --bundleManifestsDir directory-path

./lcm-bundle-transfer-util --update --compatibilityMatrix --inputDirectory directory-path

--sddcMgrFqdn FQDN --sddcMgrUser Username

./lcm-bundle-transfer-util --upload productVersionCatalog --inputDirectory directory-path

--sddcMgrFqdn FQDN --sddcMgrUser Username

4 In the SDDC Manager UI, plan the upgrade.

See Chapter 8 Flexible BOM Upgrade in VMware Cloud Foundation.

5 On the SDDC Manager appliance, use the Bundle Transfer Utility to generate a planner file.

./lcm-bundle-transfer-util --generatePlannerFile --sddcMgrUser Username --sddcMgrFqdn FQDN

--outputDirectory directory-path --domainNames domain-name -p target-vcf-version

For example:

./lcm-bundle-transfer-util --generatePlannerFile --sddcMgrUser [email protected]

--sddcMgrFqdn sddc-manager.example.com --outputDirectory /home/vcd --domainNames mgmt-
domain -p 5.2.0.0

6 Copy plannerFile.json file to the computer with access to the internet.

VMware by Broadcom 29
VMware Cloud Foundation Lifecycle Management

7 On the computer with access to the internet, download the bundles using the
plannerFile.json.

./lcm-bundle-transfer-util --download --plannerFile directory-path --depotUser Username

8 Copy the entire output directory to the SDDC Manager appliance.

9 Upload the bundle directory to the SDDC Manager appliance internal LCM repository.

./lcm-bundle-transfer-util --upload --bundleDirectory directory-path

What to do next

In the SDDC Manager UI browse to the Available Updates screen for the workload domain
you are upgrading and click Schedule Update or Update Now to update the first component.
Continue to update the VCF BOM components until they are all updated.

HCL Offline Download for VMware Cloud Foundation

If the SDDC Manager appliance does not have access to the VMware Depot, you can use the
Bundle Transfer Utility to manually download the HCL file from the depot on your local computer
and then upload it to the SDDC Manager appliance.

If the computer with internet access can only access the internet using a proxy server, use the
following options when downloading the HCL:

Option Description

--proxyServer, --ps Provide the proxy server FQDN and port.

For example: --proxyServer proxy.example.com:3128.

--proxyHttps Add this option if the proxy server uses HTTPs.

--proxyUser For a proxy server that requires authentication, enter the

user name.

--proxyPasswordFile For a proxy server that requires authentication, enter the

path to a file where the password for proxy authentication
is stored. The file content is used as the proxy password.
For example, --proxyPasswordFile ../../
password.txt.

Example that combines the options:

./lcm-bundle-transfer-util --vsanHclDownload --outputDirectory output-directory --proxyServer

proxy.example.com:3128 --proxyUser vmwuser --proxyPasswordFile ../../password.txt --
proxyHttps

Prerequisites

n A Windows or Linux computer with internet connectivity (either directly or through a proxy)
for downloading the HCL. To upload the HCL file from a Windows computer, you must have
OpenSSL installed and configured.

VMware by Broadcom 30
VMware Cloud Foundation Lifecycle Management

n Configure TCP keepalive in your SSH client to prevent socket connection timeouts when
using the Bundle Transfer Utility for long-running operations.

Note The Bundle Transfer Utility is the only supported method for downloading HCL. Do not use
third-party tools or other methods to download HCL.

Procedure

1 Download the most recent version of the Bundle Transfer Utility on a computer with internet
access.

a Log in to the Broadcom Support Portal and browse to My Downloads > VMware Cloud
Foundation.

b Click the version of VMware Cloud Foundation to which you are upgrading.

c Click Drivers & Tools.

d Click the download icon for the Bundle Transfer Utility.

2 Extract lcm-tools-prod.tar.gz.

3 Navigate to the lcm-tools-prod/bin/ and confirm that you have execute permission on all
folders.

4 Copy the bundle transfer utility to a computer with access to the SDDC Manager appliance
and then copy the bundle transfer utility to the SDDC Manager appliance.

a SSH in to the SDDC Manager appliance using the vcf user account.

b Enter su to switch to the root user.

c Create the lcm-tools directory.

mkdir /opt/vmware/vcf/lcm/lcm-tools

Note If the /opt/vmware/vcf/lcm/lcm-tools directory already exists with an older

version of the Bundle Transfer Utility, you need to delete contents of the existing
directory before proceeding.

d Copy the Bundle Transfer Utility file (lcm-tools-prod.tar.gz) that you downloaded in
step 1 to the /opt/vmware/vcf/lcm/lcm-tools directory.

VMware by Broadcom 31
VMware Cloud Foundation Lifecycle Management

e Extract the contents of lcm-tools-prod.tar.gz.

tar -xvf lcm-tools-prod.tar.gz

f Set the permissions for the lcm-tools directory.

cd /opt/vmware/vcf/lcm/

chown vcf_lcm:vcf -R lcm-tools

chmod 750 -R lcm-tools

5 On the computer with internet access, download the HCL file.

./lcm-bundle-transfer-util --vsanHclDownload --outputDirectory output-directory

It can also be downloaded to the default path:

./lcm-bundle-transfer-util --vsanHclDownload

6 Copy the HCL file to the SDDC Manager appliance.

7 From the SDDC Manager appliance, use the Bundle Transfer Utility to upload the HCL file.

./lcm-bundle-transfer-util --vsanHclUpload --inputDirectory hcl-file-path --sddcMgrFqdn

sddc-manager-fqdn --sddcMgrUser user

hcl-file-path Path from where HCL file should be picked up to

upload. e.g /root/testdownload/vsan/hcl/all.json. If not
given default will be taken. (/root/PROD2/vsan/hcl/
all.json)

sddc-manager-fqdn SDDC Manager FQDN. If not given default will be taken.

user SDDC Manager user. After this, the tool will prompt for
the user password.

Download Bundles to an Offline Depot

VMware Cloud Foundation 5.2 and later support an offline depot that you can connect to from
multiple instances of SDDC Manager. Use the Bundle Transfer Utility to download and transfer
bundles to the offline depot and then any SDDC Manager connected to the offline depot can
access the bundles.

You can use the Bundle Transfer Utility to download upgrade bundles and async patch bundles
to the offline depot.

Prerequisites

n Set up an offline depot.

VMware by Broadcom 32
VMware Cloud Foundation Lifecycle Management

n The offline depot must have:

n The latest version of the Bundle Transfer Utility. You can download it from the Broadcom
Support portal.

n Internet connectivity (either directly or through a proxy) for downloading the bundles and
other required files.

n Configure TCP keepalive in your SSH client to prevent socket connection timeouts when
using the Bundle Transfer Utility for long-running operations.

n Connect SDDC Manager to the offline depot. See Connect SDDC Manager to a Software
Depot for Downloading Bundles.

Note You can also connect SDDC Manager to the offline depot after you download bundles
to the offline depot.

Procedure

1 On the computer hosting offline depot, run the following command to download the bundles
required to upgrade VMware Cloud Foundation.

./lcm-bundle-transfer-util --setUpOfflineDepot -sv vcf-source-version --

offlineDepotRootDir offline-depot-root-dir --offlineDepotUrl url:port --depotUser user-
name --depotUserPasswordFile path-to-password-file

For example:

./lcm-bundle-transfer-util --setUpOfflineDepot -sv 5.0.0.0 --offlineDepotRootDir /var/www

--offlineDepotUrl https://10.123.456.78:8282 --depotUser [email protected] --
depotUserPasswordFile ../vmw-depot

2 Run the following command to download async patch bundles to the offline depot:

./lcm-bundle-transfer-util --setUpOfflineDepot --asyncPatches -offlineDepotRootDir offline-

depot-root-dir --offlineDepotUrl url:port --depotUser user-name --depotUserPasswordFile
path-to-password-file

For example:

./lcm-bundle-transfer-util --setUpOfflineDepot --asyncPatches

-offlineDepotRootDir /var/www --offlineDepotUrl https://10.123.456.78:8282 --depotUser
[email protected] --depotUserPasswordFile ../vmw-depot

What to do next

After the bundles are available in the offline depot, you can use the SDDC Manager UI to apply
the bundles to workload domains. Multiple instances of SDDC Manager UI can connect to the
same offline depot.

VMware by Broadcom 33
VMware Cloud Foundation
Upgrade Prerequisites 3
Before you upgrade VMware Cloud Foundation, make sure that the following prerequisites are
met.

Table 3-1. Upgrade Prerequisites

Prerequisite Additional Information

Allocate a temporary IP address for each vCenter Server [Conditional] When upgrading from VMware Cloud
upgrade Foundation 4.5.x.
Required for each vCenter Server upgrade. Must be
allocated from the management subnet. The IP address
can be reused.

Obtain updated licenses New licenses required for:

n vSAN 8.x
n vSphere 8.x

Verify there are no expired or expiring passwords Review the password management dashboard in SDDC
Manager.

Verify there are no expired or expiring certificates Review the Certificates tab in SDDC Manager for each
workload domain.

Verify ESXi host TPM module status [Conditional] If ESXi hosts have TPM modules in use,
verify they are running the latest 2.0 firmware. If not in
use they must be disabled in the BIOS. See KB 312159

Verify ESXi hardware is compatible with target version See ESXi Requirements and VMware
Compatibility Guide at http://www.vmware.com/
resources/compatibility/search.php.

Manually update the vSAN HCL database to ensure that it See KB 2145116
is up-to-date.

Back up SDDC Manager, all vCenter Server instances, and Take file-based backups or image-level backups of SDDC
NSX Manager instances. Manager, all vCenter Servers, and NSX Managers. Take a
cold snapshot of SDDC Manager.

Make sure that there are no failed workflows in your Caution If any of these conditions are true, contact
system and none of the VMware Cloud Foundation VMware Technical Support before starting the upgrade.
resources are in activating or error state.

Review the Release Notes for known issues related to

upgrades.

VMware by Broadcom 34
VMware Cloud Foundation Lifecycle Management

Table 3-1. Upgrade Prerequisites (continued)

Prerequisite Additional Information

Deactivate all VMware Cloud Foundation 4.x async VMware Cloud Foundation 5.0 and later no longer require
patches and run an inventory sync before upgrading. using the Async Patch Tool to enable upgrades from an
async-patched VMware Cloud Foundation instance. See
VMware Cloud Foundation Async Patch Tool Options for
more information

Review Operational Impacts of NSX Upgrade in NSX

Upgrade Guide to understand the impact that each
component upgrade might have on your environment.

In the vSphere Client, ensure there are no active alarms

on hosts or vSphere clusters.

Download the upgrade bundles. See Chapter 2 Downloading VMware Cloud Foundation
Upgrade Bundles.

VMware by Broadcom 35
VMware Cloud Foundation 5.2.x
Upgrade Overview 4
This section describes the tasks required to perform an upgrade to VMware Cloud Foundation
5.2.x.

VMware Cloud Foundation Upgrade Preparation

Review the Chapter 3 VMware Cloud Foundation Upgrade Prerequisites before starting an
upgrade.

Management Domain Upgrade

Table 4-1. SDDC Manager Upgrade

Task Applies When Additional Information

n Precheck Update - Versions Prior

to SDDC Manager 5.0
n Perform Update Precheck in
SDDC Manager

Apply the VMware Cloud Foundation n The initial VMware Cloud If the current version of VMware
Upgrade Bundle Foundation version is Cloud Foundation is 4.5.x or 5.x
n 4.5.x or 5.x Upgrade SDDC Manager to 5.2.x.

Apply the VMware Cloud Foundation n Once the SDDC Manager has
Configuration Updates been upgraded to 5.2.x the
Configuration updates can be
applied collectively.

Update Compatibility Data with the [Conditional] Required when using

Bundle Transfer Utility offline bundle download

Table 4-2. Upgrade VMware Aria Suite

Task Additional Information

Upgrade VMware Aria Suite Lifecycle for VMware Cloud [Conditional] If VMware Aria Suite Lifecycle is present
Foundation

Upgrade VMware Aria Suite products for VMware Cloud [Conditional] If VMware Aria Suite products are present
Foundation

VMware by Broadcom 36
VMware Cloud Foundation Lifecycle Management

Table 4-3. Upgrade NSX With Federation

Task Applies When Additional Information

Upgrade NSX Global Managers to 4.2 When NSX is deployed in n [Conditional] If NSX Federation is
the workload domain with NSX present
Federation configured. n Upgrade NSX Global Managers to
4.2 using the Global Manager UI
n Upgrade standby global
manager, followed by active
global manager
n [Conditonal] for VI Workload
Domain upgrades, If you are
upgrading by component rather
than by workload domain,
upgrade all NSX global managers
in your estate now.

Upgrade to NSX 4.2 n Upgrade NSX to 4.2 using SDDC

Manager
n [Optional] If you are upgrading
by component rather than by
workload domain, upgrade NSX
across all VI workload domains
now.
n NSX upgrades across VI workload
domains can be completed in
sequence or up to five in parallel.

Table 4-4. Upgrade NSX Without Federation

Task Applies When Additional Information

Upgrade to NSX 4.2 When NSX is deployed in the n Upgrade NSX to 4.2 using SDDC
workload domain and is not using Manager.
NSX Federation. n [Conditonal] for VI Workload
Domain upgrades, If you are
upgrading by component rather
than by workload domain,
upgrade NSX across all VI
workload domains now.

VMware by Broadcom 37
VMware Cloud Foundation Lifecycle Management

Table 4-5. Upgrade vCenter Server

Task Additional Information

Upgrade vCenter Server for VMware Cloud Foundation n [Conditional] When upgrading from VMware Cloud
Foundation 4.5.x.

Requires a temporary IP address in the management

subnet
n [Conditional] When upgrading to VMware Cloud
Foundation 5.2.1 using vCenter Reduced Downtime
Upgrade (RDU).

Requires a temporary IP address in the management

subnet
n [Conditonal] for VI Workload Domain upgrades, If
you are upgrading by component rather than by
workload domain, upgrade vCenter Servers that share
a SSO Domain across all VI workload domains now
in a serial order. Isolated Workload Domains can be
upgraded in parallel

Table 4-6. Upgrade Management Domain vSphere clusters

Task Additional Information

Upgrade vSAN Witness Host for VMware Cloud [Conditional] If the vSphere cluster is a stretched vSAN
Foundation cluster

Skip Hosts During vSphere clusters Update [Conditional] If you need to skip hosts

Upgrade vSphere clusters with Custom ISOs n Choose an approach based on your requirements.
or n [Optional] If you are upgrading by component rather
Upgrade vSphere clusters with VMware Cloud Foundation than by workload domain, upgrade vSphere clusters
Stock ISO and Async Drivers across all VI workload domains now.

or
Upgrade vSphere clusters with vSphere Lifecycle
Manager Baselines for VMware Cloud Foundation
or
Upgrade vSphere clusters with vSphere Lifecycle
Manager Images for VMware Cloud Foundation

Table 4-7. Post Upgrade Tasks

Task Additional Information

Update Licenses for a Workload Domain [Conditional] If upgrading from a VMware Cloud
Foundation version prior to 5.0
Update licenses for:
n vSAN 8.x
n vSphere 8.x

Apply Configuration Updates [Conditional] If there are configuration updates required

VMware by Broadcom 38
VMware Cloud Foundation Lifecycle Management

Table 4-7. Post Upgrade Tasks (continued)

Task Additional Information

Upgrade vSphere Distributed Switch versions n [Optional] The upgrade lets the distributed switch
take advantage of features that are available only in
the later versions.

Upgrade vSAN on-disk format versions n The upgrade lets the vSAN Cluster take advantage of
features that are available only in the later versions.
n The upgrade may cause temporary resynchronization
traffic and use additional space by moving data or
rebuilding object components to a new data structure.
n These updates can be performed at a time that is
most convenient for your organization..

VI Workload Domain Upgrade

Table 4-8. Upgrade Precheck

Task Additional Information

Perform an upgrade precheck

Table 4-9. Upgrade NSX Without Federation

Task Applies When Additional Information

VMware by Broadcom 39
VMware Cloud Foundation Lifecycle Management

Table 4-10. Upgrade NSX With Federation

Task Applies When Additional Information

Upgrade to NSX 4.2 n Upgrade NSX to 4.2 using SDDC

Table 4-11. Upgrade vCenter Server

Task Additional Information

Upgrade vCenter Server for VMware Cloud Foundation n [Conditional] When upgrading from VMware Cloud
Foundation 4.5.x.

Requires a temporary IP address in the management

subnet
n [Conditional] When upgrading to VMware Cloud
Foundation 5.2.1 using vCenter Reduced Downtime
Upgrade (RDU).

Requires a temporary IP address in the management

VMware by Broadcom 40
VMware Cloud Foundation Lifecycle Management

Table 4-12. Upgrade VI Workload Domain vSphere clusters

Task Additional Information

Upgrade vSAN Witness Host for VMware Cloud [Conditional] If the vSphere cluster is a stretched vSAN
Foundation cluster

Skip Hosts During vSphere clusters Update [Conditional] If you need to skip hosts

Upgrade vSphere clusters with Custom ISOs n Choose an approach based on your requirements
or n [Optional] If you are upgrading by component rather
Upgrade vSphere clusters with VMware Cloud Foundation than by workload domain, upgrade vSphere clusters
Stock ISO and Async Drivers across all VI workload domains now.

or
Upgrade vSphere clusters with vSphere Lifecycle
Manager Baselines for VMware Cloud Foundation
or
Upgrade ESXi with vSphere Lifecycle Manager Images for
VMware Cloud Foundation

Post Upgrade Steps for NFS-Based VI Workload Domains

Table 4-13. Post Upgrade Tasks

Task Additional Information

Update Licenses for a Workload Domain [Conditional] If upgrading from a VMware Cloud
Foundation version prior to 5.0
Update licenses for:
n vSAN 8.x
n vSphere 8.x

Apply Configuration Updates [Conditional] If there are configuration updates required

Upgrade vSphere Distributed Switch versions n [Optional] The upgrade lets the distributed switch
take advantage of features that are available only in
the later versions.

VMware by Broadcom 41
Upgrade the Management Domain
to VMware Cloud Foundation
5.2.x
5
To upgrade to VMware Cloud Foundation 5.2.x, the management domain must be at VMware
Cloud Foundation 4.5 or higher. If your environment is at a version lower than 4.5, you must
upgrade the management domain to 4.5 or later and then upgrade to 5.2.x.

Until SDDC Manager is upgraded to version 5.2.x, you must upgrade the management domain
before you upgrade VI workload domains. Once SDDC Manager is at version 5.2 or later, you can
upgrade VI workload domains before or after upgrading the management domain, as long as all
components in the workload domain are compatible.

Upgrade the components in the management domain in the following order:

1 SDDC Manager and VMware Cloud Foundation services.

2 VMware Aria Suite Lifecycle

3 NSX Manager and NSX Global Managers (if applicable).

4 vCenter Server.

5 ESXi

After all upgrades have completed successfully:

1 Remove the VM snapshots you took before starting the update.

2 Take a backup of the newly installed components.

Read the following topics next:

n Perform Update Precheck - Versions Prior to SDDC Manager 5.0

n Perform Update Precheck in SDDC Manager

n Apply the VMware Cloud Foundation 5.2.x Upgrade Bundle

n Apply VMware Cloud Foundation Configuration Updates

n Upgrade VMware Aria Suite Lifecycle and VMware Aria Suite Products for VMware Cloud
Foundation

n Upgrade NSX for VMware Cloud Foundation in a Federated Environment

n Upgrade NSX for VMware Cloud Foundation 5.2.x

n Upgrade vCenter Server for VMware Cloud Foundation 5.2.x

VMware by Broadcom 42
VMware Cloud Foundation Lifecycle Management

n Upgrade ESXi for VMware Cloud Foundation 5.2.1

n Upgrade ESXi with vSphere Lifecycle Manager Baselines for VMware Cloud Foundation 5.2

n Upgrade ESXi with vSphere Lifecycle Manager Images for VMware Cloud Foundation 5.2

n Update License Keys for a Workload Domain

n Upgrade vSphere Distributed Switch versions

n Upgrade vSAN on-disk format versions

Perform Update Precheck - Versions Prior to SDDC

Manager 5.0
If you have not yet upgraded to SDDC Manager 5.0, these are the steps to run a Precheck.
You must perform a precheck before applying an update or upgrade bundle to ensure that your
environment is ready for the update.

For an ESXi bundle, the system performs a bundle level precheck in addition to the environment
precheck. For VI workload domains using vSphere Lifecycle Manager baselines, the ESXi bundle
precheck validates the following.

n Custom ISO is compatible with your environment.

n Custom ISO size is smaller than the boot partition size.

n Third party VIBs are compatible with the environment.

If you silence a vSAN Skyline Health alert in the vSphere Client, SDDC Manager skips the related
precheck and indicates which precheck it skipped. Click Restore Precheck to include the silenced
precheck. For example:

You can also silence failed vSAN prechecks in the SDDC Manager UI by clicking Silence
Precheck. Silenced prechecks do not trigger warnings or block upgrades.

Important You should only silence alerts if you know that they are incorrect. Do not silence
alerts for real issues that require remediation.

Procedure

1 In the navigation pane, click Inventory > Workload Domains.

VMware by Broadcom 43
VMware Cloud Foundation Lifecycle Management

2 On the Workload Domains page, click the workload domain where you want to run the
precheck.

3 On the domain summary page, click the Updates/Patches tab. The image below is a sample
screenshot and may not reflect the correct product versions.

4 Click Precheck to validate that the environment is ready to be upgraded.

Once the precheck begins, a message appears indicating the time at which the precheck was

started.

VMware by Broadcom 44
VMware Cloud Foundation Lifecycle Management

5 Click View Status to see detailed tasks and their status. The image below is a sample
screenshot and may not reflect the correct versions.

6 To see details for a task, click the Expand arrow.

If a precheck task failed, fix the issue, and click Retry Precheck to run the task again. You can
also click Precheck Failed Resources to retry all failed tasks.

7 If ESXi hosts display a driver incompatibility issue when updating a VI workload domain using
vSphere Lifecycle Manager baselines, perform the following steps:

a Identify the controller with the HCL issue.

b For the given controller, identify the supported driver and firmware versions on the
source and target ESXi versions.

c Upgrade the firmware, if required.

d Upgrade the driver manually on the ESXi host and retry the task at which the upgrade
failed.

VMware by Broadcom 45
VMware Cloud Foundation Lifecycle Management

8 If the workload domain contains a host that includes pinned VMs, the precheck fails at the
Enter Maintenance Mode step. If the host can enter maintenance mode through vCenter
Server UI, you can suppress this check for NSX and ESXi in VMware Cloud Foundation by
following the steps below.

a Log in to SDDC Manager by using a Secure Shell (SSH) client with the user name vcf and
password you specified in the deployment parameter workbook.

b Open the /opt/vmware/vcf/lcm/lcm-app/conf/application-prod.properties file.

c Add the following line to the end of the file:

lcm.nsxt.suppress.dry.run.emm.check=true

lcm.esx.suppress.dry.run.emm.check.failures=true

d Restart Lifecycle Management by typing the following command in the console window.

systemctl restart lcm

e After Lifecycle Management is restarted, run the precheck again.

Results

The precheck result is displayed at the top of the Upgrade Precheck Details window. If you click
Exit Details, the precheck result is displayed at the top of the Precheck section in the Updates/
Patches tab.

Ensure that the precheck results are green before proceeding. A failed precheck may cause the
update to fail.

Perform Update Precheck in SDDC Manager

You must perform a precheck in SDDC Manager before applying an update bundle to ensure that
your environment is ready for the update.

Bundle-level pre-checks for vCenter are available in VMware Cloud Foundation.

Note Because ESXi bundle-level pre-checks only work in minor-version upgrades (for example:
from ESXi 7.x through 7.y, or from ESXi 8.x through 8.y), these prechecks do not run in VMware
Cloud Foundation.

VMware by Broadcom 46
VMware Cloud Foundation Lifecycle Management

If you silence a vSAN Skyline Health alert in the vSphere Client, SDDC Manager skips the related
precheck and indicates which precheck it skipped. Click RESTORE PRECHECK to include the
silenced precheck. For example:

You can also silence failed vSAN prechecks in the SDDC Manager UI by clicking Silence
Precheck. Silenced prechecks do not trigger warnings or block upgrades.

Important Only silence alerts if you know that they are incorrect. Do not silence alerts for real
issues that require remediation.

Procedure

1 In the navigation pane, click Inventory > Workload Domains.

2 On the Workload Domains page, click the workload domain where you want to run the
precheck.

3 On the domain summary page, click the Updates tab.

(The following image is a sample screenshot and may not reflect current product versions.)

VMware by Broadcom 47
VMware Cloud Foundation Lifecycle Management

Note It is recommended that you Precheck your workload domain prior to performing an
upgrade.

VMware by Broadcom 48
VMware Cloud Foundation Lifecycle Management

4 Click RUN PRECHECK to select the components in the workload domain you want to
precheck.

a You can select to run a Precheck only on vCenter or the vSphere cluster. All components
in the workload domain are selected by default. To perform a precheck on certain
components, choose Custom selection.

b If there are pending upgrade bundles available, then the "Target Version" dropdown
contains "General Upgrade Readiness" and the available VMware Cloud Foundation
versions to upgrade to. If there is an available VMware Cloud Foundation upgrade
version, there will be extra checks - bundle-level prechecks for hosts, vCenter Server, and
so forth. The version specific prechecks will only run prechecks on components that have
available upgrade bundles downloaded.

5 When the precheck begins, a progress message appears indicating the precheck progress
and the time when the precheck began.

VMware by Broadcom 49
VMware Cloud Foundation Lifecycle Management

Note Parallel precheck workflows are supported. If you want to precheck multiple domains,
you can repeat steps 1-5 for each of them without waiting for step 5 to finish.

6 Once the Precheck is complete, the report appears. Click through ALL, ERRORS,
WARNINGS, and SILENCED to filter and browse through the results.

7 To see details for a task, click the expander arrow.

If a precheck task failed, fix the issue, and click Retry Precheck to run the task again. You can
also click RETRY ALL FAILED RESOURCES to retry all failed tasks.

8 If ESXi hosts display a driver incompatibility issue when updating a VI workload domain using
vSphere Lifecycle Manager baselines, perform the following steps:

a Identify the controller with the HCL issue.

b For the given controller, identify the supported driver and firmware versions on the
source and target ESXi versions.

c Upgrade the firmware, if required.

d Upgrade the driver manually on the ESXi host and retry the task at which the upgrade
failed.

VMware by Broadcom 50
VMware Cloud Foundation Lifecycle Management

9 If the workload domain contains a host that includes pinned VMs, the precheck fails at the
Enter Maintenance Mode step. If the host can enter maintenance mode through vCenter
Server UI, you can suppress this check for NSX and ESXi in VMware Cloud Foundation by
following the steps below.

a Log in to SDDC Manager by using a Secure Shell (SSH) client with the user name vcf and
password.

b Open the /opt/vmware/vcf/lcm/lcm-app/conf/application-prod.properties file.

c Add the following line to the end of the file:

lcm.nsxt.suppress.dry.run.emm.check=true

lcm.esx.suppress.dry.run.emm.check.failures=true

d Restart Lifecycle Management by typing the following command in the console window.

systemctl restart lcm

e After Lifecycle Management is restarted, run the precheck again.

Results

The precheck result is displayed at the top of the Upgrade Precheck Details window. If you click
Exit Details, the precheck result is displayed at the top of the Precheck section in the Updates
tab.

Ensure that the precheck results are green before proceeding. Although a failed precheck will
not prevent the upgrade from proceeding, it may cause the update to fail.

Apply the VMware Cloud Foundation 5.2.x Upgrade Bundle

The VMware Cloud Foundation Upgrade bundle upgrades the SDDC Manager appliance and
VMware Cloud Foundation services.

After SDDC Manager is upgraded to 5.2 or later, new functionality is introduced that allows
you to upgrade SDDC Manager without having to upgrade the entire VMware Cloud Foundation
BOM. See Chapter 7 Independent SDDC Manager Upgrade using the SDDC Manager UI.

Prerequisites

n Download the VMware Cloud Foundation update bundle for your target release. See Chapter
2 Downloading VMware Cloud Foundation Upgrade Bundles.

n Ensure you have a recent successful backup of SDDC Manager using an external SFTP server.

n Ensure you have taken a snapshot of the SDDC Manager appliance.

n Ensure you have recent successful backups of the components managed by SDDC Manager.

n Perform Update Precheck in SDDC Manager and resolve any issues.

VMware by Broadcom 51
VMware Cloud Foundation Lifecycle Management

Procedure

1 In the navigation pane, click Inventory > Workload Domains.

2 On the Workload Domains page, click the management domain and then click the Updates
tab.

3 In the Available Updates section, select the target VMware Cloud Foundation release or click
Plan Upgrade.

The available options depend on the source version of VMware Cloud Foundation.

n For VMware Cloud Foundation 4.5.x, select the target version.

n For VMware Cloud Foundation 5.x, click Plan Upgrade, select a target version, and click
Confirm.

4 Click Update Now or Schedule Update next to the VMware Cloud Foundation Upgrade
bundle.

5 If you selected Schedule Update, select the date and time for the bundle to be applied and
click Schedule.

VMware by Broadcom 52
VMware Cloud Foundation Lifecycle Management

If you clicked Update Now, the VMware Cloud Foundation Update Status window displays
the components that will be upgraded and the upgrade status. Click View Update Activity
to view the detailed tasks. After the upgrade is completed, a green bar with a check mark is
displayed.

6 Click Finish.

When the update completes successfully, you are logged out of the SDDC Manager UI and
must log in again.

Apply VMware Cloud Foundation Configuration Updates

VMware Cloud Foundation Configuration Updates identifies and resolves any discrepancies
between the intended/prescribed configuration and the actual configuration, ensuring that the
deployment aligns with the recommended configuration. This process includes reconciling the
configuration for 2nd party software components listed in the VMware Cloud Foundation Bill of
Materials (BOM).

Configuration updates may be required after you apply software updates. Once a configuration
update becomes available, you can apply it immediately or wait until after you have applied all
software updates. Configuration Updates must be performed during a maintenance window.

Configuration Updates can be applied to multiple domains in parallel. However, if a Configuration

Update is in progress, another configuration update on the same domain should not be
attempted.

Note Configuration Updates in VCF detects and reconciles to a prescribed configuration for
the release. Once reconciled, it does not identify subsequent non-compliance arising from out of
band changes.

The following configuration updates may become available, depending on your source version of
VMware Cloud Foundation:

VMware by Broadcom 53
VMware Cloud Foundation Lifecycle Management

Required
Minimum
Configuration Introduced in Component
Update Description VCF Version Resource Type Update Type Versions

ConfigureVsanHaI Configures the 4.3.0.0 CLUSTER FIX vCenter 7.0.3

solationAddresses vSAN HA
ConfigDrift network isolation
address to
use the
vSAN vmkernel
interface
gateway, in
conformance
with VCF best
practices.

ToggleVSanReco Disables vSAN 4.4.1.0 CLUSTER FIX vCenter 7.0.0

mmendationConfi baseline
gDrift recommendation
s for vSAN
enabled clusters.

RemoveNfsDatast Removes NFS 5.0.0.0 CLUSTER FIX NA

oreConfigDrift datastore on
hosts.

CloudAdminRoleC Creates Cloud 5.0.0.0 DOMAIN FEATURE vCenter 7.0.3

onfigDrift Admin role
in vCenter
Server for
the management
domain.

VMware by Broadcom 54
VMware Cloud Foundation Lifecycle Management

Required
Minimum
Configuration Introduced in Component
Update Description VCF Version Resource Type Update Type Versions

AllowBrokerConfig Adds 5.1.0.0 DOMAIN FEATURE vCneter 8.0.2

urationConfigDrift config.SDDC.Dep
loyed.AllowBrok
erConfiguration
advanced
property in
vCenter Server.
This property
restricts the user
from configuring
an external IDP
from the vCenter
UI in the ELM ring
( workload
domain
vCenters).
Configuration is
only possible
from the
management
domain vCenter
UI and isolated
workload domain
vCenter UI.

ClusterHaSettings Removes 5.1.0.0 DOMAIN FEATURE vCenter 8.0.1

ConfigDrift das.includeFTco
mplianceChecks
option HA
configuration
from all clusters
on the
management
domain.

ComputeManager Creates an 5.1.0.0 DOMAIN FEATURE vCenter

SettingsDrift internal NSX 7.0.2.00400, NSX
service account 3.1.3.0.0
to enable NSX
to vSphere
Lifecycle
Manager
communication.

VMware by Broadcom 55
VMware Cloud Foundation Lifecycle Management

Required
Minimum
Configuration Introduced in Component
Update Description VCF Version Resource Type Update Type Versions

DvpgConfiguration Creates a new 5.1.0.0 CLUSTER FEATURE NA

Drift distributed virtual
port group
named
VM_MANAGEME
NT in the target
domain, and
migrates all VMs
connected to the
management
port group to this
new port group.
The purpose of
this feature is to
allow separation
of traffic coming
from
management
VMs and ESXi
hosts.
VMs migrated:
VCSA, SDDC
Manager, NSX
Manager and
Edge VMs.

EsxAdvancedOpti Configures 5.1.0.0 DOMAIN FEATURE NA

onsConfigDrift UserVars.Suppre
ssShellWarning
property on
every ESXi host
to false, to
enable warnings
for ESXi Shell and
SSH services.

WorkspaceOneBr Configures BOM 5.1.0.0 DOMAIN FEATURE vCenter 8.0.2, NSX

okerConfigDrift components as 4.1.2
OIDC relying
parties of
Workspace ONE
Broker in
vCenter.

RegisterSDDCman Register SDDC 5.2.0.0 DOMAIN FEATURE vCenter 7.0.0

agerAsVCExtensio Manager as an
nConfigDrift extension in a
workload domain
vCenter.

VMware by Broadcom 56
VMware Cloud Foundation Lifecycle Management

Procedure

1 In the navigation pane, click Inventory > Workload Domains.

2 On the Workload Domains page, click the workload domain name and then click the Updates
tab.

3 Click Run Precheck to run the upgrade precheck.

Resolve any issues before proceeding with the upgrade.

4 Expand Available Configuration Updates, click Apply All.

n FEATURE: Configuration change required for a new feature.

n FIX: Configuration change associated with a fix for a defect.

5 Check the progress of a configuration update by clicking the task in the Tasks panel.

6 After the configuration updates are successfully applied, they will no longer appear in the

table.

Pending Configuration Updates do not block future BOM upgrades.

Upgrade VMware Aria Suite Lifecycle and VMware Aria

Suite Products for VMware Cloud Foundation
VMware Cloud Foundation does not manage upgrades for VMware Aria Suite Lifecycle and the
VMware Aria Suite products. Use VMware Aria Suite Lifecycle to upgrade VMware Aria Suite
products.

If you had VMware Aria Suite Lifecycle, VMware Aria Operations for Logs, VMware Aria
Automation, VMware Aria Operations, or Workspace ONE Access in your pre-upgrade
environment, you must upgrade them from VMware Aria Suite Lifecycle.

VMware by Broadcom 57
VMware Cloud Foundation Lifecycle Management

Use VMware Aria Suite Lifecycle to:

n Download upgrade binaries

n Create snapshots of the virtual appliances

n Run pre-upgrade checks

n Upgrade VMware Aria Suite products

You can upgrade VMware Aria Suite products as new versions become available in VMware
Aria Suite Lifecycle. VMware Aria Suite Lifecycle will only allow upgrades to compatible and
supported versions of VMware Aria Suite products.

Note See the VMware Interoperability Matrix for information about which versions are
supported with your version of VMware Cloud Foundation and KB 88829 for more information
about supported upgrade paths using VMware Aria Suite Lifecycle.

Important The VMware Cloud Foundation 5.2 BOM requires VMware Aria Suite Lifecycle 8.18 or
higher.

Note The VMware Aria Suite of products were formerly known as the vRealize Suite of
products.

Procedure

1 Log in to VMware Aria Suite Lifecycle at https://

<aria_suite_lifecycle_manager_fqdn> as the administrator.

2 Upgrade VMware Aria Suite products.

Upgrade VMware Aria Suite Lifecycle first and then upgrade VMware Aria Suite products.
See “Upgrading VMware Aria Suite Lifecycle and VMware Aria Suite Products” in the VMware
Aria Suite Lifecycle Installation, Upgrade, and Management Guide for your current version of
VMware Aria Suite Lifecycle.

Upgrade NSX for VMware Cloud Foundation in a Federated

Environment
If NSX Federation is configured between two VMware Cloud Foundation instances, SDDC
Manager does not manage the lifecycle of the NSX Global Managers. You must manually upgrade
the NSX Global Managers for each instance.

Download NSX Global Manager Upgrade Bundle

SDDC Manager does not manage the lifecycle of the NSX Global Managers. You must download
the NSX upgrade bundle manually to upgrade the NSX Global Managers.

VMware by Broadcom 58
VMware Cloud Foundation Lifecycle Management

Procedure

1 Log in to the Broadcom Support Portal and browse to My Downloads > VMware NSX.

2 Click the version of NSX to which you are upgrading.

3 Locate the NSX version Upgrade Bundle and verify that the upgrade bundle filename
extension ends with .mub.

The upgrade bundle filename has the following format VMware-NSX-upgrade-bundle-

versionnumber.buildnumber.mub.

4 Click the download icon to download the upgrade bundle to the system where you access
the NSX Global Manager UI.

Upgrade the Upgrade Coordinator for NSX Federation

The upgrade coordinator runs in the NSX Manager. It is a self-contained web application that
orchestrates the upgrade process of hosts, NSX Edge cluster, NSX Controller cluster, and the
management plane.

The upgrade coordinator guides you through the upgrade sequence. You can track the upgrade
process and, if necessary, you can pause and resume the upgrade process from the UI.

Procedure

1 In a web browser, log in to Global Manager for the domain at https://nsx_gm_vip_fqdn/).

2 Select System > Upgrade from the navigation panel.

3 Click Proceed to Upgrade.

4 Navigate to the upgrade bundle .mub file you downloaded or paste the download URL link.

n Click Browse to navigate to the location you downloaded the upgrade bundle file.

n Paste the VMware download portal URL where the upgrade bundle .mub file is located.

5 Click Upload.

When the file is uploaded, the Begin Upgrade button appears.

6 Click Begin Upgrade to upgrade the upgrade coordinator.

Note Upgrade one upgrade coordinator at a time.

7 Read and accept the EULA terms and accept the notification to upgrade the upgrade
coordinator..

8 Click Run Pre-Checks to verify that all NSX components are ready for upgrade.

The pre-check checks for component connectivity, version compatibility, and component
status.

9 Resolve any warning notifications to avoid problems during the upgrade.

VMware by Broadcom 59
VMware Cloud Foundation Lifecycle Management

Upgrade NSX Global Managers for VMware Cloud Foundation

Manually upgrade the NSX Global Managers when NSX Federation is configured between two
VMware Cloud Foundation instances.

Prerequisites

Before you can upgrade NSX Global Managers, you must upgrade all VMware Cloud Foundation
instances in the NSX Federation, including NSX Local Managers, using SDDC Manager.

Procedure

1 In a web browser, log in to Global Manager for the domain at https://nsx_gm_vip_fqdn/).

2 Select System > Upgrade from the navigation panel.

3 Click Start to upgrade the management plane and then click Accept.

4 On the Select Upgrade Plan page, select Plan Your Upgrade and click Next.

The NSX Manager UI, API, and CLI are not accessible until the upgrade finishes and the
management plane is restarted.

Upgrade NSX for VMware Cloud Foundation 5.2.x

Upgrade NSX in the management domain and VI workload domains. VMware Cloud Foundation
5.2.1 supports in-place host upgrades for clusters that use vSphere Lifecycle Manager baselines.

Until SDDC Manager is upgraded to version 5.2, you must upgrade NSX in the management
domain before you upgrade NSX in a VI workload domain. Once SDDC Manager is at version
5.2 or later, you can upgrade NSX in VI workload domains before or after upgrading NSX in the
management domain.

Upgrading NSX involves the following components:

n Upgrade Coordinator

n NSX Edges/Clusters (if deployed)

n Host clusters

n NSX Manager cluster

Procedure

1 In the navigation pane, click Inventory > Workload Domains.

2 On the Workload Domains page, click the domain you are upgrading and then click the
Updates/Patches tab.

When you upgrade NSX components for a selected VI workload domain, those components
are upgraded for all VI workload domains that share the NSX Manager cluster.

VMware by Broadcom 60
VMware Cloud Foundation Lifecycle Management

3 Click Precheck to run the upgrade precheck.

Resolve any issues before proceeding with the upgrade.

Note The NSX precheck runs on all VI workload domains in your environment that share the
NSX Manager cluster.

4 For VMware Cloud Foundation 5.2:

a In the Available Updates section, click Update Now or Schedule Update next to the
VMware Software Update for NSX.

b On the NSX Edge Clusters page, select the NSX Edge clusters you want to upgrade and
click Next.

By default, all NSX Edge clusters are upgraded. To select specific NSX Edge clusters,
select the Upgrade only NSX Edge clusters check box and select the Enable edge
selection option. Then select the NSX Edges you want to upgrade.

c On the Host Cluster page,select the host cluster you want to upgrade and click Next.

By default, all host clusters across all workload domains are upgraded. If you want
to select specific host clusters to upgrade, select Custom Selection. Host clusters are
upgraded after all Edge clusters have been upgraded.

Note The NSX Manager cluster is upgraded only if you select all host clusters. If you
have multiple host clusters and choose to upgrade only some of them, you must go
through the NSX upgrade wizard again until all host clusters have been upgraded.

d On the Upgrade Options dialog box, select the upgrade optimizations and click Next.

By default, Edge clusters and host clusters are upgraded in parallel. You can enable
sequential upgrade by selecting the relevant check box.

e If you selected the Schedule Upgrade option, specify the date and time for the NSX
bundle to be applied and click Next.

f On the Review page, review your settings and click Finish.

If you selected Upgrade Now, the NSX upgrade begins and the upgrade components
are displayed. The upgrade view displayed here pertains to the workload domain where
you applied the bundle. Click the link to the associated workload domains to see the
components pertaining to those workload domains. If you selected Schedule Upgrade,
the upgrade begins at the time and date you specified.

VMware by Broadcom 61
VMware Cloud Foundation Lifecycle Management

5 For VMware Cloud Foundation 5.2.1:

a In the Available Updates section, click the Configure Update button.

b On the NSX Edge Clusters page, select the NSX Edge clusters you want to upgrade and
click Next.

c On the Host Cluster page,select the host cluster you want to upgrade and click Next.

d On the Upgrade Options dialog box, select the upgrade optimizations and click Next.

By default ESXi hosts are placed into maintenance mode during an upgrade. Starting with
VMware Cloud Foundation 5.2.1, in-place upgrades are available for workload domains in
which all the clusters use vSphere Lifecycle Manager baselines. If NSX Manager is shared
between workload domains, in-place upgrade is only available if all the clusters in all
the workload domains that share the NSX Manager use vLCM baselines. If the option is
available, you can select In-place as the upgrade mode to avoid powering off and placing
hosts into maintenance mode before the upgrade.

Note To perform an in-place upgrade, the target NSX version must be the VMware
Cloud Foundation 5.2.1 BOM version or later.

By default, Edge clusters and host clusters are upgraded in parallel. You can enable
sequential upgrade by selecting the relevant check box.

e On the Review page, review your settings and click Run Precheck.

The precheck begins. Resolve any issues until the precheck succeeds.

f After the precheck succeeds, click Schedule Update and select an option.

6 Monitor the upgrade progress. See Monitor VMware Cloud Foundation Updates.

If a component upgrade fails, the failure is displayed across all associated workload domains.
Resolve the issue and retry the failed task.

Results

When all NSX workload components are upgraded successfully, a message with a green
background and check mark is displayed.

VMware by Broadcom 62
VMware Cloud Foundation Lifecycle Management

Upgrade vCenter Server for VMware Cloud Foundation 5.2.x

The upgrade bundle for VMware vCenter Server is used to upgrade the vCenter Server instances
managed by SDDC Manager. Upgrade vCenter Server in the management domain before
upgrading vCenter Server in VI workload domains.

Prerequisites

n Download the VMware vCenter Server upgrade bundle. See Chapter 2 Downloading VMware
Cloud Foundation Upgrade Bundles.

n Take a file-based backup of the vCenter Server appliance before starting the upgrade. See
Manually Back Up vCenter Server.

Note After taking a backup, do not make any changes to the vCenter Server inventory or
settings until the upgrade completes successfully.

n If your workload domain contains Workload Management (vSphere with Tanzu) enabled
clusters, the supported target release depends on the version of Kubernetes (K8s) currently
running in the cluster. Older versions of K8s might require a specific upgrade sequence. See
KB 92227 for more information.

Procedure

1 In the navigation pane, click Inventory > Workload Domains.

2 On the Workload Domains page, click the domain you are upgrading and then click the
Updates tab.

3 Click Precheck to run the upgrade precheck.

Resolve any issues before proceeding with the upgrade.

4 Upgrading to VMware Cloud Foundation 5.2:

a In the Available Updates section, click Update Now or Schedule Update next to the
VMware Software Update for vCenter Server.

b Click Confirm to confirm that you have taken a file-based backup of the vCenter Server
appliance before starting the upgrade.

c If you selected Schedule Update, click the date and time for the bundle to be applied and
click Schedule.

VMware by Broadcom 63
VMware Cloud Foundation Lifecycle Management

d If you are upgrading from VMware Cloud Foundation 4.5.x, enter the details for the
temporary network to be used only during the upgrade. The IP address must be in the
management subnet.

e Review the upgrade settings and click Finish.

5 Upgrading to VMware Cloud Foundation 5.2.1 from VMware Cloud Foundation 5.x:

a In the Available Updates section, click Configure Update.

b Select the upgrade mechanism and click Next.

Option Description

vCenter Reduced Downtime The reduced downtime upgrade process uses a migration-based
Upgrade approach. In this approach, a new vCenter Server Appliance is deployed
and the current vCenter data and configuration is copied to it.
During the preparation phase of a reduced downtime upgrade, the
source vCenter Server Appliance and all resources remain online. The
only downtime occurs when the source vCenter Server Appliance is
stopped, the configuration is switched over to the target vCenter,
and the services are started. The downtime is expected to take
approximately 5 minutes under ideal network, CPU, memory, and storage
provisioning.

Note To perform a vCenter Reduced Downtime Upgrade, the target

vCenter version must be the VMware Cloud Foundation 5.2.1 BOM
version or later.

vCenter Regular Upgrade During a regular upgrade, the vCenter Server Appliance is offline for the
duration of the upgrade.

c Select a backup option and click Next.

VMware by Broadcom 64
VMware Cloud Foundation Lifecycle Management

d For an RDU update, provide a temporary network to be used only during the upgrade
and click Next.

Option Description

Automatic Automatically assign network information.

Static Enter an IP address, subnet mask, and gateway. The IP address must be
in the management subnet.

e Schedule the update and click Next.

Option Description

For vCenter Reduced Downtime Select scheduling options for the preparation and switchover phases of
Upgrade the upgrade.

Note If you are scheduling the switchover phase, you must allow a
minimum of 4 hours between the start of preparation and the start of
switchover.

For vCenter Regular Upgrade Select an Upgrade Now or Schedule Update.

f Review the upgrade settings and click Finish.

6 Upgrading to VMware Cloud Foundation 5.2.1 from VMware Cloud Foundation 4.5.x:

a In the Available Updates section, click Configure Update.

b Enter the details for the temporary network to be used only during the upgrade. The IP
address must be in the management subnet.

c Select a backup option and click Next.

d Schedule the update and click Next.

e Review the upgrade settings and click Finish.

7 Monitor the upgrade progress. See Monitor VMware Cloud Foundation Updates.

8 After the upgrade is complete, remove the old vCenter Server appliance (if applicable).

Note Removing the old vCenter is only required for major upgrades. If you performed a
vCenter RDU patch upgrade, the old vCenter is automatically removed after a successful
upgrade.

If the upgrade fails, resolve the issue and retry the failed task. If you cannot resolve the issue,
restore vCenter Server using the file-based backup. See Restore vCenter Server. vCenter
RDU upgrades perform automatic rollback if the upgrade fails.

What to do next

Once the upgrade successfully completes, use the vSphere Client to change the vSphere DRS
Automation Level setting back to the original value (before you took a file-based backup) for
each vSphere cluster that is managed by the vCenter Server. See KB 87631 for information about
using VMware PowerCLI to change the vSphere DRS Automation Level.

VMware by Broadcom 65
VMware Cloud Foundation Lifecycle Management

Upgrade ESXi for VMware Cloud Foundation 5.2.1

VMware Cloud Foundation 5.2.1 and later support workload domains that include vSphere
Lifecycle Manager baseline clusters and vSphere Lifecycle Manager image clusters. There is a
single procedure for upgrading both vSphere Lifecycle Manager baseline clusters and vSphere
Lifecycle Manager image clusters.

For information about upgrading ESXi in workload domains that use vSphere Lifecycle Manager
images when your target version is VMware Cloud Foundation 5.2, see Upgrade ESXi with
vSphere Lifecycle Manager Images for VMware Cloud Foundation 5.2.

For information about upgrading ESXi in workload domains that use vSphere Lifecycle Manager
baselines when your target version is VMware Cloud Foundation 5.2, see Upgrade ESXi with
vSphere Lifecycle Manager Baselines for VMware Cloud Foundation 5.2.

If you are using external (non-vSAN) storage, the following procedure updates the ESXi hosts
attached to the external storage. However, updating and patching the storage software and
drivers is a manual task and falls outside of SDDC Manager lifecycle management. To ensure
supportability after an ESXi upgrade, consult the vSphere HCL and your storage vendor.

For clusters that use vSphere Lifecycle Manager baselines:

n If you want to skip any hosts while applying an ESXi update a workload domain, you must
add these hosts to the application-prod.properties file before you begin the update.
See "Skip Hosts During ESXi Update".

n To perform ESXi upgrades with custom ISO images or async drivers see "Upgrade ESXi with
Custom ISOs" and "Upgrade ESXi with Stock ISO and Async Drivers".

Prerequisites

n Validate that the ESXi passwords are valid.

n Ensure that the domain for which you want to perform cluster-level upgrade does not have
any hosts or clusters in an error state. Resolve the error state or remove the hosts and
clusters with errors before proceeding.

n For clusters that use vSphere Lifecycle Manager images:

n You must upgrade NSX and vCenter Server before you can upgrade ESXi hosts with a
vSphere Lifecycle Manager image.

n If you want to add firmware to the vSphere Lifecycle Manager image, you must install the
Hardware Support Manager from your vendor. See Firmware Updates.

n A supported vSphere Lifecycle Manager image must be available in SDDC Manager. See
steps 1-3 in Upgrade ESXi with vSphere Lifecycle Manager Images for VMware Cloud
Foundation 5.2 for more information.

n For clusters that use vSphere Lifecycle Manager baselines, download the ESXi bundle. See
Chapter 2 Downloading VMware Cloud Foundation Upgrade Bundles.

VMware by Broadcom 66
VMware Cloud Foundation Lifecycle Management

Procedure

1 In the navigation pane, click Inventory > Workload Domains.

2 On the Workload Domains page, click the domain you are upgrading and then click the
Updates tab.

3 Click Precheck to run the upgrade precheck.

Resolve any issues before proceeding with the upgrade.

4 In the Available Updates section, click Configure Update.

5 Read the introductory information and click Next.

6 If any clusters in the workload domain use vSphere Lifecycle Manager images, select the
clusters to update and click Next.

7 Assign an image to each cluster that uses vSphere Lifecycle Manager images and click Next.

8 If any clusters in the workload domain use vSphere Lifecycle Manager baselines, select the
clusters to upgrade and click Next.

The default setting is to upgrade all clusters. To upgrade specific clusters, select Custom
selection and select the clusters to upgrade.

9 If the workload domain you are upgrading only includes clusters that use vSphere Lifecycle
Manager baselines, select a scheduling option.

10 Select the upgrade options and click Next.

By default, the selected clusters are upgraded in parallel. If you selected more than ten
clusters to be upgraded, the first ten are upgraded in parallel and the remaining clusters are
upgraded sequentially. To upgrade all selected clusters sequentially, select Enable sequential
cluster upgrade.

Select Enable Quick Boot to reduce the upgrade time by skipping the physical reboot of the
host.

Select Migrate Powered Off and Suspended VMs to migrate the suspended and powered
off virtual machines from the hosts that must enter maintenance mode to other hosts in the
cluster.

For clusters that use vSphere Lifecycle Manager images, select Enforce Live Patch when the
cluster image includes a Live Patch. With the Enforce Live Patch option, vSphere Lifecycle
Manager does not place the hosts in the cluster into maintenance mode, hosts are not
rebooted, and there is no need to migrate the virtual machines running on the hosts in the
cluster.

11 Review the settings, and click Finish or Run Precheck.

If the upgrade includes any clusters that use vSphere Lifecycle Manager images VMware
Cloud Foundation runs a cluster image hardware compatibility and compliance precheck.
Resolve any reported issues before proceeding.

VMware by Broadcom 67
VMware Cloud Foundation Lifecycle Management

12 After the precheck succeeds, click Schedule Update, select a scheduling option, and click
Finish.

13 Monitor the upgrade progress. See Monitor VMware Cloud Foundation Updates.

What to do next

Upgrade the vSAN Disk Format for vSAN clusters. The disk format upgrade is optional. Your
vSAN cluster continues to run smoothly if you use a previous disk format version. For best
results, upgrade the objects to use the latest on-disk format. The latest on-disk format provides
the complete feature set of vSAN. See Upgrade vSAN on-disk format versions.

Upgrade ESXi with vSphere Lifecycle Manager Baselines for

VMware Cloud Foundation 5.2
The following procedure describes upgrading ESXi hosts in workload domains that use vSphere
Lifecycle Manager baselines when your target version is VMware Cloud Foundation 5.2.

VMware Cloud Foundation 5.2.1 and later support workload domains that include vSphere
Lifecycle Manager baseline clusters and vSphere Lifecycle Manager image clusters. If you are
upgrading to VMware Cloud Foundation 5.2.1, see Upgrade ESXi for VMware Cloud Foundation
5.2.1.

By default, the upgrade process upgrades the ESXi hosts in all clusters in a workload domain
in parallel. If you have multiple clusters in a workload domain, you can select the clusters to
upgrade.

If you want to skip any hosts while applying an ESXi update a workload domain, you must add
these hosts to the application-prod.properties file before you begin the update. See "Skip
Hosts During ESXi Update".

To perform ESXi upgrades with custom ISO images or async drivers see "Upgrade ESXi with
Custom ISOs" and "Upgrade ESXi with Stock ISO and Async Drivers".

Prerequisites

n Validate that the ESXi passwords are valid.

n Download the ESXi bundle. See Chapter 2 Downloading VMware Cloud Foundation Upgrade
Bundles.

VMware by Broadcom 68
VMware Cloud Foundation Lifecycle Management

Procedure

1 Navigate to the Updates/Patches tab of the workload domain.

2 Click Precheck to run the upgrade precheck.

Resolve any issues before proceeding with the upgrade.

3 In the Available Updates section, click Update Now or Schedule Update next to the VMware
Software Update for ESXi.

If you selected Schedule Update, click the date and time for the bundle to be applied and
click Schedule.

4 Select the clusters to upgrade and click Next.

The default setting is to upgrade all clusters. To upgrade specific clusters, click Enable
cluster-level selection and select the clusters to upgrade.

5 Click Next.

6 Select the upgrade options and click Next.

Select Enable Quick Boot to reduce the upgrade time by skipping the physical reboot of the
host.

Select Migrate Powered Off and Suspended VMs to migrate the suspended and powered
off virtual machines from the hosts that must enter maintenance mode to other hosts in the
cluster.

7 On the Review page, review your settings and click Finish.

8 Monitor the upgrade progress. See Monitor VMware Cloud Foundation Updates.

What to do next

Upgrade vSAN Witness Host for VMware Cloud Foundation

If your VMware Cloud Foundation environment contains stretched clusters, update and
remediate the vSAN witness host.

VMware by Broadcom 69
VMware Cloud Foundation Lifecycle Management

Prerequisites

Download the ESXi ISO that matches the version listed in the the Bill of Materials (BOM) section
of the VMware Cloud Foundation Release Notes.

Procedure

1 In a web browser, log in to vCenter Server at https://vcenter_server_fqdn/ui.

2 Upload the ESXi ISO image file to vSphere Lifecycle Manager.

a Click Menu > Lifecycle Manager.

b Click the Imported ISOs tab.

c Click Import ISO and then click Browse.

d Navigate to the ESXi ISO file you downloaded and click Open.

e After the file is imported, click Close.

3 Create a baseline for the ESXi image.

a On the Imported ISOs tab, select the ISO file that you imported, and click New baseline.

b Enter a name for the baseline and specify the Content Type as Upgrade.

c Click Next.

d Select the ISO file you had imported and click Next.

e Review the details and click Finish.

4 Attach the baseline to the vSAN witness host.

a Click Menu > Hosts and Clusters.

b In the Inventory panel, click vCenter > Datacenter.

c Select the vSAN witness host and click the Updates tab.

d Under Attached Baselines, click Attach > Attach Baseline or Baseline Group.

e Select the baseline that you had created in step 3 and click Attach.

f Click Check Compliance.

After the compliance check is completed, the Status column for the baseline is displayed
as Non-Compliant.

5 Remediate the vSAN witness host and update the ESXi hosts that it contains.

a Right-click the vSAN witness and click Maintenance Mode > Enter Maintenance Mode.

b Click OK.

c Click the Updates tab.

d Select the baseline that you had created in step 3 and click Remediate.

e In the End user license agreement dialog box, select the check box and click OK.

VMware by Broadcom 70
VMware Cloud Foundation Lifecycle Management

f In the Remediate dialog box, select the vSAN witness host, and click Remediate.

The remediation process might take several minutes. After the remediation is completed,
the Status column for the baseline is displayed as Compliant.

g Right-click the vSAN witness host and click Maintenance Mode > Exit Maintenance Mode.

h Click OK.

Skip Hosts During ESXi Update

You can skip hosts while applying an ESXi update to a workload domain. The skipped hosts are
not updated.

Note You cannot skip hosts that are part of a VI workload domain that is using vSphere
Lifecycle Manager images, since these hosts are updated at the cluster-level and not the host-
level.

Procedure

1 Using SSH, log in to the SDDC Manager appliance with the user name vcf and password you
specified in the deployment parameter sheet.

2 Type su to switch to the root account.

3 Retrieve the host IDs for the hosts you want to skip.

curl 'https://SDDC_MANAGER_IP/v1/hosts' -i -u 'username:password' -X GET -H 'Accept:

application/json' |json_pp

Replace the SDDC Manager FQDN, user name, and password with the information for your
environment.

4 Copy the ids for the hosts you want to skip from the output. For example:

...
"fqdn" : "esxi-2.vrack.vsphere.local",
"esxiVersion" : "6.7.0-16075168",
"id" : "b318fe37-f9a8-48b6-8815-43aae5131b94",
...

In this case, the id for esxi-2.vrack.vsphere.local is b318fe37-

f9a8-48b6-8815-43aae5131b94.

5 Open the /opt/vmware/vcf/lcm/lcm-app/conf/application-prod.properties file.

6 At the end of the file, add the following line:

esx.upgrade.skip.host.ids=hostid1,hostid2

VMware by Broadcom 71
VMware Cloud Foundation Lifecycle Management

Replace the host ids with the information from step 4. If you are including
multiple host ids, do not add any spaces between them. For example:
esx.upgrade.skip.host.ids=60927f26-8910-4dd3-8435-8bb7aef5f659,6c516864-
b6de-4537-90e4-c0d711e5befb,65c206aa-2561-420e-8c5c-e51b9843f93d

7 Save and close the file.

8 Ensure that the ownership of the application-prod.properties file is vcf_lcm:vcf.

9 Restart the LCM server by typing the following command in the console window:

systemctl restart lcm

Results

The hosts added to the application-prod.properties are not updated when you update the
workload domain.

Upgrade ESXi with Custom ISOs

For clusters in workload domains with vSphere Lifecycle Manager baselines, you can upgrade
ESXi with a custom ISO from your vendor. VMware Cloud Foundation 4.4.1.1 and later support
multiple custom ISOs in a single ESXi upgrade in cases where specific clusters or workload
domains require different custom ISOs.

Prerequisites

Download the appropriate vendor-specific ISOs on a computer with internet access. If no vendor-
specific ISO is available for the required version of ESXi, then you can create one. See Create a
Custom ISO Image for ESXi.

Procedure

1 Download the VMware Software Update bundle for VMware ESXi. See Download Bundles
Using SDDC Manager.

To use an async patch version of ESXi, enable the patch with the Async Patch Tool before
proceeding to the next step. See the Async Patch Tool documentation.

2 Using SSH, log in to the SDDC Manager appliance.

3 Create a directory for the vendor ISO(s) under the /nfs/vmware/vcf/nfs-mount directory.
For example, /nfs/vmware/vcf/nfs-mount/esx-upgrade-partner-binaries.

4 Copy the vendor-specific ISO(s) to the directory you created on the SDDC Manager
appliance. For example, you can copy the ISO to the /nfs/vmware/vcf/nfs-mount/esx-
upgrade-partner-binaries directory.

5 Change permissions on the directory where you copied the ISO(s). For example,

chmod -R 775 /nfs/vmware/vcf/nfs-mount/esx-upgrade-partner-binaries/

VMware by Broadcom 72
VMware Cloud Foundation Lifecycle Management

6 Change owner to vcf.

chown -R vcf_lcm:vcf /nfs/vmware/vcf/nfs-mount/esx-upgrade-partner-

binaries/

7 Create an ESX custom image JSON using the following template.

{
"esxCustomImageSpecList": [{
"bundleId": "bundle ID of the ESXi bundle you downloaded",
"targetEsxVersion": "ESXi version for the target VMware Cloud Foundation version",
"useVcfBundle": false,
"domainId": "xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx",
"clusterId": "xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx",
"customIsoAbsolutePath": "Path_to_custom_ISO"
}]
}

where

Parameter Description and Example Value

bundleId ID of the ESXi upgrade bundle you downloaded. You can retrieve
the bundle ID by navigating to the Lifecycle Management > Bundle
Management page and clicking View Details to view the bundle ID.
For example, 8c0de63d-b522-4db8-be6c-f1e0ab7ef554. The bundle
ID for an async patch looks slightly different. For example:
5dc57fe6-2c23-49fc-967c-0bea1bfea0f1-apTool.

Note If an incorrect bundle ID is provided, the upgrade will proceed with

the VMware Cloud Foundation stock ISO and replace the custom VIBs in
your environment with the stock VIBs.

targetEsxVersion Version of the ESXi bundle you downloaded. You can retrieve the
target ESXi version by navigating to the Lifecycle Management > Bundle
Management page and clicking View Details to view the "Update to
Version".

useVcfBundle Specifies whether the VMware Cloud Foundation ESXi bundle is to be used
for the upgrade.

Note If you want to upgrade with a custom ISO image, ensure that this is
set to false.

domainId (optional, VCF 4.4.1.1 and ID of the specific workload domain for the custom ISO. Use the VMware
later only) Cloud Foundation API (GET /v1/domains) to get the IDs for your workload
domains.

VMware by Broadcom 73
VMware Cloud Foundation Lifecycle Management

Parameter Description and Example Value

clusterId (optional, VCF 4.4.1.1 ID of the specific cluster within a workload domain to apply the custom
and later only) ISO. If you do not specify a clusterId, the custom ISO will be applied to
all clusters in the workload domain. Use the VMware Cloud Foundation API
(GET /v1/clusters) to get the IDs for your clusters.

customIsoAbsolutePath Path to the custom ISO file on the

SDDC Manager appliance. For example, /nfs/vmware/vcf/
nfs-mount/esx-upgrade-partner-binaries/VMware-VMvisor-
Installer-7.0.0.update01-17325551.x86_64-DellEMC_Customized-
A01.iso

Here is an example of a completed JSON template.

{
"esxCustomImageSpecList": [{
"bundleId": "8c0de63d-b522-4db8-be6c-f1e0ab7ef554",
"targetEsxVersion": "8.0.1-xxxxxxxxx",
"useVcfBundle": false,
"customIsoAbsolutePath":
"/nfs/vmware/vcf/nfs-mount/esx-upgrade-partner-binaries/VMware-VMvisor-
Installer-8.0.0.update01-xxxxxxxx.x86_64-DellEMC_Customized-A01.iso"
}]
}

Here is an example of a completed JSON template with multiple ISOs using a single workload
domain and specified clusters (VCF 4.4.1.1 and later only).

{
"esxCustomImageSpecList": [
{
"bundleId": "aa7b16b1-d719-44b7-9ced-51bb02ca84f4",
"targetEsxVersion": "8.0.2-xxxxxxxx",
"useVcfBundle": false,
"domainId": "1b7b16b1-d719-44b7-9ced-51bb02ca84b2",
"clusterId": "c37b16b1-d719-44b7-9ced-51bb02ca84f4",
"customIsoAbsolutePath": "/nfs/vmware/vcf/nfs-mount/esx-upgrade-partner-
binaries/VMware-ESXi-7.0.2-17867351-DELL.zip"
},
{
"bundleId": "aa7b16b1-d719-44b7-9ced-51bb02ca84f4",
"targetEsxVersion": "7.0.1-18150133",
"useVcfBundle": false,
"domainId": "1b7b16b1-d719-44b7-9ced-51bb02ca84b2",
"customIsoAbsolutePath": "/nfs/vmware/vcf/nfs-mount/esx-upgrade-partner-
binaries/VMware-ESXi-7.0.2-17867351-HP.zip"
}
]
}

VMware by Broadcom 74
VMware Cloud Foundation Lifecycle Management

8 Save the JSON file as esx-custom-image-upgrade-spec.json in the /nfs/vmware/vcf/

nfs-mount.

Note If the JSON file is not saved in the correct directory, the stock VMware Cloud
Foundation ISO is used for the upgrade and the custom VIBs are overwritten.

9 Set the correct permissions on the /nfs/vmware/vcf/nfs-mount/esx-custom-image-

upgrade-spec.json file:

chmod -R 775 /nfs/vmware/vcf/nfs-mount/esx-custom-image-upgrade-spec.json

chown -R vcf_lcm:vcf /nfs/vmware/vcf/nfs-mount/esx-custom-image-upgrade-

spec.json

10 Open the /opt/vmware/vcf/lcm/lcm-app/conf/application-prod.properties file.

11 In the lcm.esx.upgrade.custom.image.spec= parameter, add the path to the JSON file.

For example, lcm.esx.upgrade.custom.image.spec=/nfs/vmware/vcf/nfs-mount/esx-

custom-image-upgrade-spec.json

12 In the navigation pane, click Inventory > Workload Domains.

13 On the Workload Domains page, click the domain you are upgrading and then click the
Updates/Patches tab.

14 Schedule the ESXi upgrade bundle.

15 Monitor the upgrade progress. See Monitor VMware Cloud Foundation Updates.

16 After the upgrade is complete, confirm the ESXi version by clicking Current Versions. The
ESXi hosts table displays the current ESXi version.

Upgrade ESXi with VMware Cloud Foundation Stock ISO and Async
Drivers
For clusters in workload domains with vLCM baselines, you can apply the stock ESXi upgrade
bundle with specified async drivers.

Prerequisites

Download the appropriate async drivers for your hardware on a computer with internet access.

Procedure

1 Download the VMware Cloud Foundation ESXi upgrade bundle. See Download Bundles Using
SDDC Manager.

2 Using SSH, log in to the SDDC Manager appliance.

3 Create a directory for the vendor provided async drivers under the /nfs/vmware/vcf/
nfs-mount directory. For example, /nfs/vmware/vcf/nfs-mount/esx-upgrade-partner-
drivers/drivers.

VMware by Broadcom 75
VMware Cloud Foundation Lifecycle Management

4 Copy the async drivers to the directory you created on the SDDC Manager appliance.
For example, you can copy the drivers to the /nfs/vmware/vcf/nfs-mount/esx-upgrade-
partner-drivers/drivers directory.

5 Change permissions on the directory where you copied the drivers. For example,

chmod -R 775 /nfs/vmware/vcf/nfs-mount/esx-upgrade-partner-drivers/drivers

6 Change owner to vcf.

chown -R vcf_lcm:vcf /nfs/vmware/vcf/nfs-mount/esx-upgrade-partner-

drivers/drivers

7 Create an ESX custom image JSON using the following template.

{
"esxCustomImageSpecList": [{
"bundleId": "bundle ID of the ESXi bundle you downloaded",
"targetEsxVersion": "ESXi version for the target VMware Cloud Foundation version",
"useVcfBundle": true,
"esxPatchesAbsolutePaths": ["Path_to_Drivers"]
}]
}

where

Parameter Description and Example Value

targetEsxVersion Version of the ESXi upgrade bundle you downloaded. You can retrieve
the ESXi target version by navigating to the Lifecycle Management >
Bundle Management page and clicking View Details to view the "Update to
Version".

useVcfBundle Specifies whether the ESXi bundle is to be used for the upgrade. Set this to
true.

esxPatchesAbsolutePaths Path to the async drivers on the SDDC

Manager appliance. For example, /nfs/vmware/vcf/
nfs-mount/esx-upgrade-partner-drivers/drivers/VMW-ESX-6.7.0-
smartpqi-1.0.2.1038-offline_bundle-8984687.zip

Here is an example of a completed JSON template.

{
"esxCustomImageSpecList": [{
"bundleId": "411bea6a-b26c-4a15-9443-03f453c68752-apTool",
"targetEsxVersion": "7.0.3-21053776",
"useVcfBundle": true,

VMware by Broadcom 76
VMware Cloud Foundation Lifecycle Management

"esxPatchesAbsolutePaths": ["/nfs/vmware/vcf/nfs-mount/esx-upgrade-partner-drivers/drivers/
HPE-703.0.0.10.9.5.14-Aug2022-Synergy-Addon-depot.zip"]
}]
}

8 Save the JSON file as esx-custom-image-upgrade-spec.json in the /nfs/vmware/vcf/

nfs-mount.

Note If the JSON file is not saved in the correct directory, the stock VMware Cloud
Foundation ISO is used for the upgrade and the custom VIBs are overwritten.

9 Set the correct permissions on the /nfs/vmware/vcf/nfs-mount/esx-custom-image-

upgrade-spec.json file:

chmod -R 775 /nfs/vmware/vcf/nfs-mount/esx-custom-image-upgrade-spec.json

chown -R vcf_lcm:vcf /nfs/vmware/vcf/nfs-mount/esx-custom-image-upgrade-

spec.json

10 Open the /opt/vmware/vcf/lcm/lcm-app/conf/application-prod.properties file.

11 In the lcm.esx.upgrade.custom.image.spec= parameter, add the path to the JSON file.

For example, lcm.esx.upgrade.custom.image.spec=/nfs/vmware/vcf/nfs-mount/esx-

custom-image-upgrade-spec.json

12 In the navigation pane, click Inventory > Workload Domains.

13 On the Workload Domain page, click the management domain.

14 On the Domain Summary page, click the Updates/Patches tab.

15 In the Available Updates section, click Update Now or Schedule Update next to the VMware
Software Update bundle for VMware ESXi.

16 Monitor the upgrade progress. See Monitor VMware Cloud Foundation Updates.

17 After the upgrade is complete, confirm the ESXi version by clicking Current Versions. The
ESXi hosts table displays the current ESXi version.

Upgrade ESXi with vSphere Lifecycle Manager Images for

VMware Cloud Foundation 5.2
Prior to VMware Cloud Foundation 5.2.1, workload domains can use either vSphere Lifecycle
Manager baselines or vSphere Lifecycle Manager images for ESXi host upgrade. The following
procedure describes upgrading ESXi hosts in workload domains that use vSphere Lifecycle
Manager images when your target version is VMware Cloud Foundation 5.2.

VMware by Broadcom 77
VMware Cloud Foundation Lifecycle Management

You create a vSphere Lifecycle Manager image for upgrading ESXi hosts using the vSphere
Client. During the creation of the image, you define the ESXi version and can optionally add
vendor add-ons, components, and firmware. After you extract the vSphere Lifecycle Manager
image into SDDC Manager, the ESXi update will be available for the relevant VI workload
domains.

Prerequisites

n Validate that the ESXi passwords are valid.

n You must upgrade NSX and vCenter Server before you can upgrade ESXi hosts with a
vSphere Lifecycle Manager image.

n If you want to add firmware to the vSphere Lifecycle Manager image, you must install the
Hardware Support Manager from your vendor. See Firmware Updates.

Procedure

1 Log in to the management domain vCenter Server using the vSphere Client.

2 Create a vSphere Lifecycle Manager image.

a Right-click the management domain data center and select New Cluster.

b Enter a name for the cluster (for example, ESXi upgrade image) and click Next.

Keep the default settings for everything except the cluster name.

VMware by Broadcom 78
VMware Cloud Foundation Lifecycle Management

c Define the vSphere Lifecycle manager image and click Next.

Image Element Description

ESXi Version From the ESXi Version drop-down menu, select the ESXi version
specified in the VMware Cloud Foundation BOM.
If the ESXi version does not appear in the drop-down menu, see Working
With the vSphere Lifecycle Manager Depot.

Vendor Add-On (optional) To add a vendor add-on to the image, click Select and select a vendor
add-on.

You can customize the image components, firmware, and drivers later.

d Click Finish.

e After the cluster is created successfully, click the Updates tab for the new cluster to
further customize it, if needed.

VMware by Broadcom 79
VMware Cloud Foundation Lifecycle Management

f Click Hosts > Image and then click Edit.

g Edit the vSphere Lifecycle manager image properties and click Save.

You already specified the ESXi version and optional vendor add-on, but you can modify
those settings as required.

Image Element Description

Vendor Add-On (optional) To add a vendor add-on to the image, click Select and select a vendor
add-on.

Firmware and Drivers Add-On To add a firmware add-on to the image, click Select. In the Select
(optional) Firmware and Drivers Addon dialog box, specify a hardware support
manager and select a firmware add-on to add to the image.
Selecting a firmware add-on for a family of vendor servers is possible
only if the respective vendor-provided hardware support manager
is registered as an extension to the vCenter Server where vSphere
Lifecycle Manager runs.

Components To add components to the image:

n Click Show details.
n Click Add Components.
n Select the components and their corresponding versions to add to
the image.

vSphere saves the cluster image.

3 Extract the vSphere Lifecycle Manager image into SDDC Manager.

a In the SDDC Manager UI, click Lifecycle Management > Image Management .

b Click Import Image.

c In the Option 1 section, select the management domain from the drop-down menu.

VMware by Broadcom 80
VMware Cloud Foundation Lifecycle Management

d In the Cluster drop-down, select the cluster from which you want to extract the vSphere
Lifecycle manager image. For example, ESXi upgrade image.

e Enter a name for the cluster image and click Extract Cluster Image.

You can view status in the Tasks panel.

4 Upgrade ESXi hosts with the vSphere Lifecycle Manager image.

a Navigate to the Updates tab of the VI workload domain.

b In the Available Updates section, click Configure Update.

c Click Next.

d Select the clusters to upgrade and click Next.

The default setting is to upgrade all clusters. To upgrade specific clusters, click Enable
cluster-level selection and select the clusters to upgrade.

e Select the cluster and the cluster image, and click Apply Image.

f Click Next.

VMware by Broadcom 81
VMware Cloud Foundation Lifecycle Management

g Select the upgrade options and click Next.

By default, the selected clusters are upgraded in parallel. If you selected more than five
clusters to be upgraded, the first five are upgraded in parallel and the remaining clusters
are upgraded sequentially. To upgrade all selected clusters sequentially, select Enable
sequential cluster upgrade.

Select Enable Quick Boot to reduce the upgrade time by skipping the physical reboot of
the host.

Select Enforce Live Patch when the cluster image includes a Live Patch. With the Enforce
Live Patch option, vSphere Lifecycle Manager does not place the hosts in the cluster into
maintenance mode, hosts are not rebooted, and there is no need to migrate the virtual
machines running on the hosts in the cluster.

Select Migrate Powered Off and Suspended VMs to migrate the suspended and powered
off virtual machines from the hosts that must enter maintenance mode to other hosts in
the cluster.

h Review the settings, and click Finish.

VMware Cloud Foundation runs a cluster image hardware compatibility and compliance
check. Resolve any reported issues before proceeding.

i Click Schedule Update and click Next.

j Select Upgrade Now or Schedule Update and click Finish.

k Monitor the upgrade progress. See Monitor VMware Cloud Foundation Updates.

What to do next

VMware by Broadcom 82
VMware Cloud Foundation Lifecycle Management

Firmware Updates
You can use vSphere Lifecycle Manager images to perform firmware updates on the ESXi hosts
in a cluster. Using a vSphere Lifecycle Manager image simplifies the host update operation. With
a single operation, you update both the software and the firmware on the host.

To apply firmware updates to hosts in a cluster, you must deploy and configure a vendor
provided software module called hardware support manager. The deployment method and the
management of a hardware support manager is determined by the respective OEM. For example,
the hardware support manager that Dell EMC provides is part of their host management solution,
OpenManage Integration for VMware vCenter (OMIVV), which you deploy as an appliance. See
Deploying Hardware Support Managers.

You must deploy the hardware support manager appliance on a host with sufficient disk space.
After you deploy the appliance, you must power on the appliance virtual machine, log in to the
appliance as an administrator, and register the appliance as a vCenter Server extension. Each
hardware support manager has its own mechanism of managing firmware packages and making
firmware add-ons available for you to choose.

For detailed information about deploying, configuring, and managing hardware support
managers, refer to the vendor-provided documentation.

Update License Keys for a Workload Domain

If upgrading from a VMware Cloud Foundation version prior to 5.0, you need to update your
license keys to support vSAN 8.x and vSphere 8.x.

You first add the new component license key to SDDC Manager. This must be done once per
license instance. You then apply the license key to the component on a per workload domain
basis.

Prerequisites

You need a new license key for vSAN 8.x and vSphere 8.x. Prior to VMware Cloud Foundation
5.1.1, you must add and update the component license key for each upgraded component in the
SDDC Manager UI as described below.

With VMware Cloud Foundation 5.1.1 and later, you can add a component license key as
described below, or add a solution license key in the vSphere Client. See Managing vSphere
Licenses for information about using a solution license key for VMware ESXi and vCenter Server.
If you are using a solution license key, you must also add a VMware vSAN license key for vSAN
clusters. See Configure License Settings for a vSAN Cluster.

Procedure

1 Add a new component license key to the SDDC Manager inventory.

a In the navigation pane, click Administration > Licensing.

b On the Licensing page, click + License Key.

VMware by Broadcom 83
VMware Cloud Foundation Lifecycle Management

c Select a product from the drop-down menu.

d Enter the license key.

e Enter a description for the license key.

f Click Add.

g Repeat for each license key to be added.

2 Update a license key for a workload domain component.

a In the navigation pane, click Inventory > Workload Domains.

b On the Workload Domains page, click the domain you are upgrading.

c On the Summary tab, expand the red error banner, and click Update Licenses.

d On the Update Licenses page, click Next.

e Select the products to update and click Next.

f For each product, select a new license key from the list, and select the entity to which the
licensekey should be applied and click Next.

g On the Review pane, review each license key and click Submit.

The new license keys will be applied to the workload domain. Monitor the task in the
Tasks pane in SDDC Manager.

Upgrade vSphere Distributed Switch versions

[Optional] Upgrade the distributed switch to take advantage of features that are available only in
the later versions.

Prerequisites

ESXi and vCenter Upgrades are completed.

Procedure

1 On the vSphere Client Home page, click Networking and navigate to the distributed switch.

2 Right-click the distributed switch and select Upgrade > Upgrade Distributed Switch

3 Select the vSphere Distributed Switch version that you want to upgrade the switch to and
click Next

Results

The vSphere Distributed Switch is successfully upgraded.

VMware by Broadcom 84
VMware Cloud Foundation Lifecycle Management

Upgrade vSAN on-disk format versions

[Optional] Upgrade the vSAN on-disk format version to take advantage of features that are
available only in the later versions.

n The upgrade may cause temporary resynchronization traffic and use additional space by
moving data or rebuilding object components to a new data structure.

Prerequisites

n ESXi and vCenter Upgrades are completed

n Verify that the disks are in a healthy state. Navigate to the Disk Management page to verify
the object status.

n Verify that your hosts are not in maintenance mode. When upgrading the disk format, do not
place the hosts in maintenance mode.

n Verify that there are no component rebuilding tasks currently in progress in the vSAN cluster.
For information about vSAN resynchronization, see vSphere Monitoring and Performance

Procedure

1 Navigate to the vSAN cluster.

2 Click the Configure tab.

3 Under vSAN, select Disk Management.

4 Click Pre-check Upgrade. The upgrade pre-check analyzes the cluster to uncover any issues
that might prevent a successful upgrade. Some of the items checked are host status, disk
status, network status, and object status. Upgrade issues are displayed in the Disk pre-check
status text box.

5 Click Upgrade.

6 Click Yes on the Upgrade dialog box to perform the upgrade of the on-disk format.

Results

vSAN successfully upgrades the on-disk format. The On-disk Format Version column displays the
disk format version of storage devices in the cluster

VMware by Broadcom 85
Upgrade VI Workload Domains to
VMware Cloud Foundation 5.2.x 6
The management domain in your environment must be upgraded before you upgrade VI
workload domains. To upgrade to VMware Cloud Foundation 5.2.x, all VI workload domains in
your environment must be at VMware Cloud Foundation 4.5 or higher. If your environment is at
a version lower than 4.5, you must upgrade the workload domains to 4.5 and then upgrade to
5.2.x.

Within a VI workload domain, components must be upgraded in the following order.

1 NSX.

2 vCenter Server.

3 ESXi.

4 Workload Management on clusters that have vSphere with Tanzu. Workload Management
can be upgraded through vCenter Server. See Updating the vSphere with Tanzu
Environment.

5 If you suppressed the Enter Maintenance Mode prechecks for ESXi or NSX,
delete the following lines from the /opt/vmware/vcf/lcm/lcm-app/conf/application-
prod.properties file and restart the LCM service:

lcm.nsxt.suppress.dry.run.emm.check=true

lcm.esx.suppress.dry.run.emm.check.failures=true

6 If you have stretched clusters in your environment, upgrade the vSAN witness host. See
Upgrade vSAN Witness Host for VMware Cloud Foundation.

7 For NFS-based workload domains, add a static route for hosts to access NFS storage over
the NFS gateway. See Post Upgrade Steps for NFS-Based VI Workload Domains.

After all upgrades have completed successfully:

1 Remove the VM snapshots you took before starting the update.

2 Take a backup of the newly installed components.

Read the following topics next:

n Plan VI Workload Domain Upgrade

n Perform Update Precheck in SDDC Manager

VMware by Broadcom 86
VMware Cloud Foundation Lifecycle Management

n Upgrade NSX for VMware Cloud Foundation in a Federated Environment

n Upgrade NSX for VMware Cloud Foundation 5.2.x

n Upgrade vCenter Server for VMware Cloud Foundation 5.2.x

n Upgrade ESXi for VMware Cloud Foundation 5.2.1

n Upgrade ESXi with vSphere Lifecycle Manager Baselines for VMware Cloud Foundation 5.2

n Upgrade ESXi with vSphere Lifecycle Manager Images for VMware Cloud Foundation 5.2

n Update License Keys for a Workload Domain

n Upgrade vSphere Distributed Switch versions

n Upgrade vSAN on-disk format versions

n Post Upgrade Steps for NFS-Based VI Workload Domains

Plan VI Workload Domain Upgrade

Before proceeding with a VI workload domain upgrade you must first plan the upgrade to your
target version.

Prerequisites

Chapter 5 Upgrade the Management Domain to VMware Cloud Foundation 5.2.x.

Procedure

1 In the navigation pane, click Inventory > Workload Domains.

2 On the Workload Domains page, click the workload domain you want to upgrade and click
the Updates tab.

3 Under Available Updates, click PLAN UPGRADE.

4 On the Plan Upgrade for VMware Cloud Foundation screen, select the target version from
the drop-down, and click CONFIRM.

Caution You must upgrade all VI workload domains to VMware Cloud Foundation 5.x.
Upgrading to a higher 4.x release once the management domain has been upgraded to 5.x is
unsupported.

VMware by Broadcom 87
VMware Cloud Foundation Lifecycle Management

Results

Bundles applicable to the chosen release will be made available to the VI workload domain.

Perform Update Precheck in SDDC Manager

You must perform a precheck in SDDC Manager before applying an update bundle to ensure that
your environment is ready for the update.

VMware by Broadcom 88
VMware Cloud Foundation Lifecycle Management

Bundle-level pre-checks for vCenter are available in VMware Cloud Foundation.

You can also silence failed vSAN prechecks in the SDDC Manager UI by clicking Silence
Precheck. Silenced prechecks do not trigger warnings or block upgrades.

Important Only silence alerts if you know that they are incorrect. Do not silence alerts for real
issues that require remediation.

Procedure

1 In the navigation pane, click Inventory > Workload Domains.

2 On the Workload Domains page, click the workload domain where you want to run the
precheck.

3 On the domain summary page, click the Updates tab.

(The following image is a sample screenshot and may not reflect current product versions.)

VMware by Broadcom 89
VMware Cloud Foundation Lifecycle Management

Note It is recommended that you Precheck your workload domain prior to performing an
upgrade.

VMware by Broadcom 90
VMware Cloud Foundation Lifecycle Management

4 Click RUN PRECHECK to select the components in the workload domain you want to
precheck.

5 When the precheck begins, a progress message appears indicating the precheck progress
and the time when the precheck began.

VMware by Broadcom 91
VMware Cloud Foundation Lifecycle Management

Note Parallel precheck workflows are supported. If you want to precheck multiple domains,
you can repeat steps 1-5 for each of them without waiting for step 5 to finish.

6 Once the Precheck is complete, the report appears. Click through ALL, ERRORS,
WARNINGS, and SILENCED to filter and browse through the results.

7 To see details for a task, click the expander arrow.

If a precheck task failed, fix the issue, and click Retry Precheck to run the task again. You can
also click RETRY ALL FAILED RESOURCES to retry all failed tasks.

8 If ESXi hosts display a driver incompatibility issue when updating a VI workload domain using
vSphere Lifecycle Manager baselines, perform the following steps:

a Identify the controller with the HCL issue.

b For the given controller, identify the supported driver and firmware versions on the
source and target ESXi versions.

c Upgrade the firmware, if required.

d Upgrade the driver manually on the ESXi host and retry the task at which the upgrade
failed.

VMware by Broadcom 92
VMware Cloud Foundation Lifecycle Management

a Log in to SDDC Manager by using a Secure Shell (SSH) client with the user name vcf and
password.

b Open the /opt/vmware/vcf/lcm/lcm-app/conf/application-prod.properties file.

c Add the following line to the end of the file:

lcm.nsxt.suppress.dry.run.emm.check=true

lcm.esx.suppress.dry.run.emm.check.failures=true

d Restart Lifecycle Management by typing the following command in the console window.

systemctl restart lcm

e After Lifecycle Management is restarted, run the precheck again.

Results

The precheck result is displayed at the top of the Upgrade Precheck Details window. If you click
Exit Details, the precheck result is displayed at the top of the Precheck section in the Updates
tab.

Ensure that the precheck results are green before proceeding. Although a failed precheck will
not prevent the upgrade from proceeding, it may cause the update to fail.

Upgrade NSX for VMware Cloud Foundation in a Federated

Download NSX Global Manager Upgrade Bundle

SDDC Manager does not manage the lifecycle of the NSX Global Managers. You must download
the NSX upgrade bundle manually to upgrade the NSX Global Managers.

Procedure

1 Log in to the Broadcom Support Portal and browse to My Downloads > VMware NSX.

2 Click the version of NSX to which you are upgrading.

VMware by Broadcom 93
VMware Cloud Foundation Lifecycle Management

3 Locate the NSX version Upgrade Bundle and verify that the upgrade bundle filename
extension ends with .mub.

The upgrade bundle filename has the following format VMware-NSX-upgrade-bundle-

versionnumber.buildnumber.mub.

4 Click the download icon to download the upgrade bundle to the system where you access
the NSX Global Manager UI.

Upgrade the Upgrade Coordinator for NSX Federation

The upgrade coordinator guides you through the upgrade sequence. You can track the upgrade
process and, if necessary, you can pause and resume the upgrade process from the UI.

Procedure

1 In a web browser, log in to Global Manager for the domain at https://nsx_gm_vip_fqdn/).

2 Select System > Upgrade from the navigation panel.

3 Click Proceed to Upgrade.

4 Navigate to the upgrade bundle .mub file you downloaded or paste the download URL link.

n Click Browse to navigate to the location you downloaded the upgrade bundle file.

n Paste the VMware download portal URL where the upgrade bundle .mub file is located.

5 Click Upload.

When the file is uploaded, the Begin Upgrade button appears.

6 Click Begin Upgrade to upgrade the upgrade coordinator.

Note Upgrade one upgrade coordinator at a time.

7 Read and accept the EULA terms and accept the notification to upgrade the upgrade
coordinator..

8 Click Run Pre-Checks to verify that all NSX components are ready for upgrade.

The pre-check checks for component connectivity, version compatibility, and component
status.

9 Resolve any warning notifications to avoid problems during the upgrade.

Upgrade NSX Global Managers for VMware Cloud Foundation

Manually upgrade the NSX Global Managers when NSX Federation is configured between two
VMware Cloud Foundation instances.

VMware by Broadcom 94
VMware Cloud Foundation Lifecycle Management

Prerequisites

Before you can upgrade NSX Global Managers, you must upgrade all VMware Cloud Foundation
instances in the NSX Federation, including NSX Local Managers, using SDDC Manager.

Procedure

1 In a web browser, log in to Global Manager for the domain at https://nsx_gm_vip_fqdn/).

2 Select System > Upgrade from the navigation panel.

3 Click Start to upgrade the management plane and then click Accept.

4 On the Select Upgrade Plan page, select Plan Your Upgrade and click Next.

The NSX Manager UI, API, and CLI are not accessible until the upgrade finishes and the
management plane is restarted.

Upgrade NSX for VMware Cloud Foundation 5.2.x

Upgrade NSX in the management domain and VI workload domains. VMware Cloud Foundation
5.2.1 supports in-place host upgrades for clusters that use vSphere Lifecycle Manager baselines.

Upgrading NSX involves the following components:

n Upgrade Coordinator

n NSX Edges/Clusters (if deployed)

n Host clusters

n NSX Manager cluster

Procedure

1 In the navigation pane, click Inventory > Workload Domains.

2 On the Workload Domains page, click the domain you are upgrading and then click the
Updates/Patches tab.

When you upgrade NSX components for a selected VI workload domain, those components
are upgraded for all VI workload domains that share the NSX Manager cluster.

3 Click Precheck to run the upgrade precheck.

Resolve any issues before proceeding with the upgrade.

Note The NSX precheck runs on all VI workload domains in your environment that share the
NSX Manager cluster.

VMware by Broadcom 95
VMware Cloud Foundation Lifecycle Management

4 For VMware Cloud Foundation 5.2:

a In the Available Updates section, click Update Now or Schedule Update next to the
VMware Software Update for NSX.

b On the NSX Edge Clusters page, select the NSX Edge clusters you want to upgrade and
click Next.

c On the Host Cluster page,select the host cluster you want to upgrade and click Next.

d On the Upgrade Options dialog box, select the upgrade optimizations and click Next.

By default, Edge clusters and host clusters are upgraded in parallel. You can enable
sequential upgrade by selecting the relevant check box.

e If you selected the Schedule Upgrade option, specify the date and time for the NSX
bundle to be applied and click Next.

f On the Review page, review your settings and click Finish.

VMware by Broadcom 96
VMware Cloud Foundation Lifecycle Management