Update VMware vSAN Witness Appliance

I noted a warning on my home lab VMware vSAN environment noting a missing critical patch with vSAN and deduplication environments. The patch was referencing the VMware KB article for all-flash clusters with deduplication enabled. This fit my environment in its current iteration. The host that was showing the missing patch was the VMware vSAN Witness host. Let’s take a look at how to update VMware vSAN Witness appliance with needed patches.

Update VMware vSAN Witness Appliance

According to VMware documentation, they seem to support updating/upgrading VMware vSAN witness appliance hosts using the standard means of updating. See the VMware KB article here: https://kb.vmware.com/s/article/2143999.  While this involves another issue, it indicates VMware supports upgrading the appliance using “your preferred method”.

To rewind back to the issue seen in the home lab environment, I had a warning there was a “patch available for critical vSAN issue for All-Flash clusters with deduplication enabled“.

Message that patch is available for critical vSAN issue for all-flash environments

The details of the missing patch reflect that it is missing on the VMware vSAN Witness host.

VMware vSAN Witness host was showing as needing the patch

To proceed with updating the VMware vSAN Witness host, I will place the host in maintenance mode.  To do that, navigate to Cluster >> Configure >> vSAN >> Disk Management and select the host in question.  After highlighting the host, using the maintenance mode icon to place it in maintenance mode.

Placing the VMware vSAN Witness host in maintenance mode

Here we confirm the action of placing the witness host in maintenance mode.

Confirm placing the VMware vSAN Witness host in maintenance mode

Now, we should see the vSAN Witness host in maintenance mode.

Verify the VMware vSAN Witness Host is now in maintenance mode

Using update manager, scanning the Witness host shows the needed missing patch.

Using update manager scan the VMware vSAN Witness host for updates

The missing patch shown is the ESXi650-201712401-BG package.

The needed patch has been staged for the vSAN Witness host

We begin the remediate process on the host.

Select baselines in update manager

Selecting the vSAN Witness host in the update manager wizard to apply the needed patch.

Select the target object which is the VMware vSAN Witness host

Select the update package(s) to apply to the vSAN Witness host.

Choose the patches and extensions for the vSAN Witness host

Choose any advanced options.

Choose any advanced options for the update

Select you host remediation options.

Configure host remediation options

Finalize the patch installation options.

Finalize the VMware vSAN Witness host update options

We can watch the update task in vCenter proceed as the patches are applied and the host is rebooted.

The update patch process begins on the vSAN Witness host

After the VMware vSAN Witness host comes back up, we no longer see the needed patch displaying as a warning in the vSAN Health Monitor.

No longer have the warning for the vSAN patch needed

Concluding Thoughts

The process to update VMware vSAN Witness host is fairly straightforward and generally follows the same regimen as updating a “regular” ESXi host.  However, always make sure to follow the guidance of VMware if you are having a specific issue with vSAN or any other VMware product.  The vSAN Health monitor is really nice in that it allows you to easily have a high-level overview of the health of the vSAN environment and quickly links you to relevant VMware KB articles with solutions. Making sure to resolve any issues that are found in the Health monitor will ensure you have a healthy and performant vSAN cluster.

Subscribe to VirtualizationHowto via Email 🔔

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Brandon Lee

Brandon Lee is the Senior Writer, Engineer and owner at Virtualizationhowto.com and has over two decades of experience in Information Technology. Having worked for numerous Fortune 500 companies as well as in various industries, Brandon has extensive experience in various IT segments and is a strong advocate for open source technologies. Brandon holds many industry certifications, loves the outdoors and spending time with family.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.