A new version of the VMware VCSA 67u3e is available and this time the upgrade is more towards the PhotonOS rather than bringing new features. As of 6.7 branch releases PhotonOS made its way to more and more advanced options making the latest releases of VMware VCSA a feature rich appliance. PhotonOS is based on Linux kernel optimized for the cloud-native, cloud-platforms and VMware infrastructures. Last but not least latest edition of PhotonOS extends supports to ARM64 platforms.
Like any other OS out there (including the VMware VCSA) it requires patches of different types including of security type. This particular release of VMware VCSA patch addresses the following security bulletins:
- libsolv, CVE-2019-20387
- xerces-c, CVE-2018-1311
- libxml2, CVE-2020-7595, CVE-2019-19956, CVE-2019-20388
- cpio, CVE-2019-14866
The following is a step by step procedure to run an upgrade on the existing VMware VCSA appliance. Before proceeding it is highly recommended to take a full backup of the VCSA appliance database using the built-in backup utility. For more information about the minimum prerequisites and upgrade paths for the PhotonOS in VMware VCSA this link provides up to date details.
VMware VCSA 67u3e upgrade
Before proceeding with the VMware VCSA 67u3e upgrade it is a best practice and highly recommended to take a backup of the VCSA database using the built-in utility in the VCSA Management interface.
This process can be either automatic (highly recommended with a schedule) or manual. It is just a matter of specifying the location and the credential to access the backup storage. In this example the backup storage is provided by a Synology NAS. In addition, also the ability to encrypt the backup with a password.
Depending on the size of the VMware VCSA database and the resources the process is fairly quick.
Next step is to move to the Update section and check for the latest updates. There was a little quirk in previous version not allowing to display and upgrade to later releases. This has been fixed ever since and as alternative it is also possible to download a copy of the latest patch and manually import the file. Useful especially when the VCSA cannot access the internet.
Depending on the current version and available ones the wizard will display several versions. Next is just a case of selecting the desired one with the ability to stage only the files and defer the upgrade to a later time or run everything in one go. This is an interesting option making sure the interoperability with other components with specific versions are supported by all vendors.
With a stage and install option it will proceed with the wizard and start accepting the EULA.
As anticipated it is important to take a backup prior to the in-place upgrade. Upon confirmation it will proceed with next steps.
As expected first step is to download all the necessary files, stop the services, copy and replace the new binaries and restart the services.
Timing for this process might vary. Generally speaking does not take very long. Refreshing the browser will now show the upgraded VMware VCSA 67u3e release.