[VCF] Update vCenter to 7.0U3r through API Rest

on January 8, 2025

[VCF] Update vCenter to 7.0U3r through API Rest

Download & Apply vCenter 7.0U3r through Async Patch Tool (OFFLINE and ONLINE mode)

In this article we will cover how you can import update bundle in SDDC Manager with Async Patch Tool in Offline mode or Online mode. Then, I will write a second article which will focus on how you can apply an update with the developer Center (API).

First, this version of vCenter is only focused to resolve some CVE like CVE-2024-37079, CVE-2024-37080, and CVE-2024-37081

OFFLINE MODE

If you have a computer which doesn’t have internet access, you need to do some steps before applying any update in SDDC Manager. The first step is to list available async patch:
./vcf-async-patch-tool –listAsyncPatch –du customer_connect_email

After that, you can know the name/ID of bundle (in my case for example bundle-120545)

At this point, you have two choices for downloading the bundle : either with the bundle name (bundle-120545) or with the name of the version (VCENTER:7.0.3.02000-24026615). Only the async patch parameter is different. In my case I use the name of the version.

./vcf-async-patch-tool -d –patch VCENTER:7.0.3.02000-24026615 –du customer_connect_email

Once the bundle is downloaded, you need to import it in SDDC.
My advice is to import the downloaded folders which contain all needed files for update (bundle, manifest, .spec), because if you didn’t import all files, it can create an issue just before the end of the async patch script.

To import all files, you have multiple choices but in my case I use SFTP.

After that, you need to enable the bundle with async patch tool directly on the SDDC Manager with the below command:

./vcf-async-patch-tool –proxyServer proxy.vinci-construction.net:8080 -e –patch VCENTER:7.0.3.02000-24026615 –sddcSSOUser administrator@vsphere.local –sddcSSHUser vcf –outputDirectory /nfs/vmware/vcf/nfs-mount/apToolBundles –it OFFLINE –depotUser nameofyourvmwareaccount

If at some point you get a warning message, make sure everything is in order before continuing.

Enter the Super User (vcf) and Root

As you can see, the async patch tool verifies if the “index” file is valid, and it asks if you want perform a precheck. Obviously I enter “Yes”

After all those steps, you can view and apply this update through SDDC Manager GUI.

ONLINE MODE :

The second method is to download the bundle directly into the SDDC Manager, so you gain some steps compared to the offline mode.

In the SDDC Manager, you need to enter and adapt this command (in particular if you have a proxy server) to download the bundles (same warning for the offline method)