With vSphere 6.5, VMware has made some improvements to the lifecycle management of vSphere, which will significantly improve the experience when upgrading to future versions and make the process less stressful. The changes are in these three areas:

  • Update Manager
  • Host Profiles
  • Auto Deploy

Update Manager

I mentioned integration of Update Manager with VCSA 6.5 in my first post but it’s worth mentioning that this also means no configuration is required and it’s enabled by default. Early tests have shown that it’s pretty scalable and can handle load well.

Due to its integration into the appliance, it also gains high-availability if vCenter is configured with HA. It also benefits with the same features of backup and restore as the main vCenter appliance.

We have all experienced the moment when you run Update Manager to upgrade a bunch of hosts and due to some option we selected, it refuses to run and we need to change something. At that point, we have to go in and select all those options that we previously selected, just to change that one setting that we want! It’s even more painful if some of those correctly selected settings are non-defaults.

Well, VMware has introduced a very useful feature here, as seen in the screenshot. If you tick that box, all the selected options will be saved. That will make subsequent patching/upgrading operations much less painful.

VUM Remediation Options

Host Profiles

Host Profiles have traditionally been difficult to edit but also to run. VMware must have heard all those complaints and have come up with several improvements, mainly in two areas: Manageability and Operation.


When talking manageability, there are improvements in quite a few areas:


As we know, there are millions of settings in a host profile. A lot of them are quite similarly named as well so browsing to them is not an easy task. Good news is that now you can filter them, to cut out the unwanted settings.


Often you find that there’s a particular setting that you change quite often. Finding it every time could be tedious. However, now you can set it as a favourite. That will make going to that particular setting easier in the future.

Host Customizations

Host profiles are pretty useful as they keep all settings the same. However, there are certain settings that are individual and can’t be the same e.g. IP addresses of interfaces. To make that job easier, bulk editing of host customizations can be done now by exporting the settings to a CSV file, editing and then importing back in.

Copy Profile settings

While maintaining host profiles, one often finds that most of the settings are the same between different host profiles and a handful settings are different between the different profiles. In that case, it would be more efficient to have a profile that has all common settings saved but not connected to any host. Then when defining a profile to be attached to a cluster or host, the options are copied to the new profile and the relevant changes added, making the whole process easier and quick. This is new option to enable that operation.


When running compliance checks and remediation against clusters/hosts, we often see it failing part way through or not providing enough information, when something is not quite right. There are a few improvements in that area as well.


It’s very annoying when despite double-checking, you find part way through a compliance operation that it fails because somewhere, there’s an IP address or something missing. As the name suggests, the Pre-Check is there to check such things before actually running the operation so that it doesn’t fail due to lack of parameters. It also informs the operator if remediation is going to cause a reboot or if it can’t be run due to a particular reason. Of course, it’s very useful to know if a host will get rebooted as it might not be an appropriate time for such an operation.

Host Profile Pre-check

Detailed Compliance Results

We know that when compliance fails, most of the time, the result are severely lacking in information and also one has to go and check the setting, after noting down what the profile says and then fix it. With this version, one is told the value the host profile thinks it should be and what it actually is, side-by-side. That removes confusion and results in quicker remediation.

VUM Compliance Report

DRS Integration

Host Profiles remediation is tightly-integrated with DRS now. If remediation requires a reboot, it takes the hosts in the cluster one-by-one, remediates them, reboots, takes out of maintenance mode and then starts on the next one.

Parallel Remediation

There are host profiles where hosts don’t require a reboot after remediation. In that case, now they can be remediated in parallel, significantly reducing remediation time.

Auto Deploy

As for Host Profiles, there are improvements in the Operational side as well as Performance and Resiliency, when it comes to Auto Deploy


Several improvements have been made on the operational side of Auto Deploy:

GUI for Image Builder

So far, we’ve been accustomed to managing all aspects of Auto Deploy from the PowerCLI cmdlets. That said, there are administrators who are not that comfortable with CLI yet. For them, vSphere 6.5 now features are GUI that’s integrated right into the web-client.

Auto Deploy

Interactive Deployment

There is a new feature: Discovered Hosts. When hosts are brought online but there aren’t any rules yet that apply to them, they sit ready under that tab so that they’re visible and as soon as rules are configured for them, they act accordingly. So, it’s easier now to identify any hosts that fall outside the already configured rules.

Post-boot scripts for Advanced Configuration

Host Profiles are very useful when used in conjunction with Auto Deploy. However, there are certain configurations that sometimes can’t be reliably applied to a host, post boot. Mostly, they are vendor configurations but could be other things as well. This option, allows the running of customised scripts. They can be shell or python scripts and once attached to the configured rule, they are run as soon as the host boots up. So, these scripts can take care of any additional settings or configurations that can’t be done properly using host profiles.

Performance and Resiliency

Some of these improvements are:


Previously, a single Auto Deploy server didn’t scale very well when many hosts started to boot at the same time. With vSphere 6.5, significant improvement has been made in that area and initial tests have shown that a single server is capable of handling 300+ hosts, booting up at the same time. That should alleviate any scaling concerns as booting that many hosts at the same time shouldn’t really be required normally.

VCSA HA & Backup Support

Now that vCenter has a built-in HA feature, all services running on it benefit from it and Auto Deploy is no different. Also, in the same way, backup and restore keeps the setup protected.

Round Robin Reverse Proxy Caching

Now Reverse Proxy Caches can be used to reduce load on the VCSA. That helps reduce load on the appliance by serving most of the content requested by the hosts from the cache, thereby enabling the appliance to handle increased load.

Backup and Restore state with PowerCLI

All rules, configuration (including certificates etc.) can now be exported and saved via PowerCLI. The reverse is also true so in case of something getting accidently change, the configuration can be quickly restored using the same mechanism.


As you can see, there are many enhancements in the area of lifecycle management of vSphere, especially when we talk about Host Profiles and Auto Deploy. Given their past, I think those changes are very welcome and should make management of these operations much easier. I know that even bigger environments (not talking service providers here), typically shy away from using these capabilities as they find the complexities of deployment but also maintaining and operations, quite challenging.

Hopefully, these new enhancements will change that mentality and adoption will increase as this functionality is brilliant, when it works properly.

Disclaimer: As of writing (October 17, 2016), this information is correct and while it’s hard to imagine these features to change between now and release, there is always a possibility.