UCS firmware and ESXi driver update script

File uploaded by conorcasey on Oct 8, 2014
Version 1Show Document
  • View in full screen mode

Hey folks,


I’m relatively new to the community but have been working with UCS for a number of years. Probably the most tedious task I have encountered in that time is the firmware and driver update process on all our blades (currently about 350). Not only is it fairly tedious, but we are also required to carry this work out during our standing maintenance window which unfortunately is 2am to 7am CST. I know I know, it makes no sense, but I’m not claiming management gets it right all the time ;-)


Anyhow, there really is no reason to have to do this work manually anymore when we have tools like Powershell, so I put together a script that has helped me automate the entire process for our ESXi hosts which is the bulk of the environment. The script handles the update of ESXi fnic and enic drivers and UCS firmware update, and on Eric Williams suggestion I would like to share it with the community because maybe it could save someone some time. I need to first mention however, I’ve never been a Windows guy, my background is in Solaris/Linux, so I had to learn Powershell in the process and some of you pros out there may find my code a little novice…part of my reluctance to share it before…but it works for me and has saved me a ton of time. I also realize that others may already have provided better scripts, but there is no harm in throwing it out there anyway.



So to keep it brief, here are the key features of the script and things to keep in mind/prerequisites:-


  1. I wrote it using Powershell version 3
  2. For the ESXi driver updates, the fnic and enic drivers have already been places on a shared datastore which is accessible by all hosts in the ESXi cluster you are planning to update
  3. UCS firmware updates require a reboot of the blade. So do the fnic and enic driver updates (it’s at least recommended). The script tries to combine these updates so one reboot takes care of both
  4. The script works on a vSphere ESXi cluster basis updating hosts one at a time
  5. The script assumes that if your blade firmware level is up-to-date then so are your drivers
  6. When updating an ESXi cluster, you will need to know which vCenter that cluster is in, and what UCS domain the blades in that cluster are in


Script steps

  1. Scan the entire cluster for hosts with mounted cdrom devices, which could cause a problem when trying to put the host in maintenance mode, and unmounts them
  2. Take a host in the ESXi cluster, identify the blade it is associated with
  3. Check the Host Firmware Policy associated with that blade. If it is the same as the Host Firmware Policy you want to update to then this host is already updated and can be skipped, moving on to the next host
  4. If the host needs to be updated, check to see if it is in maintenance mode (important because if it is we want to make sure we leave it in maintenance mode after we are done as it was likely in maintenance mode for a reason), if not then put the host in maintenance mode
  5. When the host is in maintenance mode update the fnic and enic drivers
  6. When driver updates are complete apply the new Host Firmware Policy to the blade. This process will reboot the blade which in turn also handles the driver updates
  7. Confirm that the host is visible again in vCenter before moving on to the next host. If it needs to be taken back out of maintenance mode then do so.
  8. Move on to the next host until all hosts in the cluster are complete


Each step is logged to a log file you provide a name and location for when scheduling the update so if any blade encounters an issue you can hopefully find some information on the issue there. I schedule the script to run in Windows Task Scheduler and the following is an example of the information I provide when executing the script against one of our ESXi clusters on one of our UCS domains:-


In the “Actions” section of a scheduled task:-





Add arguments (optional):

  1. powershell.exe -noprofile -file C:\Users\conor\Desktop\UCSFirmwareDriverUpdates.ps1 –vCenterServer vcenter1.domain.com -Ucsm ucsdomain1.domain.com -vCenterCluster ESXi-Cluster1 -HostFirmwarePolicy 2.1.3c -UcsUser admin -UcsPass password -FNICDriver "/vmfs/volumes/netappvolume/ISO/fnic_driver_1.5.0.45-offline_bundle-1233300.zip" -ENICDriver "/vmfs/volumes/netappvolume/ISO/enic_driver_2.1.2.38-offline_bundle-1023014.zip" > C:\Users\conor\Desktop\ESXi-Cluster1.output.txt


Note: because I am already logged onto my desktop via AD, vCenter does not require me to provide credentials when running the script. The same can probably be done for UCS but I wasn’t able to get that work for some reason. That said I didn’t play around with it a whole lot either, but would be a nice feature. So if your environment would require you to provide credentials for vCenter, the script doesn’t currently support that but it would be a really easy thing to add.


Hopefully this ends up being helpful for some and again, I’m not claiming to be a Powershell expert, this my first attempt at building a script this involved, so if people have suggestion/recommendations that could improve it I’m always open to constructive criticism.