ESXi upgrade from 7.x to 8.x fails due to unsupported TPM version and Incompatible Upgrade baseline warning
search cancel

ESXi upgrade from 7.x to 8.x fails due to unsupported TPM version and Incompatible Upgrade baseline warning

book

Article ID: 368511

calendar_today

Updated On:

Products

VMware Cloud Foundation VMware vSphere ESXi 8.0 VMware vCenter Server 8.0

Issue/Introduction

  • A similar error is reported in the /var/log/vmware/vmware-updatemgr/vum-server/vmware-vum-server-#.log:

    ####-##-##T##:###:##.###Z info vmware-vum-server[10875] [Originator@6876 sub=HostUpgradeScanner] [scannerImpl 1757] (vmodl.LocalizableMessage) [
    -->    (vmodl.LocalizableMessage) {
    -->       key = "com.vmware.vcIntegrity.HostUpgrade.UnsupportedTPMVersion",
    -->       arg = <unset>,
    -->       message = <unset>
    -->    }
    --> ]


  • The following error can be seen in the vCenter UI when viewing compliance scan results for the Upgrade baseline:

    "TPM 1.2 device detected.  Support for TPM version 1.2 is discontinued.  Installation may proceed but may cause the system to behave unexpectedly."

         

Environment

  • VMware Cloud Foundation 5.x
  • VMware vSphere 8.x

Cause

  • Support for TPM 1.2 is deprecated starting in vSphere 8.x
  • More details regarding TPM can be found here
  • From vSphere 8.0 Release Notes:
    "Removal of Trusted Platform Module (TPM) 1.2: VMware discontinues support of TPM 1.2 and associated features such as TPM 1.2 with TXT. To get full use of vSphere features, you can use TPM 2.0 instead of TPM 1.2."

Resolution

  1. Engage the hardware OEMs to upgrade the Trusted Platform Module (TPM) on all affected hosts to a supported TPM version (2.0 or higher).
  2. Disabling the TPM is not going to help the upgrade if the ESXi host is installed while TPM device is present in the physical host and the TPM feature is enabled in the BIOS settings, the ESXi host will install with TPM enabled.
  3. Once TPM is enabled on the ESXi host, disabling TPM is not possible - see: Need to disable Trusted Platform Module (TPM) on a TPM enabled ESXi host.

Additional Information

  • Workaround:

    If the hosts already contains a TPM 1.2 device but it is not being used for vSphere, during Remediation check the box for "Ignore warnings about unsupported hardware devices" to allow the upgrade to proceed but no TPM functionality will be available for the host.