diff --git a/SOURCES/ci-When-tools.conf-does-not-exist-running-cmd-vmware-to.patch b/SOURCES/ci-When-tools.conf-does-not-exist-running-cmd-vmware-to.patch
new file mode 100644
index 0000000..d12df6d
--- /dev/null
+++ b/SOURCES/ci-When-tools.conf-does-not-exist-running-cmd-vmware-to.patch
@@ -0,0 +1,89 @@
+From 07755100b11abd4d429577f9f3f57a2c43592089 Mon Sep 17 00:00:00 2001
+From: Eduardo Otubo <otubo@redhat.com>
+Date: Mon, 17 Aug 2020 11:14:45 +0200
+Subject: [PATCH 1/2] When tools.conf does not exist, running cmd
+ "vmware-toolbox-cmd config get deployPkg enable-custom-scripts", the return
+ code will be EX_UNAVAILABLE(69), on this condition, it should not take it as
+ error. (#413)
+
+RH-Author: Eduardo Otubo <otubo@redhat.com>
+Message-id: <20200710094434.9711-1-otubo@redhat.com>
+Patchwork-id: 97934
+O-Subject: [RHEL-7.9.z/RHEL-8.2.1/RHEL-8.3.0 cloud-init PATCH] When tools.conf does not exist, running cmd "vmware-toolbox-cmd config get deployPkg enable-custom-scripts", the return code will be EX_UNAVAILABLE(69), on this condition, it should not take it as error. (#413)
+Bugzilla: 1839662
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+RH-Acked-by: Mohammed Gamal <mgamal@redhat.com>
+
+From: chengcheng-chcheng <63850735+chengcheng-chcheng@users.noreply.github.com>
+
+The diff seems slightly different from upstream because of some parts
+being in different positions. But the final result is the file patched
+guestcust_util.py (within this block) exactly identical to the one
+upstream.
+
+Also: Sorry for the commit message being just a Subject and this being
+enormous. I kept the original from upstream.
+
+commit c6d09af67626c2f2241c64c10c9e27e8752ba87b
+Author: chengcheng-chcheng <63850735+chengcheng-chcheng@users.noreply.github.com>
+Date:   Wed Jun 10 00:20:47 2020 +0800
+
+    When tools.conf does not exist, running cmd "vmware-toolbox-cmd config get deployPkg enable-custom-scripts", the return code will be EX_UNAVAILABLE(69), on this condition, it should not take it as error. (#413)
+
+Signed-off-by: Eduardo Otubo <otubo@redhat.com>
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ .../sources/helpers/vmware/imc/guestcust_util.py   | 33 +++++++++++++---------
+ 1 file changed, 20 insertions(+), 13 deletions(-)
+
+diff --git a/cloudinit/sources/helpers/vmware/imc/guestcust_util.py b/cloudinit/sources/helpers/vmware/imc/guestcust_util.py
+index 3d369d0..a270d9f 100644
+--- a/cloudinit/sources/helpers/vmware/imc/guestcust_util.py
++++ b/cloudinit/sources/helpers/vmware/imc/guestcust_util.py
+@@ -133,23 +133,30 @@ def get_tools_config(section, key, defaultVal):
+             'vmware-toolbox-cmd not installed, returning default value')
+         return defaultVal
+ 
+-    retValue = defaultVal
+     cmd = ['vmware-toolbox-cmd', 'config', 'get', section, key]
+ 
+     try:
+-        (outText, _) = util.subp(cmd)
+-        m = re.match(r'([^=]+)=(.*)', outText)
+-        if m:
+-            retValue = m.group(2).strip()
+-            logger.debug("Get tools config: [%s] %s = %s",
+-                         section, key, retValue)
+-        else:
++        (outText, _) = subp.subp(cmd)
++    except subp.ProcessExecutionError as e:
++        if e.exit_code == 69:
+             logger.debug(
+-                "Tools config: [%s] %s is not found, return default value: %s",
+-                section, key, retValue)
+-    except util.ProcessExecutionError as e:
+-        logger.error("Failed running %s[%s]", cmd, e.exit_code)
+-        logger.exception(e)
++                "vmware-toolbox-cmd returned 69 (unavailable) for cmd: %s."
++                " Return default value: %s", " ".join(cmd), defaultVal)
++        else:
++            logger.error("Failed running %s[%s]", cmd, e.exit_code)
++            logger.exception(e)
++        return defaultVal
++
++    retValue = defaultVal
++    m = re.match(r'([^=]+)=(.*)', outText)
++    if m:
++        retValue = m.group(2).strip()
++        logger.debug("Get tools config: [%s] %s = %s",
++                     section, key, retValue)
++    else:
++        logger.debug(
++            "Tools config: [%s] %s is not found, return default value: %s",
++            section, key, retValue)
+ 
+     return retValue
+ 
+-- 
+1.8.3.1
+
diff --git a/SOURCES/ci-ssh-exit-with-non-zero-status-on-disabled-user-472.patch b/SOURCES/ci-ssh-exit-with-non-zero-status-on-disabled-user-472.patch
new file mode 100644
index 0000000..cb3a8a0
--- /dev/null
+++ b/SOURCES/ci-ssh-exit-with-non-zero-status-on-disabled-user-472.patch
@@ -0,0 +1,74 @@
+From 44b6004ee17cd2ae5930c7d8fd3ecafd7485a4d6 Mon Sep 17 00:00:00 2001
+From: Eduardo Otubo <otubo@redhat.com>
+Date: Mon, 17 Aug 2020 11:14:47 +0200
+Subject: [PATCH 2/2] ssh exit with non-zero status on disabled user (#472)
+
+RH-Author: Eduardo Otubo <otubo@redhat.com>
+Message-id: <20200729074459.16096-1-otubo@redhat.com>
+Patchwork-id: 98071
+O-Subject: [RHEL-8.3.0 cloud-init PATCH] ssh exit with non-zero status on disabled user (#472)
+Bugzilla: 1833874
+RH-Acked-by: Mohammed Gamal <mgamal@redhat.com>
+RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
+
+commit e161059a18173e2b61c54dba9eab774401fb5f1f
+Author: Eduardo Otubo <otubo@redhat.com>
+Date:   Wed Jul 15 20:21:02 2020 +0200
+
+    ssh exit with non-zero status on disabled user (#472)
+
+    It is confusing for scripts, where a disabled user has been specified,
+    that ssh exits with a zero status by default without indication anything
+    failed.
+
+    I think exitting with a non-zero status would make more clear in scripts
+    and automated setups where things failed, thus making noticing the issue
+    and debugging easier.
+
+    Signed-off-by: Eduardo Otubo <otubo@redhat.com>
+    Signed-off-by: Aleksandar Kostadinov <akostadi@redhat.com>
+
+    LP: #1170059
+
+Signed-off-by: Eduardo Otubo <otubo@redhat.com>
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ cloudinit/ssh_util.py         | 4 +++-
+ doc/examples/cloud-config.txt | 2 +-
+ 2 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/cloudinit/ssh_util.py b/cloudinit/ssh_util.py
+index bcb23a5..8ff61a2 100644
+--- a/cloudinit/ssh_util.py
++++ b/cloudinit/ssh_util.py
+@@ -40,11 +40,13 @@ VALID_KEY_TYPES = (
+     "ssh-rsa-cert-v01@openssh.com",
+ )
+ 
++_DISABLE_USER_SSH_EXIT = 142
+ 
+ DISABLE_USER_OPTS = (
+     "no-port-forwarding,no-agent-forwarding,"
+     "no-X11-forwarding,command=\"echo \'Please login as the user \\\"$USER\\\""
+-    " rather than the user \\\"$DISABLE_USER\\\".\';echo;sleep 10\"")
++    " rather than the user \\\"$DISABLE_USER\\\".\';echo;sleep 10;"
++    "exit " + str(_DISABLE_USER_SSH_EXIT) + "\"")
+ 
+ 
+ class AuthKeyLine(object):
+diff --git a/doc/examples/cloud-config.txt b/doc/examples/cloud-config.txt
+index 0e82b83..f00db68 100644
+--- a/doc/examples/cloud-config.txt
++++ b/doc/examples/cloud-config.txt
+@@ -235,7 +235,7 @@ disable_root: false
+ # The string '$USER' will be replaced with the username of the default user.
+ # The string '$DISABLE_USER' will be replaced with the username to disable.
+ #
+-# disable_root_opts: no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"$USER\" rather than the user \"$DISABLE_USER\".';echo;sleep 10"
++# disable_root_opts: no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"$USER\" rather than the user \"$DISABLE_USER\".';echo;sleep 10;exit 142"
+ 
+ # disable ssh access for non-root-users
+ # To disable ssh access for non-root users, ssh_redirect_user: true can be
+-- 
+1.8.3.1
+
diff --git a/SPECS/cloud-init.spec b/SPECS/cloud-init.spec
index be0f83d..179ed82 100644
--- a/SPECS/cloud-init.spec
+++ b/SPECS/cloud-init.spec
@@ -6,7 +6,7 @@
 
 Name:           cloud-init
 Version:        19.4
-Release:        7%{?dist}
+Release:        8%{?dist}
 Summary:        Cloud instance init scripts
 
 Group:          System Environment/Base
@@ -40,6 +40,10 @@ Patch14: ci-Change-from-redhat-to-rhel-in-systemd-generator-tmpl.patch
 Patch15: ci-cloud-init.service.tmpl-use-rhel-instead-of-redhat-4.patch
 # For bz#1822343 - [RHEL8.3] Do not log IMDSv2 token values into cloud-init.log
 Patch16: ci-ec2-only-redact-token-request-headers-in-logs-avoid-.patch
+# For bz#1839662 - [ESXi][RHEL8.3][cloud-init]ERROR log in cloud-init.log after clone VM on ESXi platform
+Patch17: ci-When-tools.conf-does-not-exist-running-cmd-vmware-to.patch
+# For bz#1833874 - [rhel-8.3]using root user error should cause a non-zero exit code
+Patch18: ci-ssh-exit-with-non-zero-status-on-disabled-user-472.patch
 
 BuildArch:      noarch
 
@@ -223,6 +227,14 @@ fi
 %config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf
 
 %changelog
+* Mon Aug 17 2020 Miroslav Rezanina <mrezanin@redhat.com> - 19.4-8.el8
+- ci-When-tools.conf-does-not-exist-running-cmd-vmware-to.patch [bz#1839662]
+- ci-ssh-exit-with-non-zero-status-on-disabled-user-472.patch [bz#1833874]
+- Resolves: bz#1833874
+  ([rhel-8.3]using root user error should cause a non-zero exit code)
+- Resolves: bz#1839662
+  ([ESXi][RHEL8.3][cloud-init]ERROR log in cloud-init.log after clone VM on ESXi platform)
+
 * Fri Jun 26 2020 Miroslav Rezanina <mrezanin@redhat.com> - 19.4-7.el8
 - Fixing cloud-init-generator permissions [bz#1834173]
 - Resolves: bz#1834173