The esxcli software vib list command returns a long list of vibs that are inside each patch zip file, but does not return or correlate the vib to the zip file name.

For example, both ESXi500-201209001.zip  and update-from-esxi5.0_update1.zip from VMware contain the vib: VMware_bootbank_net-nx-nic_4.0.557-3vmw.500.1.11.623860.vib

This vib is displayed from the vib list command, but I cannot determine which zip file caused the vib to be installed.

The VMware patch install command seems to figure out fairly quickly if the patch has already been installed, so I may have to just live with that.

Thanks

Thanks for the help.  I didn't realize that the ESXi patch bundles are cumulative (mostly) and that I don't have update each one, only the latest.

I found a very helpful discussion about patching at the link below. The comment section has a discussion about whether patches are cumulative or not.  I am not completely clear on what may not be included from patch to patch, it appears to be related to drivers.  I will look into that some more, but I am at a very good starting point.

http://blogs.vmware.com/vsphere/2012/02/understanding-esxi-patches-finding-patches.html

Correct, updated drivers usually do not make it into a patch bundle.

By using "esxcli software profile update" instead of "esxcli software profile install" you make sure that none of the packages (esp. updated driver packages) are replaced with older versions from the patch bundle.

We have had some confusion about some of this esp regarding terminology and I think I have it figured out.

The VMware patch portal has zip files available for download. These zip files are referred to as patch bundles and depots. These zip files are made up of 1 or more patches (i.e. where BG=Bug fix, SG=Security fix and UG=? ).  I think that the individual patches within the zip file are cumulative, but the bundles are not.

Using some real examples:

ESXi500-201209001 contains 4 patches including ESXi-500-201209401-BG for the esx-base vib.

ESXi500-201207001 contains 8 patches inclulding ESXi-500-201207401 for the esx-base vib

ESXi500-2012-6001 contains 1 patch, ESXi-500-201206401-SG for the esx-base vib

My understanding is that the esx-base vib in 9001 has rolled up all the fixes from the earlier patches and so I can ignore the bundle 6001, because it only has one patch for the esx-base vib.

However, I will have to add both 7001 and 9001 bundles, because 9001 has the most recent updates and there are patches in 7001 which are not in 9001 and would be lost if I didn't include them.

So, I can safely ignore ESXi500-201109001; ESXi500-20111101, ESXi500-201205001, ESXi500-201206001, and ESXi500-201207001 because their vibs are all updated in the latest bundle, ESXi500-201209001.

However, I will have to include 9001, 7001, update01, and  2001 in my script to make sure I get all the lates vibs.

Hope this makes sense and is correct, if we had Update Manager I wouldn't have to dig into the weeds like this.

Not really.

The ESXi500-201209001.zip (like all earlier patch bundles) contains *all* the software packages that make up an installed ESXi system, and all of these packages (except for the driver packages) do have the most current version.

Also host profiles (that are contained in the patch bundles) are always complete sets of software packages, not just the sub set of packages that are updated/patched.

So, all you need is really the latest patch bundle, and the update command that I mentioned in my first post.

- Andreas

Update 2012-11-12: I have blogged about the ever occurring question "Are ESXi 5.x patches cumulative" here: http://www.v-front.de/2012/11/are-esxi-5x-patches-cumulative.html

Ok, that's good to know.  I guess I was confused by the listing at the portal which spelled out the fixes for that bundle.

When you refer to drivers, do you mean the misc-drivers vib mentioned in some of the bundles?  Should I look at the details for each to determine if I need them on my hosts?

ESXi500-201209001 has a patch for misc-drivers  as does ESXi500-201207001, update01 and others.

Not only misc-drivers, but any VIB that starts with net- (NIC driver), scsi- (SCSI driver) etc.

These are added and updated independently from the base packages by VMware and hardware vendors like HP. For vSphere 5.0 they are available here:

https://my.vmware.com/web/vmware/info/slug/datacenter_cloud_infrastructure/vmware_vsphere/5_0#driver...

You update these drivers manually (even in Update Manager you would have to manually import them) by installing the Offline bundles that are provided on the Drivers Download page. That means if you heve ever updated a driver this way you should know that. If you have never manually added or updated a driver then you are fine with the drivers that are builtin to and shipped with ESXi, so you do not need to care about them.

That was the missing piece of the puzzle.  You are correct I haven't ever done it, and I didn't realize that the drivers are a separate entity. 

I tried installing an ISCSI driver and it took me a few tries, before I found the README.txt file in the downloaded zip file. I didn't realize I was supposed to open the zip file and extract the offline_bundle.zip or vib files before installing them, per the README.txt file.

Got it to install using: esxcli software vib install -d /tmp/be2iscsi-4.1.334.3-offline_bundle-633282.zip

Thanks so much for your patience and help