VMware Cloud Community
MJKNIGHT
Hot Shot
Hot Shot

More ESX 3.0.1 03/05/07 Patches......

Anyone dived in and applied the new patches yet.....

....patch adds support for Microsoft Clustering Server (MSCS) with Windows 2003 Service Pack 1 (SP1) and R2 Guest Operating Systems (KB 2021).....[/i]

ESX-3199476 Patch | 03/05/07 | Critical Patch

ESX-5031800 Patch | 03/05/07 | Security Patch

ESX-5885387 Patch | 03/05/07 | Security Patch

ESX-6050503 Patch | 03/05/07 | General Patch

ESX-6856573 Patch | 03/05/07 | Security Patch

ESX-9865995 Patch | 03/05/07 | General Patch

Please provide feedback below if you have any issues....

Cheers,

Michael.

Reply
0 Kudos
104 Replies
MR-T
Immortal
Immortal

Hi Mike, I applied the critical and security patches to a couple of 'fully patched' 3.0.1 servers earlier and didn't run into any issues.

Fingers crossed this will remain the case.

Reply
0 Kudos
MJKNIGHT
Hot Shot
Hot Shot

Hi Stuart,

Were just embarking on a major Vi3 rollout, so I guess tomorrow I'll be testing these in my lab and updating the build if no major issues arrise Smiley Wink

Are you attending TSX next month ?

Michael.

Update.... just applied all updates ESX version now showing VMware ESX Server 3.0.1 build-39823

Reply
0 Kudos
MR-T
Immortal
Immortal

Sadly I can't make TSX.

It's my turn to stay behind as I went to TSX & VMworld lastyear.

I know you're a scripting guru so I probably don't need to say, but when you apply these patches, to save some time use esxupdate -n

Reply
0 Kudos
MJKNIGHT
Hot Shot
Hot Shot

Hi,

Got that covered Smiley Wink

I wrote a script that extracts them from a folder, examines the release date and then sequences them in release date order with the appropriate parameter to suppress the reboot until the end.

My biggest headache was trying to determine patch sequencing as the ESX-xxxxxx numbers are all over the place.

I was think of posting but others have posted similar already.

Michael.

Reply
0 Kudos
violet68
Contributor
Contributor

I applied 9 patches today, reboot, no problem so far.

Reply
0 Kudos
dmanconi
Enthusiast
Enthusiast

Hi Michael

Can you post your script anyway please. I am sure it will be useful even if other people have posted their scripts.

Cheers

David

PS I agree the patch name and numbers are all over the place. It is really annoying.

Reply
0 Kudos
MJKNIGHT
Hot Shot
Hot Shot

Hi,

I will need to strip out some work specific bits and post a sanatised script later today Smiley Wink

Michael.

Reply
0 Kudos
MJKNIGHT
Hot Shot
Hot Shot

I'm in the processing of trying to provide a proper download location but in the interim you could try and cut 'n paste the script from here.

This script assumes the patches have been downloaded and placed into /var/updates/

This script examines the contents of /var/updates and expands each patch automatically.

It then examines the release date of each patch and resets[/b] the datestamp on the patch directory to match the release date of the patch.

The script then builds a dynamic script which ensures that each patch is applied in release date sequence.

#!/bin/sh

#

\# ESX 3.0.1

#

\# Purpose: Script to apply ESX 3.x patches

\# Author : MichaelJKnight@gmail.com

\# Version: 1.0

\# Release: 09/03/2007

\# No warranty is provided with this script, test and use at your own risk

\# This script is freeware, please contact me with any bugs.

#

\# Ensure ESX Patches have been MD5SUM checked and precopied into /var/updates.....

if \[`vmware -v | grep -i "Server 3." | wc -l` -eq 0 ]

then

echo

echo This script requires an ESX 3.x platform, this server is on

echo

vmware -v

echo

echo Exiting.

echo

exit

fi

esxpatches=`ls /var/updates/ESX*.tgz 2>/dev/null | wc -l`

echo

echo Found $esxpatches ESX patches in /var/updates/

echo

if \[ $esxpatches -ne "0" ]

then

pcount=0

cd /var/updates/

  1. Start creation of patch bundle script....

echo "#!/bin/bash" > /tmp/patchbundle.sh

echo "# Start of patch bundle of $esxpatches ESX Patches " >> /tmp/patchbundle.sh

for i in `ls -l ESX*.tgz 2>/dev/null | awk '\{ print $9} '`

do

  1. Now expand each patch found into its corresponding folder

let "pcount = $pcount + 1"

echo

echo Found patch $pcount / $esxpatches $i

echo Now Expanding....$i

echo

tar -xvzf "$i"

done

chmod +x /tmp/patchbundle.sh

rm -rf /var/updates/ESX*.tgz

  1. Cycle through patches and determine release date and then set datestamp on patch directory to ensure patch sequence is in release date order.

cd /var/updates/

for i in `ls -ltr 2>/dev/null | awk '\{ print $9} '`

do

tstamp=`cat /var/updates/$i/descriptor.xml | grep "" | cut -f1 -d"<"`

echo

echo Patch $i release date is $tstamp

echo

touch /var/updates/$i -d"$tstamp"

done

  1. Update patch bundle script with patches now in release date equence....

pcount=1

echo

for i in `ls -ltr 2>/dev/null | awk '\{ print $9} '`

do

echo Sequencing $i into patch bundle script

echo cd /var/updates/`echo $i |cut -f1 -d. `>> /tmp/patchbundle.sh

echo echo ' `date +%e/%m/%y" "%H:%M:%S` ' "Patch `echo $i |cut -f1 -d. ` ` echo $pcount of $esxpatches ` Installation Started " >> /tmp/patchbundle.sh

echo "esxupdate -v 20 -n update" >> /tmp/patchbundle.sh

echo echo ' `date +%e/%m/%y" "%H:%M:%S` ' "Patch `echo $i |cut -f1 -d. ` Installation Completed " >> /tmp/patchbundle.sh

let "pcount = $pcount + 1"

done

echo "# End of patch bundle" >> /tmp/patchbundle.sh

echo

echo Applying patches, please wait....

echo

/tmp/patchbundle.sh

\# Tidy up post installs

rm -rf /tmp/patchbundle.sh

rm -rf /var/updates/ESX*

echo

echo All $esxpatches patches applied. Schedule reboot asap..

echo

else

echo No ESX Patches to be applied...

fi

Please try on your TEST[/b] ESX hosts first feedback any issues.... Smiley Happy

NOTE[/b]

Always read the VMWARE associated patch documentation

for any special instructions and assess whether each

patch is applicable to your environment/confguration

before applying in this fashion.

Michael.

Reply
0 Kudos
oreeh
Immortal
Immortal

Thanks for sharing this script.

Reply
0 Kudos
Nicke
Expert
Expert

Tried it yesterday on my lab equipment, worked like a charm.

Thanks for sharing!

/Nicke

Niclas Borgström
Arrow ECS Sweden
Reply
0 Kudos
dmanconi
Enthusiast
Enthusiast

Hi

Thanks for the script. Looks like a winner. Appreciate you sharing it.

Cheers

David

Reply
0 Kudos
newmy
Enthusiast
Enthusiast

Hi Michael,

good script but can you extend it to:

1) use an NFS Share instead

2) the script looks what pathces are installed and install only the missing patches

3) can ue a prepopulated (unpacked) NFS-Share directory structure?

it seems you are familiar with .sh - i'm not.

newmy

If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points
Reply
0 Kudos
SafetyMan
Contributor
Contributor

THIS WORKS PERFECTLY......just what the doctor ordered

Reply
0 Kudos
MJKNIGHT
Hot Shot
Hot Shot

Hi,

Glad to hear people find it useful Smiley Happy

I will try and look at points 1 & 3 , it should be just a small change. Perhaps making the patch source location into a variable and let the user specify the location whether it be local or a NFS mount point.

In response to point 2, the esxupdate process will detect if the patch is already installed and skip it. At present the script incurs the overhead of needlessly expanding patch, I will look at running an esxupdate -l query command to perhaps bypass any installed patches.

I'll post back with some updates later....

Michael.

Reply
0 Kudos
mattking
Contributor
Contributor

Script worked great. Thanks for saving me many hours.

Reply
0 Kudos
CWedge
Enthusiast
Enthusiast

I just used it to apply all 19 Patches since 3.0.1

You are my hero!

It brought tears of joy to my eyes!

Might be something to SourceForge it..

I agree on seeing whether or not the Update has been installed already, that way..should one bomb in the middle you can rerun the script...

Although it still will work the way it is now..just expand all the ones it did again...Not a big deal..

Did I say I love this script again!

Message was edited by:

CWedge@Amsa

Reply
0 Kudos
Tibmeister
Expert
Expert

It is working nicely. I'm using my limited knowledge of bach script to modify it to use an NFS store. It would mount the store, use it, then dismount the store. Coming along fairly well to be honest.

Reply
0 Kudos
CWedge
Enthusiast
Enthusiast

Now if someone can figure out a way to update the VMtools in my 200 Vm's!!

Reply
0 Kudos
oreeh
Immortal
Immortal

Now we only have to convince VMware to make the patches available via ftp (like many other vendors do) and we could add the logic to automatically download the patches too.

Reply
0 Kudos