Anyone dived in and applied the new patches yet.....
....patch adds support for Microsoft Clustering Server (MSCS) with Windows 2003 Service Pack 1 (SP1) and R2 Guest Operating Systems (KB 2021).....[/i]
ESX-3199476 Patch | 03/05/07 | Critical Patch
ESX-5031800 Patch | 03/05/07 | Security Patch
ESX-5885387 Patch | 03/05/07 | Security Patch
ESX-6050503 Patch | 03/05/07 | General Patch
ESX-6856573 Patch | 03/05/07 | Security Patch
ESX-9865995 Patch | 03/05/07 | General Patch
Please provide feedback below if you have any issues....
Cheers,
Michael.
Hi Mike, I applied the critical and security patches to a couple of 'fully patched' 3.0.1 servers earlier and didn't run into any issues.
Fingers crossed this will remain the case.
Hi Stuart,
Were just embarking on a major Vi3 rollout, so I guess tomorrow I'll be testing these in my lab and updating the build if no major issues arrise
Are you attending TSX next month ?
Michael.
Update.... just applied all updates ESX version now showing VMware ESX Server 3.0.1 build-39823
Sadly I can't make TSX.
It's my turn to stay behind as I went to TSX & VMworld lastyear.
I know you're a scripting guru so I probably don't need to say, but when you apply these patches, to save some time use esxupdate -n
Hi,
Got that covered
I wrote a script that extracts them from a folder, examines the release date and then sequences them in release date order with the appropriate parameter to suppress the reboot until the end.
My biggest headache was trying to determine patch sequencing as the ESX-xxxxxx numbers are all over the place.
I was think of posting but others have posted similar already.
Michael.
I applied 9 patches today, reboot, no problem so far.
Hi Michael
Can you post your script anyway please. I am sure it will be useful even if other people have posted their scripts.
Cheers
David
PS I agree the patch name and numbers are all over the place. It is really annoying.
Hi,
I will need to strip out some work specific bits and post a sanatised script later today
Michael.
I'm in the processing of trying to provide a proper download location but in the interim you could try and cut 'n paste the script from here.
This script assumes the patches have been downloaded and placed into /var/updates/
This script examines the contents of /var/updates and expands each patch automatically.
It then examines the release date of each patch and resets[/b] the datestamp on the patch directory to match the release date of the patch.
The script then builds a dynamic script which ensures that each patch is applied in release date sequence.
#!/bin/sh
#
\# ESX 3.0.1
#
\# Purpose: Script to apply ESX 3.x patches
\# Author : MichaelJKnight@gmail.com
\# Version: 1.0
\# Release: 09/03/2007
\# No warranty is provided with this script, test and use at your own risk
\# This script is freeware, please contact me with any bugs.
#
\# Ensure ESX Patches have been MD5SUM checked and precopied into /var/updates.....
if \[`vmware -v | grep -i "Server 3." | wc -l` -eq 0 ]
then
echo
echo This script requires an ESX 3.x platform, this server is on
echo
vmware -v
echo
echo Exiting.
echo
exit
fi
esxpatches=`ls /var/updates/ESX*.tgz 2>/dev/null | wc -l`
echo
echo Found $esxpatches ESX patches in /var/updates/
echo
if \[ $esxpatches -ne "0" ]
then
pcount=0
cd /var/updates/
Start creation of patch bundle script....
echo "#!/bin/bash" > /tmp/patchbundle.sh
echo "# Start of patch bundle of $esxpatches ESX Patches " >> /tmp/patchbundle.sh
for i in `ls -l ESX*.tgz 2>/dev/null | awk '\{ print $9} '`
do
Now expand each patch found into its corresponding folder
let "pcount = $pcount + 1"
echo
echo Found patch $pcount / $esxpatches $i
echo Now Expanding....$i
echo
tar -xvzf "$i"
done
chmod +x /tmp/patchbundle.sh
rm -rf /var/updates/ESX*.tgz
Cycle through patches and determine release date and then set datestamp on patch directory to ensure patch sequence is in release date order.
cd /var/updates/
for i in `ls -ltr 2>/dev/null | awk '\{ print $9} '`
do
tstamp=`cat /var/updates/$i/descriptor.xml | grep "" | cut -f1 -d"<"`
echo
echo Patch $i release date is $tstamp
echo
touch /var/updates/$i -d"$tstamp"
done
Update patch bundle script with patches now in release date equence....
pcount=1
echo
for i in `ls -ltr 2>/dev/null | awk '\{ print $9} '`
do
echo Sequencing $i into patch bundle script
echo cd /var/updates/`echo $i |cut -f1 -d. `>> /tmp/patchbundle.sh
echo echo ' `date +%e/%m/%y" "%H:%M:%S` ' "Patch `echo $i |cut -f1 -d. ` ` echo $pcount of $esxpatches ` Installation Started " >> /tmp/patchbundle.sh
echo "esxupdate -v 20 -n update" >> /tmp/patchbundle.sh
echo echo ' `date +%e/%m/%y" "%H:%M:%S` ' "Patch `echo $i |cut -f1 -d. ` Installation Completed " >> /tmp/patchbundle.sh
let "pcount = $pcount + 1"
done
echo "# End of patch bundle" >> /tmp/patchbundle.sh
echo
echo Applying patches, please wait....
echo
/tmp/patchbundle.sh
\# Tidy up post installs
rm -rf /tmp/patchbundle.sh
rm -rf /var/updates/ESX*
echo
echo All $esxpatches patches applied. Schedule reboot asap..
echo
else
echo No ESX Patches to be applied...
fi
Please try on your TEST[/b] ESX hosts first feedback any issues....
Always read the VMWARE associated patch documentation
for any special instructions and assess whether each
patch is applicable to your environment/confguration
before applying in this fashion.
Michael.
Thanks for sharing this script.
Tried it yesterday on my lab equipment, worked like a charm.
Thanks for sharing!
/Nicke
Hi
Thanks for the script. Looks like a winner. Appreciate you sharing it.
Cheers
David
Hi Michael,
good script but can you extend it to:
1) use an NFS Share instead
2) the script looks what pathces are installed and install only the missing patches
3) can ue a prepopulated (unpacked) NFS-Share directory structure?
it seems you are familiar with .sh - i'm not.
newmy
THIS WORKS PERFECTLY......just what the doctor ordered
Hi,
Glad to hear people find it useful
I will try and look at points 1 & 3 , it should be just a small change. Perhaps making the patch source location into a variable and let the user specify the location whether it be local or a NFS mount point.
In response to point 2, the esxupdate process will detect if the patch is already installed and skip it. At present the script incurs the overhead of needlessly expanding patch, I will look at running an esxupdate -l query command to perhaps bypass any installed patches.
I'll post back with some updates later....
Michael.
Script worked great. Thanks for saving me many hours.
I just used it to apply all 19 Patches since 3.0.1
You are my hero!
It brought tears of joy to my eyes!
Might be something to SourceForge it..
I agree on seeing whether or not the Update has been installed already, that way..should one bomb in the middle you can rerun the script...
Although it still will work the way it is now..just expand all the ones it did again...Not a big deal..
Did I say I love this script again!
Message was edited by:
CWedge@Amsa
It is working nicely. I'm using my limited knowledge of bach script to modify it to use an NFS store. It would mount the store, use it, then dismount the store. Coming along fairly well to be honest.
Now if someone can figure out a way to update the VMtools in my 200 Vm's!!
Now we only have to convince VMware to make the patches available via ftp (like many other vendors do) and we could add the logic to automatically download the patches too.