VMware Cloud Community
tpoulter
Enthusiast
Enthusiast
‎10-25-2016 09:03 AM
Jump to solution

ESXI Patches Cumulative?

I know that this has been asked may times before but all the information I seem to find is related to 5.0 or 5.1 so I just want to make sure that this would be true for 5.5 / 6.0

So for 5.5 are the ESXI patch bundles that you get from the Product Patched page https://my.vmware.com/group/vmware/patch are they cumulative?

The reason why ask

1 - If they are cumulative, why do the sizes on some of the older ones are bigger than the newest ones. For Example

Patch ESXi550-201609001 is 520MB in size

but

Patch ESXi550-201608001 is 707MB in size.


2 - our standard way of patching them currently is as follows

Download the 2 or 3 patches that are out (usually we try to update them as frequently as possible but usually try for once per quarter)

run esxcli software sources vib get -d "/path/to/patch.zip"

then

run esxcli software software vib update -d "/path/to/patch.zip"

3 - oh and one other thing, it seems that in the info found it says should use software profile update /patch -p "profilename" but from what i can see, it seems to do the same as what I do in 2

Just looking to help speed up the process.

And would like to fine an official source if they are a kb article of just the community would be nice

Thanks

Message was edited by: tpoulter , added question 3

0 Kudos
1 Solution

Accepted Solutions
rcporto
Leadership
Leadership
‎10-25-2016 11:07 AM
Jump to solution

Check if helps: Understanding ESXi 5.x and 6.0 Patching Model (2083707) | VMware KB

About the patch size, the following should explain why you may find patches with different sizes:

Patch Release Bulletins Are Not Cumulative

If a VIB is not fixed in a release, then a bulletin is not created for that VIB in that release. As a result, in a patch release, patch bulletins are sparse. Applying all bulletins from the latest ESXi patch release does not imply that the system contains all available fixes.

Example: A fix for the e1000 driver was shipped in the ESXi500-201207001 release in bulletin ESXi500-201207406-BG. Because there were no new fixes for the e1000 driver in the ESXi500-201209001 release, bulletin was not created for this. If you apply all bulletins of the ESXi500-201209001 release to an unpatched ESXi 5.0.0 system, the system does not get the e1000 fix from the ESXi500-201207001 release.

This is also applicable for update release bulletins, but update releases have an additional special bulletin called the rollup bulletin.

Note: If you are using image profiles, then changes are cumulative. For more details, see the Image Profiles Are Cumulative section.

Anyway, my recommendation is instead of do the hard work manually, why not use the Update Manager?

---

Richardson Porto
Senior Infrastructure Specialist
LinkedIn: http://linkedin.com/in/richardsonporto

View solution in original post

0 Kudos
2 Replies
rcporto
Leadership
Leadership
‎10-25-2016 11:07 AM
Jump to solution

Check if helps: Understanding ESXi 5.x and 6.0 Patching Model (2083707) | VMware KB

About the patch size, the following should explain why you may find patches with different sizes:

Patch Release Bulletins Are Not Cumulative

If a VIB is not fixed in a release, then a bulletin is not created for that VIB in that release. As a result, in a patch release, patch bulletins are sparse. Applying all bulletins from the latest ESXi patch release does not imply that the system contains all available fixes.

Example: A fix for the e1000 driver was shipped in the ESXi500-201207001 release in bulletin ESXi500-201207406-BG. Because there were no new fixes for the e1000 driver in the ESXi500-201209001 release, bulletin was not created for this. If you apply all bulletins of the ESXi500-201209001 release to an unpatched ESXi 5.0.0 system, the system does not get the e1000 fix from the ESXi500-201207001 release.

This is also applicable for update release bulletins, but update releases have an additional special bulletin called the rollup bulletin.

Note: If you are using image profiles, then changes are cumulative. For more details, see the Image Profiles Are Cumulative section.

Anyway, my recommendation is instead of do the hard work manually, why not use the Update Manager?

---

Richardson Porto
Senior Infrastructure Specialist
LinkedIn: http://linkedin.com/in/richardsonporto
0 Kudos
tpoulter
Enthusiast
Enthusiast
‎10-26-2016 05:48 AM
Jump to solution

@Richardson

Thanks for the link. Not sure why I could not find it when I search for,

As for Update Manager, these are mostly a single host clients across various locations and we don't have the full vcenter infrastructure setup for these single host setups

0 Kudos