VMware Cloud Community
dfosbenner
Enthusiast
Enthusiast
‎05-20-2016 11:40 AM

ESXi 6.0 patch confusion

I always patch my ESXi hosts using the ESXCLI command.  After noting what VIBs that patch updates, I execute this command for each VIB:

esxcli software vib update -d patch.zip -n vib

This week I was working with the latest patch, ESXi600-201605001.zip.  My understanding is that this patch affects 3 VIBs: esx-base, vsan, and vsanhealth. 

By accident I executed this command without the -n parameter:

esxcli software vib update -d ESXi600-201605001.zip

It applied the patch, not only to esx-base, vsan, and vsanhealth, but it also updated around 20 additional VIBs:

elxnet,ima-qla4xxx,lpfc,lsi-mr3,lsi-msgpt3,misc-cnic-register,net-bnx2,net-bnx2x,net-cnic,net-igb,net-ixgbe,net-tg3,nmlx4-core,nmlx4-en,nvme,qlnativefc,scsi-bnx2fc,scsi-bnx2i,scsi-megaraid-sas,scsi-qla4xxx

I'm lost.  What is happening here?

When a patch is available, should I be using one update command to apply the entire patch?  Or should I be using -n and applying the VIBs that are listed as being affected?  The latter is what I've been doing for the last 2+ years, and it makes me wonder if I've been doing it wrong all along.

0 Kudos
3 Replies
a_p_
Leadership
Leadership
‎05-20-2016 11:56 AM

Maybe you missed some patches before (see https://esxi-patches.v-front.de/vm-6.0.0.html for a great overview)? Applying VIBs individually is something that may be done if really required. If you want to patch the host to the latest, you can run the command without specifying "-v". Btw. there's a command line option "--dry-run" (note the two minus signs) which will show you what the command will update, without actually doing anything.

Remember that in case there are additional VIBs in an upgrade/update bundle you may need to user esxcli software viv install ... or esxcli software profile install .. instead of the update option.

André

0 Kudos
dfosbenner
Enthusiast
Enthusiast
‎05-20-2016 01:07 PM

André, thank you.  All of my systems were recently upgraded from 5.5 to 6.0 Update 2 using the Dell Customized Installer, which (one would think) should contain all patches up through Update 2.  But apparently not.  In reviewing some old notes, I recalled why I'm specifying VIBs - it's because when I used the software vib install command some time back it wiped out the Dell custom VIBs and I lost my NIC driver.

I think it's time I look into Update Manager.  I didn't have vCenter before, but now I do.

0 Kudos
a_p_
Leadership
Leadership
‎05-20-2016 01:46 PM

You are right, the "install" commands used with native VMware patches can cause issues with OEM installations. In such cases you may indeed need to consider installing individual vibs if you run the patches manually.

André

0 Kudos