Hi,
We built the VM (ESXi 6.5) server and installed 'ESXi650-201912002.zip' patch by executing "esxcli software vib install -d /path/to/ESXi650-201912002.zip" during installation.
Now the how can I verify that the patch has been installed from the console of the built ESXi server? I ran 'esxcli software vib list' and didn't see the name 'ESXi650-201912002' from output, there are several entries with version containing '6.5.0...', but how can I know if one of them is the patch, or even if the patch has (or not) been installed during the installation?
TIA
Hey, hope you are doing fine
Let's do this: open a new ssh session to the host and run
esxcli software vib list
then you should see this vibs
soruce: VMware ESXi 6.5, Patch Release ESXi650-201912002
Thanks for your reply!
I ran the command and the attached screenshots are outputs of the command.
Please let me know if any of the item(s) is from the patch.
I did expect the listed patch name as described in VM sites. At least there should be things like package name, ID, or other unique number/strings.
It seems like all patches were installed on 08/20/2020
I would say upgrade was succesful.
Thanks again!
They all have the same installation date because that's when we deployed the VM with our image.
What I exactly wanted is the (or one) item unique to the patch so that I can ensure that THE patch has been successfully applied to the system.
I would think unbelievable if there is no way to do that from VM point of view.
TIA
Yes, actually there is.
Do you have VUM deployed?
There's indeed nothing like an update history that I'm aware of.
In case you want to verify whether a specific item has already been installed, it may be an option to compare its build number with https://esxi-patches.v-front.de/vm-6.5.0.html
André
Good question, how can I check? Any command I can run in the console?
Another question: is VMW patch accumulative? For example, I see the download of previous patches like 'ESXi650-201901001.zip', 'ESXi650-201910001.zip', now we have 'ESXi650-201912002.zip', do I need to install all of them, or the last one will cover all the previous patches?
If you go to your vcenter you should see a vsphere update manager tab under home
there you can see which patches are already installed
Regarding the patches being cumulative:
yes, they are
Are ESXi Patches Cumulative - VMware vSphere Blog
Another option to check if the patch has been updated is to check the build version on the esxi host
it should be 15177306
ESXi 6.5 EP 18 | ESXi650-201912001 | 12/05/2019 | 15177306 |
source: VMware Knowledge Base
Please make sure you have reboote your host after the vib is installed. since the patch definition states it requires a rebootVMware ESXi 6.5, Patch Release ESXi650-201912002
Thank you!
But sorry I'm not VM expert, how can I find out the build number of VM server FROM the console? We don't have GUI part up and configured, so the only source for me to use now is the console command.
Also, how can I find the build number for the patch "ESXi650-201912002"?
Also, it's weird that the command (esxcli software vib list) didn't print any '..bootbank...' items (see the attached screentshots in my previous post) as others posted, do you know why?
Hello PBSDVMuser,
Welcome to Communities.
"Also, how can I find the build number for the patch "ESXi650-201912002"?"
ESXi 6.5 P04
ESXi650-201912002
Release Date: 12/19/2019
Build: 15256549
Current build info retrievable via:
via the vSphere Client summary tab in the vSphere UI for the host under 'Version Information'
or via CLI
# esxcli system version get
or
# vmware -vl
Reference of ESXi builds, dates etc. can be found here:
As a.p. , mentioned, check https://esxi-patches.v-front.de/ for versions of drivers that you know should have been updated in the differential build - this is a well-maintained and updated resource (thank you peetz - I had never actually put together that this was yours until now, seriously thanks for creating and maintaining this, I point people this way frequently, I owe you a pint of Guinness or 3 if you are ever happen to be in Cork, Ireland).
Bob
Here is what I got with the commands.
The build number is not matching.
What is patch 105 then? What is patch number for ESXi650-201912002? If that number is fixed and unique, I can use that to verify.
have you rebooted the ESXi host after intsalling the patch?
Yes, I did.
I think the patch installation didn't work.
From here (https://blogs.vmware.com/vsphere/2013/10/are-esxi-patches-cumulative.html#:~:text=In%20short%2C%20th...), it mentioned to use 'esxcli software profile update -d /patch/file.zip -p xxxx' to apply a patch completely.
I don't know which base ESXi650 image is being used (we took over from others' code), can I omit '-p xxxx' part or to make to default/existing image (and how)?
it seems like it didn't work
Can ypu tray running the patch again and pay special attention to /var/log/vmware/esxupdate.log.
No, you can not omit it as then it doesn't know what profile you are trying to update.
You can get the current profile name to fill the 'xxxx' from:
Example:
[root@esx1:~] esxcli software profile get
HPE-ESXi-6.7.0-Update3-iso-Gen9plus-670.U3.10.4.5.19
Name: HPE-ESXi-6.7.0-Update3-iso-Gen9plus-670.U3.10.4.5.19
Vendor: Hewlett Packard Enterprise
Creation Time: 2020-02-22T06:07:54
Modification Time: 2020-02-22T06:08:10
Stateless Ready: True
Another common issue is not using double-quotes around the path as these can sometimes have special characters in them or the file name.
Bob