We built the VM (ESXi 6.5) server and installed 'ESXi650-201912002.zip' patch by executing "esxcli software vib install -d /path/to/ESXi650-201912002.zip" during installation.
Now the how can I verify that the patch has been installed from the console of the built ESXi server? I ran 'esxcli software vib list' and didn't see the name 'ESXi650-201912002' from output, there are several entries with version containing '6.5.0...', but how can I know if one of them is the patch, or even if the patch has (or not) been installed during the installation?
Hey, hope you are doing fine
Let's do this: open a new ssh session to the host and run
esxcli software vib list
then you should see this vibs
Thanks for your reply!
I ran the command and the attached screenshots are outputs of the command.
Please let me know if any of the item(s) is from the patch.
I did expect the listed patch name as described in VM sites. At least there should be things like package name, ID, or other unique number/strings.
They all have the same installation date because that's when we deployed the VM with our image.
What I exactly wanted is the (or one) item unique to the patch so that I can ensure that THE patch has been successfully applied to the system.
I would think unbelievable if there is no way to do that from VM point of view.
There's indeed nothing like an update history that I'm aware of.
In case you want to verify whether a specific item has already been installed, it may be an option to compare its build number with https://esxi-patches.v-front.de/vm-6.5.0.html
Good question, how can I check? Any command I can run in the console?
Another question: is VMW patch accumulative? For example, I see the download of previous patches like 'ESXi650-201901001.zip', 'ESXi650-201910001.zip', now we have 'ESXi650-201912002.zip', do I need to install all of them, or the last one will cover all the previous patches?
If you go to your vcenter you should see a vsphere update manager tab under home
there you can see which patches are already installed
Regarding the patches being cumulative:
yes, they are
Are ESXi Patches Cumulative - VMware vSphere Blog
Another option to check if the patch has been updated is to check the build version on the esxi host
it should be 15177306
|ESXi 6.5 EP 18||ESXi650-201912001||12/05/2019||15177306|
source: VMware Knowledge Base
Please make sure you have reboote your host after the vib is installed. since the patch definition states it requires a rebootVMware ESXi 6.5, Patch Release ESXi650-201912002
But sorry I'm not VM expert, how can I find out the build number of VM server FROM the console? We don't have GUI part up and configured, so the only source for me to use now is the console command.
Also, how can I find the build number for the patch "ESXi650-201912002"?
Also, it's weird that the command (esxcli software vib list) didn't print any '..bootbank...' items (see the attached screentshots in my previous post) as others posted, do you know why?
Welcome to Communities.
"Also, how can I find the build number for the patch "ESXi650-201912002"?"
ESXi 6.5 P04
Release Date: 12/19/2019
Current build info retrievable via:
via the vSphere Client summary tab in the vSphere UI for the host under 'Version Information'
or via CLI
# esxcli system version get
# vmware -vl
Reference of ESXi builds, dates etc. can be found here:
As a.p. , mentioned, check https://esxi-patches.v-front.de/ for versions of drivers that you know should have been updated in the differential build - this is a well-maintained and updated resource (thank you peetz - I had never actually put together that this was yours until now, seriously thanks for creating and maintaining this, I point people this way frequently, I owe you a pint of Guinness or 3 if you are ever happen to be in Cork, Ireland).
Here is what I got with the commands.
The build number is not matching.
What is patch 105 then? What is patch number for ESXi650-201912002? If that number is fixed and unique, I can use that to verify.
Yes, I did.
I think the patch installation didn't work.
From here (https://blogs.vmware.com/vsphere/2013/10/are-esxi-patches-cumulative.html#:~:text=In%20short%2C%20th...), it mentioned to use 'esxcli software profile update -d /patch/file.zip -p xxxx' to apply a patch completely.
I don't know which base ESXi650 image is being used (we took over from others' code), can I omit '-p xxxx' part or to make to default/existing image (and how)?
No, you can not omit it as then it doesn't know what profile you are trying to update.
You can get the current profile name to fill the 'xxxx' from:
[root@esx1:~] esxcli software profile get
Vendor: Hewlett Packard Enterprise
Creation Time: 2020-02-22T06:07:54
Modification Time: 2020-02-22T06:08:10
Stateless Ready: True
Another common issue is not using double-quotes around the path as these can sometimes have special characters in them or the file name.