VMware Cloud Community
coolpolo76
Contributor
Contributor
‎11-05-2015 05:39 PM

Update patches in EXSi 5.5

Hi there,

i have 3 EXSi 5.5 servers connected to vShpere, since im new to my company, the IT guy never update the patches in last whole year, so when i go to the update manager, i can see so many updates and most of the updates needs rebooting, maintenance mode,

my questions are,

1. do i need to update all these patches?

2. any patches that not recommend to update? (i saw online that some updates are not recommended)

3. most important question is that, is there anyway i can update all these patches in one go, may be as in one file and reboot once?

really need your expertise on this

1 Reply
martinriley
Hot Shot
Hot Shot
‎11-06-2015 02:32 AM

Hi there,

So largely these decisions will depend on you, your company and your patching policy- the community can advise but there are no hard and fast rules here- I'm guessing though since you've inherited a patchless environment there may not be a policy in place so here's my advice for what it's worth!

1.     You don't NEED to apply any patches, I'm assuming your environment is running along nicely without them til now, however the patches will fix security vulnerabilities, fix bugs etc. so I'd recommend to at least install the major update rollups (last being 3a I believe, released last month), but to be honest you might want to review the updates to see what's fixed or if any functionality is introduced to see if it affects your environment or will give you any benefit- if not then you may decide not to apply a patch, release or update.

2.     Typically if a patch or update causes widespread issues then VMware will revoke the patch or release a patch to supersede it so VUM won't install it.  For everything else that may cause issues in your particular environment you might need to review the updates to check for known issues with some configurations or products.  Or, if you can afford the capacity in your environment install all patches to one host then test it, if it's okay then deploy to the rest of your hosts, if you find issues then roll it back.

3.     Essentially yes, you can create a baseline in VUM to include all the patches and updates you want to install and then apply these in one hit.  You can stage the updates to the host at any time which will basically copy the patches to the hosts ready for install, then when you can afford the outage remediate the host to install the updates- this limits the downtime.  Obviously the ideal would be that you have your three hosts in a HA DRS automated cluster with the capacity to take one host out of service, in which case you can update one host at a time with VUM handling all your host evacuations, maintenance modes and updating for you, with no downtime for your VMs.

Hope this helps.

vM

-----------------------

VCAP-DCD / VCAP-DCA / VCP-CLOUD / VCP-DT / VCP5 / VCP4

-----------------------

vMustard.com