Hello,
The latest custom ESXi iso for Cisco servers available on VMware is 6.7.0 build number 14320388 released on 20/8/2019.
Is it recommended to install the newest embedded and installed patches that follow? (the latest is 09/06/2020 with build number 16316930) or it's better to keep the custom iso at it's original version. I am asking this to see if I will experience any issues with these servers if I decide to upgrade.
I don't have internet access on my vCenter, should I download the patch bundle from myvmware and upload it manually to VUM. And should I remediate it all or should I exclude some of the patch files?
Thank you!
Hi @vm__geek
Vendor will release only major releases. In this case 6.7u3.
The updates that you see from VMware for Eg : Build : 16316930 are various bug fixes and security patches released from VMware.
So its okay to go ahead and patch the ESXi's to the latest version which includes security patches.
As you mentioned since there is not internet, you can download the file from https://my.vmware.com/group/vmware/patch#search and upload to VUM and make use of it to patch the hosts and there is nothing to exclude.
Regards,
Nirmal Nair
Moderator: Thread moved to the Update Manager area.
Patches are mostly related to bugfix, security and enhancement so I suggest you to update.
Yes, you can download the patches from my VMware portal and upload them to the VUM and remediate. You only need the latest patch to apply.
If I have the custom Cisco ESXi 6.7 u3 installed on these UCS Servers. Would I have any issues If I install the latest patch provided by VMware? Should I exclude some of the content of the patches such as driver's updates?
Hi @vm__geek
Vendor will release only major releases. In this case 6.7u3.
The updates that you see from VMware for Eg : Build : 16316930 are various bug fixes and security patches released from VMware.
So its okay to go ahead and patch the ESXi's to the latest version which includes security patches.
As you mentioned since there is not internet, you can download the file from https://my.vmware.com/group/vmware/patch#search and upload to VUM and make use of it to patch the hosts and there is nothing to exclude.
Regards,
Nirmal Nair
No, you won't face any issue, I have updated many UCS servers and so far no issue at all.
No need to exclude some of the content.
Thank you. Do you recommend remediating only Critical Host Patches? or also non critical too?
You can do both so that VUM will show it as Complaint 🙂
Please note that VUM selects the patches based on the bulletins included in the patch bundles, so you will need to upload all patch bundles that were released after the build that you are using to VUM in this case.
Patching the host from the command line using esxcli will only require the latest patch bundle.
André
So if I have to patch the host with all the newer patch bundles one by one? I thought I can download only the latest one and it can be enough
So if I have to patch the host with all the newer patch bundles one by one?
No, a single remediation will work. Just upload all the patch bundles to VUM, and create a baseline with all of the new bulletin included.
André