Solved: Update Manager Remediation: only scan , Not patch ...

atcnf2008 · ‎04-21-2011

Hi, we have a brand new installation of ESXi 4.1 Host with Brand-new install V-Center server 4.1, I have installed all components of Vcenter server on one Windows 2003 X64 Virtual Machine( which is not part of this new Essential License we just bought for a branch department), Update Manager plug-in is here, I can see and test its configuratuions, I can see its Large( 218) Patches (88 critical and 130 Non-critical) lists ins Patch repository. So far everything seems working, Scan takes less than 30 seconds.

Now the real trouble for me: I have not been able to apply these patches by using "Remediate"---- I have tried it as a task executed immediately or later, it always finishes in less than 1 Minute ( I knew it should take much longer becuase I have used host-update utility on the free ESXi 3.5, it took about 10 Minutes to patch a host), from the event I see this: it seems only scanning patches, not doing real patching for the host.

I have read the whole Update Manager Guide,not figured out why it does NOT patch the host( the baseline is there, every baseline shows some number of patches,I have tried many times and checked the ESXI host, so far nothing happens), any suggestions and advises are greatly appreciated.

(almost all of our Vcenter server configuration is default because we only have 2 ESXI hosts)

Successfully scanned 10.1.1.40 for patches.
info
4/21/2011 2:38:51 PM
Remediate entity
10.1.1.40
Administrator

Successfully scanned 10.1.1.40 for patches.
info
4/21/2011 2:38:48 PM
Remediate entity
10.1.1.40
Administrator

Task: Remediate entity
info
4/21/2011 2:38:43 PM
Remediate entity
10.1.1.40
Administrator

a_p_ · ‎04-21-2011

With build 348481 the host already has the newest patches installed. Maybe VUM shows these patches as critical, however they do not apply to the host.

André

View solution in original post

a_p_ · ‎04-21-2011

I'm not sure if I can follow you on this. You are saying you installed the latest version of ESXi 4.1, which is Update 1 (Build 348481). So what do you expect to be installed. There are no new patches for this release yet!?

André

atcnf2008 · ‎04-21-2011

Yes, I checked , eveverything is downloaded and installed 2 days ago, even the new machine is just one week old.

I use the UM to scan patches, it comes out with large number of patches, some of them are as old as 2009, but there are 10 patches marked as critical for ESXi 4.1.0, the problem is: I could not apply these 10 patches.

the version of ESXi now shows: 348481,

Is this normal?

Thank you very much for the help, I do appreciate it.

a_p_ · ‎04-21-2011

With build 348481 the host already has the newest patches installed. Maybe VUM shows these patches as critical, however they do not apply to the host.

André

atcnf2008 · ‎04-21-2011

Thank you for the clarification , I do appreciate it.

The reason I paid special attention to the Patches is: patch update takes down the host and all VM inside it so it's a giant downtime for us. I just want to make sure eveything is up to date and we want such critical updates as few as possible.

Recently VMWARE patch update is at almost as frequently as Windows update, these updates involve lots of downtime and inconvienence.

All

Update Manager Remediation: only scan , Not patch the Host?