sometimes we get a bulk of new updates and up to now i update the esx boxes in the same order like the patches shown on the patch-website, from the bottom up.
Is that necessary or could i update disorganized?
thanks and greeting from germany
VMWare's official response to my service-request
about this was to apply all patches in release
order. Spend the small amount of extra time
applying the stuff in order now, and save headaches
later if problems pop up.
My sentiments exactly! This is what I have always recommended because it seems logical to me. I have never had any issues with this procedure.
Patches are not cumulative, and should be installed in the order they were released (by date). It is important to install all updates marked Critical or Security, and install only the General patches that might apply to your environment
To view what updates have been applied to your ESX server, log in to the console, and use this command:
esxupdate -l query
After reading page after page of Patching issues, Im getting more and more confused.
Release date, Patch #, RPM version......
I will be installing over 40 new ESX's in the next months, and not looking forward to the patch job(s).
Why cant VMware create a NEW ESX ISO containing all patches?
The current ISO is soon 1 year old !
(or at least, a (1) package containing all previous patches).
I agree that applying 1 -2 patches is not a big issue, but needing to install 25 for a newly deployed server is getting a little .... time consuming.
However, from TSX Nice 2007:
Categorized individually as: security, critical, or general to allow customers to comply with their service level agreements
Patches are installed using esxupdate (a script can be written to install all patches in one shot using the n no reboot option)
It's not quite what I had in mind - but that KB article at: http://kb.vmware.com/kb/10230 can be said to support what fdouma and I have done.
The KB article is instructing people to apply the ESX update, using the -x option to skip individual RPMs that are included in that patch.
What I did was verify that the ESX update contained ONLY RPMs that the KB article would have me skip - and so I skipped the entire ESX update.
I am a little curious what would happen if I tried to apply an ESX update, and used -x to exclude every single RPM that it contains. Not curious enough to try it on my production boxes though.
I just downloaded and installed VMTS Patch Manager today. UI is pretty good - works like Windows Update and can patch large numbers of servers. It's already saved me a lot of time. Plus, it's a shareware product.