Hi,
There seems to be 3 patches for ESX 3.0.1, is there an order in witch these patches should apply, since they all seem to have the same date, but numbers are different ???
should one follow the patch file name as order of application???
Do they have dependencies one to other...
Thanks \!!!
You must install in this order (lesser patch number first)
Patches & Updates (view classifications)
ESX-1006511 Patch | 11/30/06 | Critical Patch
ESX-1410076 Patch | 11/30/06 | Critical Patch
ESX-2158032 Patch | 11/30/06 | Critical Patch
You must install in this order (lesser patch number first)
Patches & Updates (view classifications)
ESX-1006511 Patch | 11/30/06 | Critical Patch
ESX-1410076 Patch | 11/30/06 | Critical Patch
ESX-2158032 Patch | 11/30/06 | Critical Patch
You can find them here:
http://www.vmware.com/download/vi/
click on each patch and you'll see patch details and bug fixed
If you click on each patch there will be a description on what changes with it. It should be pretty obvious if one patch requires another to function. Also, unless you are affected by the changes in the patches you probably don't need to install them.
Check each one out and see if anything in it applies to your environment and only install those that do.
I know that's what I'm doing. If it isn't critical for my environment then I'm going to wait for a point release to get the updates.
Must you reboot between each patch or can you tell it to not reboot until after the last patch?
I was going to add this link, seems it been done..
Masaki mentionned applying the patches in ascending patch numbers, but there are now 7 patches. And the patch numbers jump all over the place now...
ESX-2066306 Patch | 12/28/06 | Critical Patch
ESX-6921838 Patch | 12/28/06 | General Patch
ESX-8173580 Patch | 12/28/06 | General Patch
ESX-9986131 Patch | 12/28/06 | Security Patch
ESX-1006511 Patch | 11/30/06 | Critical Patch
ESX-1410076 Patch | 11/30/06 | Critical Patch
ESX-2158032 Patch | 11/30/06 | Critical Patch
Do we still apply by ascending order ? or be ascending order on same date release, followed by ascending order on the 2nd date ?
by as you have said, assending order per date. release date is the important one here, VMware need to get their ship in order regarding Patch numbering.
Hi Patrick,
esxupdate will check the dependencies for you. So it's not mandatory to follow a special order given by the patch numbers.
Nevertheless I do
Has anyone found a way to apply these without a reboot for every one of them?
Look at this
http://www.vmware.com/community/thread.jspa?messageID=544354
There is a [i]-n[/i][/b] option for esxupdate[/i] which is not documented so far. I used it for installing three of four updates and rebooted only by the last update.
Works fine.
If you forgo an update, you may have issues installing it later. If a package in the update you want to install has a lower version than the one currently on the system, esxupdate will fail.
If this happens, set your verbosity to 10 to find out which package(s) is causing the problem. Then rerun the update command with the '-x' option to exclude the package from the update.
Why the tool doesn't do this automatically, I don't know.
Message was edited by:
skearney
I keep all the patches on a SMB mount and run this script during the ks.cfg
Could be much cleaner but works...
#!/bin/sh
\# All updates are found at the NFS mount vmiso under the esxupdates folder
\# Set some variables here
typeset -r MOUNT="/opt/vmiso/esxupdates"
\# Functions here
mountcheck()
{
echo "Checking that the updates are available, Please wait..."
echo ""
if [\[ -f "$MOUNT/mount-up.txt" ]]
then
return
else
mounterror
fi
}
mounterror()
{
echo "Mount is not up, trying to remount..."
mount -a
return
}
update()
{
for UPDATE in $( ls $MOUNT/*.tgz )
do
cd /var/updates
echo "Extracting $UPDATE, Please wait..."
tar zxf $UPDATE
echo""
Get the update directory
UPDATEDIR=$(ls -lc $UPDATE | cut -f5 -d"/" | cut -f1 -d".")
chown root:root /var/updates/$UPDATEDIR
cd /var/updates/$UPDATEDIR
echo "Applying $UPDATEDIR to this server, Please wait..."
esxupdate -n --force update
echo ""
done
}
cleanup()
{
rm -rf /var/updates/*
}
################
\# Main Program #
################
\# Check that the mount is up before applying updates
clear
mountcheck
update
cleanup
#END
Install the updates in release date/numerical order. Run esxupdate -n update for each of the updates. the '-n' switch means 'no reboot'
Then reboot the server after the last patch is completed.
In answer to your question, no don't NEED to reboot between patches.
I have not applied any off these patches. Thus far I have not experienced any of the documented issues listed on the patches. I have a solid platform, esx, insight agent install... I will only apply the patches if I absolutely need them.... I usually like to wait for the next GA build rather than applying patches...
Of course, one needs to see whats best for their own environment.
my .02 cents....
The order of patch installs is important, if you get it wrong you will be told that certain packages will be downgraded, and the update will fail. For information after several new builds, the following order works fine for the 3.0.1 patches.
1) 1006511
2) 1410076
3) 2150832
4) 2066306
5) 6921838
6) 8173580
7) 9986131
This is based on the issue date reported by esxupdate - info in each case.
And now there are 7 more patches... where is this going to end?
Read a thread that VMware states that ESX 3.0.2 will come available the next few months.... (that's so global that everyone could have guessed that obviously) so until then, let's keep on patching, seems that they always release patches at the end of the month
Is it best practice to install all the patches released from VMware or should you install only what you need? Thx.
Well there were some discussions about that in the past.
I've changed my opinion and now install every patch, even if it's a "general" one that has nothing to do with the configuration of my system?
Why?, because people told (and it's true) that a patch could:
1) contain more fixes as documented (would be a bad case, but it is possible)
2) a new patch could depend on something that was previously patched (would be a bad case as well if they don't document any prerequisites or dependency's, but it is possible as well)
3) (just thought about it) when a new version of VMware gets delivered it probably contains all previously updates