Solved: Re: ESX 3.0.1 Patch order

PatrickWE · ‎12-04-2006

Hi,

There seems to be 3 patches for ESX 3.0.1, is there an order in witch these patches should apply, since they all seem to have the same date, but numbers are different ???

should one follow the patch file name as order of application???

Do they have dependencies one to other...

Thanks \!!!

masaki · ‎12-04-2006

You must install in this order (lesser patch number first)

Patches & Updates (view classifications)

ESX-1006511 Patch | 11/30/06 | Critical Patch

ESX-1410076 Patch | 11/30/06 | Critical Patch

ESX-2158032 Patch | 11/30/06 | Critical Patch

View solution in original post

masaki · ‎12-04-2006

You must install in this order (lesser patch number first)

Patches & Updates (view classifications)

ESX-1006511 Patch | 11/30/06 | Critical Patch

ESX-1410076 Patch | 11/30/06 | Critical Patch

ESX-2158032 Patch | 11/30/06 | Critical Patch

masaki · ‎12-04-2006

You can find them here:

http://www.vmware.com/download/vi/

click on each patch and you'll see patch details and bug fixed

mstahl75 · ‎12-04-2006

If you click on each patch there will be a description on what changes with it. It should be pretty obvious if one patch requires another to function. Also, unless you are affected by the changes in the patches you probably don't need to install them.

Check each one out and see if anything in it applies to your environment and only install those that do.

I know that's what I'm doing. If it isn't critical for my environment then I'm going to wait for a point release to get the updates.

jrr001 · ‎12-13-2006

Must you reboot between each patch or can you tell it to not reboot until after the last patch?

acr · ‎12-13-2006

I was going to add this link, seems it been done..

http://www.vmware.com/download/vi/

Erik_Bussink · ‎01-05-2007

Masaki mentionned applying the patches in ascending patch numbers, but there are now 7 patches. And the patch numbers jump all over the place now...

ESX-2066306 Patch | 12/28/06 | Critical Patch

ESX-6921838 Patch | 12/28/06 | General Patch

ESX-8173580 Patch | 12/28/06 | General Patch

ESX-9986131 Patch | 12/28/06 | Security Patch

ESX-1006511 Patch | 11/30/06 | Critical Patch

ESX-1410076 Patch | 11/30/06 | Critical Patch

ESX-2158032 Patch | 11/30/06 | Critical Patch

Do we still apply by ascending order ? or be ascending order on same date release, followed by ascending order on the 2nd date ?

Erik Bussink Solution Architect @VMware CISSP, VCP#67, RHCE, DCUCD

TomHowarth · ‎01-06-2007

by as you have said, assending order per date. release date is the important one here, VMware need to get their ship in order regarding Patch numbering.

Tom Howarth VCP / VCAP / vExpert
VMware Communities User Moderator
Blog: http://www.planetvm.net
Contributing author on VMware vSphere and Virtual Infrastructure Security: Securing ESX and the Virtual Environment
Contributing author on VCP VMware Certified Professional on VSphere 4 Study Guide: Exam VCP-410

pfuhli · ‎01-06-2007

Hi Patrick,

esxupdate will check the dependencies for you. So it's not mandatory to follow a special order given by the patch numbers.

Nevertheless I do

jrr001 · ‎01-06-2007

Has anyone found a way to apply these without a reboot for every one of them?

pfuhli · ‎01-06-2007

Look at this

http://www.vmware.com/community/thread.jspa?messageID=544354

There is a [i]-n[/i][/b] option for esxupdate[/i] which is not documented so far. I used it for installing three of four updates and rebooted only by the last update.

Works fine.

skearney · ‎01-23-2007

If you forgo an update, you may have issues installing it later. If a package in the update you want to install has a lower version than the one currently on the system, esxupdate will fail.

If this happens, set your verbosity to 10 to find out which package(s) is causing the problem. Then rerun the update command with the '-x' option to exclude the package from the update.

Why the tool doesn't do this automatically, I don't know.

Message was edited by:

skearney

GraphiteDak · ‎01-24-2007

I keep all the patches on a SMB mount and run this script during the ks.cfg

Could be much cleaner but works...

#!/bin/sh

\# All updates are found at the NFS mount vmiso under the esxupdates folder

\# Set some variables here

typeset -r MOUNT="/opt/vmiso/esxupdates"

\# Functions here

mountcheck()

{

echo "Checking that the updates are available, Please wait..."

echo ""

if [\[ -f "$MOUNT/mount-up.txt" ]]

then

return

else

mounterror

fi

}

mounterror()

{

echo "Mount is not up, trying to remount..."

mount -a

return

}

update()

{

for UPDATE in $( ls $MOUNT/*.tgz )

do

cd /var/updates

echo "Extracting $UPDATE, Please wait..."

tar zxf $UPDATE

echo""

Get the update directory

UPDATEDIR=$(ls -lc $UPDATE | cut -f5 -d"/" | cut -f1 -d".")

chown root:root /var/updates/$UPDATEDIR

cd /var/updates/$UPDATEDIR

echo "Applying $UPDATEDIR to this server, Please wait..."

esxupdate -n --force update

echo ""

done

}

cleanup()

{

rm -rf /var/updates/*

}

################

\# Main Program #

################

\# Check that the mount is up before applying updates

clear

mountcheck

update

cleanup

#END

RParker · ‎01-24-2007

Install the updates in release date/numerical order. Run esxupdate -n update for each of the updates. the '-n' switch means 'no reboot'

Then reboot the server after the last patch is completed.

In answer to your question, no don't NEED to reboot between patches.

Eddy · ‎01-24-2007

I have not applied any off these patches. Thus far I have not experienced any of the documented issues listed on the patches. I have a solid platform, esx, insight agent install... I will only apply the patches if I absolutely need them.... I usually like to wait for the next GA build rather than applying patches...

Of course, one needs to see whats best for their own environment.

my .02 cents....

Go Virtual!

GabbyIRL · ‎01-30-2007

The order of patch installs is important, if you get it wrong you will be told that certain packages will be downgraded, and the update will fail. For information after several new builds, the following order works fine for the 3.0.1 patches.

1) 1006511

2) 1410076

3) 2150832

4) 2066306

5) 6921838

6) 8173580

7) 9986131

This is based on the issue date reported by esxupdate - info in each case.

daniel-san · ‎02-08-2007

And now there are 7 more patches... where is this going to end?

VirtualKenneth · ‎02-08-2007

Read a thread that VMware states that ESX 3.0.2 will come available the next few months.... (that's so global that everyone could have guessed that obviously) so until then, let's keep on patching, seems that they always release patches at the end of the month

mak_vm · ‎02-08-2007

Is it best practice to install all the patches released from VMware or should you install only what you need? Thx.

VirtualKenneth · ‎02-08-2007

Well there were some discussions about that in the past.

I've changed my opinion and now install every patch, even if it's a "general" one that has nothing to do with the configuration of my system?

Why?, because people told (and it's true) that a patch could:

1) contain more fixes as documented (would be a bad case, but it is possible)

2) a new patch could depend on something that was previously patched (would be a bad case as well if they don't document any prerequisites or dependency's, but it is possible as well)

3) (just thought about it) when a new version of VMware gets delivered it probably contains all previously updates