VMware Cloud Community
roycesj
Contributor
Contributor
‎08-20-2008 03:54 PM

Update Manager and 3.5update2

I have a funny scenario that came up last week with the update 2 patch, and I'm wondering if anyone else has seen similar issues. We began upgrading our 3.0.2 ESX clusters to 3.5 at the beginning of June. At that time I created a baseline called "production". It is a fixed baseline, that includes all patches released up until 1 June. I have used this baseline on all of our clusters as they have been upgraded (actually re-installed). The installation procedure was to install from a 3.5u1 CD, then run update manager to apply the patches in the "production" baseline.

There were 3 clusters that were re-installed after July 25 (when the original, broken update 2 patch was pushed out). Those 3 clusters all had the broken, time-bombed patch installed, even though it is not part of the baseline. I didn't know the patch was there until D-day, when those clusters stopped working (lucky for me they were low-use clusters). I patched two of them, then actually rebuilt the third cluster (trying to find out if I could just get to a point without those patches installed at all). When I patched that third cluster, the new, updated patch got installed. So there appears to be no way to apply a baseline (at least my baseline) without also getting this update too.

So that raises two questions for me:

1. Has anyone else seen this behavior, where these patches are installed even though they are not part of your baseline? I'm being told by VMware support that no one else is reporting this as a problem.

2. If this is a problem, does it cause anyone else major concern? I'm also being told that this isn't a major issue for VMware (mostly because of the lack of calls, but also because "the timebomb bug is fixed, right?"). However, I am very concerned that VMware seems to have decided to push this patch to customers using update manager, with no way to disable pushing this patch. I wanted a consistent build across all my servers, but I can't get to that now without going back and applying this patch to all my hosts. On top of that, none of these patches were tested in our environment before getting rolled out.

I guess I'm just frustrated because VMware seems to say that there is an issue (I have an open ticket with them), but this isn't a big deal to them, so they don't know when they will work on it. So I wanted to find out if I'm the only one with a problem, and if I'm the only one worried about what other patches VMware may decide to push to my servers without my selecting them.

0 Kudos
5 Replies
TomHowarth
Leadership
Leadership
‎08-20-2008 10:08 PM

post moved to the VI:3.5 forum for greater visibility.

Tom Howarth

VMware Communities User Moderator

Tom Howarth VCP / VCAP / vExpert
VMware Communities User Moderator
Blog: http://www.planetvm.net
Contributing author on VMware vSphere and Virtual Infrastructure Security: Securing ESX and the Virtual Environment
Contributing author on VCP VMware Certified Professional on VSphere 4 Study Guide: Exam VCP-410
0 Kudos
roycesj
Contributor
Contributor
‎08-25-2008 08:22 AM

I had a conference call with VMware support on Friday. Apparently patch number 200808202-UG fixes Update Manager. The problem is that, if you create a baseline, when new patches came out that replaced patches included in your baseline, those replacements were automatically included in your baseline instead of the original patch you selected. The patch mentioned above fixes this behavior, according to the escalation manager I spoke with. They suggested creating a baseline that includes just this patch (to install it), then applying whatever baseline you wanted installed.

0 Kudos
amoralejo
Contributor
Contributor
‎10-06-2008 09:10 AM

Hi,

I'm having exactly the same problem you mentioned in your post and I find this behavior quite unacceptable. Did the patch 200808202-UG fix it?, do the fixed collections behave as desired?

Best regards and thanks in advance,

Alfredo Moralejo

0 Kudos
roycesj
Contributor
Contributor
‎10-06-2008 03:08 PM

I still have an open incident w/ VMWare, and have had no movement on it in a month -- again, quite unacceptable. I believe that the issue MAY be resolved by just applying all updates that shipped w/ Update 2 (Aug 13). I was originally told that just applying patch 200808202-UG first would fix the issue, but that wasn't true, and I'm waiting now for engineering to duplicate the issue and offer a fix.

Sorry to hear that I'm not the only one with a problem, although at least now I know I'm not crazy. I'll forward your info to the engineers I'm working with so they know others have the same issue.

Steve

0 Kudos
amoralejo
Contributor
Contributor
‎10-20-2008 01:47 AM

Hi Steve,

After upgrading Virtual Center and Update Manager to Update 2 the behavior seems to be better, we are now able to install obsoleted patches, and UM does not automatically install the newer ones and the dependencies check has improved (take a look into the release notes).

Best regards,

Alfredo

0 Kudos