I'm installing a new esx host, and installed patches in alphabetical order... Now a handfull won't install, they just complain:
esxupdate -n update
INFO: No repository URL specified, going with file:/home/mikaa/vmupdates2007_04_20/ESX-2066306
INFO: Preparing to install VMware ESX Server ESX-2066306...
INFO: 1 packages need to be downgraded.
Please use the --force option and try again.
There is no mention of what package would need to be downgraded, even in the logs. I also tested installing with -v 10, but there was no more useful information.
Is it safe to use the --force option?
\# esxupdate query
Installed software bundles:
- Name \---- --- Install Date --- --- Summary ---
3.0.1-32039 14:18:06 04/18/07 Full 3.0.1 release of VMware ESX Server
ESX-1006511 18:27:07 04/25/07 Fixing TX hang in 80003ES2LAN Controller
ESX-1271657 18:59:17 04/25/07 Open IPMI improvement for slowness.
ESX-1410076 19:01:55 04/25/07 BSOD 0x109 during 64-bit Windows install
ESX-1541239 19:02:38 04/25/07 Updates Emulex Fibre Channel driver.
ESX-1917602 19:03:12 04/25/07 To improve compatibility for Windows NT.
ESX-2031037 19:03:42 04/25/07 To provide LUN an unique ID Name
ESX-2092658 19:04:39 04/25/07 SNMP agent returns full VM config file.
ESX-2158032 19:05:55 04/25/07 Add LFENCE for RWO on AMD K8 before RevF
ESX-2257739 19:07:07 04/25/07 To deliver several fixes in vmkernel.
ESX-2559638 19:07:39 04/25/07 Update info rpm for ESX 3.0.1.
ESX-3199476 19:08:21 04/25/07 VMXNET shutdown may lead to BSOD
ESX-5031800 19:08:55 04/25/07 RHSA-2006:0749 tar security update
ESX-5885387 19:09:25 04/25/07 RedHat Moderate: gzip security update
ESX-6856573 19:09:59 04/25/07 PhysMem_Get() accesses wrong pages
ESX-6921838 19:12:04 04/25/07 hot removal of a virtual disk thru SDK
ESX-9916286 19:12:47 04/25/07 To update zlib library for ESX 3.0.1
ESX-9986131 19:13:35 04/25/07 Updated openssh, python, and openssl
Patches waiting to be installed:
You seemed to install by patch number. Actually these patch number are not ascending and therefore can't be used as a hint for the patching order.
You need to install in the order they are released here: http://www.vmware.com/download/vi/vi3_patches.html
Yup, I figured that much
I installed them using a for loop. I have no idea why vmware has decided to take such an approach to naming patches, especially as you have to install 20+ on a host. Using a for loop it would take me about 2 minutes, otherwise an hour. But I'm sure they had a good reason to do it like they do.
Ofcourse if I used the hour I would not be in a mess now!
So do I have to restart from the beginning? Reinstall the whole server?
Message was edited by:
I totally agree that patching isn't the strongest part within VI3.
Anyway: If that's a viable option for you, I'd strongly suggest a reinstall and start from scratch. That's better than forcing several patches now and run into problems 2 months later.
my 1.5 cents
Ok, I fixed my way of updating...
1. download all the patches into a folder
2. unpack and delete them:
for PACKAGE in *; do
tar -xzvf $PACKAGE
3. copy the update names into a text file called patch_list so they only contain the update name, and they are listed by time of release (in the order they should be installed)
4. write a small bash script that installs the updates in the order they are listed in the file
\# I install vmware esx-server updates
for PATCH in `cat patch_list `; do
esxupdate -v 20 -n update
5. pack the folder into a tar file so I can easily transfer it to new added esx-hosts and update them.
Here goto the end is a lot of new scripts for deploying patches and it sequences automatically too.
Maybe you can add your script into it, that figures out if the patch has patches inside and then unzips it to the dir and erases the main patch for the script to then delpoy...
Message was edited by:
There is only one package in 2066306. If it's already up to date, then you can pretty much skip past this update.
If you feel compelled to get the update in the database, you can try using the '-x ' option to skip this particular package. But since it is the only package in the update, I wouldn't be surprised if esxupdate said it had nothing to do and exited.
The easiest way to get out of your problem is to use the -x (exclude) option as suggested earlier, but you need to know which RPM is duplicated. To find out which RPM is duplicated (hence the downgrade message), you can look into the log files by doing a vi of /var/log/vmware/esxupdate.log
or you can do the following:
#grep -i downgrade /var/log/vmware/esxupdate.log
It will then spit out the list of rpms that are in conflict. You can then use the -x option to exclude those rpms that have a more advanced option.
Once you get this mess sorted out, then you modify the script to install patches on a monthly basis in the order of the month that they are released. That should solve your problem.