VMware Cloud Community
admin
Immortal
Immortal

ESX 3.5U2 Patch experiences?

Just posted:

Let's close down the other thread, as it's getting really long and hard to navigate.

Thanks. Rest assured that many people inside VMware are reading your feedback and experiences here.

Reply
0 Kudos
153 Replies
akmolloy
Enthusiast
Enthusiast

I'll move my other post here:

To share my experience:

I had a host with VMs on it that could tolerate limited downtime, so went for it. I had SSH connected with the esxupdate command ready to go, and then shutdown the VMs and put the host in maintenance mode. I applied the patch, restarted vmware-hostd, and then restarted the servers. I believe the downtime was under 10 minutes.

I just tested, and VMotion works to that server now from my unpatched servers, so I can put the others in Maintenance mode and patch under less pressure.

-Tony

Reply
0 Kudos
kenner
Contributor
Contributor

I'm having a serious problem with the patch. I patched one host and it was OK as I started machines on it, but then I see infinite loops of machine state changes from ON to RECONFIGURING and back to ON when I look at the latest hostd.log. They are coming from VirtualCenter Server, but I can't figure out why or how to stop it from happening. It's keeping hostd too busy to do anything else, so I can't move machines to that host.

Reply
0 Kudos
apservice
Contributor
Contributor

The application of the patch was the usual "esxupdate update" which ran very simply as usual. VMs can now power on and VMotion.

One other thing I've noticed is that somewhere along the line between 3.5 U1 and U2 the /etc/syslog.conf file was rewritten back to the defaults and my customisations have been removed. I haven't looked through the release notes to see if the syslog service was patched or updated.

Altonius

Reply
0 Kudos
joncellini
Contributor
Contributor

We've rolled out the ESX patch to a handful of systems and things are looking good so far.

The ESXi version of the patch is giving us a problem - it complains that the patch metadata is missing and then fails to install. The metadata was updated when the patches were imported into UM and everything looks to be correct. We are investigating the issue more at our site. Anyone else with ESXi installable or embedded have any luck?

Reply
0 Kudos
ElmbrookDan
Enthusiast
Enthusiast

I am new to vmware and only applied patches using Update Manager. Could someone explain briefly how to apply patches using the esxupdate. Do you have to download the patch- to your host?

Reply
0 Kudos
larden
Contributor
Contributor

I have applied using Update Manager - as long as you can free up one host to put in maintenance mode you can do this without issue.

For esxupdate

http://www.vmware.com/pdf/esx3_esxupdate.pdf

VMware Rocks!
Reply
0 Kudos
ElmbrookDan
Enthusiast
Enthusiast

Thanks, good to know. I have 2 hosts one is running only 2 VM's which could be brought down for a bit. The other host has a few more VM's including my VirtualCenter. Yes I am running my VC in a VM and I know. So my plan is to patch the host that doesn't have the VC VM. Once that host is patched I will VMotion VC to the patched host and then patch the non patched host. Make sense? Anyone see a flaw in that plan?

Reply
0 Kudos
larden
Contributor
Contributor

Sounds good to me.

I am rebooting the host also, even though it isn't required.

VMware Rocks!
Reply
0 Kudos
Tibmeister
Expert
Expert

I've never had UM work right. For the host I use the Virtual Infrastructure Update program that get's installed with the client. The drawback is you have to connect the client to each host before the update program will see them as it is designed for stand-alone ESXi hosts.

Reply
0 Kudos
RobertGreenlee
Contributor
Contributor

I'm going to update my other 2 affected hosts tomorrow morning with the patch (one host now has the hotfix and appears fine). I still have 2 other hosts in the cluster running Update 1. Should I want for a new version of Update 2 to come out to patch them or just load the original U2 from Update Manager and this hotfix. I'd like to get them all upgraded by this weekend. We have an planned outage window Sat night and I was to get all the VMtools upgraded on the clients.

Thanks

Robert

Reply
0 Kudos
larden
Contributor
Contributor

IMHO - I would WAIT. I am going to rebuild our hosts with the "new" media when it comes out. I prefer to err on the side of caution, update + "fix" vs "update released after major QA with fix" I prefer the second option.

I can see VMWORLD being fun telling our war stories

VMware Rocks!
Reply
0 Kudos
ADHDave
Contributor
Contributor

We're using ESX 3.5 Update 2 on a 2 host test cluster running 25 VM's, i disabled HA and set DRS to manual. I downloaded the patch using the update manager and also downloaded the zip file. I extracted and copied the files to the first host and used esxupdate to manually apply the patch and everything worked great. Just to see how it would behave with the other host i scanned it for updates and then remediated. Update manager tried to put the host in maintenace mode and each VM failed to move @ 10%, I cancelled the maintenance mode task, and tried DRS @ partial and full automation with the same result. Finally, powered off the VM's that were on that host and remediated again and it installed successfully. Re-enabled HA powered on all off VM's. I successfully manually migrated machines and try a test of HA in the morning

edit

added more info

Reply
0 Kudos
joncellini
Contributor
Contributor

I've never had UM work right. For the host I use the Virtual Infrastructure Update program that get's installed with the client. The drawback is you have to connect the client to each host before the update program will see them as it is designed for stand-alone ESXi hosts.

To be candid our experiences with ESXi updating have been mixed in general. We are trying to use UM to patch an ESXi embedded host right now - if that chokes too we will try the offline patch route.

I'll post back if we have any luck.

Reply
0 Kudos
rmumford
Contributor
Contributor

Just applied the patch to my first ESX server, as I am entering maintenance mode in my second one, it is not migrating any VM's to my first ESX server. I have a total of 6 hosts, and the remaining are getting quite full.

In summary of patched ESX server, error is "HA agent on esx001.xxxx.xxx in cluster ESX Cluster in xxx has an error." I am able to manually migrate to this box, but it is not moving automatically.

I have tried to Reconfigure for VMware HA one time with no luck. Any ideas?

Reply
0 Kudos
joncellini
Contributor
Contributor

Are your console interfaces on the same network? We ran into a issue with the U2 release where the default behavior of HA was changed (or broken depending on your POV) and the HA agents are not all in a common subnet. There are some threads about this in the forums - it also is documented in the U2 release notes.

Reply
0 Kudos
rmumford
Contributor
Contributor

Console interfaces as in hosts? Bear with me, as I am the backup to our VMware environment while our point man is on vacation. All of our ESX servers are on the same subnet, how do I further delve into logs from to see what my exact issue is?

Reply
0 Kudos
jsykora
Enthusiast
Enthusiast

This didn't affect me too badly. Been walking on eggshells all day hoping nothing happened that would require HA or migrating VMs.

For the benefit of other VMware newbies like myself here's what I did to get the patch working:

Downloaded the express update when it became available (late btw) and added it to my ftp server's patch depot. Update took a bit likely due to server load from everyone else wanting in as well. (See if you are unfamiliar with esxupdate and patch depots).

While this all was downloaded I did an esxupdate -l query |grep ESX350-200806201-UG on both of my hosts to make sure the prerequisite patch was there. Also disabled HA on the cluster. I had already put DRS in manual mode early this morning.

After the patch was in my depot I did esxcfg-firewall --AllowOutgoing and then esxupdate -d <patch depot URL> scan to make sure it saw the new update.

One of my hosts only had 3 VMs running on it by chance so I shut down those 3 guests, set the hosts to enter maintenance mode and then ran esxupdate -d <patch depot> --test update to make sure all everything looked right on that host. When everything returned OK I did esxupdate -d <patch depot> update and waited for everything to finish. Per the patch instructions I restarted the management interface and then did esxcfg-firewall --BlockOutgoing . I then restarted the esx host that was in maintenance mode from VirtualCenter for good measure.

When this host came back up I took it out of maintenance mode, let it sit for a little bit while I checked logs for any errors. Then migrated all guest VMs from other unpatched host over to this patched host and then followed the same steps to patch the unpatched.

After both were patched I re-enabled DRS and balanced the host loads a bit. After waiting a few more minutes and checking logs some more I re-enabled HA which came up just fine.

Everything seem to work fine and basically I just RTFM on the directions to get everything to work. I didn't try patching with Update Manager as I've never really had that great of luck with it.

Reply
0 Kudos
COS
Expert
Expert

Can someone please explain to me why a "FREE" product has a friggin expiration date? It just does NOT MAKE SENSE!

Even worse, is a Licensed version one has paid for has this expiration "BUG".

YES IT IS A BUG!

QA missed the big fat cock roach in their process.

Here's what I want. I want install Enterprise binaries that has NO expiration. If our agency paid in excess of $15,000.00 to license our servers (Enterprise version) the friggin thing should never ever expire.

I feel like VMware does not trust it's customers eventhough they have already spent their thousands of dollars on their product. MS 2003 Server does not expire does it? NO.

Enough with this garbage about software piracy and protecting your product, the same old boring played out song. If we paid for it it should never expire. VMWare's method is basically saying "you're all pirates and eventhough you paid up the a(insert letters here), I still don't trust you worth doodoo".

That's why this issue is here.

Hmmmm....

This scenario should sound familiar to VMware, remember the "FREE" vmware server release?....tick....tick....tick.... Edit

Reply
0 Kudos
pahopland
Contributor
Contributor

Applyed the patch to a test server today using esxupdate. The host was in maintenance mode. After applying the patch i'll run service mgmt-vmware restart and try'd to exit maintenance mode from VC. The error "The session is not authenticated" pop up.

Rebooted the server and was then allowed to exit maintenance mode.

Then i'll enabled NTP again, and the error "The operation is not allowed in the current state" pop up. After pressing OK twice ntp was up and running.

Now everything is working ok, but im not sure why those errormessages pop up.....

Edit.

Did not remove host from cluster, just disabled HA/DRS. If I remove the host from the cluster there is no errormessages...

Lesson learned:)

Reply
0 Kudos