Solved

VMware patchable objects

Posted on 2012-04-12
13
381 Views
Last Modified: 2012-04-13
Could you list which elements of a typical vmware setup that utilises vcenter esxi and windows guests require patching? So vcenter patching, host patching, and guest patching, specific the vmware what needs patching, and any idea on the frequency of the patches released?
0
Comment
Question by:pma111
  • 6
  • 6
13 Comments
 
LVL 117

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 250 total points
ID: 37836812
Security Updates (patching)

1. Windows Guests (every month, when Microsoft release patches on Patch Tuesday)

2. vCenter Server (new versions e.g. 4.1 U2, 5.0 U1) VMware very seldom releases patches for vCenter Server, but releases new builds, so you can do a complete upgrade. As for timescales, vSphere 5.0 Update 1  Released 15 Mar 2012, vSphere 5.0 | Released 24 Aug 2011

3. Hypervisor Updates (ESXi), Security Updates and Fixes are issued.  If we look at ESXi 5.0

there have been several patches

Build Number: 474610 Release Date: :  09/13/2011 (patches to ESXi 5.0)
Build Number: 504890 Release Date: :  11/03/2011 (patches to ESXi 5.0)
Build Number: 515841 Release Date: :  12/15/2011  (patches to ESXi 5.0)
Build Number: 623860 Release Date: :  03/15/2012 (this is ESXi 5.0 U1)

All patches can be checked here

http://www.vmware.com/patchmgr/download.portal

So with the Hypervisor, it could be a patch every month from release.
0
 
LVL 3

Author Comment

by:pma111
ID: 37836841
Is there anything vmware specific on the guests that needs patching from vmware? Your 1 seems specific to MS updates nothing on guests around vmware.

Cheers!
0
 
LVL 7

Assisted Solution

by:PaulNSW
PaulNSW earned 250 total points
ID: 37836854
You should also check for firmware/BIOS updates for the hardware running this environment.

Re 1: Each VM will have "VMWare Tools" installed, providing enhanced drivers for Video, Network, Mouse etc.

You generally only have to update this with every major VMWare update
0
 
LVL 117
ID: 37836863
every host update may have a new version of vmware tools, which could be applied to the guest vms.
0
 
LVL 3

Author Comment

by:pma111
ID: 37836882
And is there 1 tool that can patch all 3 (vCenter, Host, vmware tools on guest) and provide management overview on whats at what level, whats missing what patch? If there is 1 tool a copy or screenshot of a sample report would be ever so helpful!
0
 
LVL 117
ID: 37836898
No not really, VMware Update Manager patches the host.
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 
LVL 3

Author Comment

by:pma111
ID: 37837030
Would update manager show which hosts are missing patches? Is it a report format thats management freindly?
0
 
LVL 117
ID: 37837046
Yes, Update Manager would show which updates. VMware issues Security Updates, which changes the Build Number of the OS, you could say a change of service pack. A Security Build Update contains many security fixes and bug fixes.

I do not think the Report is management friendly.
0
 
LVL 3

Author Comment

by:pma111
ID: 37837719
Would you be willing to share a screenshot of a report for reference?

Also > where can you see the build number? And where can you see from vmware the latest build numbers.
0
 
LVL 3

Author Comment

by:pma111
ID: 37837724
Is update manager part of vcenter, or an additional tool that requires additional $$
0
 
LVL 3

Author Comment

by:pma111
ID: 37837743
And are the patches released for vmware tools on guests security related, or something else? How often are they released?
0
 
LVL 117
ID: 37837799
Ive never seen any VMware Tools updates on their own.

Tools are sometimes included with host updates, eg new host update, it may have new tools as well.
0
 
LVL 117
ID: 37837814
update manager is included with vCenter.

build numbers are shown on the host summary, see previous ESX, ESXi question.

build numbers arevavailable on vmware patch portal.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

This article is an update and follow-up of my previous article:   Storage 101: common concepts in the IT enterprise storage This time, I expand on more frequently used storage concepts.
Is your company's data protection keeping pace with virtualization? Here are 7 dynamic ways to adapt to rapid breakthroughs in technology.
Teach the user how to use vSphere Update Manager to update the VMware Tools and virtual machine hardware version Open vSphere Client: Review manual processes for updating VMware Tools and virtual hardware versions: Create a new baseline group in vSp…
Advanced tutorial on how to run the esxtop command to capture a batch file in csv format in order to export the file and use it for performance analysis. He demonstrates how to download the file using a vSphere web client (or vSphere client) and exp…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now