Solved

Need help with patching ESXi hosts in vSphere

Posted on 2013-02-07
8
822 Views
Last Modified: 2013-02-22
I got an alert from my vSphere server:

The number of patch definitions downloaded (critical/total):
ESX: 0/7

ID: ESX410-201301401-SG  Impact: Important  Release date: 2013-01-31  Products: esx 4.1.0 Updates VMkernel, VMX, Tools, others.

ID: ESX410-201301402-SG  Impact: Moderate  Release date: 2013-01-31  Products: esx 4.1.0 Updates bind-libs and bind-utils RPMs

ID: ESX410-201301403-SG  Impact: Important  Release date: 2013-01-31  Products: esx 4.1.0 Updates libxslt

ID: ESX410-201301404-BG  Impact: Important  Release date: 2013-01-31  Products: esx 4.1.0 Updates esxupdate

ID: ESX410-201301405-SG  Impact: Moderate  Release date: 2013-01-31  Products: esx 4.1.0 Updates libxml2

ID: ESXi410-201301401-SG  Impact: Important  Release date: 2013-01-31  Products: embeddedEsx 4.1.0 Updates Firmware

ID: ESXi410-201301402-BG  Impact: Important  Release date: 2013-01-31  Products: embeddedEsx 4.1.0 Updates VMware tools

Open in new window


But when I go to re-mediate them there are no patches to apply. What am I missing?
0
Comment
Question by:Thaidog
  • 4
  • 3
8 Comments
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
What build of ESXi are you currently running?
0
 

Author Comment

by:Thaidog
Comment Utility
We are running 4.0.0 787047 and 5.0.0 912577
0
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
What host version are you trying to patch?
0
 

Author Comment

by:Thaidog
Comment Utility
Both
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
And to which version?
0
 

Author Comment

by:Thaidog
Comment Utility
Whatever is the latest... after hitting "scan" on the esx 4 servers it would appear there are no patches for these servers... as the remediate button comes back greyed out and I have a green circle that says compliant above it...
0
 
LVL 117

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 250 total points
Comment Utility
There are no more patches for Build Number: 787047
Release Date: :  09/14/2012

So you cannot update it, to something that does not exist, it's up to date.

as far as the patch portal is concerned. But those patches ESX410-201301401-SG  look recent.

as for ESXi 5.0, the latest build is U2, which is now build Build Number: 914586
0
 
LVL 5

Assisted Solution

by:xperttech
xperttech earned 250 total points
Comment Utility
I don't believe there are newer patches for your hosts. If your Update Manager were to report incorrectly, you could go the manual way. I've never seen it reporting incorrectly.

Here are the steps for patching your hosts manually:

1.

Download the ZIP patch file from VMware (http://www.vmware.com/patchmgr/findPatch.portal)

2.

SSH access needs to be enabled on the host(s)

3.

Power off all running VM guests and place the host in Maintenance Mode.

4.

Upload the ZIP file to the host’s datastore ‘Patches’ folder via vSphere Client or WinSCP or any SSH tool

5.

Using PUTTY or any other ssh terminal tool, connect to the host(s) and login as root

6.

Assuming the patch uploaded is ESXi510-201212001.ZIP and the host’s datastore name is datasore1_vm1, change directory:
cd /vmfs/volumes/datastore1_vm1/Patches
This transforms in something like this: /vmfs/volumes/50ec61ac-66192fb9-0dd0-089e0150a245 /Patches

7.

Run this command:
esxcli software vib install --maintenance-mode --depot /vmfs/volumes/datastore1_vm1/Patches/ESXi510-201212001.zip

8.

Inspect the “Installation Result” status. It should say something like this “Message: The update completed successfully, but the system needs to be rebooted for the changes to be effective”
There will be a “Reboot required: true” just below the above message. And a listing of all the patches applied.

9.

It is possible to continue applying multiple patches, even when a reboot is required, but you should reboot at the end of the patching cycle.

10.

Use the command reboot

11.

Turn off Maintenance mode

12.

Power on your VMs
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Windows 10 is here and for most admins this means frustration and challenges getting that first working Windows 10 image. As in my previous sysprep articles, I've put together a simple help guide to get you through this process. The aim is to achiev…
In this step by step tutorial with screenshots, we will show you HOW TO: Enable SSH Remote Access on a VMware vSphere Hypervisor 6.5 (ESXi 6.5). This is important if you need to enable SSH remote access for additional troubleshooting of the ESXi hos…
Teach the user how to install and configure the vCenter Orchestrator virtual appliance Open vSphere Web Client: Deploy vCenter Orchestrator virtual appliance OVA file: Verify vCenter Orchestrator virtual appliance boots successfully: Connect to the …
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now