last esxi update , no hp customised iso

dedri
dedri used Ask the Experts™
on
I have HP servers Gen8 on which customised HP esxi iso is installed. HP iso is from may 2018.
Now I saw that there is a new esxi update, but no new customised iso is available from HP.
Could you tell me how should I patch esxi servers?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Andrew Hancock (VMware vExpert / EE Fellow)VMware and Virtualization Consultant
Fellow 2018
Expert of the Year 2017

Commented:
What build and version of ESXi do you currently have, and which build do you want to upgrade to?

You can use any of the patches to update your current installation, or are you looking for a ISO to install ?

You don't usually download an iso to update, you can but there are much quicker alternatives than booting from an ISO.

Author

Commented:
normally I download the HP customized ISO, import it in the Vmware Update manager, create a baseline, and after that remediate the hosts against this baseline.
Because there isn't HP customized ISO that I can download,  I don't know how to proceed, there is a new patches available, as I can see( ESXi 6.5 VMSA-2018-0020*      ESXi650-201808001      date:2018-08-14      build:9298722 ). Could you tell me how to patch my servers, any procedure or link to any article about how to do it.
Part of the vmware servers are build 7388607, another part is a little bit newer.
Andrew Hancock (VMware vExpert / EE Fellow)VMware and Virtualization Consultant
Fellow 2018
Expert of the Year 2017

Commented:
If you add the HPE depot to your VMware Update Manager, you should have all the patches to patch your servers.

But all the patches should be available anyhow, there is no need to import the ISO.

e.g. the following will patch your servers... from the console

esxcli network firewall ruleset set -e true -r httpClient
esxcli software profile update -p ESXi-6.5.0-20180804001-standard -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml
esxcli network firewall ruleset set -e false -r httpClient

Open in new window


but this is taken from VUM, so the latest patches are available.

a word of caution about the latest patch for Intel CPU flaw, you really need to understand how to patch for it...

See these questions I've answered

https://www.experts-exchange.com/questions/29114650/Intel-Vulnerability-Foreshadow-L1-Terminal-Fault.html

https://www.experts-exchange.com/questions/29115252/Configuration-issue-on-host-after-vSphere-updates-applied-in-vsn-6-0.html

Don't just patch without reading.... it could affect your performance!

Author

Commented:
Thank you for the links regarding the issue with last update. I was not aware and this is helpful for me.

For vmware servers , Unfortunately esxi servers does not have access to the internet, so it's not possible to use your commands.
Could you tell me how to add HPE depot to my VMware Update Manager. Should I have to add hp depot or it's better to keep with vmware depot?
VMware and Virtualization Consultant
Fellow 2018
Expert of the Year 2017
Commented:
All the current patches should be available in VUM, for you to patch the current ESXi hosts.

I listed the above, patch as an example of the current patch available in VUM, because that link is where VUM gets it from.

I've just checked a VUM here, which does NOT have the HPE depot added, and it has

ESXi 6.5 VMSA-2018-0020*      ESXi650-201808001      date:2018-08-14      build:9298722

Patch available to add to a baseline, so no need to add HPE depots.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial