Avatar of dedri
dedri
Flag for United States of America asked on

update vmware with VUM

I upgraded one of our vmware cluster with customised HP ESXi ISO to the esxi 6.5 build:8294253 ( this is the latest HP custom ISO that is provided). Because this is not the latest version and I can see that there are several updates after this release I need to patch my servers now. I will use the VUM, but in VUM I can see all updates for version 6.5 and I am a little bit confused how to create my baseline, what to include in this baseline, which patches should I add.
VMware

Avatar of undefined
Last Comment
Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)

8/22/2022 - Mon
Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)

There are 3 updates available since  build:8294253, the latest is ESXi-6.5.0-20181004001-standard (Build 10175896).

You should be able to add these patches and re mediate or stage.
dedri

ASKER
Could you specify how to do it, I am a little bit confused. Here is a screenshot of the VUM and filtered patches for esxi 6.5. What should I include in the baseline from this patches.  Or should I do it with some other way. As I can see some of the patches are repeated.
Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)

You should include the  latest patch in the base line.

Please see my EE Article as a guide

HOW TO: Update (Patch) VMware ESXi 6.0.0 GA to ESXi 6.0.0b with VMware Update Manager (VUM)
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
dedri

ASKER
Hello Andrew,
can you see the attached screenshot. Should I choose only first two patches from 2 October 2018, or I should choose all patches released after Update2( in a picture from 28 June to 02 october). My current build is esxi 6.5 build:8294253
VMWareUpdates.png
Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)

All patches are cumulative.

So you need to look at the  Web Link - BG document, and apply the latest patch. (which can usually be found on the date)

otherwise, you will be applying build x, and then build y, and build z....

when you only need to apply build z.
dedri

ASKER
Hi Andrew,
As I understand you correctly I need to apply first two patches from 02 October from the picture that I attached.
Also I need to apply patches "cpu-microcode VIB" and "esxi-ui VIB" from 14 September.
Is this correct?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER CERTIFIED SOLUTION
Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
dedri

ASKER
very good article Andrew.
So I understand you correctly, I need to apply first two patches from 02 October seen in VUM and additionally patches "cpu-microcode VIB" and "esxi-ui VIB" from 14 September.
Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)

Yes, but also be very cautious, and understand the Rollups and Patches and what they do.... and also if they require vCenter Server to be updated first, otherwise you could end up updating the hosts, and then having no management of them, because VC should have been done first.

and also following all the Spectre, Meltdown, T1 security issues and also maybe updating Host Firmware and BIOS!
dedri

ASKER
thanks for reminder, I've already update the vcenter server, firmware and BIOS of the hosts.
Also you told me about the T1 process of patching the host in my other question.
Till now I haven't used the customised ISO. In the past I always install vmware image, and my patching process is to download the latest iso from vmware site, upload it in vmware update manager, create a baseline on this imported image, and remediate hosts, because I know that they are cumulative. And now I am confused with this customised iso, should i patch the sever with vum patches, should i use my old way of performing patch process. I am wondering if i download the latest iso from vmware and patch the hosts, what happens to HP drivers installed with the hp iso, are they gone. With vmware update manager you don't have an options what to choose "install" or "update", as you can do with the command line. this is still not clear to me even though i wrote the article
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)

Install the OEM HPE version, and then patch....

you can also add the HPE depot for patches as well.