Patch Installation or Update on ESXi 6.5 or Later from CLI
Host Patching is a process to install or update patches on ESXi hosts. It can be done from VMware Update Manager for from CLI. This article summaries the procedure of patch update or installation on ESXi 6.5 or later versions from command line (SSH).
Enable SSH on ESXi
Vcenter:- Select Host->Configure->System->Security Profile->Services->Edit->SSH->Start->OK
ESXi:- Host->Action->Services->Enable Secure Shell (SSH)
Login on ESXi from SSH client with user 'root'
(you can use SSH client Putty)
Check the version & current build of ESXi so that it can be cross verified.
Command:- "[root@hostname:~] esxcli system version get"
If wat to check last patch installation date this command can help you.
[root@hostname:~] esxcli software vib list | grep 'build number'
Update package can be downloaded from this link. You need to login first then can download the required package.
URL:- https://my.vmware.com/group/vmware/patch#search
Now downloaded file need to be uploaded on Data Store which is accessed from ESXi host. It can be uploaded from ESXi host client or vCenter Web Client.
"Select Datastore"->File->"Select Folder"->Upload->Select Patch->Ok
It is very important step in this process to put the Host in Maintenance Mode. It can be done from Host client (GUI) or Host CLI or from vCenter.
SSH:- "[root@hostname:~] esxcli system maintenanceMode set --enable true"
Vcenter:- Right click on host name->Maintenance Mode->Enter Maintenance Mode
ESXi:- Right click on "Host"->Enter Maintenance Mode
Note:
Before starting the patch installation or update we must understand the difference between patch install and patch update.
In patch installation all the available packages in image/zip will be installed and may overwrites the installed packages and drivers with new files that can change/remove the configuration on ESXi host.
Whereas, patch update just install the packages which are applicable as per the current installed packages and keep the configuration untouched. This the recommended way for patching on ESXi host.
Install patches
[root@hostname:~] esxcli software vib install -d "/vmfs/volumes/datastore/folder/patch_file.zip"
Use -d option if using .zip file
[root@hostname:~] esxcli software vib install -v "/vmfs/volumes/datastore/folder/patch_file.vib"
Use -v option if using .vib file
Update patches (Recommended)
[root@hostname:~] esxcli software vib update -d "/vmfs/volumes/datastore/folder/patch_file.zip"
Use -d option if using .zip file
[root@hostname:~] esxcli software vib update -v "/vmfs/volumes/datastore/folder/patch_file.vib"
Use -v option if using .vib file
Note:
Once the patches are installed/updated it will show the result whether it is successful or failed, also the list of patches that are installed and skipped (not installed because not required). It may require to reboot the host. Once the host is rebooted and up, exit the host from Maintenance Mode.
Exit the Host in Maintenance Mode
SSH:- "[root@hostname:~] esxcli system maintenanceMode set --enable false"
Vcenter:- Right click on host name->Maintenance Mode->Exit Maintenance Mode
ESXi:- Right click on "Host"->Exit Maintenance Mode
Now cross verify the build version and updates
"[root@hostname:~] esxcli system version get"
It can be checked from ESXi host client or vCenter also.
No comments:
Post a Comment