ESX Baseline Jun 08: Difference between revisions

From vwiki
Jump to navigation Jump to search
m (12 revisions)
 
(Updates)
 
Line 58: Line 58:
# Copy required install files to ESX's...
# Copy required install files to ESX's...
#* Most easily achieved by script on ESX On UKLONVCP1, EG to copy required updates to UKLONESXT1 (note that DELL patches will vary depending on whether a 1950 or 2950, see below)
#* Most easily achieved by script on ESX On UKLONVCP1, EG to copy required updates to UKLONESXT1 (note that DELL patches will vary depending on whether a 1950 or 2950, see below)
#** <code> pscp -pw syndrome "c:\Program Files\Dell\SysMgt\ITAssistant\repository\ITA\FRMW_LX_R169302.BIN" "c:\Program Files\Dell\SysMgt\ITAssistant\repository\ITA\ESM_FRMW_LX_R172182.BIN" "c:\Program Files\Dell\SysMgt\ITAssistant\repository\ITA\ESM_FRMW_LX_R182898.BIN"  "c:\Program Files\Dell\SysMgt\ITAssistant\repository\ITA\PE2950_BIOS_LX_2.2.6.BIN" simons@ukwokesxt1:/home/simons/</code>  
#** <code> pscp "c:\Program Files\Dell\SysMgt\ITAssistant\repository\ITA\FRMW_LX_R169302.BIN" "c:\Program Files\Dell\SysMgt\ITAssistant\repository\ITA\ESM_FRMW_LX_R172182.BIN" "c:\Program Files\Dell\SysMgt\ITAssistant\repository\ITA\ESM_FRMW_LX_R182898.BIN"  "c:\Program Files\Dell\SysMgt\ITAssistant\repository\ITA\PE2950_BIOS_LX_2.2.6.BIN" user@esx:/home/user/</code>  
#** <code> pscp -r -pw syndrome C:\Software_Repository\ESX\VMware-esx-upgrade-from-esx3-3.5.0-64607a\ simons@ukwokesxetpdev2:/home/simons/ </code>
#** <code> pscp -r C:\Software_Repository\ESX\VMware-esx-upgrade-from-esx3-3.5.0-64607a\ user@esx:/home/user/ </code>
# Put ESX into Maintenance Mode
# Put ESX into Maintenance Mode
#* If a stand-alone ESX, all VM's will need to be shutdown
#* If a stand-alone ESX, all VM's will need to be shutdown
Line 70: Line 70:
#* <code> su - </code>
#* <code> su - </code>
# Move into home directory  
# Move into home directory  
#* <code> cd /home/simons </code>
#* <code> cd /home/user </code>
# Make updates executable
# Make updates executable
#* <code> chmod +x *.BIN </code>
#* <code> chmod +x *.BIN </code>
Line 90: Line 90:
#* <code> su - </code>
#* <code> su - </code>
# Move into home directory  
# Move into home directory  
#* <code> cd /home/simons </code>
#* <code> cd /home/user </code>
# Uncompress install
# Uncompress install
#* <code> tar -zxvf OM_5.4.0_ManNode_A01.tar.gz </code>
#* <code> tar -zxvf OM_5.4.0_ManNode_A01.tar.gz </code>
Line 102: Line 102:
==Confirm CPU Virtualisation is Enabled==
==Confirm CPU Virtualisation is Enabled==
# Browse to server's IT Assistant
# Browse to server's IT Assistant
## EG https://uklonesxgtfix1:1311
## EG https://esx:1311
# Navigate to System\Main System Chassis\BIOS page, and go to the Setup tab
# Navigate to System\Main System Chassis\BIOS page, and go to the Setup tab
# Ensure "CPU Virtualization Technology" is enabled  
# Ensure "CPU Virtualization Technology" is enabled  
Line 110: Line 110:
==Upgrade ESX software==  
==Upgrade ESX software==  
# Move into install
# Move into install
#* <code> cd /home/simons/VMware-esx-upgrade-from-esx3-3.5.0-64607a\3.5.0-64607 </code>
#* <code> cd /home/user/VMware-esx-upgrade-from-esx3-3.5.0-64607a\3.5.0-64607 </code>
# Run update install
# Run update install
#* <code> esxupdate -n update </code>
#* <code> esxupdate -n update </code>
Line 120: Line 120:
# Run up Virtual Infrastructure client and ensure you've the right version installed...
# Run up Virtual Infrastructure client and ensure you've the right version installed...
#* Help | About... Client should be v2.5.0 build 84767
#* Help | About... Client should be v2.5.0 build 84767
#** If not, browse to [http://uklonvcp1 uklonvcp1] and install new version
#** If not, browse to [http://vcentre vcentre] and install new version
# Ensure you've got the Update Manager plug-in installed and enabled
# Ensure you've got the Update Manager plug-in installed and enabled
#* Plugins | Manage Plugins.., Available tab: Update Manager should be installed
#* Plugins | Manage Plugins.., Available tab: Update Manager should be installed
Line 126: Line 126:
# Highlight the ESX, righ-click and select ''Scan for updates''
# Highlight the ESX, righ-click and select ''Scan for updates''
# Once the scan has completed go to the Update Manager tab
# Once the scan has completed go to the Update Manager tab
# Right-click over the "RTS ESX baseline (9 Jun 08)" baseline and select Remediate
# Right-click over the "ESX baseline (9 Jun 08)" baseline and select Remediate
#* VC will scan the ESX's, then push out all applicable update, then reboot the ESX
#* VC will scan the ESX's, then push out all applicable update, then reboot the ESX


Line 134: Line 134:
#* <code> esxcfg-firewall -e ftpClient </code>
#* <code> esxcfg-firewall -e ftpClient </code>
# Use esxupdate to apply all patches from the patch depot on uklonvcp1
# Use esxupdate to apply all patches from the patch depot on uklonvcp1
#* For example <code> esxupdate -d ftp://uklonvcp1/esx350-Jun08 update </code>
#* For example <code> esxupdate -d ftp://vcentre/esx350-Jun08 update </code>
# ESX will reboot once all patches installed
# ESX will reboot once all patches installed


Line 147: Line 147:
#* <code> rm -f OM_5.4.0_ManNode_A01.tar.gz </code>
#* <code> rm -f OM_5.4.0_ManNode_A01.tar.gz </code>
# Flush the local ESX FTP cache
# Flush the local ESX FTP cache
#* <code> esxupdate -d ftp://uklonvcp1/esx350-Jun08 --flushcache scan </code>
#* <code> esxupdate -d ftp://vcentre/esx350-Jun08 --flushcache scan </code>
# Show disk usage (should have reduced from earlier check)
# Show disk usage (should have reduced from earlier check)
#* <code> df -h </code>
#* <code> df -h </code>

Latest revision as of 16:49, 3 June 2011

Summary of updates

All outstanding major DELL firmware and ESX patches as of June 2008...

  1. DELL Firmware Updates
    • PERC v5.2.1-0067
    • SAS v1.06
    • BMC v2.05
    • BIOS v2.2.6
  2. DELL Open Manage upgrade v5.4
  3. ESX software v3.5 update 1
  4. ESX software patches included in "RTS ESX baseline (9 Jun 08)"
    • ESX350-Update01 ESX Server 3.5.0 Update 1
    • ESX350-200802303-SG util-linux security update
    • ESX350-200802304-SG perl security update
    • ESX350-200802305-SG openssl security update
    • ESX350-200802306-BG tzdata update
    • ESX350-200802408-SG Security Updates to the Python Package.
    • ESX350-200802415-SG Security Update to Samba Packages.
    • ESX350-200803201-UG Upgrade the Openwsman Protocol Adapter
    • ESX350-200803202-UG Update to VMware-esx-tools, others
    • ESX350-200803203-UG Update to VMware-cim-esx
    • ESX350-200803204-UG Update the VMware mptscsi_2xx driver
    • ESX350-200803205-UG Update to VMware-esx-drivers-net-ixgbe
    • ESX350-200803206-UG Update the VMware lpfc_elx_v740 driver
    • ESX350-200803207-UG Update the VMware qla2300-v707 driver
    • ESX350-200803208-UG Update to the esxupdate utility
    • ESX350-200803209-UG Update to the ESX Server Service Console
    • ESX350-200803210-UG Update to VMware-esx-drivers-net-bnx2
    • ESX350-200803211-UG Update to vmkernel and vmnix
    • ESX350-200803212-UG Update VMware qla4010/qla4022 drivers
    • ESX350-200803213-UG Driver Versioning Method Changes
    • ESX350-200803214-UG Update to Third Party Code Libraries
    • ESX350-200803215-UG Update to Virtual Infrastructure Client
    • ESX350-200803216-UG Update to VMware-esx-drivers-net-tg3
    • ESX350-200803217-UG Update to the mgmt-vmware Service
    • ESX350-200804404-BG Update to VMware-esx-drivers-scsi-vmkisc
    • ESX350-200804405-BG Update to VMware-esx-drivers-scsi-megara
    • ESX350-200805501-BG Updates to the VMkernel and other RPMs.
    • ESX350-200805502-BG Update to VMware ESX Scripts.
    • ESX350-200805503-BG Update to VMnix
    • ESX350-200805504-SG Security Update to Cyrus SASL
    • ESX350-200805505-SG Security Update to unzip
    • ESX350-200805506-SG Security Update to Tcl/Tk
    • ESX350-200805507-SG Security Update to krb5
    • ESX350-200805508-SG Security Update to cim-smwg
    • ESX350-200805513-BG Update to VMware-esx-iscsi
    • ESX350-200805514-BG Update to VMware-esx-drivers-net-e1000
    • ESX350-200805515-SG Update to VMware-esx-srvrmgmt.


Full upgrade procedure

Useful Unix commands, not specifically required, but may be of use - General Unix

Prep for updates

  1. Copy required install files to ESX's...
    • Most easily achieved by script on ESX On UKLONVCP1, EG to copy required updates to UKLONESXT1 (note that DELL patches will vary depending on whether a 1950 or 2950, see below)
      • pscp "c:\Program Files\Dell\SysMgt\ITAssistant\repository\ITA\FRMW_LX_R169302.BIN" "c:\Program Files\Dell\SysMgt\ITAssistant\repository\ITA\ESM_FRMW_LX_R172182.BIN" "c:\Program Files\Dell\SysMgt\ITAssistant\repository\ITA\ESM_FRMW_LX_R182898.BIN" "c:\Program Files\Dell\SysMgt\ITAssistant\repository\ITA\PE2950_BIOS_LX_2.2.6.BIN" user@esx:/home/user/
      • pscp -r C:\Software_Repository\ESX\VMware-esx-upgrade-from-esx3-3.5.0-64607a\ user@esx:/home/user/
  2. Put ESX into Maintenance Mode
    • If a stand-alone ESX, all VM's will need to be shutdown
    • If a cluster ESX, all VM's should be VMotion'ed to alternative ESX's


Apply DELL firmware updates

  1. Putty onto ESX, login as simons
  2. Sudo as root
    • su -
  3. Move into home directory
    • cd /home/user
  4. Make updates executable
    • chmod +x *.BIN
  5. Apply updates using following commands in order indicated. Do not boot until completion of last update.
    • 1950 Only
      1. ./FRMW_LX_R169302.BIN
      2. ./ESM_FRMW_LX_R171043.BIN
      3. ./ESM_FRMW_LX_R182899.BIN
      4. ./PE1950_BIOS_LX_2.2.6.BIN
    • 2950 Only
      1. ./FRMW_LX_R169302.BIN
      2. ./ESM_FRMW_LX_R172182.BIN
      3. ./ESM_FRMW_LX_R182898.BIN
      4. ./PE2950_BIOS_LX_2.2.6.BIN

Update DELL OpenManage

  1. Putty onto ESX, login as simons
  2. Sudo as root
    • su -
  3. Move into home directory
    • cd /home/user
  4. Uncompress install
    • tar -zxvf OM_5.4.0_ManNode_A01.tar.gz
  5. Move into install directory
    • cd linux/supportscripts
  6. Install Openmanage upgrade
    • ./srvadmin-install.sh -b -w -r -s
  7. Start OpenManage
    • ./srvadmin-services.sh start

Confirm CPU Virtualisation is Enabled

  1. Browse to server's IT Assistant
    1. EG https://esx:1311
  2. Navigate to System\Main System Chassis\BIOS page, and go to the Setup tab
  3. Ensure "CPU Virtualization Technology" is enabled
    1. Enable if not, go into option and select "Enabled"
    2. Hit "Apply Changes", then "Reboot System" to apply

Upgrade ESX software

  1. Move into install
    • cd /home/user/VMware-esx-upgrade-from-esx3-3.5.0-64607a\3.5.0-64607
  2. Run update install
    • esxupdate -n update
  3. On completion reboot ESX
  4. Confirm reboot complete (takes a few mins) and Virtual Centre reconnects sucessfully

Apply ESX patches

This section of procedure is depreciated due to a fault with Update Manager - do not use it

  1. Run up Virtual Infrastructure client and ensure you've the right version installed...
    • Help | About... Client should be v2.5.0 build 84767
      • If not, browse to vcentre and install new version
  2. Ensure you've got the Update Manager plug-in installed and enabled
    • Plugins | Manage Plugins.., Available tab: Update Manager should be installed
    • Installed tab, Update Manager should be enabled
  3. Highlight the ESX, righ-click and select Scan for updates
  4. Once the scan has completed go to the Update Manager tab
  5. Right-click over the "ESX baseline (9 Jun 08)" baseline and select Remediate
    • VC will scan the ESX's, then push out all applicable update, then reboot the ESX

This is the procedure to use...

  1. Ensure ESX is in Maintenance Mode
  2. Enable FTP client access to outside world
    • esxcfg-firewall -e ftpClient
  3. Use esxupdate to apply all patches from the patch depot on uklonvcp1
  4. ESX will reboot once all patches installed

Tidy Up

  1. Show disk usage (note for later comparison)
    • df -h
  2. Delete files...
    • rm -f -d -r docs/
    • rm -f -d -r linux/
    • rm -f -d -r 3.5.0-64607/
    • rm -f *.BIN
    • rm -f OM_5.4.0_ManNode_A01.tar.gz
  3. Flush the local ESX FTP cache
  4. Show disk usage (should have reduced from earlier check)
    • df -h
  5. Disable FTP client access
    • esxcfg-firewall -d ftpClient

Apply VM Tools upgrade

  1. Take ESX out of maintenance mode
  2. Start up the Virtual Machines
  3. Ensure no software is started
  4. Select them all in Virtual Centre (highlight the ESX in left window, then go to the Virtual Machines tab)
  5. Right click, and select Install/Upgrade Tools, and select Automatic upgrade
  6. VC will upgrade VM Tools on the VM's then reboot them

Harmonise Resource Pool Shares

  1. Go to the Resource Allocation tab for the cluster
  2. In the CPU view check that all Limit's are set to Unlimited and Shares are set to Normal
  3. In the Memory view check that all Shares are set to Normal

Enable Cisco Discovery Protocol

  1. Log into the ESX via the command shell
  2. Display all vSwitches
    • esxcfg-vswitch -l
  3. For each vSwitch...
    1. Confirm CDP is set to listen
      • esxcfg-vswitch -b vSwitch0
    2. If down, enable it...
      • esxcfg-vswitch -B listen vSwitch0

Final checks

  1. Ensure all applicable software is started on VM's
  2. Ensure no alarms on Netcool for affected VM's or ESX's