ESX Baseline Jun 08
Jump to navigation
Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Summary of updates
All outstanding major DELL firmware and ESX patches as of June 2008...
- DELL Firmware Updates
- PERC v5.2.1-0067
- SAS v1.06
- BMC v2.05
- BIOS v2.2.6
- DELL Open Manage upgrade v5.4
- ESX software v3.5 update 1
- ESX software patches included in "RTS ESX baseline (9 Jun 08)"
- ESX350-Update01 ESX Server 3.5.0 Update 1
- ESX350-200802303-SG util-linux security update
- ESX350-200802304-SG perl security update
- ESX350-200802305-SG openssl security update
- ESX350-200802306-BG tzdata update
- ESX350-200802408-SG Security Updates to the Python Package.
- ESX350-200802415-SG Security Update to Samba Packages.
- ESX350-200803201-UG Upgrade the Openwsman Protocol Adapter
- ESX350-200803202-UG Update to VMware-esx-tools, others
- ESX350-200803203-UG Update to VMware-cim-esx
- ESX350-200803204-UG Update the VMware mptscsi_2xx driver
- ESX350-200803205-UG Update to VMware-esx-drivers-net-ixgbe
- ESX350-200803206-UG Update the VMware lpfc_elx_v740 driver
- ESX350-200803207-UG Update the VMware qla2300-v707 driver
- ESX350-200803208-UG Update to the esxupdate utility
- ESX350-200803209-UG Update to the ESX Server Service Console
- ESX350-200803210-UG Update to VMware-esx-drivers-net-bnx2
- ESX350-200803211-UG Update to vmkernel and vmnix
- ESX350-200803212-UG Update VMware qla4010/qla4022 drivers
- ESX350-200803213-UG Driver Versioning Method Changes
- ESX350-200803214-UG Update to Third Party Code Libraries
- ESX350-200803215-UG Update to Virtual Infrastructure Client
- ESX350-200803216-UG Update to VMware-esx-drivers-net-tg3
- ESX350-200803217-UG Update to the mgmt-vmware Service
- ESX350-200804404-BG Update to VMware-esx-drivers-scsi-vmkisc
- ESX350-200804405-BG Update to VMware-esx-drivers-scsi-megara
- ESX350-200805501-BG Updates to the VMkernel and other RPMs.
- ESX350-200805502-BG Update to VMware ESX Scripts.
- ESX350-200805503-BG Update to VMnix
- ESX350-200805504-SG Security Update to Cyrus SASL
- ESX350-200805505-SG Security Update to unzip
- ESX350-200805506-SG Security Update to Tcl/Tk
- ESX350-200805507-SG Security Update to krb5
- ESX350-200805508-SG Security Update to cim-smwg
- ESX350-200805513-BG Update to VMware-esx-iscsi
- ESX350-200805514-BG Update to VMware-esx-drivers-net-e1000
- ESX350-200805515-SG Update to VMware-esx-srvrmgmt.
Full upgrade procedure
Useful Unix commands, not specifically required, but may be of use - General Unix
Prep for updates
- Copy required install files to ESX's...
- Most easily achieved by script on ESX On UKLONVCP1, EG to copy required updates to UKLONESXT1 (note that DELL patches will vary depending on whether a 1950 or 2950, see below)
pscp "c:\Program Files\Dell\SysMgt\ITAssistant\repository\ITA\FRMW_LX_R169302.BIN" "c:\Program Files\Dell\SysMgt\ITAssistant\repository\ITA\ESM_FRMW_LX_R172182.BIN" "c:\Program Files\Dell\SysMgt\ITAssistant\repository\ITA\ESM_FRMW_LX_R182898.BIN" "c:\Program Files\Dell\SysMgt\ITAssistant\repository\ITA\PE2950_BIOS_LX_2.2.6.BIN" user@esx:/home/user/
pscp -r C:\Software_Repository\ESX\VMware-esx-upgrade-from-esx3-3.5.0-64607a\ user@esx:/home/user/
- Most easily achieved by script on ESX On UKLONVCP1, EG to copy required updates to UKLONESXT1 (note that DELL patches will vary depending on whether a 1950 or 2950, see below)
- Put ESX into Maintenance Mode
- If a stand-alone ESX, all VM's will need to be shutdown
- If a cluster ESX, all VM's should be VMotion'ed to alternative ESX's
Apply DELL firmware updates
- Putty onto ESX, login as simons
- Sudo as root
su -
- Move into home directory
cd /home/user
- Make updates executable
chmod +x *.BIN
- Apply updates using following commands in order indicated. Do not boot until completion of last update.
- 1950 Only
./FRMW_LX_R169302.BIN
./ESM_FRMW_LX_R171043.BIN
./ESM_FRMW_LX_R182899.BIN
./PE1950_BIOS_LX_2.2.6.BIN
- 2950 Only
./FRMW_LX_R169302.BIN
./ESM_FRMW_LX_R172182.BIN
./ESM_FRMW_LX_R182898.BIN
./PE2950_BIOS_LX_2.2.6.BIN
- 1950 Only
Update DELL OpenManage
- Putty onto ESX, login as simons
- Sudo as root
su -
- Move into home directory
cd /home/user
- Uncompress install
tar -zxvf OM_5.4.0_ManNode_A01.tar.gz
- Move into install directory
cd linux/supportscripts
- Install Openmanage upgrade
./srvadmin-install.sh -b -w -r -s
- Start OpenManage
./srvadmin-services.sh start
Confirm CPU Virtualisation is Enabled
- Browse to server's IT Assistant
- Navigate to System\Main System Chassis\BIOS page, and go to the Setup tab
- Ensure "CPU Virtualization Technology" is enabled
- Enable if not, go into option and select "Enabled"
- Hit "Apply Changes", then "Reboot System" to apply
Upgrade ESX software
- Move into install
cd /home/user/VMware-esx-upgrade-from-esx3-3.5.0-64607a\3.5.0-64607
- Run update install
esxupdate -n update
- On completion reboot ESX
- Confirm reboot complete (takes a few mins) and Virtual Centre reconnects sucessfully
Apply ESX patches
This section of procedure is depreciated due to a fault with Update Manager - do not use it
- Run up Virtual Infrastructure client and ensure you've the right version installed...
- Help | About... Client should be v2.5.0 build 84767
- If not, browse to vcentre and install new version
- Help | About... Client should be v2.5.0 build 84767
- Ensure you've got the Update Manager plug-in installed and enabled
- Plugins | Manage Plugins.., Available tab: Update Manager should be installed
- Installed tab, Update Manager should be enabled
- Highlight the ESX, righ-click and select Scan for updates
- Once the scan has completed go to the Update Manager tab
- Right-click over the "ESX baseline (9 Jun 08)" baseline and select Remediate
- VC will scan the ESX's, then push out all applicable update, then reboot the ESX
This is the procedure to use...
- Ensure ESX is in Maintenance Mode
- Enable FTP client access to outside world
esxcfg-firewall -e ftpClient
- Use esxupdate to apply all patches from the patch depot on uklonvcp1
- For example
esxupdate -d ftp://vcentre/esx350-Jun08 update
- For example
- ESX will reboot once all patches installed
Tidy Up
- Show disk usage (note for later comparison)
df -h
- Delete files...
rm -f -d -r docs/
rm -f -d -r linux/
rm -f -d -r 3.5.0-64607/
rm -f *.BIN
rm -f OM_5.4.0_ManNode_A01.tar.gz
- Flush the local ESX FTP cache
esxupdate -d ftp://vcentre/esx350-Jun08 --flushcache scan
- Show disk usage (should have reduced from earlier check)
df -h
- Disable FTP client access
esxcfg-firewall -d ftpClient
Apply VM Tools upgrade
- Take ESX out of maintenance mode
- Start up the Virtual Machines
- Ensure no software is started
- Select them all in Virtual Centre (highlight the ESX in left window, then go to the Virtual Machines tab)
- Right click, and select Install/Upgrade Tools, and select Automatic upgrade
- VC will upgrade VM Tools on the VM's then reboot them
- Go to the Resource Allocation tab for the cluster
- In the CPU view check that all Limit's are set to Unlimited and Shares are set to Normal
- In the Memory view check that all Shares are set to Normal
Enable Cisco Discovery Protocol
- Log into the ESX via the command shell
- Display all vSwitches
esxcfg-vswitch -l
- For each vSwitch...
- Confirm CDP is set to listen
esxcfg-vswitch -b vSwitch0
- If down, enable it...
esxcfg-vswitch -B listen vSwitch0
- Confirm CDP is set to listen
Final checks
- Ensure all applicable software is started on VM's
- Ensure no alarms on Netcool for affected VM's or ESX's