Esxi 6.5 Patch

Once in Admin view, select the ESXi Images tab and click on Import ESXi Image. Doing so, loads another dialog box where you specify the ESXi image (ISO file) you want imported. How do i patch my esxi 6.5 hypervisor? I see in 'packages' category that i have updates to install, but when i push 'Install update' i have to ' Enter the URL or datastore path of the VIB below', but i haven't tis url.

In a previous post I wrote about how to easily update ESXi 6.5 using Update Manager. This time I will show another method of updating ESXi, more specific I will update ESXi 6.5 with the command line tool (esxcli). This method works either the ESXi server is standalone or added to a vCenter Server (I will use no component of vCenter Server).

When is this method better than using the Update Manager? The simplest use case is when you have no vCenter Server (because Update Manager is a component of vCenter Server). In other cases, you may be more familiar running scripts than clicking into a user interface 🙂

As a prerequisite, I placed the ESXi server in maintenance mode. Let’s start!

Check ESXi Version

To find the current version of ESXi, after I connected with PuTTY to the server, I ran this command:

During the time of writing the latest update was update-from-esxi5.5-5.5update.zip. Before starting you might want to backup your configuration (in case something goes wrong) – Backup and Restore ESXi Configuration with PowerCLI. Choose the ESXi embedded and installable, and the version you want to patch (5.0, 5.1 or 5.5). VMware vSphere 6.5 Release Notes. VMware Host Client Release Notes.

esxcli system version get

This shows me the current version, which in my case is ESXi 6.5.0 build 5310538. My target is to update this ESXi server to latest release which currently is ESXi 6.5.0 build 6765664, released on 4th October 2017.

By default, ESXi firewall blocks httpClient. I check if this is the case with this command:

Esxi 6.5 patch download

esxcli network firewall ruleset list | grep httpClient

If it returns “true”, then the firewall is open, else we need to open it with the next command.

To allow httpClient traffic to pass through the firewall, I ran:

esxcli network firewall ruleset set -e true -r httpClient

To get a list of available versions from VMware site, I used this command to filter for ESXi 6.5.0:

esxcli software sources profile list -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml | grep ESXi-6.5.0

My target release is listed as available under the name “ESXi-6.5.0-20171004001-standard”. This name is important, as I will need it later for the update command.

Update ESXi version

It’s now time to run the update command:

esxcli software profile update -p ESXi-6.5.0-20171004001-standard -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml

Please note I used in the command the ESXi version previously copied (ESXi-6.5.0-20171004001-standard).

The update will take few minutes to download and install the required packages. There is no update progress on the screen, in the end you will see a long list of updated vibs.

As best practice, we need to disable the firewall rule we previously enabled:

esxcli network firewall ruleset set -e false -r httpClient

A reboot is required. Reboot the ESXi server and wait for it to be back available.

Verify ESXi Version

Now that the ESXi server is powered on, I connected back to SSH and re-ran the version command:

esxcli system version get

EsxiEsxi 6.5 patch release

Esxi 6.5 Patching Best Practices

Esxi 6.5 patching best practices

As expected, I see the my target version ESXi 6.5.0 build 6765664.

Enjoy! Happy VM managing 🙂

There a several ways to patch a VMware ESXi server. vSphere Update Manager (VUM) can update for example a complete ESXi host cluster fully automatic. vSphere Update Manager requires a vCenter Server. When you don’t have a vCenter Server patching can be done from the command line.

Here is a quick overview of how to patch an ESXi 6.x or 7.x host to the latest patch or version (from ESXi 6 to 7 for example).

Step 1. Download the latest patch bundle from the VMware Web site, link. VMware ESXi patches are cumulative! Each patch bundle (.zip archive) includes all the updates from prior patches.

Step 2. Upload the patch bundle (zip) to a (central) datastore with the vSphere Client (prior vSphere 6.5), vSphere Web Client, ESXi host client.

Step 3. Enable SSH

Esxi 6.5 Patch List

In the vSphere Web client start the SSH service and make a SSH session to the ESXi host

Step 4. Put the host in maintenance mode

Step 5. Install the patch bundle

Esxi 6.5 Patches

Using esxcli with the install method has the possibility of overwriting existing drivers. If you are using third-party ESXi images, VMware recommends using the update method to prevent an unbootable state. The following command will install the patch bunde:

For example install HPE ESXi 6 Update 3:

After the patch bundle is installed check the message. It must say “The update completed successfully, but the system needs to be rebooted for changes to be effective.”

Step 6. Reboot the host by entering the following command:

Step 7. Make a SSH session to the ESXi host and exit maintenance mode

Esxi 6.5 Patch History

Related posts: