ESX Patch Management

One of the common questions I get here at VMware from customers calling in to tech support revolves around ESX Patch Management.

• What patch do I need?
• Do I need to apply patches in order?
• Do I want all the patches?
• How do I manage this?

Here’s what I generally recommend-

You don’t need to apply ALL the patches. Just the security and “critical” patches and any others that apply specifically to your environment.

Patches can be applied selectively and in random order, with the caveat mentioned in KB 10230. If you come across ‘failed to install, and use –f to proceed’, do not to use ‘-f’, instead, use the ‘-x’ option to exclude packages that are down-reved.

There is a 3rd party tool I came across yesterday if you’re looking for a nicer way to manage your patching process. Massimiliano Daneri, famous on the virtualization scene for its free high-availability script, VMBK, working with VMware ESX Server, has a new tool: VMTS Patch Manager.

VMTS Patch Manager addresses a critical need for VMware customers, allowing automatic (or manual) patching of ESX Servers platforms. Download it here.