Categories
Tech

Manually update ESXi (SSH / console)

Steps to patch an ESXi host manually without VUM

Short version

Download patch and upload to a datastore
Put host in maintenance mode
esxcli software vib update -d /path/to/patch.zip

esxcli software vib update -d

Reboot if needed
Exit maintenance mode

Download patches

Download the latest patches from VMWare’s Product Patches page.
You may want to add “#-” in front of patches (ex: “1-VMware-ESXi-8.0a-20842819-depot.zip”) if you need to install patches in a specific order.

Enable SSH on host

Open the host’s web UI. Go to Host > Manage > Services > TSM-SSH and click Start

Upload patches to datastore

You can use SFTP or the web UI to upload patches to the datastore.

SFTP Upload

Any FTP/SCP clients that support SFTP (FileZilla, WinSCP, etc.) will work.
Connect to the server with sftp://<server IP> using root or a user with root access.

Browse to /vmfs/volumes/<datastore name>
The datastore will have a shortcut icon and will display the datastore’s UUID in the path. This is normal.
Upload the .zip to the datastore. I put these in a “patches” or “updates” directory on a local datastore.

Web UI Upload

Open the web ui and select the datastore name under Storage then click Datastore browser

Create a directory called patches (optional) then select it and click Upload to upload the .zip.

Installing the patches

SSH to the host with powershell/terminal or PuTTY.

Put the host in maintenance mode with esxcli system maintenanceMode set –enable true

esxcli system maintenanceMode set --enable true

If the command freezes check if any VMs are still running. Any VMs running on the host will need to be migrated or shut down to enter maintenance mode.
Press CTRL+C to cancel the command and cancel the task in the webui.

Power off VMs

List VMs with esxcli vm process list

esxcli vm process list

Shut down VM with esxcli vm process kill –type soft –world-id <vm_ID>

esxcli vm process kill --type soft --world-id <vm_ID>


Install the update with esxcli software vib update -d /vmfs/volumes/<datastore>/patches/<update.zip>

esxcli software vib update -d /vmfs/volumes/

You can use tab to autocomplete the path. This is case sensitive.
Double tap tab to list the directory.

This can take some time to run and you may see a wall of text when it’s done. This is normal.

Reboot if required with reboot.
It’s generally a good idea to reboot either way.

reboot

Log into the host and exit maintenance mode when it comes back up.

esxcli system maintenanceMode set --enable false

Don’t forget to delete the .zips on the datastore after installing.

Notes

Downloads

You need an account to download the patches. You do not need a paid license associated with the account. An account with a free ESXi license will have access to downloads.

ESXi Version

You can check your ESXi version in the web UI under the Configuration in the Host page

You can check your ESXi version in SSH/console with vmware -vl

vmware -vl

503 Service Unavailable

Don’t panic if you get a “503 Service Unavailable” error after rebooting. The Web UI is still starting up. Give it a few minutes.

Leave a Reply

Your email address will not be published. Required fields are marked *