Upgrade to VMware vShield Endpoint1.0U3 using CLI

In recent past, one of the hosts in Data-centre PSODed with the following Stack Trace.1.jpg

<snip>

VMware ESX 4.1.0 [Releasebuild-502767 X86_64]
#PF Exception 14 in world 4217:helperNN-N IP 0xnnnnnnnnnnnn addr 0xd8
….
0xnnnnnnnnnnnn:[0xnnnnnnnnnnnn]VFileFilterReconnectWork@esx:nover+0x67
0xnnnnnnnnnnnn:[0xnnnnnnnnnnnn]WorkInvoke@vmkernel:nover+0x2b
0xnnnnnnnnnnnn:[0xnnnnnnnnnnnn]helpFunc@vmkernel:nover+0x53e
</snip>

As mentioned in the KB 2009452 its a known issue. An issue affecting ESX/ESXi 4.1 U2 hosts when vShield Endpoint 1.0 is installed. This issue is resolved in vShield Endpoint 1.0 Update 3.

Following are the steps we have followed for upgrading endpoint.

– Download tar.gz file of vShield Manager 4.1.0 Update 2 vShield Endpoint 1.0.0 Update 3 from Download Center.
– Copy to the vMA server and extract it.

tar -zxvf VMware-vShield-Manager-upgrade-bundle-4.1.0U2-576124.gz
– cd to the folder epsec
– list the contents of the folder, ls.

vfile-ob.zip vibs

1. Run vihostupdate for upgrading the driver.

sudo vihostupdate –server <host name or IP> –username <user> –password <password> –bundle vfile-ob.zip –install

OR
2. Keep vfile-ob.zip in a centralized repository (eg: http) and update using esxupdate from a ssh session to the host.

esxupdate –bundle=http://<server>/vfile-ob.zip update

3. After sucessfull installation confirm that new version of enpoint is installed.
~ # esxupdate query
——–Bulletin ID——— —–Installed—– ————–Summary—————
epsec-vfile-531366 2012-02-22T23:46:31 EPSec VSCSI filter.