VMware Cloud Community
derekb13
Contributor
Contributor
‎05-20-2009 07:32 PM
Jump to solution

Patch metadata missing

So I've got a bevy of ESXi Embedded systems connected to my VirtualCenter server, and I want to use Update Manager to patch them up to current. I've got them attached to the "critical" and "non-critical" baselines. When I try to scan them, the scan fails with:

Failed to scan HOSTNAME for updates.

Patch metadata for HOSTNAME missing. Please download updates metadata first.

Now, I'm no dummy. I've read the forums, I've seen the thread and KB article about multiple NICs in my VirtualCenter server, and I edited that vci-integrity.xml file, or whatever it was, to have the URL of the Virtual Center server. And I confirmed that the ESXi host in question could both ping and resolve the virtualcenter server. The VirtualCenter server has unfettered access to the outside, and so has no problem talking to vmware.com or whatever that other site was that was listed in the KB articles. There's another KB article that mentions opening up firewall ports on the "ESX host", but that doesn't seem to be an option with the ESXi host, at least not anywhere that I've seen.

Support tells me that there's only two ways to manage the updates on ESXi embedded systems, using the "VMware Infrastructure Update" application (which requires manually logging into each and every ESXi host), or using some command-line tool. This, frankly, seems insane to me considering the Update Manager seems to be orders of magnitude more powerful in terms of what it can do, and I can't picture ESXi users being forced to do things "the very hard way" like that.

Does anyone have experience with this they'd like to share? I'm beginning to get very frustrated....

Cheers,

Derek

0 Kudos
1 Solution

Accepted Solutions
AndreTheGiant
Immortal
Immortal
‎05-23-2009 10:40 PM
Jump to solution

Be sure that DNS resolution is working for VC and ESX name.

Be also sure that you can reach Internet from VC and ESX.

Andre

**if you found this or any other answer useful please consider allocating points for helpful or correct answers

Andrew | http://about.me/amauro | http://vinfrastructure.it/ | @Andrea_Mauro

View solution in original post

0 Kudos
8 Replies
AndreTheGiant
Immortal
Immortal
‎05-20-2009 08:38 PM
Jump to solution

Sure that metadata has been downloaded?

Go in VC, task, a try do to do a manual download.

Be also sure that outgoing port 80 is opened both for VC than ESXs.

Andre

**if you found this or any other answer useful please consider allocating points for helpful or correct answers

Andrew | http://about.me/amauro | http://vinfrastructure.it/ | @Andrea_Mauro
0 Kudos
derekb13
Contributor
Contributor
‎05-21-2009 02:53 AM
Jump to solution

<span class="jive-thread-reply-body-container">Sure that metadata has been downloaded?<span class="jive-thread-reply-body-container">Go in VC, task, a try do to do a manual download.

Seems to be. There's a bunch of data in the "Update Repository", and the event ran on the overnight with no alarms going off.

<span class="jive-thread-reply-body-container">Be also sure that outgoing port 80 is opened both for VC than ESXs.

Not sure what you mean by this. The ESX boxes shouldn't need to talk to the outside world for this (they should be talking to the VC/VUM server). If I'm supposed to somehow allow them to open up outbound connections on port 80 to the VC/VUM server, .... how is this done? It doesn't appear to be possible to set any of those settings in the Security Profile section of an ESXi server....

0 Kudos
petkom
Community Manager
Community Manager
‎05-21-2009 05:39 AM
Jump to solution

Connect your ESXi servers to VC inventory(if these aren't) and run download patches task manually. Then scan again.

0 Kudos
derekb13
Contributor
Contributor
‎05-21-2009 06:43 AM
Jump to solution

<span class="jive-thread-reply-body-container">Connect your ESXi servers to VC inventory(if these aren't)

Already done.

<span class="jive-thread-reply-body-container">and run download patches task manually.

If by this you mean the task "VMware Update Manager Update Download", then "done". I see an event in the log, for "Update Signature", completed successfully. If that's not what you mean, where do I find that task? It doesn't appear to be something I can find in poking around.

<span class="jive-thread-reply-body-container">Then scan again.

Same error.

0 Kudos
petkom
Community Manager
Community Manager
‎05-21-2009 07:43 AM
Jump to solution

yeb, that's the task

another option that you can try is to use UMDS - Update Manager Download Service

with this utility you can download the patches, export it and then to import them to VUM.

hph

0 Kudos
AndreTheGiant
Immortal
Immortal
‎05-23-2009 10:40 PM
Jump to solution

Be sure that DNS resolution is working for VC and ESX name.

Be also sure that you can reach Internet from VC and ESX.

Andre

**if you found this or any other answer useful please consider allocating points for helpful or correct answers

Andrew | http://about.me/amauro | http://vinfrastructure.it/ | @Andrea_Mauro
0 Kudos
derekb13
Contributor
Contributor
‎06-04-2009 12:12 PM
Jump to solution

In the end, we have something like this in our data-center:

HOSTNAME.ESX.CITY.MYDOMAIN.COM

where "HOSTNAME" is one of "VMC" (VMware Cluster) or "VML" (VMware Lite - ESXi hosts that are NOT managed by virtual center, have no vmotion, etc.)

What was happening was that because our VirtualCenter server was just in "VC.CITY.MYDOMAIN.COM" (not in the ESX subdomain), the ESX server was having trouble finding the VC server, because it was assuming VC.ESX.CITY.MYDOMAIN.COM. Changing the DNS search path on all the ESXi servers solved the problem.

0 Kudos
boneman
Contributor
Contributor
‎07-28-2009 01:14 PM
Jump to solution

Same issue here. Updated my DNS and ESXi was happy again. No more metadata error.

0 Kudos