- VMware Technology Network
- :
- Cloud & SDDC
- :
- VI 3.X
- :
- VI: VMware ESX™ 3.5 Discussions
- :
- Update Manager Issues with ESX3.5/VC2.5 update2
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Update Manager Issues with ESX3.5/VC2.5 update2
Hi All,
Have installed the latest VC and am now trying to get VUM set up. It has automatically downloaded the linux guest patches but it cannot download the ESX host or MS guest patches and comes back with the following error:
"website hosting the update signatures and update packages cannot be reached"
The Server does use a proxy server, and these settings were picked up automatically on the install, even though it went out fine to get the linux patches, i thought i use the vum-proxyAuthCfg.exe to configure the a domain account that has access to go throught the proxy. I've also set the VUM service to log on with this domain account as per 0 20512996
I've added and to trusted sites in IE as per 0 20512996
"Internet Explorer Enhanced Security Configuration" is not installed.
When i look in vci-integrity.xml there is no mention of the following:
<proxyServer>yournewproxy.companydomain.com</proxyServer>
<proxyPort>3128</proxyPort>
however if i look through the plugin i can see that the proxy server is defined in the VUM config settings, also i can test the account used for the proxy here and it is fine.
Anybody got any ideas??? really dont understand how i can get the linux guest updates fine but nothing else!!
Cheers All
Emma
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have just uninstalled and reinstalled totally and now cannot get the Linux updates!
here is a copy of my vci-integrity.xml
<?xml version="1.0" encoding="UTF-8"?>
<!-- Sample configuration file for running UFA stack for Update Manager service -->
<Config>
<vmacore>
<threadPool>
<TaskMax>155</TaskMax>
<!-- Maximum number of worker threads -->
<initializeCOM>mta</initializeCOM>
</threadPool>
</vmacore>
<plugins>
<ufa_agent>
<path>ufa-agent.dll</path>
<enableRemoteAccess>false</enableRemoteAccess>
<!-- Soap related configuration -->
<enableSoapAdapter>true</enableSoapAdapter>
<soapNamespace>integrity</soapNamespace>
<!-- Web server related configuration -->
<enableWebServer>false</enableWebServer>
<mimeMap>
<!-- Mime type for exe is standard. The following is just an example. -->
<!-- <mime id="1">exe=application/octet-stream</mime> -->
<mime id="1">info=application/octet-stream</mime>
<mime id="2">hdr=application/octet-stream</mime>
<mime id="3">rpm=application/octet-stream</mime>
<mime id="4">sig=application/octet-stream</mime>
<mime id="5">gz=application/octet-stream</mime>
<mime id="6">tar=application/octet-stream</mime>
<mime id="7">cfg=application/octet-stream</mime>
<mime id="8">sh=application/octet-stream</mime>
<mime id="9">dll=application/octet-stream</mime>
</mimeMap>
<!-- Reverse proxy service for Alpine. -->
<enableReverseProxy>false</enableReverseProxy>
</ufa_agent>
<ufa_slave>
<path>ufa-slave.dll</path>
<!-- Registered vstor2 driver name -->
<vstor2Instance>vstor2-vci10</vstor2Instance>
<copyHiveLocally>true</copyHiveLocally>
</ufa_slave>
<ufa_client>
<path>ufa-client.dll</path>
</ufa_client>
<vci_vcIntegrity>
<vpxdLocation>https://172.26.1.226:443/</vpxdLocation>
<!-- localhost:443 -->
<vimNameSpace>internalvim25</vimNameSpace>
<path>vci-vcIntegrity.dll</path>
<encryptGuestInfo>true</encryptGuestInfo>
<!-- Default wait time in seconds before rebooting the guest -->
<guestRebootTimeout>900</guestRebootTimeout>
<!-- $DOWNLOAD_AFTER_INSTALL -->
<downloadAfterInstallation>true</downloadAfterInstallation>
<!-- Maximum number of concurrent offline scan -->
<LocalTaskMax>10</LocalTaskMax>
<!-- Maximum number of concurrent task on a ESX server -->
<EsxTaskMax>10</EsxTaskMax>
<!--
To add a list of supported GuestOSes edit the following
The values comes from Vim::Vm::GuestOsDescriptor.h
<supportedWindowsGuestIds>
<winVista64Guest/>
</supportedWindowsGuestIds>
<supportedLinuxGuestIds>
<rhel5_64Guest/>
</supportedLinuxGuestIds>
-->
</vci_vcIntegrity>
</plugins>
<!-- location of server data -->
<patchStore>C:\Documents and Settings\All Users\Application Data\VMware\VMware Update Manager\Data\</patchStore>
<!-- . -->
<!-- download manager configurations -->
<downloadMgr>
<maxDownload>4</maxDownload>
<downloadRetries>3</downloadRetries>
<retryDelaySeconds>16</retryDelaySeconds>
<recvTimeout>60000</recvTimeout>
</downloadMgr>
<!-- Alpine requires SSL or it will not start. -->
<ssl>
<!-- Private key file -->
<privateKey>ssl/rui.key</privateKey>
<!-- Certificate file -->
<certificate>ssl/rui.crt</certificate>
</ssl>
<!-- VALM configuration -->
<valm>
<!-- VALM needs its own key to encrypt VA certificates in the DB. -->
<!-- Note: if this key is lost, all VAs will have to be re-discovered -->
<encryptionKey>ssl/valm.key</encryptionKey>
<disableValm>false</disableValm>
<pollInterval>5</pollInterval>
<getUpdateTimeout>300</getUpdateTimeout>
<remediateTimeout>1200</remediateTimeout>
</valm>
<!-- Processes managed by watchdog -->
<managedProcess>
<rdevServer>
<path>rdevServer.exe</path>
</rdevServer>
<webServer>
<path>vum-webServer.exe</path>
<!-- Change arg to reverseproxy if you want to just start the reverse proxy -->
<cmdLine>vci-integrity.xml reverseproxy</cmdLine>
</webServer>
<jetty>
<path>jre-1.5.0-12\bin\java.exe</path>
<cmdLine>
-jar jetty-6.1.6/start.jar jetty-6.1.6/etc/jetty.xml jetty-6.1.6/etc/jetty-logging.xml jetty-vum.xml
</cmdLine>
</jetty>
</managedProcess>
<log>
<name>vmware-vci</name>
<level>info</level>
<sizeInMB>200</sizeInMB>
<components>
<VcIntegrity>
<level>verbose</level>
</VcIntegrity>
<BaselineMgr>
<level>verbose</level>
</BaselineMgr>
<InventoryMonitor>
<level>info</level>
</InventoryMonitor>
<InventoryTree>
<level>verbose</level>
</InventoryTree>
<InternalScheduledTasksMgr>
<level>info</level>
</InternalScheduledTasksMgr>
<Database>
<level>verbose</level>
</Database>
<JobDispatcher>
<level>verbose</level>
</JobDispatcher>
<ComplianceStatusMgr>
<level>verbose</level>
</ComplianceStatusMgr>
<SessionMgr>
<level>verbose</level>
</SessionMgr>
<Activation>
<level>info</level>
</Activation>
<Activation.trace>
<level>verbose</level>
<trace>true</trace>
<traceObject id="all">false</traceObject>
<traceObject id="integrity.VcIntegrity.scan">true</traceObject>
<traceObject id="integrity.VcIntegrity.remediate">true</traceObject>
<traceObject id="integrity.VcIntegrity.setConfig">true</traceObject>
<traceObject id="integrity.VcIntegrity.setNewUpdateConfig">true</traceObject>
<traceObject id="integrity.ComplianceStatusManager">true</traceObject>
<traceObject id="integrity.ScheduledTaskManager">true</traceObject>
<traceObject id="integrity.SessionManager">true</traceObject>
<traceObject id="integrity.BaselineComplianceStatusCollector">true</traceObject>
<traceObject id="integrity.ComplianceStatusCollector">true</traceObject>
<traceObject id="integrity.ContainerComplianceStatusCollector">true</traceObject>
<traceObject id="integrity.UpdateComplianceStatusCollector">true</traceObject>
</Activation.trace>
<ResponseFilter>
<level>info</level>
</ResponseFilter>
<lib.vdb.vdbStatement>
<level>info</level>
</lib.vdb.vdbStatement>
<lib.vdb.vdb>
<level>info</level>
</lib.vdb.vdb>
<ShavlikUnixMetadataMgr>
<level>verbose</level>
</ShavlikUnixMetadataMgr>
<ScheduledTaskMgr>
<level>info</level>
</ScheduledTaskMgr>
<EmailAlertMgr>
<level>info</level>
</EmailAlertMgr>
<ConfigurationMgr>
<level>info</level>
</ConfigurationMgr>
<GAUpgrader>
<level>verbose</level>
</GAUpgrader>
<OfflineRemediateTask>
<level>verbose</level>
</OfflineRemediateTask>
<SingleHostRemediateTask>
<level>verbose</level>
</SingleHostRemediateTask>
<SingleHostScanTask>
<level>verbose</level>
</SingleHostScanTask>
<SingleLinuxScanTask>
<level>verbose</level>
</SingleLinuxScanTask>
<SingleOnlineScanTask>
<level>verbose</level>
</SingleOnlineScanTask>
<SingleRemediateTask>
<level>verbose</level>
</SingleRemediateTask>
<VciOfflineScanTask>
<level>verbose</level>
</VciOfflineScanTask>
<VciRemediateTask>
<level>verbose</level>
</VciRemediateTask>
<VciScanTask>
<level>verbose</level>
</VciScanTask>
<VciSigUpdateTask>
<level>verbose</level>
</VciSigUpdateTask>
<VciCleanupTask>
<level>verbose</level>
</VciCleanupTask>
<DownloadMgr>
<level>verbose</level>
</DownloadMgr>
<VcTaskMonitor>
<level>verbose</level>
</VcTaskMonitor>
<VaCimClientXML>
<level>verbose</level>
</VaCimClientXML>
<VADiscovery>
<level>verbose</level>
</VADiscovery>
<VirtApplianceManager>
<level>verbose</level>
</VirtApplianceManager>
<!-- End of tasks -->
</components>
</log>
<database>
<initialConnections>20</initialConnections>
<maxConnections>40</maxConnections>
</database>
<!-- HostUpdate Management Configuration -->
<HostConfig>
<PatchDepotUrl>
</PatchDepotUrl>
<PatchDepotProxyUrl>
</PatchDepotProxyUrl>
<SSLCertLocation>RootCert.pem</SSLCertLocation>
<CodeSigningVerificationPublicKey>
</CodeSigningVerificationPublicKey>
<PatchMetadataDownloadUrl>https://www.vmware.com/PatchManagementSystem/patchmanagement</PatchMetadataDownloadUrl>
<EnableDownloadAllUpdate>false</EnableDownloadAllUpdate>
<EnableForceUpdate>false</EnableForceUpdate>
<VMEvacuationTimeout>300</VMEvacuationTimeout>
<SupportedBaseHostVersion>3.1.0</SupportedBaseHostVersion>
<AutoInstallPreRequisite>true</AutoInstallPreRequisite>
<HostRebootWaitMaxSeconds>1800</HostRebootWaitMaxSeconds>
<AutoInstallRevokeKey>true</AutoInstallRevokeKey>
<HostRebootWaitMinSeconds>600</HostRebootWaitMinSeconds>
<UpdateDownloadRetries>3</UpdateDownloadRetries>
<UpdateDownloadRetryDelaySeconds>16</UpdateDownloadRetryDelaySeconds>
<AdjustAppForEEsx>true</AdjustAppForEEsx>
</HostConfig>
<RdevServer>
<host>localhost</host>
<listenPort>735</listenPort>
<!-- Whether to accept connection only from localhost -->
<acceptLocalhostOnly>true</acceptLocalhostOnly>
<numPollThreads>8</numPollThreads>
<!-- Time in msec to wait for poll threads to terminate -->
<pollTerminateWaitTime>5000</pollTerminateWaitTime>
<!-- logfile and log levels for RdevServer components -->
<log>
<name>vmware-rdevServer</name>
<level>info</level>
<components>
<rdevServer>
<level>info</level>
</rdevServer>
<RdevCtx>
<level>info</level>
</RdevCtx>
<PollInfo>
<level>verbose</level>
</PollInfo>
</components>
</log>
</RdevServer>
<webServer>
<log>
<name>vum-webServer</name>
<level>verbose</level>
</log>
</webServer>
<Sizing>
<DatabaseAging>
<KeepStaleHistoryMaxDays>5</KeepStaleHistoryMaxDays>
</DatabaseAging>
<diskSpaceWarnLevel>5000000000</diskSpaceWarnLevel>
<!-- 2 GB -->
<diskSpaceCriticalLevel>500000000</diskSpaceCriticalLevel>
<!-- 500 MB -->
</Sizing>
<!--NewUpdateDownload>
<UseSmartDownload>false</UseSmartDownload>
</NewUpdateDownload>-->
<!--<locale>
<DefaultLocale>ja</DefaultLocale>
</locale>-->
</Config>
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
After you updated the proxy config in update manager, did you apply? Right before the ssl settings, and after the vci-integrity settings is the proxy information. Mine is below.
<proxySettings>
<proxyPort>80</proxyPort>
<proxyServer>10.x.x.x</proxyServer>
<useProxyServer>true</useProxyServer>
</proxySettings>
-KjB
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Bizarrely i've seen this kind of issue at two places now and in both cases when looking in th xml file i cannot find the following fields:
<proxySettings>
<proxyPort>80</proxyPort>
<proxyServer>10.x.x.x</proxyServer>
<useProxyServer>true</useProxyServer>
</proxySettings>
One place we sorted it by avoiding the proxy server and going directly out , the second place it was an issue on their web filtering SW which they resolved.. the bizarre thing was that as part of the install the proxy server was defined and this could be seen in the VI Client but the entries above were still not in the XML file....
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Same problem - another customer!!
When i look in the Program Files\VMware\Infrastructure\Update Manager\vci-integrity.xml the following fields do not appear:
<proxySettings>
<useProxyServer>true</useProxyServer> <!-- true -->
<proxyServer>proxy.domain.com</proxyServer> <!-- proxy.vmware.com -->
<proxyPort>8080</proxyPort> <!-- 3128 -->
</proxySettings>
Are people manually adding these?? Or are they being populated by your install automatically?? What area are these fields appearing in the xml file?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
forgot to say this is Update Manager 1.0.3