Patching Offline ESX servers with Vmware Update Manager

Patching Offline ESX servers with Vmware Update Manager

Patching Offline ESX servers with Vmware Update Manager

This is my brief guide to what I did to setup patching for isolated networks, like those in intellegence communities, etc. This is meant to help fill in some of the gaps that the documentation left in the process.

Install Update Manager Download Service

Setup a machine to be your Update Manager Download system:

  • This machine must have Internet access.

  • This system will require another database beyond what the Update Manager in Virtual Center uses, so you may not want to install it there.

  • Also, you will need to burn CDs/DVDs or transfer files to a device

  • This all being said, a workstation is a good candidate system

Install the Update Manager Download Service on the above machine

  • Files are located in "umds" folder of the Virtual Center installation CD image

  • Open the VMware-UMDS.exe file to install

  • Select to use the local SQL 2005 Express database server

Download Current Updates

The best thing to do is setup a Windows Scheduled Task that downloads the updates automatically. The first step is to create a script to accomplish this manually then you can make it a scheduled task.

To get current downloads:

  • Change to the "C:\Program Files\VMware\Infrastructure\Update Manager" directory

  • Run the program: vmware-udms --download

  • Get coffee! Really, the first run takes a loonngg time.

Once downloads are done you need to export to a local file repository:

  • Change to the "C:\Program Files\VMware\Infrastructure\Update Manager" directory

  • Run the program: vmware-umds -E --dest <FULL PATH TO YOUR REPOSITORY> -s 2007-01-01T00:00:00 -t 2007-12-31T23:59:59

  • This downloads all the patches for 2007, specify different time ranges as required.

Once exported you need to export your repository to some sort of portable media, say a DVD (most likely a DL from what I have already seen!!!)

Import Updates to Virtual Center on Isolated Network

Now that your Internet connect machine has done all the dirty work, you need to get the updates into Virtual Center's Update Database:

  • Get you update media connected to Virtual Center so it can access the files

  • Change to the "C:\Program Files\VMware\Infrastructure\Update Manager" directory on Virtual Center

  • Run the program: vmware-updateDownloadCli.exe --update-path <YOUR DRIVE LETTER HERE> --config-import windows esx --vc-user <YOUR VC USER>

This is a very brief explanation of what to do. See these fine documents below for more stuff:

VMWare Update Manager

0 Kudos
Comments
uushaggy
‎01-15-2008 03:56 PM
‎01-15-2008 03:56 PM

This is a basic framework that I am planning to grow as I work through it.

dmach
‎07-15-2009 08:34 PM
‎07-15-2009 08:34 PM

This process looks good, however I have two vCenter servers with Update Manager installed on them and they both have access to the internet. The question I have, can the patches be exported from one of the two servers and then imported to the vCenter server without internet access?

Thanks,

Dan

hollandwl
‎10-09-2009 03:26 AM
‎10-09-2009 03:26 AM

UMDS needs a major overhaul to:

1. Let the customer choose which versions to download patches for. I don't have, never have had, and never will have ESX 3.0, so why should I download those patches? There should be a config file setting to set the versions you want something akin to: Vesions=35,40

2. Rather than downloading everything or specifying a date range to re-download:

Download a listing of available patches for the versions I have specified

Compare that listing to what is in my local repository

Download only the differences

3. Provide a way to cleanup a repository to remove patches that are no longer needed.

It cannot be good for VMware to have everyone repeatedly downloading multiple gigabytes of patches from them all the time.

Version history
Revision #:
1 of 1
Last update:
‎01-11-2008 07:28 AM
Updated by:
Enthusiast
 
View Article History