VMware Cloud Community
Solidbrass
Enthusiast
Enthusiast
‎11-16-2016 03:18 PM

How to automate vSphere 6.5 patching with non-internet connected vCenter Server Appliance?

I cannot be the only person who does not want vCenter or ESXi hosts to have paths to the internet so I am befuddled that this was not anticipated and documented well for vSphere 6.5. I'm interested in suggestions for making this work elegantly and reliably. I had this working as follows in vSphere 6.0:

vCenter Server Appliance lives on private network 1 along with hosts.  This network has no direct routes to the internet.

vCenter Update Server running on Windows Server 2012 R2 lives on private network 1 and is also connected to a private network 2.  Private network 2 is shared only by the two Windows VM's.

vCenter Download server running on Windows Server 2012 R2 is connected to the internet and to private network 2.

The vCenter Download server would download patches via its internet connection and then export downloaded patches to an SMB share hosted on vCenter Update Server via private network 2.

This fairly straightforward and reliable architecture seems to have been annihilated as an option with vSphere 6.5.  Since Windows can no longer host updates for the vCenter appliance, there are seemingly two options.  The first is to download all the patches and import them manually from the vCenter appliance interface, which is a painfully ugly (moving endless zip files around?) and unautomatable approach. The other option presumably is to deploy the linux download service and export to a location where vCenter Server can access it via HTTPS.  The documentation for this is... not written by a native english speaker and provides exactly zero details on how the http server should be configured for vCenter to be happy with it.

Has anyone made this work yet?

0 Kudos
3 Replies
rcporto
Leadership
Leadership
‎11-16-2016 03:58 PM

Did you checked the following on the official documentation: Installing UMDS on Linux-based Operating System

---

Richardson Porto
Senior Infrastructure Specialist
LinkedIn: http://linkedin.com/in/richardsonporto
0 Kudos
rcporto
Leadership
Leadership
‎12-02-2016 09:51 AM

Hi Solidbrass

Did you have a chance to read the link from official documentation that I referenced in my previous post? Do you have any additional doubt? If not, remember to mark answers as helpful or correct.

---

Richardson Porto
Senior Infrastructure Specialist
LinkedIn: http://linkedin.com/in/richardsonporto
0 Kudos
Solidbrass
Enthusiast
Enthusiast
‎12-02-2016 11:45 AM

I have, and my irritation is with instructions such as this: "Install and configure a PostgreSQL database on the Linux machine."  Perhaps some detail of what is meant by "configure" is in order.  No details are provided here on what linux religion UMDS was developed and tested on, there are no disk or memory requirements or suggestions, etc.

As an aside, I also find it kind of incomprehensible that during the migration process, vCenter 6.5 has no problem talking to a windows based update server from 6.0, but then somehow no longer is able to after the migration process.  Why does this compatibility magically break? Why did VMware develop vCenter 6.5 so that the Windows vCenter and linux vCenter appliances use different API calls to talk to operating system specific update servers?

0 Kudos