Part II – Update Manager Download Service (UMDS) Installation and Configuration GuidePosted: October 23, 2011
This walkthrough is part II of a series of guides on installing and configuring VMware’s tools for updating and patching ESXi 4.1 hosts. You can find Part I here and Part III here. The Update Manager Download Service (UMDS) is used in an air-gap environment where the vCenter Update Manager server (VUM) does not have access to the Internet to download patches itself – instead it relies on UMDS to download the patches. Once patches are downloaded, they’re manually copied via removable media, usually a CD/DVD, to VUM. Once VUM has the patches, it then works through the vSphere Client and the Update Manager plug-in to update the hosts. Although VUM can download operating system patches for Windows and metadata for Linux patches, we’re not using this configuration in this guide. We’re assuming the environments are updated via WSUS or SCCM.
Although UMDS can be installed a 32-bit operating system, we’re using 64-bit Windows Server 2008.
Okay, so before you actually install UMDS, you’ll want to prepare your disks. In this walkthrough, we’re giving our VM a second virtual hard disk of 40 GB for the installation of UMDS as well as storage of patches and updates. Recall that you’ll need twice as much storage space for all your patches and updates. The original download will take up space, then the export UMDS command copies the files to another directory to be transferred to VUM. For now, ensure that the second drive is given the letter D:. This is just for standardization’s sake. Also, create two folders at the root of D: called UMDSrepo for UMDS repository and UMDSexport. These are where all the patches and updates will be downloaded and exported.
UMDS is installed from the standard vCenter installation DVD. It’s not an option you’ll see on the setup menu, however. You have to drill to D:\umds where you’ll find the executable VMware-UMDS.exe. Run this program to start the installation.
Simply Next-Next-Finish through the first few windows, viewing all the patents and reading the entire EULA. Recall from the VUM installation, if you don’t create a 32-bit DSN (which UMDS requires if connecting to a SQL Server database), you’ll be berated by your boss for not doing so then confronted by this message early on in the UMDS installation:
By now, you’re probably an expert at creating DSN connections to backend SQL Server databases. And as such an expert, you may be screaming at me, “We haven’t created a SQL Server database yet to which we’re connecting!” To which I’d say, you’re half correct, sir. Indeed, we haven’t created a database in our backend SQL Server because we’re not connecting to a backend SQL Server. I conveniently forgot to tell you that we will not be using a backend database. Alas, because of the size of our environment and to treat this as a true air-gap network, we’ve chosen to use a local installation of SQL Server 2005 Express which is conveniently shipped with the UMDS installation media. So instead of choosing to Use and existing supported database, select Install a Microsoft SQL Server 2005 Express instance (for small scale deployments).
Click Next. If you’re not using a proxy to access the Internet, click through the next window. Change the installation directory and the location for downloading patches to the D: drive as shown below.
Click Install on the next screen and you’re good to go. If everything’s gone well you’ll see a successful installation. When it’s finished, we’ll configure the download settings.
Open a command prompt and navigate to D:\Program Files (x86)\VMware\Infrastructure\Update Manager. Note that by operating out of a different directory than C:, after you change directories using the ‘cd’ command, you’ll need to type D: to actually operate from that drive. In this directory is a program named vmware-umds.exe. You’ll use this program for UMDS tasks such as:
- configuring which patches and updates to download
- setting which directory to download patches and updates
- downloading patches and updates
- exporting patches and updates
Run the command
vmware-umds -–set-config -–enable-host 1 -–enable-win 0 -–enable-lin 0
This tells UMDS to only download patches and updates for ESX/ESXi hosts. Using all the defaults, UMDS will then download ESX/ESXi 4.x patches as well as Virtual Infrastructure 3 patches. We don’t want this and in a moment, we’ll modify an XML file so that we don’t download unnecessary patches. Notice the last lines written to the console, the INFO lines. These tell you what patches and updates you’ll be downloading.
Next, we’ll configure the export location. The export function will pull patch and update metadata from the UMDS database to include in the files transferred to the VUM server. You only need to run this command once, unless you want to change the location of your export directory, such as if you run out of hard drive space and add another hard drive. Be sure you’ve changed directories into the UMDS installation path. The command is vmware-umds.exe -E -–export-store D:\VUMexport. Of course, your export location may be different.
The last configuration setting we have to make to disable the option that downloads Virtual Infrastructure 3 patches and updates. This is simply editing an XML file – specifically commenting out the line that enables such downloads. In Windows Explorer, navigate to the Update Manager installation directory and find the downloadConfig.xml file. Right click this file and select, Open with > WordPad. Using Notepad doesn’t present the XML code well. WordPad correctly displays the carriage returns and word wrapping.
Find the portion of the file starting with and ending with . Add the following tags to the beginning and ending of the lines, respectively:
<!– and –>
Save the file and close WordPad. Now double-click the file to open it in Internet Explorer. You should see the entire ESX3x line grayed out, which means it’s been commented out of the XML file and UMDS will not download VI3 patches or updates.
This concludes the installation and configuration of UMDS in an air gap environment. There is another guide in this series explaining the UMDS and VUM patching process. There, you’ll see how to download patches, export them, unpack them into VUM, as well as create baselines and baseline groups, and scan and remediate hosts.