VMware Cloud Community
goofygoose
Contributor
Contributor
‎12-07-2009 11:40 PM

Update Manager on Isolated Network

Hi all,

I understand, from my past question, that the only way to download patch packages is through the use of the UMDS. I wonder if that has changed since vSphere 4.0.

The context is that I have everything set up on a isolated network. I have workstations that are connected to the internet but installing the UMDS on them is a definite NO.

What I do wish to do, is:

1. Set up Vmware Update Manager on a server on the isolated network.

2. Download (eg using http) the patch packages from the internet.

3. Copy the packages over to the VMware Update Manager and somehow get it to patch my ESXs using the download packages.

Is that possible?? Please help~ I am having great difficulties with patch management of all my ESXs now.

Any other solution to patching my ESX hosts is greatly appreciated as well. Thanks in advance! :smileylaugh:

0 Kudos
5 Replies
AndreTheGiant
Immortal
Immortal
‎12-08-2009 12:12 AM

the only way to download patch packages is through the use of the UMDS

You can always download and apply manually with esxupdate command.

To use UMDS you must install it on a machne that can download the files.

Choose what you want to download (for example only host update) and export the files to a USB or shared disk (in this case E:):

vmware-umds -S -h true
vmware-umds -download
vmware-umds -E --dest e:\updates

Then simple import the files in your VUM server:

"C:\Program Files\VMware\Infrastructure\Update Manager\vmware-updateDownloadCli.exe" --update-path e:\updates --config-import esx --vc-user administrator -i verbose

Andre

Andrew | http://about.me/amauro | http://vinfrastructure.it/ | @Andrea_Mauro
goofygoose
Contributor
Contributor
‎12-09-2009 06:15 PM

Looks like I will have to manually download the patches, and apply them to the esx hosts one by one, since I cannot install anything on the internet PCs as they are shared, ie I will not be able to make use of the Update Manager.

I hope future release of VMware Update Manager will be able to make use of the patch packages i downloaded manually, instead of requiring the packages that can only be downloaded using the UMDS.

0 Kudos
AndreTheGiant
Immortal
Immortal
‎12-09-2009 08:33 PM

A proxy solution is not in compliance?

Or maybe the trick could be the format on how UMDS store the patch.

Some years ago there were some scripts for autopatching, you can also try from there:

Andre

Andrew | http://about.me/amauro | http://vinfrastructure.it/ | @Andrea_Mauro
goofygoose
Contributor
Contributor
‎12-10-2009 01:37 AM

I am using a similar script to that now, but i have to run the script at each esx individually.

Right now I am trying to write a patch using the vSphere CLI command vihostupdate.pl to patch all the esx from my own "update server" ;).

0 Kudos
mike_caddy
Enthusiast
Enthusiast
‎12-30-2009 10:40 AM

Might sound a little facetious how about a laptop with UMDS installed and a afternoon/day in your nearest free wifi pub/costa/McDonalds once a week? If you can't get that past your boss, how about take the laptop home and schedule a nightly/weekly download. Get them to pay for your broadband (or the upgrade to the unlimited bandwidth package?)

Seems like a win-win to me!!

Restricted environments like you describe require creative solutions, I've used both in the past for similar problems.

Good Luck!

Mike

0 Kudos