Virtual Geek

Tales from real IT system administrators world and non-production environment

Install and Configure VMware UMDS on Linux

VMWare UMDS (VMware Update Manager Download Services) is feature and extra add on software included in VCSA ISO file, It helps downloading update metadata, patches, security fixes and latest drivers binaries from online VMware/Vendor hostupdate Repositories. It helps in way to make your VMware Update infrastructure secure, UMDS can put behind firewall, the application need to open to outer world on internet, UMDS Server acts as centralized local update repository, where vCenter update manager (Update Planner/Lifecyle Manager), It will download all the updates and they don't require direct internet access. As below diagram I have 2 VMware update manager server (Update Planner/Lifecycle Manager)  and they don’t have direct access to internet, They will use UMDS server configured with nginx server on linux server, to get the update, UMDS is put behind firewall connected to internet and Update managers/Lifecyle Manager uses Nginx web urls to download update.

vmware umds update manager download services vcsa vcener server appliance Update manager update planner lifecycle manager vcenter esxi updates patches fixes vmware cloud.png

Because of centralization characteristic of using UMDS server, You download updates once only, so you use less bandwidth another benefit you can manage/restrict the versions centrally. Setup files for UMDS tar is available on vCenter (vcsa) ISO file, just to note from vSphere 7 version onward there is no Windows version UMDS available to deploy. It is only available for Linux. I copied VMware-UMDS-X.X.X-XXXXXXX.tar.gz file to Linux server using winscp tool. I am using CentOS 7 as linux server.

Prerequisite of UMDS server

  • Linux server with below criteria
    • psmisc package
    • nginx web server
    • Internet Connection
    • VCSA ISO file

vmware vsphere esxi UMDS update manager download services vcenter server lifecycle manager vmware-umds-7 tar.gz vcsa iso untar winscp root.png

I have uploaded the tar file to /root folder, and changed the file execution level, next untarred the file with below commands. 

chmod +x VMware-UMDS-X.X.X-XXXXXXX.tar.gz
tar xvzf VMware-UMDS-X.X.X-XXXXXXX.tar.gz

vmware umds update manager download services server ls chmod executive vmware-umds tar.gz tar xvzf 7z unzip vmware-vciInstallUtils

Once untarred the tar.gz file, go the directory and execute ./, This shows the message of Setup is unable to find the "killall" program on your machine. Please make sure it is installed. Do you want to specify the location of this program by hand? I will type no as I didn't installed the prerequisite psmisc package next.

cd vmware-umds-distrib
./ -d
     This shows the message of Setup is unable to find the "killall" program on your machine. Please make sure it is installed. Do you want to specify the location of this program by hand?

vmware-umds vmware vsphere vcenter update manager download services server umds distribution vmware-umds-distrib killall package program yum repository aborted.png

Package psmisc is available on online yum repo to install.

sudo yum install psmisc -y

vmware vcenter vsphere esxi vmware-umds umds update manager download services yum install psmisc -y prerequisite centos photon os killall package installed dependency.png

Next try installing UMDS again with ./ -d, here d parameter represent default option. Check license and Agreement by pressing enter, keep pressing Enter until more option from left bottom is disappeared. next it shows Do you accept? EULA, type yes, It start installation with default options, I can change the settings later. You will see installation successfully done with script path.

./ -d vmware-umds update manager download services vsphere vcenter esxi patch fix online vmware repository vmware-updatemgr linux windows setup umds uninstall.png

I am using proxy server for UMDS server for internet access, To use proxy server, change directory to /usr/local/vmware-umds/bin and execute below commands.

cd /usr/local/vmware-umds/bin
./vmware-umds -S --proxy FQDN_IP:PORT

vmware vsphere vcenter esxi vmware-umds usr local bin settings up umds configuration proxy server config photon-release grep downloadConfig.xml.orig vciInstallUtils_config.xml vmware-updatemgr-wrapper zip.png

If you are facing issue with ssl as below, I have already resolved it in below article.
VMware UMDS curl_easy_perform() failed: cURL Error: SSL peer certificate or SSH remote key was not OK, SSL certificate problem: unable to get local issuer certificate.

Start downloading updates. I will show how many patches and size of the download.

./vmware-umds -D


Additionally you can use below commands to configure UMDS via command line.

/usr/local/vmware-umds/bin/vmware-umds -G  #Shows current UMDS configuration

#disable download of earlier versions of patches
/usr/local/vmware-umds/bin/vmware-umds -S -d embeddedEsx-6.0.0 embeddedEsx-6.5.0 

#add additional online repositories
/usr/local/vmware-umds/bin/vmware-umds -S --add-url --url-type HOST

Once UMDS downloads patches, we will publish them over local web server, for web server I am using Nginx (I have already installed latest version)

yum install epel-release -y
yum install nginx -y

To configure nginx make below changes, in the /etc/nginx/nginx.conf, before making changes make sure you backup the Nginx configuration file.

cd /etc/nginx
cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak #backup before making changes

Make changes to root option under Server node, /var/lib/vmware-umds is a location where UMDS downloads patches and metadata. Another thing the files need to be in directory mode, so I have added autoindex on under location node.

#Edit nginx configuration file.
vi nginx.conf
     server {
            root /var/lib/vmware-umds;
     location / {
            autoindex on;

Next change the permission of the UMDS patch location and enable / start Nginx web server services.

#change permission on umds donwload location
sudo chmod -R 755 /var/lib/vmware-umds

#enable and start nginx service
systemctl enable nginx
systemctl start nginx

vmware vsphere umds update manager download services nginx.conf nginx web server yum install nginx -y server linux vmware-umds autoindex sudo chmod systemctl enable start vum.png

Verify UMDS url location http://umds_fqdn_ip/hostupdate/ in the browser, It must be functional, you can add SSL certificate on nginx server for https 443 port, But for this lab demo I am ok with http 80 port.

nginx vmware vsphere esxi vcenter vum update lifecycle manager vcsa hostupdate patch updates security fix umds vmware-umds server update manager download server.png

UMDS server is ready, we will need to configure it on VUM (VMware Update Manager/Lifecycle Manager), Login to vCenter vSphere HTML65 client, go to Menu >> Lifecycle Manager >> Settings >> Patch Setup (Administration). (You can make disable other online vmware hostupdate sources)

To add UMDS url, Click New Download Source, and type URL with meaningful optional Description and save.

Url will be http://umds_fqdn_ip/hostupdate/__hostupdate20-consolidated-index__.xml

vmware vsphere client html5 lifecycle manager umds new download source online vmware repository patches setup baseline vmware update manager vum.png

Next on the Lifecycle Manager go to Image Depot, click ACTIONS and under updates click Sync Updates, It will start downloading updates and it cant be viewed under ESXi Versions, Vendor Addons and Component tab. Next you can create baseline and start upgrading servers, I will write a separate Articles for the same next.

vmware vsphere esxi image depot lifecycle manager actions sync updates esxi version vendor addons umds vmware-umds sync hcl import updates ga patches fixes.png

vmware lifecycle manager esxi versions vendor addons image depot updates imported iso components baselines umds vsphere esxi patching vmware umds nginx.png

Useful articles
VMware hot-extend was invoked with size is not supported: Virtual Machine HDD VMDK

Go Back


Blog Search

Page Views


Follow me on Blogarama