This post will look at covering a number of the Update Manager related objectives defined in the VCAP-DCA blueprint.
Configure a Shared Repository
Rather than have update manager download updates directly, you can configure it to use a shared repository from which it can get the necessary patches/updates. You can create the shared repository using the patches downloaded from UMDS. I’ve written about doing so in this article about configuring UMDS.
In Update Manager, on the Configuration tab, go to Download Settings:
In the example about I have configured update manager to use a shared repository, shared using IIS from my UMDS server. Alternatively, you can export and copy the files to the server where Update Manager is installed, then use a local directory as the repository:
After setting the path to the shared repository you should click the ‘Validate URL’ button to confirm that Update Manager can connect successfully.
Once thing to bear in mind around shared repositories, if you are exporting the patches from UMDS rather than connecting to a web URL, is that you cannot use a network shared, either via UNC path or a mapped drive. If you wish to share over the network rather than export the patches, then you should use the web server option.
Configure Smart Rebooting
Smart rebooting selectively restarts the virtual appliances and virtual machines in a vApp, maintaining startup preferences. It is enabled by default, though can be disabled before or after remediation. The settings for Smart Rebooting can be found in Update Manager, on the configuration tab, under ‘vApp Settings’:
Manually Download Updates to a Repository
If you wish you can manually download patches, rather than have Update Manager download them from the internet, or import them from UMDS. The patches will be in the form of and ‘offline bundle’ either from VMware or a third party and they should be in .zip format.
To manually import patches, navigate to the Download Settings, on Update Manager’s configuration tab. Click the ‘Import Patches’ link:
Select the .zip file that you wish to import, then click next. On the ‘Confirm Import’ screen, you can review the patches that have been manually imported. Click finish – the patches will now be available in Update Manager, and will be visible in the patch repository.
Perform Orchestrated vSphere Upgrades
Orchestrated upgrades are where you upgrade both hosts and virtual machines as part of a two step process, either from a cluster level or from a host level. An example would be creating a baseline to upgrade a host to ESXi 5.0, with another baseline defined to handle the VMtools and VM Hardware upgrades for the virtual machines. The process is documented here.
Generate Update Manager Database Reports using MS Excel or MS SQL
The process for generating update manager reports is fully documented on VMware’s online documentation for update manager, seen here. Update manager doesn’t provide a way to generate reports, but it is possible to use a third-party tool to query the database and generate reports. You can use Microsoft Excel to connect to the update manager database and query the database views, or you can run a Microsoft SQL Server query. A sample query is given here:
SELECT r.entity_uid,r.ENTITY_STATUS,
u.meta_uid, u.title, u.description, u.type, u.severity,
(case when u.SPECIAL_ATTRIBUTE is null then 'false'
else 'true'
end) as IS_SERVICE_PACK,
r.scanh_id, r.scan_start_time, r.scan_end_time
FROM VUMV_UPDATES u JOIN VUMV_ENTITY_SCAN_RESULTS r ON (u.meta_uid = r.update_metauid)
ORDER BY r.entity_uid, u.meta_uid
Useful Links and Resources
https://pubs.vmware.com/vsphere-50/index.jsp?topic=%2Fcom.vmware.vsphere.update_manager.doc_50%2FGUID-47CDC301-C46F-4191-AB99-D2859F3BA54B.html