720 likes | 1.04k Views
VMware vCenter Server Update Manager. Product Support Engineering. VMware Confidential. Module 2 Lessons. Lesson 1 – vCenter Server High Availability Lesson 2 – vCenter Server Distributed Resource Scheduler Lesson 3 – Fault Tolerance Virtual Machines
E N D
VMware vCenter Server Update Manager Product Support Engineering VMware Confidential
Module 2 Lessons • Lesson 1 – vCenter Server High Availability • Lesson 2 – vCenter Server Distributed Resource Scheduler • Lesson 3 – Fault Tolerance Virtual Machines • Lesson 4 – Enhanced vMotion Compatibility • Lesson 5 – DPM - IPMI • Lesson 6 – vApps • Lesson 7 – Host Profiles • Lesson 8 – Reliability, Availability, Serviceability ( RAS ) • Lesson 9 – Web Access • Lesson 10 – vCenter Server Update Manager • Lesson 11 – Guided Consolidation • Lesson 12 – Health Status VI4 - Mod 2-10 - Slide
vCenter Update Manager Overview • VMware vCenter Update Manager compares the operating systems and applications running in your VMware Infrastructure deployment against a set of standard updates and patches. • Updates you specify can be applied to operating systems, as well as applications on scanned ESX/ESXi hosts, virtual machines, and virtual appliances. • vCenter Update Manager works with ESX/ESXi hosts, virtual machines, and virtual appliances. • vCenter Update Manager lets you scan for compliance and apply updates for guests, virtual appliances, and hosts. • vCenter Update Manager can scan and remediate powered on, suspended, and powered off virtual machines and templates and Scan and Remediate hosts. • If the updating or patching fails, you can revert the virtual machines and templates back to their prior condition, without losing data. VI4 - Mod 2-10 - Slide
vCenter Update Manager Overview • You can use vCenter Update Manager to install, patch and update third party software using VI bundles and bulletins available on VMware Patch Portal and third parties’ portals. • A VI bundle is a package, the smallest installable unit on an ESX host, while a bulletin defines a specific fix for an ESX 4 host, a roll-up which aggregates previous fixes, or an update release. • When a host is compliant with all bundles in a bulletin, it is compliant with the vSphere bulletin that contains the bundles. VI4 - Mod 2-10 - Slide
VMware vCenter Update Manager Sizing Estimator VI4 - Mod 2-10 - Slide
vCenter Update Manager Supported Databases vCenter Update Manager is supported on the following Databases : VI4 - Mod 2-10 - Slide
Enabling Update Manager on a vSphere Client To enable vCenter Update Manager on a vSphere Client • Connect the vSphere Client to a vCenter Server on which vCenter Update Manager is installed. • Choose Plugins > Manage Plugins. VI4 - Mod 2-10 - Slide
Complete the vCenter Update Manager client installation and click Finish Click Next on Welcome screen Accept the License Agreement and Click Next Click Install Click Finish Enabling Update Manager on a vSphere Client VI4 - Mod 2-10 - Slide
Enabling Update Manager on a vSphere vSphere Client • Right-click VMware vCenter Update Manager Extension in the Installed Extensions list on the Extension Manager page, and choose Enable. Click Close. VI4 - Mod 2-10 - Slide
Dismiss any Security Warning dialog boxes that appear by clicking Yes or Ignore, and then click OK.The vCenter Update Manager button might not appear immediately in the vSphere Client. After installing the VMware vCenter Update Manager plug-in, if the button does not appear, restart the vSphere Client. Enabling Update Manager on a vSphere Client VI4 - Mod 2-10 - Slide
Upgrading vCenter Update Manager • vCenter Update Manager upgrades are available from vCenter Update Manager 1.0 to vCenter Update Manager 2.0 • Before you upgrade vCenter Update Manager, be sure to upgrade both vCenter Server and vSphere Client to a compatible version. • vCenter Update Manager server and vCenter Update Manager client must be the same version. VI4 - Mod 2-10 - Slide
vCenter Update Manager Network Port Requirements • After you install vCenter Update Manager if the default settings are kept during the installation, the vCenter Update Manager Web server listens on 9084 TCP and the vCenter Update Manager SOAP server listens on 8084 TCP. • Both are accessed througha reverse proxy that listens on the standard ports 80 and 443. VI4 - Mod 2-10 - Slide
vCenter Update Manager Network Port Requirements • When vCenter Update Manager and the vCenter Server are installed on the same machine: • All incoming connections to vCenter Update Manager are accessed through a reverse proxy provided by the vCenter Server. • ESX connects to port 80, and the vCenter Server forwards the request to the vCenter Update Manager Web server listening on port 9084 for host patch downloads. • The vCenter Server directly connects to vCenter Update Manager on port 8084 because they are on the same machine. • vCenter Update Manager connects to ESX on port 902 for pushing the virtual machines patches. VI4 - Mod 2-10 - Slide
vCenter Update Manager Network Port Requirements • When vCenter Update Manager and the vCenter Server are installed on two different machines: • vCenter Update Manager has a reverse proxy listening on ports 80 and 443 if the default is not changed during the installation. • The vCenter Server connects to vCenter Update Manager through port 443. The reverse proxy forwards the request to 8084. • ESX connects to vCenter Update Manager through port 80. The reverse proxy forwards the request to 9084. • vCenter Update Manager connects to ESX on port 902 for pushing the virtual machines patches. To obtain metadata for the patches, vCenter Update Manager must be able to connect to http://www.vmware.com and http://xml.shavlik.com, and requires outbound ports 80 and 443. VI4 - Mod 2-10 - Slide
Responding to Failure to put ESX Host in Maintenance Mode To configure how vCenter Update Manager responds to failures to enter maintenance mode • Choose Home > Solutions and Applications > vCenter Update Manager. • Click the Configuration tab. • Under Settings, click ESX HostSettings. • Select the Failure response drop-down menu to determine how vCenter Update Manager respondsif an ESX host cannot be put in maintenance mode. • Choose Retry delay and Number of retries. • Click Apply. VI4 - Mod 2-10 - Slide
Checking for Updates • vCenter Update Manager is designed to check for new updates at regular intervals. • Gathering current information about updates that are applicable to your environment allows vCenter Update Manager to work as expected. • Updates are downloaded according to a single schedule. VI4 - Mod 2-10 - Slide
Checking for Updates To modify checking for updates • Choose Home > Solutions and Applications > vCenter Update Manager. • Click the Configuration tab. • Under Settings, click Update Downloads. • Click the Edit Update Downloads link in the upper-right corner VI4 - Mod 2-10 - Slide
Select the type of updates to be downloaded, and click Next. Specify a task name and description. Specify the Frequency and Start Time of the update download, and click Next. (Optional) Specify email addresses Review the Summary page and click Finish Checking for Updates VI4 - Mod 2-10 - Slide
Configuring vCenter Update Manager with an Internet Proxy • You can modify vCenter Update Manager configuration settings to work with a proxy server. • To modify the proxy configuration through the vCenter Update Manager plug-in • Choose Home > Solutions and Applications > vCenter Update Manager. • Click the Configuration tab. • Click General • Edit the default proxy information.If the proxy requires authentication,select the Proxy requires authentication check box and provide user name and password. • (Optional) Test the connection. • Click Apply. VI4 - Mod 2-10 - Slide
Configuring Update Manager Network Port Settings • After you install vCenter Update Manager, you can configure its port settings to avoid conflicts with other programs installed on the same machine. • If vCenter Server is installed on the same machine, you cannot change the HTTP and HTTPS ports. • vCenter Update Manager doesn't open these ports, but vCenter Server does. • If vCenter Server is not installed on the same machine, vCenter Update Manager starts its own reverse proxy. • In this case, you are able to change both the HTTP and HTTPS ports. VI4 - Mod 2-10 - Slide
Configuring Update Manager Network Port Settings To change the port settings • Choose Home > Solutions and Applications > vCenter Update Manager. • Click the Configuration tab. • Click General • Edit the Port Settings • Click Apply. VI4 - Mod 2-10 - Slide
Configuring vCenter Update Manager Patch Download Location • When you install vCenter Update Manager, the installation wizard allows you to change the location for downloading patches. • To change the location later without reinstalling vCenter Update Manager, you must manually edit the vci-integrity.xml file. • To configure the vCenter Update Manager patch download location • Log in to the vCenter Update Manager server as an administrator. • Stop the vCenter Update Manager service • Navigate to the vCenter Update Manager installation directory and locate vci-integrity.xml. The default location is C:\Program Files\VMware\Infrastructure\vCenter Update Manager VI4 - Mod 2-10 - Slide
Configuring vCenter Update Manager Patch Download Location • Create a backup copy of this file in case you need to revert to the previous configuration. • Edit the file by changing the following fields: <patchStore>yournewlocation</patchStore> The default patch download location is: C:\Documents and Settings\All Users\Application Data\VMware\VMware vCenter Update Manager\ Data\The directory path must end with \. • Save the file in UTF-8 format, replacing the existing file. • Copy the contents from the old patchstore directory to the new folder. • Restart the vCenter Update Manager service. Note : You will have to create the directory structure that you specified for <yournewlocation> VI4 - Mod 2-10 - Slide
Using the vCenter Update Manager Download Service • Use the vCenter Update Manager Download Service to initiate downloads of updates and to transfer the updates to vCenter Update Manager. • Establish a depot in which to place the updates. • After the updates are in the depot, export the newly downloaded updates to some portable storage device such as a CD or USB key and import them to the vCenter Update Manager server. • If vCenter Update Manager is installed on a machine that is not connected to the Internet, the scheduled update checks fail. • In such a case, disable the scheduled update checks and use the vCenter Update Manager Download Service as the only means to download and transfer updates to vCenter Update Manager. VI4 - Mod 2-10 - Slide
Setting up the vCenter Update Manager Download Service • Log in to the machine where UMDS is installed, and open a terminal window. • Change to the directory where Download Service is installed. C:\Program Files\VMware\Infrastructure\vCenter Update Manager. • Specify the updates to download: • To set up a download of all ESX host updates, enter the following command:vmware-umds --set-config -enable-host 1 --enable-win 0 --enable-lin0 • To set up a download of all Windows updates, enter the following command:vmware-umds --set-config -enable-host 0 --enable-win 1 --enable-lin 0 • To set up a download of all Linux updates, enter the following command:vmware-umds --set-config -enable-host 0 --enable-win 0 --enable-lin 1 • To set up a download of all available updates, enter the following command:vmware-umds --set-config -enable-host 1 --enable-win 1 --enable-lin 1 • 4 Run the program to download updates by entering the following command:vmware-umds --download If you want to download the updates released in May 2008, enter the following command: vmware-umds --re-download -start-time 2008-05-01T00:00:00 --end-time 2008-05-31T23:59:59 VI4 - Mod 2-10 - Slide
Setting up the vCenter Update Manager Download Service Exporting Downloaded Updates • You can export the updates you downloaded to a specific location which serves as a shared repository for Update Manager. • Then configure Update Manager to use the shared repository as a patch download source. • The shared repository can also be hosted on a Web server. VI4 - Mod 2-10 - Slide
Setting up the vCenter Update Manager Download Service • To export downloaded updates • Log in to the machine where vCenter Update Manager Download Service is installed and open a terminal window. • Change to the directory where Download Service is installed.The default folder is C:\Program Files\VMware\Infrastructure\vCenter Update Manager. • Specify the export parameters.If you want to export all updates for the year 2007, enter the following command:vmware-umds --export --dest <repository_path> --start-time 2007-01- 01T00:00:00 --end-time 2007-12-31T23:59:59Here, <repository_path> is the full path to your export directory VI4 - Mod 2-10 - Slide
Creating Baselines • You can create upgrade and patch baselines to meet the needs of your specific deployment by using the New Baseline wizard. • Creating additional, customized baselines allows patches to be grouped into logical sets. VI4 - Mod 2-10 - Slide
Customize the baseline by entering criteria to filter the list of available patches: Text contains – Enter text to restrict the updates displayed. Product – Select operating systems or products for which this baseline includes patches. Severity – Select the severity of updates to be included in this baseline. Language – Select which language versions of patches to include. Released Date – Provide Before and After dates to specify a range for the release dates of the updates. Update Vendor – Select one of the listed update vendors. Add or remove specific updates to/from this baseline – Select the check box to add or remove specific updates. Create a Dynamic Host Patch Baseline VI4 - Mod 2-10 - Slide
Create a Fixed Host Patch Baseline • Review the Ready to Complete page and click Finish VI4 - Mod 2-10 - Slide
Creating Baselines – Host Upgrade • Click Upgrade to available version or Upload upgrade file . Click Next. VI4 - Mod 2-10 - Slide
Creating Baselines – Host Upgrade • If you are upgrading to ESX 4.0:Specify the location of the service console VMDK or choose to automatically select a location. VI4 - Mod 2-10 - Slide
Creating Baselines – Host Upgrade • Specify the rollback behavior for the upgrade.By default, the host will roll back in the event of an upgrade failure. Deselect the roll back check box to change this behavior. VI4 - Mod 2-10 - Slide
Creating Baselines – Upgrade File Create a Host Upgrade Baseline Using an Upgrade File You can create an ESX host upgrade baseline by using the New Baseline wizard. This procedure describes how to create a baseline with a specific upgrade file you upload. To create a host upgrade baseline using an upgrade file • Choose Home > Solutions and Applications > vCenter Update Manager. • Click the Baselines and Groups tab. • Click the Create link in the upper-right corner of the page.The New Baseline wizard appears. • Provide a name and description for the baseline. VI4 - Mod 2-10 - Slide
Creating Baselines – Upgrade File • Under Baseline Type, select Host Upgrade and click Next. • Select Upload Upgrade File, and click Next. • Click Browse to locate an upgrade file (.iso) from your local file system, and click Upload.The file might take several minutes to upload. After the file is uploaded successfully, it will be included in the list of available updates on the Upgrade Options page of the wizard. • Click Next. • Review the Ready to Complete page and click Finish. VI4 - Mod 2-10 - Slide
Customize the baseline by entering criteria to filter the list of available patches: Text contains – Enter text to restrict the updates displayed. Product – Select operating systems or products for which this baseline includes patches. Severity – Select the severity of updates to be included in this baseline. Language – Select which language versions of patches to include. Released Date – Provide a range for the release dates of the updates. Update Vendor – Select one of the listed update vendors. Add or remove specific updates to/from this baseline Creating Baselines – Dynamic Virtual Machine VI4 - Mod 2-10 - Slide
Creating Baselines – Virtual Appliances • Create a Virtual Appliance Upgrade Baseline • You can create a virtual appliance upgrade baseline using the New Baseline wizard. • The virtual appliance upgrade baselines consist of a set of user-defined rules. • You can add many non-conflicting rules to a virtual appliance at once. • If the rules you create are in conflict, the vCenter Update Manager displays an Upgrade Rule Conflict window, which allows you to resolve the conflicts. VI4 - Mod 2-10 - Slide
Select Vendor, Virtual Appliance, and Upgrade To options from the drop-down menus, and click Add Rule. (Optional) To add multiple rules, click Add Multiple Rules: a Select one or more vendors. b Select one or more appliances. c Select one Upgrade To option to apply to the selected appliances. d Click OK. If you create multiple rules to apply to the same virtual appliance, only the first applicable rule in the list is applied. Click Next. Creating Baselines – Virtual Appliances VI4 - Mod 2-10 - Slide
Create Baseline Groups • A baseline group consists of a set of non-conflicting baselines. Baseline groups allow you to create logical sets of patches. • You can create additional baseline groups through the New Baseline wizard. • When you create a baseline group, keep the following guidelines in mind: • All patch baselines can be included in one baseline group. • Only one upgrade baseline can exist in a baseline group. • Multiple upgrade baselines cannot be included a baseline group. Baseline groups are displayed in the Baseline Groups pane of the Baselines and Groups tab of the vCenter Update Manager plug-in. VI4 - Mod 2-10 - Slide
Create Host Baseline Groups • Select the patch baselines you want to include in the baseline group. • (Optional) To create a new patch baseline, click the Create New Host Patch Baseline link at the bottom of the Upgrades page. VI4 - Mod 2-10 - Slide
Create Host Baseline Groups The Host Baseline Group appears in the Baselines Group list VI4 - Mod 2-10 - Slide
Create VM and VA Baseline Groups • For each type of upgrade (virtual appliance, hardware, and tools), select one of the available upgrade baselines to include in the baseline group. • To create a new Virtual Appliance upgrade baseline, click the Create New VA Upgrade Baseline link at the bottom of the Upgrades page. VI4 - Mod 2-10 - Slide
Create VM and VA Baseline Groups The Virtual Machine / Virtual Appliance Baseline Group appears in the Baselines Group list VI4 - Mod 2-10 - Slide
Edit an Existing Baseline Group • You can change the name and type of an existing baseline group, as well as add or remove the included upgrade and patch baselines of a baseline group. • To edit an existing baseline group • Connect the vSphere Client to a vCenter Server on which vCenter Update Manager is installed, and select Home > Solutions and Applications > vCenter Update Manager. • On the Baselines and Groups tab, select the type of baselines to edit.For example, to edit the upgrade baselines for ESX hosts, click the Hosts button and the Upgrade Baselines sub-tab. • Select an existing baseline group from the Baseline Groups pane and click the Edit link above the pane. The Edit Baseline Group wizard appears. • (Optional) Edit the name and group type of the baseline group and click Next. • (Optional) Change the included upgrade baseline (if any) and click Next. • (Optional) Change the included patch baselines (if any) and click Next. • Review the Ready to Complete page and click Finish. VI4 - Mod 2-10 - Slide
Scanning VI Objects • You can configure vCenter Update Manager to scan virtual machines, virtual appliances and ESX hosts against baselines and baseline groups by scheduling or manually initiating scans to generate compliance information. • You can manually initiate a scan of objects in the vSphere Client inventory. VI4 - Mod 2-10 - Slide
Scanning VI Objects - Manually • Select the types of updates that the selected object and its child objects will be scanned for.The options are: Patches, Upgrades, and DVS Upgrades. • Click Scan. VI4 - Mod 2-10 - Slide
Scanning VI Objects - Scheduled • You can configure the vSphere Client to run scans of objects in the inventory at specific times or intervals. • To schedule a scan • Choose Home > Management > Scheduled Tasks. • Click New in the toolbar to open the Select a Task to Schedule dialog box. • Select Scan for Updates, and click OK. VI4 - Mod 2-10 - Slide
To review scan results for inventory objects Select Home > Inventory > object type (for example, Hosts and Clusters or VMs and Templates). Select the object whose scan results you want to view. Click the vCenter Update Manager tab. Reviewing Scan Results for Inventory Objects VI4 - Mod 2-10 - Slide
Reviewing Scan Results for Inventory Objects • The results for scans completed on the object you select appear on the vCenter Update Manager tab.The tab is divided in four panes: • Baseline Groups – Displays a list of the baseline groups attached to the selected object. • Baselines – Displays a list of the baselines attached to the selected object or included in a selected baseline group. • Compliance – Contains a compliance graph that changes dynamically depending on the inventory object you select.Below the graph is a list of the following items: • All Applicable – Represents the total number of virtual machines or hosts for which compliance is being calculated. • Non-Compliant – Number of virtual machines or hosts that are not compliant with the selected set of baselines and baseline groups. • Unknown – Number of the virtual machines or hosts that are not scanned and their state is unknown. • Compliant – Number of compliant virtual machines or hosts. • Virtual Machines/Hosts – Depending on the objects you select, this pane contains different tables. VI4 - Mod 2-10 - Slide
Staging patches for ESX hosts allows you to download the patches from a remote server to a local server, without applying the patches immediately. To stage patches for remediation Choose Home > Inventory > Hosts and Clusters. Right-click a Datacenter or an ESX host, and select Stage Update. Select the patch baselines and baseline groups to stage. Staging Patches for ESX Hosts VI4 - Mod 2-10 - Slide