Installing VMware vSphere Update Manager Download Service and publishing via IIS

Written by

Published on 11/6/2013 - Read in about 4 min (724 words)

This article is now 9 years old! It is highly likely that this information is out of date and the author will have completely forgotten about it. Please take care when following any guidance to ensure you have up-to-date recommendations.

The vSphere UMDS provides a way to download patches for VMware servers that have an air-gap, or for some reason aren’t allowed to go out to the internet themselves – in my case a security policy prevented a DMZ vCenter Server from connecting to the internet directly. The solution is to use UMDS to download the updates to a 2nd server that was hosted in the DMZ and then update the vCenter Server from there. It also can save on bandwidth if you’re running multiple vCenter Servers, which again was the case (though bandwidth isn’t really a constraint).

Installing UMDS

Installing UMDS is a really simple affair – run the \umds\VMware-UMDS.exe installer and click through the options. The simplest option is to run the in-build SQL 2008 R2 Express database for the metadata, though you can create a 32-bit DSN and use an existing DB server if required. I set the patch download location to a D:\ that was attached to this VM and finished the install:

It takes a little while to install largely because of the SQL Express installation.

Configuring UMDS and downloading the patches

Once you’ve got it installed, it’s a bit of a tumbleweed moment…what next?! There’s no application or GUI installed – you need to read the documentation (or this blog :-)) to see what’s next!

If you’ve installed it in the default location, run a command prompt and navigate to: c:\Program Files (x86)\VMware\Infrastructure\Update Manager

If you run the “vmware-umds.exe –H” command, you’ll see the the full help output - I think the examples are the easiest way to work out what you want to do!

Examples:
To add a new ESX 4.x/5.x patch depot URL

vmware-umds.exe -S -add-url https://hostname/index.xml -url-type HOST
To remove a URL

vmware-umds.exe -S -remove-url https://hostname/index.xml
To list all supported platforms for downloading ESX host updates

vmware-umds.exe -list-host-platforms
To enable downloading of ESX host and virtual appliance updates

vmware-umds.exe -S -enable-host -enable-va
To enable downloading of only ESX 4.0 and ESXi 4.0 host updates

vmware-umds.exe -S -disable-host

vmware-umds.exe -S -e esx-4.0.0 embeddedEsx-4.0.0
To disable downloading of only ESX 4.0 and ESXi 4.0 host updates

vmware-umds.exe -S -enable-host

vmware-umds.exe -S -e esx-4.0.0 embeddedEsx-4.0.0
To download updates based on the current configuration

vmware-umds.exe -D
To export all downloaded updates to F:\UMDS-store

vmware-umds.exe -S -default-export-store F:\UMDS-store

vmware-umds.exe -E

OR

vmware-umds.exe -E -export-store F:\UMDS-store

Since I don’t want to download any unnecessary patches, I want to exclude ESX from the mix. To view the available platforms you can download patches for, use the –list-host-platforms argument:

The easiest way to do this is to enable all host downloads and disable the ESX downloads:

vmware-umds –S –-enable-host
vmware-umds –S -d esx-4.1.0 esx-4.0.0

Now I can trigger the initial download to get the patches down – this is a pretty verbose output, if you want to log it you can pipe to a text file. This will also take a while to download!

vmware-umds -D

Since I am going to publish these updates using IIS for my vSphere Update Manager servers, I want to configure an export directory using the –E option – depending on your disk speed, this could take a while. It’s worth noting that this will double the size of your repository. I would prefer to be able to use the download location as the repository.

vmware-umds –E –export-store D:\UMDS\Export

You can verify your configuration using the –G option.

Configuring IIS to publish the UMDS Export

Assuming you already have IIS installed (or are capable of managing this feat) you can go ahead and configure your IIS to publish the export folder.

Configure a MIME type for .sig and .vib to use “application/octet-stream”, and check that .xml is “text/xml”.

Configure upstream VMware Update Manger Servers

Configuring the upstream servers is as simple as providing the URL of the site you’ve just published under the Update Manager Administration Console in the vSphere Client. Go to the Configuration tab, click Download Settings and then select “Use a shared repository”. Enter the URL and click “Validate URL”. Then click “Apply”. If you want to do the initial sync, click “Download Now”, if not wait for the scheduled download.

Optional extras

For extra credit…

Install an SSL certificate to secure your IIS server
Schedule the download of patches using Task Scheduler
Schedule the export of patches to your IIS site using Task Scheduler