For a design question I was wondering if one could daisy chain multiple VMware Update Manager Download Service (UMDS) appliances. The documentation doesn’t say a word about it. The only thing I found Googling this was one blog that say’s it can’t be done. But that blog was from 2014, now, 2018, let’s see…
I started with a Ubuntu 16.04 LTS server and used William Lam’s script to install. It needed some more config:
(I tested this in Fusion virtual machines using vSphere 6.5 Update 1 (5969303)
Open the console of the first UMDS
mount /dev/cdrom /mnt/cdrom
apt-get install openssh-server -y
This gives the IP address (Ubuntu in Fusion creates ens33 interface)
Using an SSH (Windows: PuTTY / Mac: Termius) client, connect to the UMDS:
In the SSH session
chmod +x install_umds65.sh
./install_umds65.sh /mnt/cdrom/umds/VMware-UMDS-6.5.0-5939545.tar.gz UMDSDB UMDS_DSN umdsuser VMware1!
/usr/local/vmware-umds/bin/vmware-umds -S --add-url https://vibsdepot.hpe.com/index.xml --enable-host --url-type HOST
(In the example above I’ve added the HPE VibsDepot, to see if non-firstparty updates will get downloaded.
It will now start downloading… It takes some time, at the time of writing it was about 65 GB
Per William’s suggestion for the test I used Pythons buildin webserver:
apt-get install python-minimal -y
python -m SimpleHTTPServer 80
Using this as a foreground task, it shows all HTTP requests being received:
172.16.250.150 - - [18/Feb/2018 05:28:19] "GET /hostupdate/HPQ/metadata-hpnmi-vmware55-bundle-2.3-6.zip HTTP/1.1" 200 -
172.16.250.150 - - [18/Feb/2018 05:28:19] "GET /hostupdate/csco/__hostupdate20-consolidated-metadata-index__.xml HTTP/1.1" 200 -
172.16.250.150 - - [18/Feb/2018 05:28:19] "GET /hostupdate/csco/csco-VEM-5.5.0-metadata.zip HTTP/1.1" 200 -
172.16.250.150 - - [18/Feb/2018 05:28:19] "GET /hostupdate/vmw/__hostupdate20-consolidated-metadata-index__.xml HTTP/1.1" 200 -
172.16.250.150 - - [18/Feb/2018 05:28:19] "GET /hostupdate/vmw/vmw-ESXi-5.5.0-metadata.zip HTTP/1.1" 200 -
172.16.250.150 - - [18/Feb/2018 05:28:19] "GET /hostupdate/vmw/vmw-ESXi-6.0.0-metadata.zip HTTP/1.1" 200 -
172.16.250.150 - - [18/Feb/2018 05:28:20] "GET /hostupdate/vmw/vmw-ESXi-6.5.0-metadata.zip HTTP/1.1" 200 -
172.16.250.150 - - [18/Feb/2018 05:28:20] "GET /vaupgrade/bootstrap_index.xml HTTP/1.1" 200 -
172.16.250.150 - - [18/Feb/2018 05:28:20] "GET /vaupgrade/__valm-consolidated-index__.xml HTTP/1.1" 200 -
But first I needed to build a second UMDS, mostly the same as above, but:
- I didn’t add the HPE VibsDepot
- I pointed hostupdate.vmware.com and vapp-updates.vmware.com to localhost, by editing the /etc/hosts file to prevent it to try to download anything directly from VMware.com’s website.
- For some reason it is not possible to remove these entries from UMDS’s config, or to remove the older versions… I don’t need updates for any ESXi prior to 6.5….
vmninja@ubuntu:~$ cat /etc/hosts
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
Instead of the HPE VibsDepot, I added the first UMDB as source:
/usr/local/vmware-umds/bin/vmware-umds -S --add-url http://172.16.250.129/hostupdate/__hostupdate20-consolidated-index__.xml --enable-host --url-type HOST
/usr/local/vmware-umds/bin/vmware-umds -S --add-url http://172.16.250.129/vaupgrade/__valm-consolidated-index__.xml --enable-va --url-type VA
Start the download task:
After downloading was complete, I added the second UMDS to vCenter Update Manager:
After clicking download now, the Non VMware Patches are visible in vCenter:
So it seams to be possible to daisy chain UMDS. I have no idea about the supportability of this configuration, and if using something in production, use a real webserver!