【VMware vSphere】安裝配置Update Manager Download Service(UMDS)作為 vLCM 的下載儲存庫。

JUNIOR_MU發表於2024-06-06

VMware vSphere Update Manager Download Service (UMDS) 是 vSphere Lifecycle Manager(vLCM) 的可選模組。我在之前文章中提到這個功能,當 vSphere 環境能夠連線 Internet 時,我們可以使用 vLCM 的線上 Internet 下載源獲取修補程式,當 vSphere 環境不能連線 Internet 時,您可以在您的環境中找到一臺能夠訪問 Internet 的伺服器安裝 UMDS,透過配置 UMDS 下載升級、修補程式二進位制檔案和修補程式後設資料並自動執行匯出過程,最後在 vSphere Lifecycle Manager 配置 UMDS 下載儲存庫後即可實現與連線 Internet 線上下載庫使用一樣的效果。

UMDS 必須與 vSphere Lifecycle Manager 版本相同。例如,vSphere Lifecycle Manager 8.0 只能與 UMDS 8.0 配置使用,如果您使用的是新版本的 vSphere Lifecycle Manager,則 UMDS 也必須為相同的新版本。您無法升級 UMDS,您可以解除安裝當前版本的 UMDS,根據系統要求執行 UMDS 的全新安裝,並使用之前已解除安裝的 UMDS 的修補程式儲存。UMDS 8.0 支援修補程式撤消和通知。如果 VMware 釋出的修補程式存在問題或可能存在問題,撤消修補程式後,UMDS 下載的修補程式資料會進行同步,vSphere Lifecycle Manager 那邊同樣會刪除已撤消的修補程式。

只能在基於 Linux 的作業系統上安裝 UMDS。不再支援在 Windows 計算機上安裝 UMDS。UMDS 是 64 位應用程式,要求使用 64 位 Linux 系統。支援在以下 Linux 發行版上安裝並使用 Update Manager Download Service (UMDS) 。透過在 Linux 上執行的 UMDS 下載修補程式時,不需要具有管理員級別訪問許可權。安裝 UMDS 的計算機必須能夠訪問 Internet。

  • Ubuntu 14.04
  • Ubuntu 18.04
  • Ubuntu 18.04 LTS
  • Ubuntu 20.04 LTS
  • Red Hat Enterprise Linux 7.4
  • Red Hat Enterprise Linux 7.5
  • Red Hat Enterprise Linux 7.7
  • Red Hat Enterprise Linux 8.1
  • Red Hat Enterprise Linux 8.3
  • Red Hat Enterprise Linux 8.5
  • Red Hat Enterprise Linux 8.6
  • Red Hat Enterprise Linux 9.0

注意,使用 Red Hat Enterprise Linux 8.1 時,必須在部署了 UMDS 的系統上安裝 libnsl 軟體包版本 2.28 或更高版本。如果系統中不存在該軟體包,UMDS 操作可能會失敗,並顯示以下錯誤:

載入共享庫 libnsl.so.1 時出錯: 無法開啟共享物件檔案: 無此類檔案或目錄 (Error while loading shared libraries: libnsl.so.1: cannot open shared object file: No such file or directory)。

一、UMDS 安裝

本次環境準了一臺 Ubuntu 20.04.6 LTS 伺服器,對於 Linux 伺服器的安裝設定可以使用標準安裝即可,配置好 DNS 和 NTP。

root@umds:~# cat /etc/os-release 
NAME="Ubuntu"
VERSION="20.04.6 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.6 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal
root@umds:~# uname -a
Linux umds 5.4.0-144-generic #161-Ubuntu SMP Fri Feb 3 14:49:04 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
root@umds:~#

Linux 系統準備好以後,以 root 管理員 ssh 登陸到 shell,執行 apt-get update/upgrade 命令確保一切保持最新的狀態。

root@umds:~# apt-get update
Hit:1 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal InRelease
Hit:2 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates InRelease
Hit:3 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-backports InRelease
Hit:4 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-security InRelease
Reading package lists... Done
root@umds:~# apt-get upgrade
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Calculating upgrade... Done
The following packages have been kept back:
  linux-generic linux-headers-generic linux-image-generic python3-update-manager ubuntu-advantage-tools update-manager-core
0 upgraded, 0 newly installed, 0 to remove and 6 not upgraded.
root@umds:~# 

在 vSphere 8.0 版本中,UMDS 8.0 安裝包捆綁在 vCenter Server Appliance 8.0 的完整 ISO 安裝映象中。當前環境是 vCenter 8.0 U2b(內部版本號 23319993),解壓 vCenter 的 ISO 映象(VMware-VMvisor-Installer-8.0U2b-23305546.x86_64.iso)到本地並找到 umds 資料夾可以發現 UMDS 安裝包,如下圖所示。

【VMware vSphere】安裝配置Update Manager Download Service(UMDS)作為 vLCM 的下載儲存庫。

將 UMDS 安裝包上傳到準備的 Linux 伺服器,解壓 UMDS 安裝包並進入安裝目錄。

root@umds:~# ls -l
total 29424
drwx------ 3 root root     4096 Jun  6 10:31 snap
-rw-r--r-- 1 root root 30122205 Jun  6 12:25 VMware-UMDS-8.0.2.00200-12698893.tar.gz
root@umds:~# tar -zxvf VMware-UMDS-8.0.2.00200-12698893.tar.gz 
vmware-umds-distrib/
vmware-umds-distrib/share/
vmware-umds-distrib/share/VCI_base_postgresql.sql
vmware-umds-distrib/share/VCI_data_postgresql-100-110.sql
vmware-umds-distrib/share/VCI_data_postgresql-110-120.sql
vmware-umds-distrib/share/VCI_data_postgresql-120-130.sql
vmware-umds-distrib/share/VCI_data_postgresql-130-140.sql
vmware-umds-distrib/share/VCI_data_postgresql-140-150.sql
vmware-umds-distrib/share/VCI_data_postgresql-150-160.sql
vmware-umds-distrib/share/VCI_data_postgresql-160-170.sql
vmware-umds-distrib/share/VCI_data_postgresql-170-180.sql
vmware-umds-distrib/share/VCI_data_postgresql-180-190.sql
vmware-umds-distrib/share/VCI_data_postgresql-190-200.sql
vmware-umds-distrib/share/VCI_data_postgresql-200-210.sql
vmware-umds-distrib/share/VCI_data_postgresql-210-220.sql
vmware-umds-distrib/share/VCI_data_postgresql-220-230.sql
vmware-umds-distrib/share/VCI_data_postgresql-230-240.sql
vmware-umds-distrib/share/VCI_data_postgresql-240-250.sql
vmware-umds-distrib/share/VCI_data_postgresql-250-260.sql
vmware-umds-distrib/share/VCI_data_postgresql-260-270.sql
vmware-umds-distrib/share/VCI_data_postgresql-270-280.sql
vmware-umds-distrib/share/VCI_data_postgresql-280-290.sql
vmware-umds-distrib/share/VCI_data_postgresql-290-300.sql
vmware-umds-distrib/share/VCI_data_postgresql-300-310.sql
vmware-umds-distrib/share/VCI_data_postgresql-310-320.sql
vmware-umds-distrib/share/VCI_data_postgresql-320-330.sql
vmware-umds-distrib/share/VCI_data_postgresql-330-340.sql
vmware-umds-distrib/share/VCI_data_postgresql-340-350.sql
vmware-umds-distrib/share/VCI_data_postgresql-350-360.sql
vmware-umds-distrib/share/VCI_data_postgresql-360-370.sql
vmware-umds-distrib/share/VCI_data_postgresql-370-380.sql
vmware-umds-distrib/share/VCI_data_postgresql-380-390.sql
vmware-umds-distrib/share/VCI_noversion_postgresql_configuration.sql
vmware-umds-distrib/share/VCI_proc_postgresql-100-110.sql
vmware-umds-distrib/share/VCI_proc_postgresql-110-120.sql
vmware-umds-distrib/share/VCI_proc_postgresql-120-130.sql
vmware-umds-distrib/share/VCI_proc_postgresql-130-140.sql
vmware-umds-distrib/share/VCI_proc_postgresql-140-150.sql
vmware-umds-distrib/share/VCI_proc_postgresql-150-160.sql
vmware-umds-distrib/share/VCI_proc_postgresql-160-170.sql
vmware-umds-distrib/share/VCI_proc_postgresql-170-180.sql
vmware-umds-distrib/share/VCI_proc_postgresql-180-190.sql
vmware-umds-distrib/share/VCI_proc_postgresql-190-200.sql
vmware-umds-distrib/share/VCI_proc_postgresql-200-210.sql
vmware-umds-distrib/share/VCI_proc_postgresql-210-220.sql
vmware-umds-distrib/share/VCI_proc_postgresql-220-230.sql
vmware-umds-distrib/share/VCI_proc_postgresql-230-240.sql
vmware-umds-distrib/share/VCI_proc_postgresql-240-250.sql
vmware-umds-distrib/share/VCI_proc_postgresql-250-260.sql
vmware-umds-distrib/share/VCI_proc_postgresql-260-270.sql
vmware-umds-distrib/share/VCI_proc_postgresql-270-280.sql
vmware-umds-distrib/share/VCI_proc_postgresql-280-290.sql
vmware-umds-distrib/share/VCI_proc_postgresql-290-300.sql
vmware-umds-distrib/share/VCI_proc_postgresql-300-310.sql
vmware-umds-distrib/share/VCI_proc_postgresql-310-320.sql
vmware-umds-distrib/share/VCI_proc_postgresql-320-330.sql
vmware-umds-distrib/share/VCI_proc_postgresql-330-340.sql
vmware-umds-distrib/share/VCI_proc_postgresql-340-350.sql
vmware-umds-distrib/share/VCI_proc_postgresql-350-360.sql
vmware-umds-distrib/share/VCI_proc_postgresql-360-370.sql
vmware-umds-distrib/share/VCI_proc_postgresql-370-380.sql
vmware-umds-distrib/share/VCI_proc_postgresql-380-390.sql
vmware-umds-distrib/share/VCI_proc_postgresql.sql
vmware-umds-distrib/share/VCI_table_postgresql-100-110.sql
vmware-umds-distrib/share/VCI_table_postgresql-110-120.sql
vmware-umds-distrib/share/VCI_table_postgresql-120-130.sql
vmware-umds-distrib/share/VCI_table_postgresql-130-140.sql
vmware-umds-distrib/share/VCI_table_postgresql-140-150.sql
vmware-umds-distrib/share/VCI_table_postgresql-150-160.sql
vmware-umds-distrib/share/VCI_table_postgresql-160-170.sql
vmware-umds-distrib/share/VCI_table_postgresql-170-180.sql
vmware-umds-distrib/share/VCI_table_postgresql-180-190.sql
vmware-umds-distrib/share/VCI_table_postgresql-190-200.sql
vmware-umds-distrib/share/VCI_table_postgresql-200-210.sql
vmware-umds-distrib/share/VCI_table_postgresql-210-220.sql
vmware-umds-distrib/share/VCI_table_postgresql-220-230.sql
vmware-umds-distrib/share/VCI_table_postgresql-230-240.sql
vmware-umds-distrib/share/VCI_table_postgresql-240-250.sql
vmware-umds-distrib/share/VCI_table_postgresql-250-260.sql
vmware-umds-distrib/share/VCI_table_postgresql-260-270.sql
vmware-umds-distrib/share/VCI_table_postgresql-270-280.sql
vmware-umds-distrib/share/VCI_table_postgresql-280-290.sql
vmware-umds-distrib/share/VCI_table_postgresql-290-300.sql
vmware-umds-distrib/share/VCI_table_postgresql-300-310.sql
vmware-umds-distrib/share/VCI_table_postgresql-310-320.sql
vmware-umds-distrib/share/VCI_table_postgresql-320-330.sql
vmware-umds-distrib/share/VCI_table_postgresql-330-340.sql
vmware-umds-distrib/share/VCI_table_postgresql-340-350.sql
vmware-umds-distrib/share/VCI_table_postgresql-350-360.sql
vmware-umds-distrib/share/VCI_table_postgresql-360-370.sql
vmware-umds-distrib/share/VCI_table_postgresql-370-380.sql
vmware-umds-distrib/share/VCI_table_postgresql-380-390.sql
vmware-umds-distrib/share/VCI_undo_postgresql.sql
vmware-umds-distrib/share/odbc.ini.postgres.tpl
vmware-umds-distrib/share/odbc.ini.tpl
vmware-umds-distrib/share/odbcinst.ini.tpl
vmware-umds-distrib/share/vci_pm_audit_postgresql_trigger.sql
vmware-umds-distrib/share/vci_pm_config_postgresql_procs-230-240.sql
vmware-umds-distrib/share/vci_pm_depot_addons_removed_components_postgresql_trigger.sql
vmware-umds-distrib/share/vci_pm_last_applied_commit_postgresql_trigger.sql
vmware-umds-distrib/share/vci_pm_policy_postgresql_trigger.sql
vmware-umds-distrib/share/vci_pm_task_postgresql_trigger.sql
vmware-umds-distrib/EULA
vmware-umds-distrib/vmware-install.pl
vmware-umds-distrib/bin/
vmware-umds-distrib/bin/7z
vmware-umds-distrib/bin/7z.so
vmware-umds-distrib/bin/vmware-umds
vmware-umds-distrib/bin/vmware-vciInstallUtils
vmware-umds-distrib/bin/downloadConfig.xml
vmware-umds-distrib/bin/umds
vmware-umds-distrib/bin/vciInstallUtils
vmware-umds-distrib/bin/vciInstallUtils_config.xml
vmware-umds-distrib/bin/vmware-updatemgr-wrapper
vmware-umds-distrib/lib/
vmware-umds-distrib/lib/libcares.so.2
vmware-umds-distrib/lib/libcom_err.so.3
vmware-umds-distrib/lib/libcrypto.so.3
vmware-umds-distrib/lib/libcurl.so.4
vmware-umds-distrib/lib/libdcerpc.so.1
vmware-umds-distrib/lib/libexpat.so
vmware-umds-distrib/lib/libgcc_s.so
vmware-umds-distrib/lib/libgcc_s.so.1
vmware-umds-distrib/lib/libgssapi_krb5.so
vmware-umds-distrib/lib/libintegrity-types.so
vmware-umds-distrib/lib/libk5crypto.so
vmware-umds-distrib/lib/libkrb5.so
vmware-umds-distrib/lib/libkrb5support.so
vmware-umds-distrib/lib/liblber.so
vmware-umds-distrib/lib/libldap_r-2.4.so.2
vmware-umds-distrib/lib/liblsaclient.so.0
vmware-umds-distrib/lib/liblsacommon.so.0
vmware-umds-distrib/lib/liblwadvapi.so.0
vmware-umds-distrib/lib/liblwadvapi_nothr.so.0
vmware-umds-distrib/lib/liblwbase.so.0
vmware-umds-distrib/lib/liblwbase_nothr.so.0
vmware-umds-distrib/lib/liblwioclient.so.0
vmware-umds-distrib/lib/liblwiocommon.so.0
vmware-umds-distrib/lib/liblwioshareinfo.so.0
vmware-umds-distrib/lib/liblwmsg.so.0
vmware-umds-distrib/lib/liblwmsg_nothr.so.0
vmware-umds-distrib/lib/libodbc.so.2
vmware-umds-distrib/lib/libregclient.so.0
vmware-umds-distrib/lib/libregcommon.so.0
vmware-umds-distrib/lib/librsutils.so.0
vmware-umds-distrib/lib/libsasl2.so.3
vmware-umds-distrib/lib/libschannel.so.0
vmware-umds-distrib/lib/libssl.so.3
vmware-umds-distrib/lib/libssoclient.so
vmware-umds-distrib/lib/libstdc++.so
vmware-umds-distrib/lib/libstdc++.so.6
vmware-umds-distrib/lib/libufa-agent.so
vmware-umds-distrib/lib/libufa-common.so
vmware-umds-distrib/lib/libufa-types.so
vmware-umds-distrib/lib/libuuid.so.0
vmware-umds-distrib/lib/libvci-registrar.so
vmware-umds-distrib/lib/libvci-vcIntegrity.so
vmware-umds-distrib/lib/libvim-types.so
vmware-umds-distrib/lib/libvmacore.so
vmware-umds-distrib/lib/libvmafdclient.so.0
vmware-umds-distrib/lib/libvmcaclient.so.0
vmware-umds-distrib/lib/libvmomi.so
vmware-umds-distrib/lib/libvsanmgmt-types.so
vmware-umds-distrib/lib/libz.so.1
root@umds:~# ls -l
total 29428
drwx------ 3 root root     4096 Jun  6 10:31 snap
-rw-r--r-- 1 root root 30122205 Jun  6 12:25 VMware-UMDS-8.0.2.00200-12698893.tar.gz
drwxr-xr-x 5 root root     4096 Jan  1  2000 vmware-umds-distrib
root@umds:~# cd vmware-umds-distrib/
root@umds:~/vmware-umds-distrib# ls -l
total 92
drwxr-xr-x 2 root root  4096 Jan  1  2000 bin
-r-xr-xr-x 1 root root 33313 Jan  1  2000 EULA
drwxr-xr-x 2 root root  4096 Jan  1  2000 lib
drwxr-xr-x 2 root root  4096 Jan  1  2000 share
-r-xr-xr-x 1 root root 44745 Jan  1  2000 vmware-install.pl
root@umds:~/vmware-umds-distrib#

執行 ./vmware-install.pl 檔案,開始安裝並接受 EULA 協議。安裝配置過程保持預設即可,根據需要可自行設定 Proxy 代理地址。

Do you accept? (yes/no) yes

Thank you.

Installing VMware Update Manager Download Service.

Logs would be store at /var/log/vmware/vmware-updatemgr/umds
Creating the log directory if required....

In which directory do you want to install Download service? 
[/usr/local/vmware-umds] 

The path "/usr/local/vmware-umds" does not exist currently. This program is 
going to create it, including needed parent directories. Is this what you want?
[yes] 

Let us setup some things for you...

Do you need proxy to connect to internet? [no] 

One more thing...we need a storage location to store patches. Make sure you 
have enough space in that location

Where do you want download service to store patches 
[/var/lib/vmware-umds] 

The path "/var/lib/vmware-umds" does not exist currently. This program is going
to create it, including needed parent directories. Is this what you want? 
[yes] 

The installation of VMware Update Manager Download Service 8.0.2 build-23319993
completed successfully. You can decide to remove this software from your system
at any time by invoking the following command: 
"/usr/local/vmware-umds/vmware-uninstall-umds.pl".

Enjoy,

--the VMware team

二、UMDS 配置

UMDS 預設安裝在 /usr/local/vmware-umds 目錄,我們可以進入 bin 目錄使用 vmware-umds 二進位制檔案命令配置 UMDS 服務。

root@umds:~# /usr/local/vmware-umds/bin/vmware-umds --help
Allowed Options:

Basic Commands:
  -h [ --help ]                       Show this message
  -D [ --download ]                   Download updates based on the current 
                                      configuration
  -E [ --export ]                     Export all updates that have been 
                                      downloaded.
  -R [ --re-download ]                Re-download existing updates that may be 
                                      corrupted and download new updates. Use 
                                      this command only if you suspect UMDS 
                                      patch store is corrupted.
  -S [ --set-config ]                 Setup UMDS configuration
  -G [ --get-config ]                 Print current UMDS configuration
  -v [ --version ]                    Print UMDS version
  -i [ --info-level ] arg             The level of information shown on the 
                                      console: <verbose|info>. Use this along 
                                      with download, export or re-download 
                                      operation only
  -L [ --list-host-platforms ]        List all suppported ESX platforms for 
                                      download

Optional argument for export:
  -x [ --export-store ] arg           Destination directory for export 
                                      operation (Overrides setting from 
                                      configuration)

Arguments for set-config:
  -u [ --add-url ] arg                Add a URL to the configuration for 
                                      downloading updates. Requires url-type
  -r [ --url-type ] arg               Type of URL: <HOST>, HOST for ESX 6.x 
                                      (HOST is the only supported type 
                                      currently). Use with add-url
  -l [ --remove-url ] arg             Remove URL from the configuration
  -P [ --patch-store ] arg            Configure location for storing updates 
                                      after download
  -o [ --default-export-store ] arg   Configure location for exporting updates
  -p [ --proxy ] arg                  Configure proxy server settings. Format 
                                      is host:port. Use --proxy "" to disable 
                                      proxy
  -Y [ --enable-host ]                Enable ESX host update downloads for all 
                                      platforms
  -N [ --disable-host ]               Disable ESX host update downloads for all
                                      platforms
  -e [ --enable-host-platform ] arg   Enable ESX host update downloads for 
                                      specified platforms. Specify multiple 
                                      platforms separated by whitespace
  -d [ --disable-host-platform ] arg  Disable ESX host update downloads for 
                                      specified platforms. Specify multiple 
                                      platforms separated by whitespace


  Examples:

	To add a new ESX host patch depot URL
		vmware-umds -S --add-url https://hostname/index.xml --url-type HOST

	To remove a URL
		vmware-umds -S --remove-url https://hostname/index.xml

	To list all supported platforms for downloading ESX host updates
		vmware-umds --list-host-platforms

	To enable downloading of ESX host updates
		vmware-umds -S --enable-host

	To enable downloading of only ESXi 6.7.0 host updates
		vmware-umds -S --enable-host
		vmware-umds -S -e embeddedEsx-6.7.0

	To disable downloading of only ESXi 6.7.0 host updates
		vmware-umds -S --disable-host
		vmware-umds -S -d embeddedEsx-6.7.0

	To download updates based on the current configuration
		vmware-umds -D

	To export all downloaded updates to F:\UMDS-store
		vmware-umds -S --default-export-store F:\UMDS-store
		vmware-umds -E
	OR
		vmware-umds -E --export-store F:\UMDS-store

root@umds:~#

使用 -v 選項檢視當前 UMDS 安裝版本。

root@umds:~# /usr/local/vmware-umds/bin/vmware-umds -v
VMware Update Manager Download Service 8.0.2.0 Build = 23319993
root@umds:~#

使用 -G 選項檢視當前 UMDS 配置設定。

root@umds:~# /usr/local/vmware-umds/bin/vmware-umds -G
Configured URLs
URL Type Removable URL
HOST     NO       https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml
HOST     NO       https://hostupdate.vmware.com/software/VUM/PRODUCTION/addon-main/vmw-depot-index.xml
HOST     NO       https://hostupdate.vmware.com/software/VUM/PRODUCTION/iovp-main/vmw-depot-index.xml
HOST     NO       https://hostupdate.vmware.com/software/VUM/PRODUCTION/vmtools-main/vmw-depot-index.xml

Patch store location  : /var/lib/vmware-umds
Export store location : 
Proxy Server          : Not configured

Host patch content download: enabled
Host Versions for which patch content will be downloaded:
esxio-8.0-INTL
embeddedEsx-6.7.0-INTL
embeddedEsx-7.0-INTL
embeddedEsx-8.0-INTL
root@umds:~#

根據獲取到的 UMDS 預設配置資訊,讓我們來了解一下每項配置的含義和作用:

  • Configured URLs 配置項裡預設有四個下載源,分別對應 vLCM 配置中的修補程式下載源地址,可以使用 vmware-umds -S --remove-url 或者 vmware-umds -S --add-url 命令移除或增加一個下載地址,比如第三方OEM廠商的下載源,--url-type 指定下載源的型別,如 HOST。
  • Patcch store localtion 配置項為我們安裝的時候配置的 UMDS 預設修補程式下載的儲存目錄,可以使用 vmware-umds -S --patch-store 命令修改預設位置。
  • Export store localtion 配置項是 vLCM 所使用的預設目錄,可以使用 vmware-umds -S --default-export-store 命令修改這個目錄,當前設定為空,後面會設定這個地方。
  • Proxy Server 配置項是設定 UMDS 伺服器的網路代理地址,可以使用 vmware-umds -S --proxy 命令配置一個代理地址,如 proxy-ip:port,使用 --proxy "" 地址為空來關閉代理。
  • Host patch content download 配置項表示是否開啟 ESXi 主機的修補程式下載,可以使用 vmware-umds -S --enable-host 或者 vmware-umds -S --disable-host 命令開啟或關閉這個功能。
  • Host Versions for which patch content will be downloaded 配置項表示設定需要下載的 ESXi 主機的修補程式版本,可以使用 vmware-umds -L 命令列出當前設定的所有版本,使用 vmware-umds -S --enable-host-platform 或者 vmware-umds -S --disable-host-platform 命令增加或移除要下載的修補程式版本。

根據實際需要自定義修改配置,比如,當前 vSphere 環境中沒有 vSphere 6.7 和 vSphere 7.0 的主機,那麼可以把配置下載的修補程式版本給移除掉,而無需浪費不必要的網路頻寬和儲存空間。

root@umds:~# /usr/local/vmware-umds/bin/vmware-umds -S --disable-host-platform embeddedEsx-6.7.0-INTL
Setting up UMDS configuration
Host update downloads for platform embeddedEsx-6.7.0-INTL: Disabled
root@umds:~# /usr/local/vmware-umds/bin/vmware-umds -S --disable-host-platform embeddedEsx-7.0-INTL
Setting up UMDS configuration
Host update downloads for platform embeddedEsx-7.0-INTL: Disabled
root@umds:~# /usr/local/vmware-umds/bin/vmware-umds -L
Supported ESX Host platforms:
esxio-8.0-INTL
embeddedEsx-8.0-INTL
root@umds:~# 

如果一切沒有問題,我們可以使用 vmware-umds -D 命令開始下載主機修復程式,懷疑 UMDS 修補程式儲存已損壞時,可以使用 vmware-umds -R 命令重新下載可能已損壞的現有更新並下載新的更新。因為下載的內容比較多或比較慢,我們可以在執行下載任務時,開始準備 WEB 伺服器。透過 UMDS 下載了修補程式檔案,現在需要設定一個 Export 目錄併發布共享儲存庫。我這裡使用 nginx 作為 web 伺服器,直接執行 apt-get install nginx 命令安裝並執行 nginx 服務。

root@umds:~# apt-get install nginx
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following additional packages will be installed:
  fontconfig-config fonts-dejavu-core libfontconfig1 libgd3 libjbig0 libjpeg-turbo8 libjpeg8 libnginx-mod-http-image-filter
  libnginx-mod-http-xslt-filter libnginx-mod-mail libnginx-mod-stream libtiff5 libwebp6 libxpm4 nginx-common nginx-core
Suggested packages:
  libgd-tools fcgiwrap nginx-doc ssl-cert
The following NEW packages will be installed:
  fontconfig-config fonts-dejavu-core libfontconfig1 libgd3 libjbig0 libjpeg-turbo8 libjpeg8 libnginx-mod-http-image-filter
  libnginx-mod-http-xslt-filter libnginx-mod-mail libnginx-mod-stream libtiff5 libwebp6 libxpm4 nginx nginx-common nginx-core
0 upgraded, 17 newly installed, 0 to remove and 6 not upgraded.
Need to get 2,438 kB of archives.
After this operation, 7,925 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal/main amd64 fonts-dejavu-core all 2.37-1 [1,041 kB]
Get:2 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal/main amd64 fontconfig-config all 2.13.1-2ubuntu3 [28.8 kB]
Get:3 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal/main amd64 libfontconfig1 amd64 2.13.1-2ubuntu3 [114 kB]
Get:4 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates/main amd64 libjpeg-turbo8 amd64 2.0.3-0ubuntu1.20.04.3 [118 kB]
Get:5 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal/main amd64 libjpeg8 amd64 8c-2ubuntu8 [2,194 B]
Get:6 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates/main amd64 libjbig0 amd64 2.1-3.1ubuntu0.20.04.1 [27.3 kB]
Get:7 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates/main amd64 libwebp6 amd64 0.6.1-2ubuntu0.20.04.3 [185 kB]
Get:8 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates/main amd64 libtiff5 amd64 4.1.0+git191117-2ubuntu0.20.04.12 [164 kB]
Get:9 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates/main amd64 libxpm4 amd64 1:3.5.12-1ubuntu0.20.04.2 [34.9 kB]
Get:10 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates/main amd64 libgd3 amd64 2.2.5-5.2ubuntu2.1 [118 kB]
Get:11 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates/main amd64 nginx-common all 1.18.0-0ubuntu1.4 [37.7 kB]
Get:12 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates/main amd64 libnginx-mod-http-image-filter amd64 1.18.0-0ubuntu1.4 [14.8 kB]
Get:13 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates/main amd64 libnginx-mod-http-xslt-filter amd64 1.18.0-0ubuntu1.4 [13.0 kB]
Get:14 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates/main amd64 libnginx-mod-mail amd64 1.18.0-0ubuntu1.4 [42.9 kB]
Get:15 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates/main amd64 libnginx-mod-stream amd64 1.18.0-0ubuntu1.4 [67.4 kB]
Get:16 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates/main amd64 nginx-core amd64 1.18.0-0ubuntu1.4 [425 kB]
Get:17 http://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates/main amd64 nginx all 1.18.0-0ubuntu1.4 [3,620 B]
Fetched 2,438 kB in 3s (900 kB/s)  
Preconfiguring packages ...
Selecting previously unselected package fonts-dejavu-core.
(Reading database ... 72467 files and directories currently installed.)
Preparing to unpack .../00-fonts-dejavu-core_2.37-1_all.deb ...
Unpacking fonts-dejavu-core (2.37-1) ...
Selecting previously unselected package fontconfig-config.
Preparing to unpack .../01-fontconfig-config_2.13.1-2ubuntu3_all.deb ...
Unpacking fontconfig-config (2.13.1-2ubuntu3) ...
Selecting previously unselected package libfontconfig1:amd64.
Preparing to unpack .../02-libfontconfig1_2.13.1-2ubuntu3_amd64.deb ...
Unpacking libfontconfig1:amd64 (2.13.1-2ubuntu3) ...
Selecting previously unselected package libjpeg-turbo8:amd64.
Preparing to unpack .../03-libjpeg-turbo8_2.0.3-0ubuntu1.20.04.3_amd64.deb ...
Unpacking libjpeg-turbo8:amd64 (2.0.3-0ubuntu1.20.04.3) ...
Selecting previously unselected package libjpeg8:amd64.
Preparing to unpack .../04-libjpeg8_8c-2ubuntu8_amd64.deb ...
Unpacking libjpeg8:amd64 (8c-2ubuntu8) ...
Selecting previously unselected package libjbig0:amd64.
Preparing to unpack .../05-libjbig0_2.1-3.1ubuntu0.20.04.1_amd64.deb ...
Unpacking libjbig0:amd64 (2.1-3.1ubuntu0.20.04.1) ...
Selecting previously unselected package libwebp6:amd64.
Preparing to unpack .../06-libwebp6_0.6.1-2ubuntu0.20.04.3_amd64.deb ...
Unpacking libwebp6:amd64 (0.6.1-2ubuntu0.20.04.3) ...
Selecting previously unselected package libtiff5:amd64.
Preparing to unpack .../07-libtiff5_4.1.0+git191117-2ubuntu0.20.04.12_amd64.deb ...
Unpacking libtiff5:amd64 (4.1.0+git191117-2ubuntu0.20.04.12) ...
Selecting previously unselected package libxpm4:amd64.
Preparing to unpack .../08-libxpm4_1%3a3.5.12-1ubuntu0.20.04.2_amd64.deb ...
Unpacking libxpm4:amd64 (1:3.5.12-1ubuntu0.20.04.2) ...
Selecting previously unselected package libgd3:amd64.
Preparing to unpack .../09-libgd3_2.2.5-5.2ubuntu2.1_amd64.deb ...
Unpacking libgd3:amd64 (2.2.5-5.2ubuntu2.1) ...
Selecting previously unselected package nginx-common.
Preparing to unpack .../10-nginx-common_1.18.0-0ubuntu1.4_all.deb ...
Unpacking nginx-common (1.18.0-0ubuntu1.4) ...
Selecting previously unselected package libnginx-mod-http-image-filter.
Preparing to unpack .../11-libnginx-mod-http-image-filter_1.18.0-0ubuntu1.4_amd64.deb ...
Unpacking libnginx-mod-http-image-filter (1.18.0-0ubuntu1.4) ...
Selecting previously unselected package libnginx-mod-http-xslt-filter.
Preparing to unpack .../12-libnginx-mod-http-xslt-filter_1.18.0-0ubuntu1.4_amd64.deb ...
Unpacking libnginx-mod-http-xslt-filter (1.18.0-0ubuntu1.4) ...
Selecting previously unselected package libnginx-mod-mail.
Preparing to unpack .../13-libnginx-mod-mail_1.18.0-0ubuntu1.4_amd64.deb ...
Unpacking libnginx-mod-mail (1.18.0-0ubuntu1.4) ...
Selecting previously unselected package libnginx-mod-stream.
Preparing to unpack .../14-libnginx-mod-stream_1.18.0-0ubuntu1.4_amd64.deb ...
Unpacking libnginx-mod-stream (1.18.0-0ubuntu1.4) ...
Selecting previously unselected package nginx-core.
Preparing to unpack .../15-nginx-core_1.18.0-0ubuntu1.4_amd64.deb ...
Unpacking nginx-core (1.18.0-0ubuntu1.4) ...
Selecting previously unselected package nginx.
Preparing to unpack .../16-nginx_1.18.0-0ubuntu1.4_all.deb ...
Unpacking nginx (1.18.0-0ubuntu1.4) ...
Setting up libxpm4:amd64 (1:3.5.12-1ubuntu0.20.04.2) ...
Setting up nginx-common (1.18.0-0ubuntu1.4) ...
Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /lib/systemd/system/nginx.service.
Setting up libjbig0:amd64 (2.1-3.1ubuntu0.20.04.1) ...
Setting up libnginx-mod-http-xslt-filter (1.18.0-0ubuntu1.4) ...
Setting up libwebp6:amd64 (0.6.1-2ubuntu0.20.04.3) ...
Setting up fonts-dejavu-core (2.37-1) ...
Setting up libjpeg-turbo8:amd64 (2.0.3-0ubuntu1.20.04.3) ...
Setting up libjpeg8:amd64 (8c-2ubuntu8) ...
Setting up libnginx-mod-mail (1.18.0-0ubuntu1.4) ...
Setting up fontconfig-config (2.13.1-2ubuntu3) ...
Setting up libnginx-mod-stream (1.18.0-0ubuntu1.4) ...
Setting up libtiff5:amd64 (4.1.0+git191117-2ubuntu0.20.04.12) ...
Setting up libfontconfig1:amd64 (2.13.1-2ubuntu3) ...
Setting up libgd3:amd64 (2.2.5-5.2ubuntu2.1) ...
Setting up libnginx-mod-http-image-filter (1.18.0-0ubuntu1.4) ...
Setting up nginx-core (1.18.0-0ubuntu1.4) ...
Setting up nginx (1.18.0-0ubuntu1.4) ...
Processing triggers for ufw (0.36-6ubuntu1.1) ...
Processing triggers for systemd (245.4-4ubuntu3.23) ...
Processing triggers for man-db (2.9.1-1) ...
Processing triggers for libc-bin (2.31-0ubuntu9.16) ...
root@umds:~# systemctl status nginx
● nginx.service - A high performance web server and a reverse proxy server
     Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2024-06-06 14:00:37 CST; 20s ago
       Docs: man:nginx(8)
   Main PID: 60808 (nginx)
      Tasks: 9 (limit: 19101)
     Memory: 8.9M
     CGroup: /system.slice/nginx.service
             ├─60808 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
             ├─60809 nginx: worker process
             ├─60810 nginx: worker process
             ├─60811 nginx: worker process
             ├─60812 nginx: worker process
             ├─60813 nginx: worker process
             ├─60814 nginx: worker process
             ├─60815 nginx: worker process
             └─60816 nginx: worker process

Jun 06 14:00:37 umds systemd[1]: Starting A high performance web server and a reverse proxy server...
Jun 06 14:00:37 umds systemd[1]: Started A high performance web server and a reverse proxy server.
root@umds:~#

完成 nginx 安裝和服務的啟動,需對 nginx 配置做一些修改,配置檔案 /etc/nginx/sites-enabled/default 如下所示。透過對 nginx 配置,需要重啟 nginx 服務。設定 web 伺服器的下載目錄為 /umds ,需在 UMDS 伺服器根目錄建立 umds 目錄。

root@umds:~# mkdir /umds
root@umds:~# vim /etc/nginx/sites-enabled/default
root@umds:~# cat /etc/nginx/sites-enabled/default | grep -v '#'
server {
	listen 80 default_server;
	listen [::]:80 default_server;

	index index.html index.htm index.nginx-debian.html;

        server_name  localhost;

        location / {
        root /umds;
        autoindex on;
        autoindex_exact_size off;
        autoindex_localtime on;
        charset utf-8;
        }

}
root@umds:~# systemctl restart nginx
root@umds:~#

透過上面的配置,現在你應該能使用 UMDS 伺服器的域名訪問到 web 下載伺服器,但是現在還沒有內容,將 UMDS 的 Export 目錄配置為 web 伺服器下載目錄 /umds ,使用 vmware-umds -S --default-export-store 命令配置目錄,使用 vmware-umds -G 命令檢視配置。

root@umds:~# /usr/local/vmware-umds/bin/vmware-umds -S --default-export-store /umds
Setting up UMDS configuration
Directory for exporting updates: /umds
root@umds:~# /usr/local/vmware-umds/bin/vmware-umds -G
Configured URLs
URL Type Removable URL
HOST     NO       https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml
HOST     NO       https://hostupdate.vmware.com/software/VUM/PRODUCTION/addon-main/vmw-depot-index.xml
HOST     NO       https://hostupdate.vmware.com/software/VUM/PRODUCTION/iovp-main/vmw-depot-index.xml
HOST     NO       https://hostupdate.vmware.com/software/VUM/PRODUCTION/vmtools-main/vmw-depot-index.xml

Patch store location  : /var/lib/vmware-umds
Export store location : /umds
Proxy Server          : Not configured

Host patch content download: enabled
Host Versions for which patch content will be downloaded:
esxio-8.0-INTL
embeddedEsx-8.0-INTL
root@umds:~#

現在訪問 web 伺服器應該沒有任何內容,之前透過 vmware-umds -D 命令下載修補程式如果已經完成,使用 vmware-umds -E 命令開始 Export 到 /umds 目錄。如果任務完成,再次訪問 web 伺服器,可以看到 UMDS 下載的修補程式。

【VMware vSphere】安裝配置Update Manager Download Service(UMDS)作為 vLCM 的下載儲存庫。

【VMware vSphere】安裝配置Update Manager Download Service(UMDS)作為 vLCM 的下載儲存庫。

三、vLCM 設定

完成對 UMDS 的安裝和配置後,現在可以到 vLCM 配置指向 UMDS 儲存庫的下載源了。導航到 Lifecycle Manager-設定-系統管理-修補程式設定。

【VMware vSphere】安裝配置Update Manager Download Service(UMDS)作為 vLCM 的下載儲存庫。

點選“更改下載源”,將下載源型別更改為 UMDS 並配置 UMDS 伺服器的下載地址,儲存設定。

【VMware vSphere】安裝配置Update Manager Download Service(UMDS)作為 vLCM 的下載儲存庫。

點選“同步更新”。

【VMware vSphere】安裝配置Update Manager Download Service(UMDS)作為 vLCM 的下載儲存庫。

獲取後設資料正常,現在你可以透過 vLCM 使用 UMDS 儲存庫中的修補程式來管理 vSphere 的生命週期了。

【VMware vSphere】安裝配置Update Manager Download Service(UMDS)作為 vLCM 的下載儲存庫。

四、UMDS 排程

透過上面的設定,你應該可以正常使用 UMDS 伺服器作為 vLCM的下載儲存庫了,不過使用 UMDS 的這個過程需要手動完成,其實我們可以建立一個自動化任務,讓 UMDS 去下載修補程式並 Export 的過程自動完成。我們可以將 Download 和 Export 這兩個動作分成兩個指令碼,以便可以讓 Crontab 程式在不同的時間排程不同的任務。

執行 UMDS 下載的指令碼 umds-download.sh 和執行 UMDS 匯出的指令碼 umds-export.sh 如下,將這兩個指令碼檔案放在 UMDS 伺服器的 /usr/local/sbin/ 目錄並增加執行許可權。

root@umds:~# vim umds-download.sh
root@umds:~# cat umds-download.sh
/usr/local/vmware-umds/bin/vmware-umds -D
root@umds:~# vim umds-export.sh
root@umds:~# cat umds-export.sh 
/usr/local/vmware-umds/bin/vmware-umds -E
root@umds:~# mv umds-* /usr/local/sbin/
root@umds:~# chmod +x /usr/local/sbin/umds-*
root@umds:~# ls -l /usr/local/sbin/umds-*
-rwxr-xr-x 1 root root 42 Jun  6 17:48 /usr/local/sbin/umds-download.sh
-rwxr-xr-x 1 root root 42 Jun  6 17:49 /usr/local/sbin/umds-export.sh
root@umds:~#

Crontab 使用語法。

# ┌───────────── minute (0 - 59)
# │ ┌───────────── hour (0 - 23)
# │ │ ┌───────────── day of the month (1 - 31)
# │ │ │ ┌───────────── month (1 - 12)
# │ │ │ │ ┌───────────── day of the week (0 - 6) (Sunday to Saturday)
# │ │ │ │ │
# │ │ │ │ │
# │ │ │ │ │
# * * * * * <command to execute>

使用 crontab -e 命令新增定時任務,第一條表示每天凌晨12點的時候執行下載任務指令碼,第二條表示每天凌晨3點的時候執行匯出任務指令碼。

root@umds:~# crontab -e
no crontab for root - using an empty one

Select an editor.  To change later, run 'select-editor'.
  1. /bin/nano        <---- easiest
  2. /usr/bin/vim.basic
  3. /usr/bin/vim.tiny
  4. /bin/ed

Choose 1-4 [1]: 2
crontab: installing new crontab
root@umds:~# crontab -l | grep -v '#' | grep -v '^$'
0 0 * * * /usr/local/sbin/umds-download.sh
0 3 * * * /usr/local/sbin/umds-export.sh
root@umds:~#

Crontab 服務狀態。

root@umds:~# systemctl status cron.service 
● cron.service - Regular background program processing daemon
     Loaded: loaded (/lib/systemd/system/cron.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2024-06-06 16:17:11 CST; 2h 3min ago
       Docs: man:cron(8)
   Main PID: 899 (cron)
      Tasks: 1 (limit: 19099)
     Memory: 1.9M
     CGroup: /system.slice/cron.service
             └─899 /usr/sbin/cron -f

Jun 06 16:17:11 umds systemd[1]: Started Regular background program processing daemon.
Jun 06 16:17:11 umds cron[899]: (CRON) INFO (pidfile fd = 3)
Jun 06 16:17:11 umds cron[899]: (CRON) INFO (Running @reboot jobs)
Jun 06 17:17:01 umds CRON[3947]: pam_unix(cron:session): session opened for user root by (uid=0)
Jun 06 17:17:01 umds CRON[3955]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)
Jun 06 17:17:01 umds CRON[3947]: pam_unix(cron:session): session closed for user root
Jun 06 18:17:01 umds CRON[5532]: pam_unix(cron:session): session opened for user root by (uid=0)
Jun 06 18:17:01 umds CRON[5533]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)
Jun 06 18:17:01 umds CRON[5532]: pam_unix(cron:session): session closed for user root
root@umds:~#

參考:《VMware vSphere Lifecycle Manager 產品文件》

相關文章