In the consolidated SDDC, vSphere Update Manager provides centralized, automated patch and version management for VMware ESXi hosts and virtual machines on each vCenter Server.

Overview

vSphere Update Manager registers with a single vCenter Server instance where an administrator can automate the following operations for the lifecycle management of the vSphere environment:

  • Upgrade and patch ESXi hosts

  • Install and upgrade third-party software on ESXi hosts

  • Upgrade virtual machine hardware and VMware Tools

Use vSphere Update Manager Download Service (UMDS) to deploy vSphere Update Manager on a secured, air-gapped network that is disconnected from other local networks and the Internet. UMDS provides a bridge for Internet access that is required to pull down upgrade and patch binaries.

Installation Models

The installation models of vSphere Update Manager are different according to the type of vCenter Server installation.

Table 1. Installation Models of vSphere Update Manager and Update Manager Download Service

Component

Installation Model

Description

vSphere Update Manager

Embedded in the vCenter Server Appliance

vSphere Update Manager is automatically registered with the container vCenter Server Appliance. You access vSphere Update Manager as a plug-in from the vSphere Web Client.

Use virtual appliance deployment to easily deploy vCenter Server and vSphere Update Manager as an all-in-one package in which sizing and maintenance for the latter is dictated by the former.

Windows installable package for installation against a Microsoft Windows vCenter Server

You must run the vSphere Update Manager installation on either vCenter Server itself or an external Microsoft Windows Server. After installation and registration with vCenter Server, you access vSphere Update Manager as a plug-in from the vSphere Web Client.

Use the Windows installable deployment if you are using a vCenter Server instance for Windows.

Note:

In vSphere 6.5 and later, you can pair a vSphere Update Manager instance for a Microsoft Windows only with a vCenter Server instance for Windows.

Update Manager Download Service

Installable package for Linux or Microsoft Windows Server

  • For a Linux deployment, install UMDS on Ubuntu 14.0.4 or Red Hat Enterprise Linux 7.0

  • For a Windows deployment, install UMDS on one of the supported Host Operating Systems (Host OS) that are detailed in VMware Knowledge Base Article 2091273.

You cannot install UDMS on the same system as vSphere Update Manager.

Architecture

vSphere Update Manager contains functional elements that collaborate for monitoring, notifying and orchestrating the lifecycle management of your vSphere environment within the SDDC.

Figure 1. vSphere Update Manager and Update Manager Download Service Architecture


In a consolidated SDDC, the Update Manager Download Service downloads host patch binaries from an external repository. The vSphere Update Manager on the Consolidated vCenter Server retrieves the binaries and remediates them on the managed hosts.

Types of Nodes

For functionality and scalability, vSphere Update Manager and Update Manager Download Service perform the following roles:

vSphere Update Manager

Required node for integrated, automated lifecycle management of vSphere components. In environments ranging from a single to multiple vCenter Server instances, vSphere Update Manager is paired in a 1:1 relationship.

Update Manager Download Service

In a secure environment in which vCenter Server and vSphere Update Manager are in an air gap from Internet access, provides the bridge for vSphere Update Manager to receive its patch and update binaries. In addition, you can use UMDS to aggregate downloaded binary data, such as patch metadata, patch binaries, and notifications, that can be shared across multiple instances of vSphere Update Manager to manage the lifecycle of multiple vSphere environments.

Backup

You back up vSphere Update Manager, either as an embedded service on the vCenter Server Appliance or deployed separately on a Microsoft Windows Server virtual machine, and UMDS using traditional virtual machine backup solutions that are based on the software that is compatible with vSphere Storage APIs for Data Protection (VADP) such as vSphere Data Protection.

Consolidated vCenter Server Deployment

Because of its scope, the VMware Validated Design for Workload and Management Consolidation implements vSphere Update Manager and UMDS in a single-region design. This implementation is designed to provide a secure method for downloading patch binaries while maintaining the ability to scale up to the larger VMware Validated Design for Software-Defined Data Center.

Figure 2. Single-Region Interaction between vSphere Update Manager and Update Manager Download Service


vSphere Update Manager is a part of the Consolidated vCenter Server. You deploy UMDS on a separate virtual machine that is connected to the external network, and then register UMDS as a shared repository of vSphere Update Manager.