vSphere Update Manager provides centralized, automated patch and version management for VMware ESXi hosts and virtual machines on each vCenter Server.

Overview

vSphere Update Manager registers with a single vCenter Server instance where an administrator can automate the following operations for the lifecycle management of the vSphere environment:

  • Upgrade and patch ESXi hosts

  • Install and upgrade third-party software on ESXi hosts

  • Upgrade virtual machine hardware and VMware Tools

Use the vSphere Update Manager Download Service (UMDS) to deploy vSphere Update Manager on a secured, air-gapped network that is disconnected from other local networks and the Internet. UMDS provides a bridge for Internet access that is required to pull down upgrade and patch binaries.

Installation Models

The installation models of vSphere Update Manager are different according to the type of vCenter Server installation.

Table 1. Installation Models of vSphere Update Manager and Update Manager Download Service

Component

Installation Model

Description

vSphere Update Manager

Embedded in the vCenter Server Appliance

vSphere Update Manager is automatically registered with the container vCenter Server Appliance. You access vSphere Update Manager as a plug-in from the vSphere Web Client.

Use virtual appliance deployment to deploy easily vCenter Server and vSphere Update Manager as an all-in-one package. Sizing and maintenance for vSphere Update Manager is determined by the vCenter Server deployment.

Windows installable package for installation against a Microsoft Windows vCenter Server

You must run the vSphere Update Manager installation on either vCenter Server itself or an external Microsoft Windows Server. After installation and registration with vCenter Server, you access vSphere Update Manager as a plug-in from the vSphere Web Client.

Use the Windows installable deployment if you are using a vCenter Server instance for Windows.

Note:

In vSphere 6.5 and later, you can pair a vSphere Update Manager instance for a Microsoft Windows only with a vCenter Server instance for Windows.

Update Manager Download Service

Installable package for Linux or Microsoft Windows Server

  • For a Linux deployment, install UMDS on Ubuntu 14.0.4 or Red Hat Enterprise Linux 7.0

  • For a Windows deployment, install UMDS on one of the supported Host Operating Systems in VMware Knowledge Base Article 2091273.

UMDS and vSphere Update Manager must be running on different systems.

Architecture

The functional elements of vSphere Update Manager support monitoring, notifying and orchestrating the lifecycle management of your vSphere environment in the SDDC.

Figure 1. vSphere Update Manager and Update Manager Download Service Architecture


In a consolidated SDDC, the Update Manager Download Service downloads host patch binaries from an external repository. The vSphere Update Manager on the Consolidated vCenter Server retrieves the binaries and remediates them on the managed hosts.

Types of Nodes

For functionality and scalability, vSphere Update Manager and Update Manager Download Service have the following roles:

vSphere Update Manager

Required node for integrated, automated lifecycle management of vSphere components. vSphere Update Manager and vCenter Server have a one-to-one relationship, regardless of the number of vCenter Server instances in the environment.

Update Manager Download Service

In a secure environment in which vCenter Server and vSphere Update Manager are isolated from the Internet, use UMDS as a bridge to provide patch and update binaries to vSphere Update Manager. In addition, you can use UMDS to aggregate downloaded binary data, such as patch metadata, patch binaries, and notifications, and share it across multiple instances of vSphere Update Manager to manage the lifecycle of multiple vSphere environments.

Backup

You back up vSphere Update Manager, either as an embedded service on the vCenter Server Appliance or deployed separately on a Microsoft Windows Server virtual machine, and UMDS using traditional virtual machine backup solutions. Such solutions are based on software that is compatible with vSphere Storage APIs for Data Protection (VADP).

ROBO vRealize Automation Deployment

Because of its scope, VMware Validated Design for Remote Office and Branch Office implements vSphere Update Manager and UMDS in a per-ROBO design. This implementation provides a secure method for downloading patch binaries to each ROBO site, and reduces the traffic between the hub and the ROBO sites.

Figure 2. Interaction Between vSphere Update Manager and Update Manager Download Service in ROBO


vSphere Update Manager is a part of the Consolidated vCenter Server. You deploy UMDS on a separate virtual machine that is connected to the external network, and then register UMDS as a shared repository of vSphere Update Manager.