In the vSphere Client, you can create a local or a subscribed content library and change its configuration settings. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale.

By using the OVF security policy, you can protect the items of your content library.

Create a Content Library

You can create a local content library and populate it with templates and other types of files. You can then use the content library templates to deploy virtual machines or vApps in your virtual environment. You can also share the contents of your local library with users from other vCenter Server instances.

Note: VM Templates cannot be stored in a library that uses NFS or SMB storage. OVF templates can only be stored on the datastore that is associated with the content library.

You can also create a subscribed library to use at will the contents of an already existing published local library.

Prerequisites

Required privileges:
  • Content library.Create local library or Content library.Create subscribed library on the vCenter Server instance where you want to create the library.
  • Datastore.Allocate space on the destination datastore.

Procedure

  1. Navigate to Menu > Content Libraries.
  2. Click Create.
    The New Content Library wizard opens.
  3. On the Name and location page, enter a name, select a vCenter Server instance for the content library and click Next.
  4. On the Configure content library page, select the type of content library that you want to create.
    Option Description
    Local content library

    A local content library is accessible only in the vCenter Server instance where you create it by default.

    1. (Optional) To make the content of the library available to other vCenter Server instances, select Enable publishing .
    2. (Optional) If you want to require a password for accessing the content library, select Enable authentication and set a password.
    3. Click Next.
    Subscribed content library A subscribed content library originates from a published content library. Use this option to take advantage of already existing content libraries.
    Note: If the published content library does not have a security policy enabled, you cannot apply the OVF default security policy to the subscribed content library.

    If you create a subscribed library, depending on the Subscription URL that you provide, the system performs a check to determine whether the provided URL can have a security policy enabled or not.

    To see up-to-date content, you can synchronize the subscribed library with the published library, but you cannot add or remove content from the subscribed library. Only an administrator of the published library can add, modify, and remove contents from the published library.

    To subscribe to a library, provide the following information:

    1. In the Subscription URL text box, enter the URL address of the published library.
      Note: The system performs a check to determine whether the Subscription URL that you provide can have a security policy enabled or not.
    2. If authentication is enabled on the published library, select Enable authentication and enter the publisher password.
    3. Select a download method for the contents of the subscribed library.
      • To download a local copy of all the items in the published library immediately after subscribing to it, select immediately.
      • To save storage space, select when needed. You download only the metadata for the items in the published library.

        If you must use an item, synchronize the item or the entire library to download its content.

    4. If prompted, accept the SSL certificate thumbprint.

      The SSL certificate thumbprint is stored on your system until you delete the subscribed content library from the inventory.

    5. Click Next.
  5. (Optional) On the Apply security policy page, select Apply Security Policy and select OVF default policy.
    Note: Currently, only the OVF default policy is supported.
    When you apply the OVF default policy to a content library:
    • All OVF items are validated by signing the OVF package with a valid certificate.
    • All OVF or OVA items in the content library will have a Yes or No Security Compliant status based on the certificate validation.
    • All items that are not OVF or OVA items will have a Yes Security Compliant status.

    If the OVF default policy is not applied to a content library, all items in the content library will have a Yes Security Compliant status.

    You can view the Security Compliant status under the Templates tab of a content library.

    Security Compliant status that displays the status of content library items if the OVF default policy is applied
  6. Click Next.
  7. On the Add storage page, select a datastore as a storage location for the content library contents and click Next.
  8. On the Ready to complete page, review the details and click Finish.

Edit a Content Library

In the vSphere Client, you can edit a local library by changing its name, description, or tags. You can also change the configuration settings of a local or subscribed content library.

To share the contents of a local library across multiple vCenter Server instances, you must enable publishing for the library. From the Edit Setting dialog box, you can obtain the URL of your library and send it to other users to subscribe.

If a library is already published, you can change its password for authentication. To keep access to the published library, users who are subscribed to your library must update the password.

For subscribed libraries, you can change the download method or enable automatic synchronization with the published library.

Prerequisites

The privileges that you need depend on the task that you want to perform.

Task Privilege
Edit Local Content Library Settings Content library.Update library and Content library.Update local library on the library.
Edit Subscribed Content Library Settings Content library.Update subscribed library and Content library.Probe subscription information on the subscribed library.
Delete Content Library Content library.Delete subscribed library or Content library.Delete local library depending on the type of library that you want to delete.

Procedure

  1. Navigate to Menu > Content Libraries.
  2. Right-click a content library and select the action that you want to perform.
    • To edit the content library description, select Edit notes.
    • To change the name of the content library, select Rename.
    • To assign a tag to the content library, select Tags > Assign Tag.
    • To remove a tag from the content library, select Tags > Remove Tag.

      For information about tags and tag categories, see the vCenter Server and Host Management documentation.

    • To delete the content library, select Delete.
  3. To edit the configuration settings of a content library, right-click the content library and click Edit Settings.
    The changes that you can make depend on the type of content library that you edit.
    Content Library Type Action
    Local content library that is unpublished To share the contents of a local library with other users, you can enable the publishing of the local library.
    1. To publish the local library and share its contents with other users, select the Enable publishing check box.
    2. To obtain the URL of your library and distribute it, click the Copy Link button.
    3. (Optional) Select Enable user authentication for access to this content library and set a password for the library.

      If you protect the library with a password, you must provide both the URL and the password to users who want to subscribe to your library.

    4. To activate or deactivate the security policy, select or deselect the Apply Security Policy. When you deactivate the security policy of a content library, you cannot reuse the existing OVF items.
    5. Click OK.
    Local content library that is published You can change the following settings of a local library that is published.
    • You can copy the subscription URL to your library and send it to other users to subscribe.
    • You can unpublish the library by deselecting the Enable publishing check box. Users who are currently subscribed to this library can no longer synchronize to the library, but they can still use the previously synchronized content.
    • You can activate or deactivate authentication for the library.
    • In the vSphere Client, you can change the password for authentication if the library is published and password-protected.
      1. Enter the current password and the new password. Confirm the new password.
      2. Click OK.
    • To activate or deactivate the security policy, select or deselect the Apply Security Policy. When you deactivate the security policy of a content library, you cannot reuse the existing OVF items.
    Subscribed content library You can change the following settings of a subscribed library:
    • Activate or deactivate the automatic synchronization with the published library.
    • Update the password for authentication to the published library.
    • Select a download method. You can either download all library content immediately or download the library content only when needed.

      If you switch from the option to download content only when needed to the option to download all library content immediately, a synchronization task starts and content starts downloading. The number and size of items in the published library determine the amount of time and network bandwidth that the task requires.

    • To activate or deactivate the security policy, select or deselect the Apply Security Policy. When you deactivate the security policy of a content library, you cannot reuse the existing OVF items.