Daisy Chaining VMware UMDS

I was wondering if one could daisy chain multiple VMware Update Manager Download Service (UMDS) appliances. The documentation doesn’t say a word about it. The only thing I found Googling this was one blog that say’s it can’t be done. But that blog was from 2014, now, 2018, let’s see…

I started with a Ubuntu 16.04 LTS server and used William Lam’s script to install the UMDS on top. It needed some more config:

(I tested this in Fusion virtual machines using vSphere 6.5 Update 1 (5969303))

Open the console of the first UMDS

sudo -i
mkdir /mnt/cdrom
mount /dev/cdrom /mnt/cdrom
apt-get install openssh-server -y
ifconfig #This gives the IP address (Ubuntu in Fusion creates an ens33 interface)

Using a SSH (Windows: PuTTY / Mac: Termius) client, connect to the UMDS:

ssh vmninja@172.16.250.129

In the SSH session:

sudo -i
wget https://github.com/lamw/vghetto-scripts/raw/master/shell/install_umds65.sh
chmod +x install_umds65.sh
./install_umds65.sh /mnt/cdrom/umds/VMware-UMDS-6.5.0-5939545.tar.gz UMDSDB UMDS_DSN umdsuser VMware1!
/usr/local/vmware-umds/bin/vmware-umds -v
/usr/local/vmware-umds/bin/vmware-umds -G
/usr/local/vmware-umds/bin/vmware-umds -S --add-url https://vibsdepot.hpe.com/index.xml --enable-host --url-type HOST
/usr/local/vmware-umds/bin/vmware-umds -D

(In the example above I’ve added the HPE VibsDepot, to see if non-firstparty updates will get downloaded.)
It will now start downloading… It may take some time to complete, at the time of writing it was about 65 GB

Per William Lam’s suggestion for this test I used Python’s builtin webserver:

apt-get install python-minimal -y
cd /var/lib/vmware-umds
python -m SimpleHTTPServer 80

Using this as a foreground task, it shows all HTTP requests being received:

172.16.250.150 - - [18/Feb/2018 05:28:19] "GET /hostupdate/HPQ/metadata-hpnmi-vmware55-bundle-2.3-6.zip HTTP/1.1" 200 -
172.16.250.150 - - [18/Feb/2018 05:28:19] "GET /hostupdate/csco/__hostupdate20-consolidated-metadata-index__.xml HTTP/1.1" 200 -
172.16.250.150 - - [18/Feb/2018 05:28:19] "GET /hostupdate/csco/csco-VEM-5.5.0-metadata.zip HTTP/1.1" 200 -
172.16.250.150 - - [18/Feb/2018 05:28:19] "GET /hostupdate/vmw/__hostupdate20-consolidated-metadata-index__.xml HTTP/1.1" 200 -
172.16.250.150 - - [18/Feb/2018 05:28:19] "GET /hostupdate/vmw/vmw-ESXi-5.5.0-metadata.zip HTTP/1.1" 200 -
172.16.250.150 - - [18/Feb/2018 05:28:19] "GET /hostupdate/vmw/vmw-ESXi-6.0.0-metadata.zip HTTP/1.1" 200 -
172.16.250.150 - - [18/Feb/2018 05:28:20] "GET /hostupdate/vmw/vmw-ESXi-6.5.0-metadata.zip HTTP/1.1" 200 -
172.16.250.150 - - [18/Feb/2018 05:28:20] "GET /vaupgrade/bootstrap_index.xml HTTP/1.1" 200 -
172.16.250.150 - - [18/Feb/2018 05:28:20] "GET /vaupgrade/__valm-consolidated-index__.xml HTTP/1.1" 200 -

But first I needed to build a second UMDS, mostly the same as above, except:

1. I didn’t add the HPE VibsDepot
2. I pointed hostupdate.vmware.com and vapp-updates.vmware.com in the hosts file to localhost, by editing the hosts file to prevent it to try to download anything directly from VMware.com’s website.
   • For some reason it is not possible to remove these entries from UMDS’s config.
   • Nor to remove the updates for older versions. I didn’t need updates for any ESXi prior to 6.5.

vmninja@ubuntu:~$ cat / etc/hosts
127.0.0.1       localhost
127.0.1.1       ubuntu
127.0.0.1       hostupdate.vmware.com
127.0.0.1       vapp-updates.vmware.com

# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

3. Instead of the HPE VibsDepot, I added the first UMDS as source:

   /usr/local/vmware-umds/bin/vmware-umds -S --add-url http://172.16.250.129/hostupdate/__hostupdate20-consolidated-index__.xml --enable-host --url-type HOST
   /usr/local/vmware-umds/bin/vmware-umds -S --add-url http://172.16.250.129/vaupgrade/__valm-consolidated-index__.xml --enable-va --url-type VA
   

4. Start the download task:

   /usr/local/vmware-umds/bin/vmware-umds -D
   

After downloading was complete, I added the second UMDS to vCenter Update Manager:

After clicking download now, the Non VMware Patches are visible in vCenter:

So it seams to be possible to daisy chain UMDS. I have no idea about the supportability of this configuration, and if using something in production, use a real webserver!

This post was published originally on my personal blog https://vmninja.wordpress.com

Rob van Lindt

Rob has over 20 years of IT experience, ranging from IBM Mainframe to Windows, Storage, Networking and Virtualization.
Rob is Cisco CCNA, Citrix CCA, EXIN, ITIL, Microsoft MCP/MCSA/MCSE/MCITP, NetApp NCSA, PRINCE, VMware VCP, VCAP & Specialist certified in infrastructure and virtualization fields.