Hello. I'm Dean. Camp Yulia. Welcome to Cyberia. Were in the virtual ization configuration installation and management class finally getting to the last module nodule 13. And this module will be talking about the update. Manager Patch management is really the main focus here for the update Manager is how we accomplish this.
So we'll talk about what it is. Some of the installation steps that are needed
and in the second or third part of this lesson will look at what's involved with creating a baseline and attaching that
to an inventory object. Also doing a scan of an inventory object and what that means.
Then we'll re mediate the object and finally wrap up by doing lab number 22.
So, update manager, this gives you a way to centralize all of your patch and version ing requirements for various things in your environment. Your E S X I hosts,
uh, we could manage 3.54 dot axe and five dot exe
as far as the different. Yes, Xie versions could also manage upgrades between four x and five x,
and we have a patch is available for virtual hardware Veum, where tools
and virtual appliances
So notice update Manager does not patch the guest a less of your operating systems.
It used to several versions ago, but that's that functionality was split off as a separate product.
So unless you've got another solution for patching your guest OS, you need to deal with the patching of those systems like you would any other host.
So setting up automatic updates or whatever you think is best
so just applies to these components here, not the guest OS.
So because we can manage our patches inversion ing centrally and because its automated this reduces our security risks just stands to reason
you're keeping your systems patch regularly.
This also helps with reducing system diversity, and what we mean by that is,
if you've got a bunch of different
hosts in your environment of much of different
versions of a virtual hardware, you contrive to slowly get those unified. So you're all running the same version and you're all more or less synchronized. So that's what we mean by reducing diversity. That's a good thing,
hosts are mostly the same as the other hosts in the environment or your virtual hardware is most of the same,
then it becomes much more easy to manage all of that.
We can also keep our systems running smoothly, especially as it relates to Vienna, where tools,
if the M or tools, is corrupted or not running.
Or maybe it's out of date. That may cause performance problems on those virtual machines, so having them synchronized with Update manager provides a lot of benefit.
And then, lastly, with the newest versions of Update Manager as a version 5.0, I believe
we don't have to reboot after a via more tools update any longer,
so this is a huge benefit.
Previously, when you you needed to update all of your virtual machines, you had to coordinate a reboot window for each of your VMS. And that could be a challenging
ah prospect if you have a large environment.
Okay, so what are some of the components in the update manager?
First, we have the option to have the updates manager server be a separate
or it could be running on the same server as V Center
and the lab environment that I've set up my V Center is running as a virtual appliance, so I don't really have this option, so I'm gonna run it as a separate server. But you do have the option. If you're running the centre on a dedicated host,
we also have options with the database. You can either use the same database as the V Central servers, using
which is fine. Or you can install a brand new sequel Server 2005 database,
which is basically an embedded database with the update manager product itself.
We have a plug in that is used by the the center.
I'm sorry, the V sphere client,
and when we do the lab, you'll see what's involved with and getting the plug it installed. It's very easy.
And this integrates the update manager functionality into the vic
so that you can see the proper screens where you're using the V's fair client to manager environment.
We also can install agents on your guest operating systems
I'm sorry I installed it on the VM is not on the guest operating system,
and this will help keep those VM synchronized with any patches that are applicable to that level of virtual hardware
s o. The PM's can then scan themselves and re mediate
as needed, depending on what patches are required.
we can set up a download server. So if, for instance, your V Center servers an environment where you can't or you don't allow Internet access, you can create a download server
outside that network to get the patches from the various girls that you configure the M wear or other vendors that you use.
Then, once those patch
patches are downloaded to the download server, now you can use a USB drive or DVD or something to move them over to the update manager
to to update your repositories, your patch repositories.
So there is a way to get
the patch repositories updated, even if the update manager cannot access the Internet directly.
we have the update, manager download service or U M. D. S.
And what this does is let you configure multiple girls
to get your patches.
Some of those might be from Vienna, where some might be from other vendors whose products you have in your environment,
and you set up the download you are Ellie. There are several that are provided by default,
or you can get the appropriate girl by just going to the company's website
and, you know, copying and pasting that into the update manager configuration.
You can also restrict downloads,
meaning that if I don't want,
uh, anything but critical patches, Aiken, Aiken restrict everything else, just gets just giving the critical ones, and that makes my job easier. That might be an extreme example, but you get the idea.
Okay, so we'll start to talk a little bit about what's required for installation and then in the next portion of this lesson, will cover more of the configuration
So we must be running on a 64 bit version of Windows.
Could be Server 2008 sober 2012 were not. What have you
When you do the installation? We need to know the V Center host name
because the update manager needs to talk to the central server and orchard coordinated activities.
We also need a username and password to do. The installation,
which typically would be the admin password for V Center, just depends on how you have that set up.
You need to make your decision on whether or not you want the embedded or the external database. So I was mentioning here. You either use the external database that maybe you're the central server uses or you in bed the sequel server 2005.
Then you decide which ports you'd like to use. Or if you're using a proxy, you would define the credentials for the proxy.
The port. You can leave that default unless they conflict with something in your environment.
The proxy would only be needed if if you have a proxy
to go from the update manager to the Internet.
If that's not needed, then don't worry about then you pick your destination folder
If the update manager is on a separate system, you only need to gig of RAM. That's a pretty low requirement.
If the update MANDER shares a server with be center, then you need at least four Gig of RAM.
You probably would have four gig or more of RAM on V Center anyway, so this should be a sort of take care of itself a little bit.
we talked about what Update Manager does,
and the kinds of objects in your inventory that could be updated. Our hosts virtual machine hardware via more tools and appliances reduces our risks because we have automated, centralized management patches and upgrades,
keeps our systems running smoothly. And with the newest version of the M or tools, you no longer require all those reboots
that we looked at our different components, where the where the database can be. Is it embedded or is an external
Do we want to share the V Central Server or not? These are the choices you have to think about.
And then we looked a little bit at how to deal with the fact that your update manager may not be on the Internet
so you can get the patches in the repositories through other means.
And then, lastly, we talked a little about some of the requirements for installation, some minimum member requirements.
Eso after we're done with the second portion, or the third portion of this lab will talk about doing Lab 22.