Installation guide
Table Of Contents
- VMware vCenter Configuration Manager Administration Guide
- Contents
- About This Book
- Getting Started with VCM
- Installing and Getting Started with VCM Tools
- Configuring VMware Cloud Infrastructure
- Virtual Environments Configuration
- Configure Virtual Environments Collections
- Configure Managing Agent Machines for Virtual Environment Management
- Obtain the SSL Certificate Thumbprint
- Configure vCenter Server Data Collections
- Configure vCenter Server Virtual Machine Collections
- Configure vCloud Director Collections
- Configure vCloud Director vApp Virtual Machines Collections
- Configure vShield Manager Collections
- Configure ESX Service Console OS Collections
- Configure the vSphere Client VCM Plug-In
- Running Compliance for the VMware Cloud Infrastructure
- Create and Run Virtual Environment Compliance Templates
- Create Virtual Environment Compliance Rule Groups
- Create and Test Virtual Environment Compliance Rules
- Create and Test Virtual Environment Compliance Filters
- Preview Virtual Environment Compliance Rule Groups
- Create Virtual Environment Compliance Templates
- Run Virtual Environment Compliance Templates
- Create Virtual Environment Compliance Exceptions
- Resolve Noncompliant Virtual Environments Template Results
- Configure Alerts and Schedule Virtual Environment Compliance Runs
- Configuring vCenter Operations Manager Integration
- Auditing Security Changes in Your Environment
- Configuring Windows Machines
- Configure Windows Machines
- Windows Collection Results
- Getting Started with Windows Custom Information
- Prerequisites to Collect Windows Custom Information
- Using PowerShell Scripts for WCI Collections
- Windows Custom Information Change Management
- Collecting Windows Custom Information
- Create Your Own WCI PowerShell Collection Script
- Verify that Your Custom PowerShell Script is Valid
- Install PowerShell
- Collect Windows Custom Information Data
- Run the Script-Based Collection Filter
- View Windows Custom Information Job Status Details
- Windows Custom Information Collection Results
- Run Windows Custom Information Reports
- Troubleshooting Custom PowerShell Scripts
- Configuring Linux, UNIX, and Mac OS X Machines
- Linux, UNIX, and Mac OS X Machine Management
- Linux, UNIX, or Mac OS X Installation Credentials
- Configure Collections from Linux, UNIX, and Mac OS X Machines
- Configure Installation Delegate Machines to Install Linux, UNIX, and Mac OS X...
- Configure the HTTPS Bypass Setting for Linux Agent Installations
- Enable Linux, UNIX, and Mac OS X Agent Installation
- Add and License Linux, UNIX, and Mac OS X Machines for Agent Installation
- Install the VCM Agent on Linux, UNIX, and Mac OS X Operating Systems
- Collect Linux, UNIX, and Mac OS X Data
- Linux, UNIX, and Mac OS X Collection Results
- Configure Scheduled Linux, UNIX, and Mac OS X Collections
- Patching Managed Machines
- Patch Assessment and Deployment
- Prerequisite Tasks and Requirements
- Manually Patching Managed Machines
- Getting Started with VCM Manual Patching
- Configuring An Automated Patch Deployment Environment
- Deploying Patches with Automated Patch Assessment and Deployment
- Configure VCM for Automatic Event-Driven Patch Assessment and Deployment
- Generate a Patch Assessment Template
- Run a Patch Assessment on Managed Machines
- Add Exceptions for Patching Managed Machines
- Configure the VCM Administration Settings
- Generate a Patch Deployment Mapping
- Configure VCM for Automatic Scheduled Patch Assessment and Deployment
- How the Linux and UNIX Patch Staging Works
- How the Linux and UNIX Patching Job Chain Works
- How the Deploy Action Works
- Patch Deployment Wizards
- Running Patching Reports
- Running and Enforcing Compliance
- Provisioning Physical or Virtual Machine Operating Systems
- Provisioning Software on Managed Machines
- Using Package Studio to Create Software Packages and Publish to Repositories
- Software Repository for Windows
- Package Manager for Windows
- Software Provisioning Component Relationships
- Install the Software Provisioning Components
- Using Package Studio to Create Software Packages and Publish to Repositories
- Using VCM Software Provisioning for Windows
- Related Software Provisioning Actions
- Configuring Active Directory Environments
- Configuring Remote Machines
- Tracking Unmanaged Hardware and Software Asset Data
- Managing Changes with Service Desk Integration
- Index
n
You must manage your own patch repository. A temporary expansion of the patches occurs in the
/tmp directory. For single-user mode, patches are extracted to /var/tmp. If you do not use the
machine group mapping to define an alternate location for the patches, VCM uses the default location
of /tmp.
n
Store the Linux and UNIX patches in a location that is available locally to the VCM managed machine,
such as an NFS mount or a local hard drive. If you store the patches on an NFS mount, you must define
the path in machine group mapping in Administration > Settings > General Settings > Patching >
Machine Group Mapping. You can use VCM remote commands or another available method to place
the patches on the VCM managed machines.
n
When you define an alternate location patch repository for a particular machine group, you must select
that machine group in VCM before you deploy the patches. If you do not select the machine group,
VCM does not acknowledge the alternate location patch repository and does not deploy the patches.
The alternate patch location repository appears in the Machine Group Mapping data grid in
Administration > Settings > General Settings > Patching > Machine Group Mapping.
n
To have VCM deploy patches to groups of managed machines, you must set the machine group
mapping to the source location for the patches on the patching repository machine or alternate location
machine. Setting the machine group mapping is important when you patch managed machines in
single-user mode, because /tmp is not always available. Machine group mappings are not inherited,
which means that if you create a machine group under another machine group, the mapping remains
separate for each machine group. For example, if you create a machine group called Solaris under the
All UNIXMachines machine group, the machine group mapping for All UNIX Machines does not apply
to the Solaris machine group.
Location for Linux and UNIXPatches
For automatic patching with VCM 5.7: If you defined a patching repository and a patch staging option,
you can submit the job. The optional patch synchronization, staging, and deployment actions occur as
scheduled, and the patch download occurs immediately.
For manual patching:When you patch Linux and UNIX machines, you copy the patches to a shared
location, then indicate the type of patch deployment and the source location for the patches in the VCM
machine group mapping.
Default Location for Linux and UNIX Patches
For automatic patching with VCM 5.7: When you use the VCM 5.7 patch download and optional patch
synchronization, staging, and deployment, VCMuses the default locations. If you define other defaults, or
if you specify the location in the VCM machine group mapping, VCM stages the patches to that location.
For manual patching: If you do not use the VCM machine group mapping to define an alternate location
for the patches, VCM uses the default location of /tmp. A temporary expansion of the patches occurs in
the /var/tmp directory, which contains the extracted patches and working files that VCM uses for patch
deployment. This custom patch location must have adequate space to accommodate these files, and must
be available in single-user mode for VCM to patch Solaris managed machines single-user mode.
VCM retains the Linux and UNIX patching change actions in the change log. These actions are available in
VCM Compliance and VCM Reports. You can view the patch assessment changes by data type in the
Change Management node of the VCM Console. VCM Change Management reports changes on the
Patch Assessment and Patch Deployment data types.
IMPORTANT If a failure occurs at any time during the patch deployment job, the System Administrator
must check the status of the system, resolve any issues, then reassess the managed machines. In a job
chain, a failure in any step of the job breaks the job chain, which causes all subsequent job steps to not run.
Patching Managed Machines
VMware, Inc.
139