Installation guide
Table Of Contents
- VMware vCenter Configuration Manager Administration Guide
- Contents
- About This Book
- Getting Started with VCM
- Installing and Getting Started with VCM Tools
- Configuring VMware Cloud Infrastructure
- Virtual Environments Configuration
- Configure Virtual Environments Collections
- Configure Managing Agent Machines for Virtual Environment Management
- Obtain the SSL Certificate Thumbprint
- Configure vCenter Server Data Collections
- Configure vCenter Server Virtual Machine Collections
- Configure vCloud Director Collections
- Configure vCloud Director vApp Virtual Machines Collections
- Configure vShield Manager Collections
- Configure ESX Service Console OS Collections
- Configure the vSphere Client VCM Plug-In
- Running Compliance for the VMware Cloud Infrastructure
- Create and Run Virtual Environment Compliance Templates
- Create Virtual Environment Compliance Rule Groups
- Create and Test Virtual Environment Compliance Rules
- Create and Test Virtual Environment Compliance Filters
- Preview Virtual Environment Compliance Rule Groups
- Create Virtual Environment Compliance Templates
- Run Virtual Environment Compliance Templates
- Create Virtual Environment Compliance Exceptions
- Resolve Noncompliant Virtual Environments Template Results
- Configure Alerts and Schedule Virtual Environment Compliance Runs
- Configuring vCenter Operations Manager Integration
- Auditing Security Changes in Your Environment
- Configuring Windows Machines
- Configure Windows Machines
- Windows Collection Results
- Getting Started with Windows Custom Information
- Prerequisites to Collect Windows Custom Information
- Using PowerShell Scripts for WCI Collections
- Windows Custom Information Change Management
- Collecting Windows Custom Information
- Create Your Own WCI PowerShell Collection Script
- Verify that Your Custom PowerShell Script is Valid
- Install PowerShell
- Collect Windows Custom Information Data
- Run the Script-Based Collection Filter
- View Windows Custom Information Job Status Details
- Windows Custom Information Collection Results
- Run Windows Custom Information Reports
- Troubleshooting Custom PowerShell Scripts
- Configuring Linux, UNIX, and Mac OS X Machines
- Linux, UNIX, and Mac OS X Machine Management
- Linux, UNIX, or Mac OS X Installation Credentials
- Configure Collections from Linux, UNIX, and Mac OS X Machines
- Configure Installation Delegate Machines to Install Linux, UNIX, and Mac OS X...
- Configure the HTTPS Bypass Setting for Linux Agent Installations
- Enable Linux, UNIX, and Mac OS X Agent Installation
- Add and License Linux, UNIX, and Mac OS X Machines for Agent Installation
- Install the VCM Agent on Linux, UNIX, and Mac OS X Operating Systems
- Collect Linux, UNIX, and Mac OS X Data
- Linux, UNIX, and Mac OS X Collection Results
- Configure Scheduled Linux, UNIX, and Mac OS X Collections
- Patching Managed Machines
- Patch Assessment and Deployment
- Prerequisite Tasks and Requirements
- Manually Patching Managed Machines
- Getting Started with VCM Manual Patching
- Configuring An Automated Patch Deployment Environment
- Deploying Patches with Automated Patch Assessment and Deployment
- Configure VCM for Automatic Event-Driven Patch Assessment and Deployment
- Generate a Patch Assessment Template
- Run a Patch Assessment on Managed Machines
- Add Exceptions for Patching Managed Machines
- Configure the VCM Administration Settings
- Generate a Patch Deployment Mapping
- Configure VCM for Automatic Scheduled Patch Assessment and Deployment
- How the Linux and UNIX Patch Staging Works
- How the Linux and UNIX Patching Job Chain Works
- How the Deploy Action Works
- Patch Deployment Wizards
- Running Patching Reports
- Running and Enforcing Compliance
- Provisioning Physical or Virtual Machine Operating Systems
- Provisioning Software on Managed Machines
- Using Package Studio to Create Software Packages and Publish to Repositories
- Software Repository for Windows
- Package Manager for Windows
- Software Provisioning Component Relationships
- Install the Software Provisioning Components
- Using Package Studio to Create Software Packages and Publish to Repositories
- Using VCM Software Provisioning for Windows
- Related Software Provisioning Actions
- Configuring Active Directory Environments
- Configuring Remote Machines
- Tracking Unmanaged Hardware and Software Asset Data
- Managing Changes with Service Desk Integration
- Index
You can also use VCM's automatic event-driven and scheduled patching for managed Windows machines.
For a list of supported machines for VCM patching, see the VCM Installation Guide.
To configure VCM for automatic, event-driven patch deployment, see "Configure VCMfor Automatic
Event-Driven Patch Assessment and Deployment" on page 170.
To configure VCM for automatic scheduled patch deployment, see "Configure VCM for Automatic
Scheduled Patch Assessment and Deployment" on page 176.
To manually deploy patches to managed machines, see the VCM online help.
Configure VCMfor Automatic Event-Driven Patch Assessment and
Deployment
To ensure that Linux, UNIX, and Windows managed machines always include the latest patches, you can
have VCM deploy patches to the managed machines when certain events occur in your environment.
After you perform the initial configuration for the automatic deployment, no intervention is required to
deploy patches to managed machines.
To configure the automatic, event-driven patch assessment and deployment, you must generate a patch
assessment template and run a patch assessment on the managed machines. Optionally, you can add
exceptions for the automatic patch deployment.
To support automated patching of Linux and UNIX managed machines, VCM uses a job chain. The steps
in the job chain download patches from vendor sites to the patching repository, copy the patches to the
alternate location machines, stage patches on the target Linux and UNIX managed machines, deploy the
patches to managed machines, and reboot the managed machines. The status of the job chain, including
the running jobs in the job chain, appears in the VCM Job Manager. Finished job chain jobs appear in Job
Manager History.
VCM supports patching exceptions for machines that should not be patched using VCM, and for specific
patches or bulletins that VCM should not deploy. VCM also supports exceptions for specific patches or
bulletins that do not apply to certain machine groups, or patches or bulletins that are not necessary,
because they are already deployed. VCMapplies patching exceptions during the automatic patch
deployment process to the machine group that you select when you define the automatic deployment
mapping.
When VCM deploys patches to managed machines, a job is created for each machine. When a reboot of
the managed machine is required, VCM creates a deployment job and a reboot job for the machine. The
deployment occurs either immediately or when scheduled. After the deployment is finished, the reboot
job begins either immediately or at the scheduled time. If the scheduled time has passed, the reboot job
fails.
Depending on the number of managed machines being patched and the number of jobs, the time allowed
for the patching window might expire before the patching jobs are finished, because the request might
become stale or the number of maximum concurrent VCMAgent installations might be set too low. If
patching jobs time out, see the troubleshooting topic in the VCM Troubleshooting Guide.
Prerequisites
Configure VCM. See "Configuring VCM to Work with the Patching Repository and Alternate Locations"
on page 162.
vCenter Configuration Manager Administration Guide
170
VMware, Inc.