Idea came from the path I wish to take, that is provide solutions. Unless I try, I won’t fail and If I don’t fail I won’t succeeded.
Let’s starts from small and simple. I think VUM is simplest of the product to design. So let’s start.
I have a client(SMB) who needs VUM for his already configured vSphere4.0 infrastructure. SMB stands for small and medium size business. Client in this case is small.:)
He has 20 hosts, which is mix of ESX and ESXi(Installable). Each host is running 20 virtual machines. So total virtual machines are 400. Virtual Machines(VM) is mixed of Windows and Linux. 20 hosts are configured in cluster. Each cluster is 5 node. So total cluster is 4. Client wish to have host as well as VM’s patched using VUM in the solution.
After reading vsp_vum_40_admin_guide.pdf and Mastering vSphere, here is solution I have provided to the client.
Decision on air-gap or semi air gap
Client wanted as much secure environment as possible due to Banking environment. So Air-gap was the simplest alternative. In Air-gap environment all patches are downloaded from a server/workstation which is not connected to internal network by any means. With Air-gap, we patch downloaded needs to exported from isolated machine to internal network. So portable drive upto 1 TB size was preferred. More details later.With Air-gap client was happy to accept the manual process of moving into Server farm to connect to internet connected PC and drop the content into portable drive.
Hardware for Update Manager Download Service(UMDS) & VUM
UMDS will be only downloading patch and UMDS does support Windows XP SP3. Database is requirement for UMDS, which can easily sufficed using SQL 2005 Express edition present in UMDS & VUM. Disk size 60 GB, Downloaded patch data will be on portable media. memory 1 GB and CPU Dual Core 2GB.One network cards 1 Gbps.
Hardware requirement for UMDS:
OS:Windows XP SP2 machine
Memory: 1 GB RAM
Network: 1 Gbps (2 Nos)
Disk: 60 GB
Firewall enabled on internet connected NIC, all out bound connection disabled
For VUM we will choose Virtual Machine. vCenter and VUM will be placed on same host. Point to remember vCenter and VUM might get rebooted during patching and break the entire patching process. Care has to be taken not to patch the VM and ESX host which it is hosted till other hosts are patched.
Hardware requirement for VUM
OS:Windows 2003 SP2
Memory: 2 GB RAM
Network: 1 Gbps
Disk: 200 GB (Patch Download Area)