VMware vCenter Configuration Manager - 5.7 User Manual
Software Content Repository Tool 5.0 Guide
Software Content Repository Tool 5.0
vCenter Configuration Manager 5.7
This document supports the version of each product listed and supports all
subsequent versions until the document is replaced by a new edition. To
check for more recent editions of this document, see
http://www.vmware.com/support/pubs.
EN-001242-00
Software Content Repository Tool 5.0 Guide
You can find the most up-to-date technical documentation on the VMware Web site at:
http://www.vmware.com/support/
The VMware Web site also provides the latest product updates.
If you have comments about this documentation, submit your feedback to:
docfeedback@vmware.com
© 2006–2013 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and
intellectual property laws. VMware products are covered by one or more patents listed at
http://www.vmware.com/go/patents.
VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All
other marks and names mentioned herein may be trademarks of their respective companies.
VMware, Inc.
3401 Hillview Ave.
Palo Alto, CA 94304
www.vmware.com
2
VMware, Inc.
Contents
About This Book 5
Introduction to the Software Content Repository Tool 7
Preparing for SCRTool Installation 9
Installing the VCM Agent on the Linux and UNIX Machines to be Managed 9
Selecting and Preparing the Host Machine 9
Establish User Credentials 11
Place Trusted Certificates in the Key Store 11
Verifying Access to External Sites 11
Installing the Prerequisite Software for the SCRTool 13
Install the SCR Tool Software 13
Download the Java Runtime Environment 14
Test the Java Runtime Environment Installation 14
Download the Java Cryptography Extension 14
Configuring the Red Hat Host Machine 17
Review the Directory Structure 17
Grant Permission to the Repository 18
Update the Properties Files 18
Properties File Parameters 19
Connect the VCM Managed Machines to the SCRTool 25
Set Logging Levels and Output File Names 25
Managing Patch Content with the SCR Tool 27
Download the Patch Content 27
Schedule Downloads 28
Maintain the Software Content Repository 29
Troubleshooting the SCR Tool 31
Out of Memory Error 31
Content Download Network Connection Error 32
Cannot Connect to Red Hat Account 32
Session Login to Red Hat Fails 33
Download from Red Hat Fails 33
HP-UX Service Authentication Fails 35
Download from HP Fails 35
Proxy Server Configuration Fails 35
Mismatch in Number of Patches 37
OS Vendor Does Not Accept Credentials 37
OS Vendor Errors 37
Patch Download Errors 38
Obsolete Patches Cause the Download to Fail 39
HTTP Errors Are Not Marked as SEVERE 39
Connection Refused Errors 40
Null Pointer Exception Errors 40
Index 43
VMware, Inc.
3
Software Content Repository Tool 5.0 Guide
4
VMware, Inc.
About This Book
The VMware vCenter Configuration Manager Software Content Repository Tool Guide provides information
about the following topics.
n
Preparing the host machine for components and tools.
n
Installing and configure components and tools.
n
Using the tool to download patch content.
n
Troubleshooting errors that might occur.
Intended Audience
This document contains information intended for system administrators who must patch machines in their
network.
To use this information effectively, you must have a basic understanding of how to configure network
resources. You also must fully understand your network’s topology and resource naming conventions.
Document Feedback
VMware welcomes your suggestions for improving our documentation. If you have comments, send
your feedback to docfeedback@vmware.com.
VMware, Inc.
5
Software Content Repository Tool 5.0 Guide
Technical Support and Education Resources
The following technical support resources are available to you. To access the current version of this book
and other books, go to http://www.vmware.com/support/pubs.
Online and Telephone
Support
To use online support to submit technical support requests, view your
product and contract information, and register your products, go to
http://www.vmware.com/support.
Customers with appropriate support contracts should use telephone support
for priority 1 issues. Go to http://www.vmware.com/support/phone_
support.html.
Support Offerings To find out how VMware support offerings can help meet your business
needs, go to http://www.vmware.com/support/services.
VMware Professional
Services
VMware Education Services courses offer extensive hands-on labs, case study
examples, and course materials designed to be used as on-the-job reference
tools. Courses are available onsite, in the classroom, and live online. For
onsite pilot programs and implementation best practices, VMware Consulting
Services provides offerings to help you assess, plan, build, and manage your
virtual environment. To access information about education classes,
certification programs, and consulting services, go to
http://www.vmware.com/services.
6
VMware, Inc.
Introduction to the Software Content Repository Tool
The Software Content Repository (SCR) Tool is a standalone Java client software application that builds a
repository of Linux and UNIX patches and downloads operating system(OS) vendor patch content to the
repository.
The SCR Tool downloads patch content from vendor Web sites, which you use to patch Linux and UNIX
machines. These files include patch signature files (.pls), and OS vendor patch content files (.rpm, .gz,
.tar, .zip) used in the patching background processes. Deployment package files (.plp) are included
and used for patch deployment on Mac OS X. The .plp files contain the vendor patch, which is extracted
based on the properties file settings.
You run the SCR Tool on a Red Hat machine and use the VCM Patching functionality in VMware vCenter
Configuration Manager (VCM) to deploy patches to the VCM managed machines.
To ensure that all patch dependencies are met when VCM deploys the patches, the SCR Tool downloads
all of the necessary patches, except for patches that have been superseded. VCM Patching handles all the
dependencies when the patches are deployed. If the patch was available when the SCR Tool was installed
and configured, the patch downloads. If the patch was not available, or the SCR Tool was last run, the
patch will not be available. If the patch is still available from the OS vendor, it will be available for
download using the SCR Tool patch replication process.
1
The SCR Toolis not used to run patch assessments or deployments. The SCRTool also does not assess the
machine configuration or the downloaded patch content that is used for patch deployment.
The SCRTool downloads the patch signature files and OS-vendor patch content from the Content
Download Network (CDN), and downloads subscription-only content from the OS Vendor Content Web
sites. The patches must be accessible to the VCM managed machines through an NFS mount to the
repository on the machine that hosts the SCRTool. For a diagram of the components and workflow, see
"How to Download Patches with the SCRTool" on page 8.
VMware, Inc.
7
Software Content Repository Tool 5.0 Guide
Figure 1–1. How to Download Patches with the SCRTool
After you download patches from the vendor Web site, you must use VCM to assess your Linux and
UNIX machines and deploy the patches using the machine group mapping in VCM Patching. For
information about assessments, see the VCM Administration Guide and the VCM online Help.
8
VMware, Inc.
Preparing for SCRTool Installation
Before you install the SCR Tool, you must complete several prerequisite tasks.
This chapter includes the following topics:
Installing the VCM Agent on the Linux and UNIX Machines to be
Managed 9
Selecting and Preparing the Host Machine 9
Establish User Credentials 11
Place Trusted Certificates in the Key Store 11
Verifying Access to External Sites 11
Installing the VCM Agent on the Linux and UNIX Machines to be Managed
VCM managed machines use an NFS mount to connect to the host machine where the SCRTool is
installed, to obtain the Linux and UNIX patches for deployment to the managed machines. After the
managed machines obtain the patches, VCM Patching can deploy the patches to those managed machines.
2
The following VCM managed machines can connect to the SCR Tool host machine.
n
Solaris
n
Red Hat
n
HP-UX
n
AIX
n
SUSE
n
OSX
Verify that the Linux and UNIX machines to be managed by VCM meet the system requirements. See the
VCM Installation Guide. Then review the VCM Agent installation procedures and install the VCM Agent on
the platform as described in the VCM Administration Guide
Selecting and Preparing the Host Machine
Install the SCR Tool on supported host machines. After the host machine meets all of the requirements, it
can run as a guest in a virtualized environment.
You can install the SCR Tool on a 64-bit Red HatEnterprise Linux Server machine running version 6.
IMPORTANT Use the host machine exclusively to run the SCR Tool and serve as the patch repository.
VMware, Inc.
9
Software Content Repository Tool 5.0 Guide
To download content for each supported platform for patch deployment, the minimum recommended
storage is 810GB.
Table 2–1. Estimated Host Support for Patch Storage on Platforms
Supp orted Platform Minimum Storag e Required
AIX 130GB
HP-UX 15GB
Mac OSX 210GB
Red Hat 70GB
Solaris 325GB
SUSE 60GB
Prerequisite
n
If you install the SCR Tool on a 64-bit Red Hat machine, verify that 64-bit Java is installed. If it is not
installed, you must install it.
Procedure
for Patch Content F iles and Payload
1. Select a 64-bit Red HatEnterprise Linux Server machine to use as the host machine for the SCR Tool.
2. Remove any non-Oracle Java versions.
3. Verify that the host machine has Internet access.
4. Verify that the host machine has adequate storage to download the patch content for each platform to
support patch deployment to all of the machines.
5. Verify that the host machine has Oracle Java Runtime Environment (JRE) version 1.6 or later, 64-bit
only, installed.
6. Ensure that your JAVA_HOME and PATHenvironments are set to the correct Java instance.
For example:
export PATH=/usr/java/jdk1.6.0_
24/jre/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin
export JAVA_HOME=/usr/java/jdk1.6.0_24/jre
7. Verify that the SCR Tool host machine has Oracle Java Cryptography Extension (JCE) Unlimited
Strength Jurisdiction Policy Files corresponding to the JRE version installed.
The JCE is required for the encryption of credentials to the OS vendor sites.
8. If you download Red Hat content, verify that the Red Hat Network (RHN) Management and Update
entitlements are available and associated with the credentials so that SCR can download the RHN
content.
9. Verify that the SCR Tool host machine has sufficient memory for the replicated files.
Linux files require up to 2GB of memory. All other machines require 1GB by default.
10. Allow additional memory for the overhead of host OS operations, which vary depending on your
environment.
10
VMware, Inc.
What to do next
n
As your patch content increases because of downloads and storing patch content files and payload, you
must monitor the available disk space on the SCR Tool host machine to avoid disk space problems. The
patch content grows over time as vendors release new patches and content.
n
Verify that the Linux and UNIX machines to be managed by VCM meet the system requirements. See
the VCM Installation Guide.
Establish User Credentials
To download OS-vendor subscription-only content for Red Hat, Solaris, SUSE, and HP-UXmachines, you
must establish user credentials to the OS vendor sites.
Procedure
1. Contact the vendor to obtain a subscription to the patch content.
2. Establish your login and password to the vendor site.
Place Trusted Certificates in the Key Store
The Software Content Repository (SCR) Tool requires authentication to the HP-UX Software Assistant
Web site. For the SCR Tool to download recommended patches, and before you use VCM to deploy
patches to HP-UX managed machines, you must follow the HP recommendation to install the trusted
certificate to the key store.
Preparing for SCRTool Inst allation
The HP-UX Software Assistant site checks certificates to ensure a secure connection, and validates
authentication by using a trusted certificate. If you do not install the trusted certificate, the HP-UX service
authentication fails, which causes the patch download to fail.
To install intermediate certificates for Software Assistant, see http://kb.vmware.com/kb/2051577.
Verifying Access to External Sites
Depending on the supported platform, the SCR Tool must have access to vendor sites from which to
download patches and payloads.
For sites that are hosted by Akamai, use the URL instead of the resolved IP address. Sites hosted by
Akamai might change IP addresses based on location.
The following sites are hosted by Akamai.
http://configuresoft.cdn.lumension.com/configuresoft
http://novell.cdn.lumension.com/
https://a248.e.akamai.net/f/60/59258/2d/
Table 2–2. Access from SCR Tool to External Sites
Platform SCR To ol must Access
All platforms
http://configuresoft.cdn.lumension.com/configuresoft
http://novell.cdn.lumension.com/
https://a248.e.akamai.net/f/60/59258/2d/
http://vmware.cdn.lumension.com/
VMware, Inc.
Red Hat
http://xmlrpc.rhn.redhat.com/XMLRPC
11
Software Content Repository Tool 5.0 Guide
Platform SCR To ol must Access
SUSE
https://you.novell.com/update/
https://nu.novell.com/repo/$RCE/
Solaris https://getupdates.oracle.com/
HP-UX
https://itrc.hp.com/service/
https://ftp.itrc.hp.com/wpsl
AIX
http://www7b.software.ibm.com/
12
VMware, Inc.
Installing the Prerequisite Software for
the SCRTool
The SCR Tool uses several types of software. You must install and test the required software on a
supported host machine, then you install the Software Content Repository Tool on the host machine.
This chapter includes the following topics:
Install the SCR Tool Software 13
Download the Java Runtime Environment 14
Test the Java Runtime Environment Installation 14
Download the Java Cryptography Extension 14
To support the downloads and storing the patch files and payload, and patch deployment, you must install
and test the following software.
n
SCR Tool software
n
Java Runtime Environment
n
(Optional) Java Cryptography Extension
Install the SCR Tool Software
3
VMware, Inc.
After you install the supporting software, you can install the Software Content Repository Tool software
on the host machine.
Prerequisites
n
Complete the preparatory tasks. See "Preparing for SCRTool Installation" on page 9.
Procedure
1. Access the Download VMware vCenter Configuration Manager Web site at
http://downloads.vmware.com.
2. Click VMware vCenter Configuration Manager.
3. Click the Drivers &Tools tab.
4. Click VMware vCenter Configuration Manager - Tools for 5.5 or later.
5. In the Components section, click Show Details and verify that the version of the SCR Tool is 5.0.
6. Click Download.
7. Unzip the SCR Tool files from SCR-5.0-vmware-linux.tar.gz to the directory where the
application files will reside on the host machine.
13
Software Content Repository Tool 5.0 Guide
After you extract the SCR Tool files, a root directory contains the subdirectories and files for the supported
Linux and UNIX platforms. This information refers to the root directory as scr_root.
Download the Java Runtime Environment
You download the Java Runtime Environment (JRE) to support the SCR Tool on the host machine.
Prerequisites
n
Verify that you can access http://www.java.com.
Procedure
1. Access the Java Web site.
2. Click Downloads.
3. Locate and install Java Runtime Environment (JRE) version 1.6 or later.
4. Use the platform-specific link to display detailed installation instructions for your platform.
Test the Java Runtime Environment Installation
To verify that the Java Runtime Environment installation on the Red Hat host machine works properly,
you can test it.
Prerequisites
n
Locate the article titled, "How do I test whether Java is working on my computer?" at
http://www.java.com.
Procedure
1. Verify that the JRE is installed.
2. (Optional) Display the currently installed version of Java.
a. Open a terminal session on the SCR Tool host machine.
b. Run the command java -version.
Download the Java Cryptography Extension
The Java Cryptography Extension (JCE) is required for HP-UX, Red Hat, Solaris, and SUSE. You must
download and install the JCE installation on the SCR Tool host machine. The JCE encrypts passwords
when you use third party credentials in the properties files used to download patch content.
IMPORTANT If multiple Java SE (Standard Edition) Development Kit (JDK) or JRE installations exist on the
same machine, make sure that you update the correct JDK or JRE instance.
Prerequisites
n
Locate the Java SE downloads page at http://www.oracle.com.
14
VMware, Inc.
Loading...