Patching VMware virtual machine templates

To patch a VMware virtual machine template, you run a copy of a Server Automation sample plan. Use sample plan ID 161 to patch a VMware virtual machine template on Microsoft® Windows®, and use sample plan ID 165 to patch on Linux®. The plan automates the process of patching the virtual machine template by creating a new virtual machine from the template that you want to patch, patching that virtual machine, removing BigFix client identity data, and then converting the virtual machine back to a template. The new template is a mirror of the original template except that it is has a new name and is updated with your patching content and does not contain the BigFix client identity data and is therefore generic.

Before you begin

Make sure that your system meets the following requirements:
  • This patching solution supports only VMware virtual machines and templates.
  • The VMware management extender must be installed and must be configured correctly. For information about installing the management extender, see Installing the management extender.
  • Remote Connector must be installed on the computer that has the VMware management extender installed. Use Server Automation Task 160 Install BigFix Remote Connector to install Remote Connector.
    Note: RXA module is getting deprecated. The Remote Connector module provides the same level of functionality as the existing RXA module. From Server Automation 9.5.61 onwards, BigFix does not support installation or maintenance of RXA module.
  • The VMware template that you are patching must have the BigFix client installed and you must provide the host name or IP address, user name and password of the target computer (virtual machine) that is created from the template in step 1 of the plan.
  • If necessary, activate both Virtualization analyses VMware Host Overview and SSL Encryption Analysis for Windows Administrator Password.

About this task

The plan that you run to automate patching of a virtual machine template completes the following tasks:
  • Step 1 creates a new virtual machine from the template that you want to patch. Make a note of the name you enter for the new virtual machine and after it is created, note its IP address or host name.
  • Step 2 applies the operating system patches to the newly created virtual machine.
  • Step 3 removes the BigFix client identity data from the newly created virtual machine using Remote Connector (or RXA). For this step, you must target the computer on which Remote Connector (or RXA) and the management extender are installed from the Targets tab and from the Parameters tab, you must enter the IP address and host name of the virtual machine created in step 1.
  • Step 4 powers off the newly created virtual machine.
  • Step 5 converts the newly created and patched virtual machine back to a template with the same name as the newly created virtual machine in step 1.
Important: The targeting for this plan is atypical and different to most sample plans. For the third step, on the Targets tab, you must target the computer on which Remote Connector (or RXA) is installed and on the Parameters tab, you must enter the IP address or host name of the virtual machine that is created in step 1. Read the targeting information carefully before running the plan.
When this automation process has completed, the newly created template is generic and patched and available to use.

Complete the following steps to patch a virtual machine template.

Procedure

  1. From the Server Automation domain, search for and select sample plan ID 161 Patch VMware Windows Template for Windows or sample plan ID 165 Patch VMware Linux Template for Linux.
  2. Create a copy of the sample plan and save the copy.
  3. Select the copy of the plan and click Take Action.
  4. For step 1 VMware Create Windows Virtual Machine from Template, from the Targets tab, target the host that contains the template that you are using to create a virtual machine and from the Parameters tab, enter the parameters as described in Creating a Windows virtual machine from a template.
  5. For step 2, on the Targets tab, on the Targets tab, use The computers specified in the list of names below option and enter the computer name of the virtual machine that you created in step 1 and replace the placeholder Fixlet with the Fixlet, Task, or Baseline that you want to use to patch the virtual machine template.
  6. For step 3, from the Targets tab, select the Use applicability option and target the computer on which you installed Remote Connector (or RXA) - this is the computer on which the management extender is installed. On the Parameters tab, enter the IP address or host name, Administrator user name and password of the virtual machine that you created in step 1. The host name is required for Remote Connector (or RXA) to make required changes to the BigFix client.
  7. For step 4, from the Targets tab, select the The computers specified in the list of names below option and enter the name of the virtual machine that you created in step 1.
  8. For step 5, from the Targets tab, use The computers specified in the list of names below option and enter the name of the virtual machine that you created in step 1. From the Parameters tab, enter the parameters as described in Converting a virtual machine to a template.