Step-by-step VMware Cloud Foundation Repository update without Internet

In my previous post Step-by-step VMware Cloud Foundation 4.2.1 install using VLC we finished building our management domain successfully. Now in order to install vRealize suite we need to download the bundles from VMware, If you have direct internet connectivity (connection to depot.vmware.com) open for SDDC manager then you just need to authenticate with my.vmware.com account and it will start polling and downloading the packages.

If your SDDC manager do not have direct connectivity option, then there could be two scenarios.

1. Either a proxy server in place using which updates/bundles can be downloaded.
2. Environment is air gapped and only option is to offline bundle download and updating repository manually.

1)    For environments with proxy servers steps are listed below which are available on VMware site

• Using SSH, log in to the SDDC Manager VM with the following credentials:

Username: vcf

Password: use the password specified in the deployment parameter sheet

• Type su to switch to the root account. Enter the password.
• Open the /opt/vmware/vcf/lcm/lcm-app/conf/application-prod.properties file in VI editor.
• Update the following lines at the end of the file:

lcm.depot.adapter.proxyEnabled=true

lcm.depot.adapter.proxyHost=proxy IP address

lcm.depot.adapter.proxyPort=proxy port

• Save and close the file.
• Restart the LCM server by typing the following command in the console window:
• systemctl restart lcm
• Wait for 5 minutes and then download the bundles.

2)    For environments which are completely air-gapped we have to download repository on a linux or windows machine which has internet connectivity and upload the same on SDDC manager.

These are the pre-requisites for offline bundle update.

• A Windows or Linux computer with internet connectivity for downloading the bundles.
• The computer must have Java 8 or later.
• A Windows or Linux computer with access to the SDDC Manager VM for uploading the bundles.
• To upload the manifest file from a Windows computer, you must have OpenSSL installed and configured.

Open SSL is a must if you are planning to update manifest file using windows machine, however if you are going to use SDDC manager which I use in my deployments then you don't need to worry about it.

Now I am going to use a windows server to download the bundles. steps needed to install openSSL are listed below however we will use SDDC manager for this task, so lets start by downloading and installing it. If you also wish to use SDDC manager for this task then you can skip installing openSSL.

Download the openssl msi file from the attached link.

Run the downloaded installer file, read and agree the license agreement.

Choose the installation directory, and click nect.

It will create shortcuts for us, hence click next.

Choose where you wish to keep the DLLs. I am keeping them in windows system directory.

Now hit install and setup will start installation.

Once installation is finished, we will configure environment variables. For that open system properties using command from run prompt "sysdm.cpl", set the system variable as shown in the image.

After that set path for the variable.

Now open command prompt and enter "openssl" to test if it is installed correctly. 

Along with make sure you have Java runtime on your server as well to run the utility.

Now login to my.vmware.com and navigate to products>>all products>>VMware Cloud Foundation>>download>>drivers and tools.

Now download the bundle transfer utility.

Extract the downloaded file, I used 7zip to extract.

Open powershell prompt with administrative privileges and navigate to the directory where utility is extracted.

Now download the manifest file using command "./lcm-bundle-transfer-util --download --manifestDownload --depotUser yourusername" this is your my.vmware.com username, enter password when prompted and downloaded file's path will be available on your screen.

Copy the file from this location and paste it to lcm-tools-prod folder.

This utility is a part of SDDC manager, hence if you want it can be downloaded from SDDC manager as well.

Connect winscp to SDDC manager.

Now copy lcmManifestv1.json file which we have downloaded in /home/vcf directory.

Once file is copied change its permission to allow all as shown in the image below and press ok.

Now connect SDDC manager using SSH.

Change the user to root using "su" command and navigate to "/opt/vmware/vcf/lcm/lcm-tools/bin/" and run following command "./lcm-bundle-transfer-util --update --sourceManifestDirectory /home/vcf/ --sddcMgrFqdn sddc-manager.vcf.sddc.lab --sddcMgrUser administrator@vsphere.local" . Use SSO administrator account for this operation.

Once lcm 2.0 Manifest is uploaded, we need to generate the Marker file using command "./lcm-bundle-transfer-util --generateMarker" please change the user back to vcf and run this command.

Copy these files in the lcm-tools-prod directory.

 Now create one directory for bundle download, and assign full permissio to everyone on that directory.

Now using powershell run this command, you need to be in the bin directory for that "./lcm-bundle-transfer-util --download --outputDirectory E:\VCF\offline --depotUser yourDepotUser --markerFile C:\vcf\lcm-tools-prod.tar\lcm-tools-prod\markerFile --markerMd5File C:\vcf\lcm-tools-prod.tar\lcm-tools-prod\markerFile.md5" 

Wait for bundle download to finish.

Once bundles are downloaded use winscp to copy the offline folder into "/nfs/vmware/vcf/nfs-mount/" directory.

It would take some time to transfer files as its almost 60 to 80 GB. Once transfer is complete we need to make sure the permission on the transferred folder is set to 7777 means allow to all.

Once permission is set we need to upload the files to LCM internal directory for that we need to navigate to directory "/opt/vmware/vcf/lcm/lcm-tools/bin" and to upload files run command "./lcm-bundle-transfer-util --upload --bundleDirectory  /nfs/vmware/vcf/nfs-mount/offline/"  bundles will start validating before update.

You can login to SDDC manager and navigate to Lifecycle manager bundle management.

You need to repeat this upload multiple times, it will skip the bundles which are already uploaded and will move on with the next one. Once upload is complete, we will be ready to start deployment of vRealize suite.

I hope I was able to add value, if your answer is yes, then don't forget to share and follow. 😊

If you want me to write on specific content or you have any feedback on this post, kindly comment below.

If you want, you can connect with me on Linkedin, and please like and subscribe my youtube channel VMwareNSXCloud for step by step technical videos.

Reference: Offline Bundle Download for VMware Cloud Foundation