Tag Archives: cli

Virtual SAN 6.2 Automated Deployments with PowerCLI

Virtual SAN 6.2 Automated Deployments with PowerCLI

Virtual SAN 6.2 Automated Deployments with PowerCLI

This demonstration showcases the extensible deployment and configuration flexibility of VMware Virtual SAN through the use of command line interface tools such as PowerCLI by automating the creation of all of the necessary artifacts required to successfully prepared and form an 8 node all-flash VMware Virtual cluster with a single PowerCLI script.


VMware Social Media Advocacy

Advertisements

Build a custom automated ESXi installer image

Build a custom automated ESXi installer image

by Matt Bradford

If you’re like me, you’ve probably performed more manual ESXi installs than you care to admit. It’s not just the installation of the hypervisor, but the installation of the drivers and other bundles that can easily eat into your busy day. Not to mention if you try to image many hosts at the same time there’s a good likelihood that you’ll miss something that will come back and haunt you later.

One of the benefits of working with a great vendor is that they’re usually willing to ship your hosts pre-imaged and built to your spec. In order to make my vendor’s lives easier I wanted an ISO that would install ESXi to our spec without intervention. I needed to build a custom automated ESXi installer image. It may sound complicated but it’s pretty simple and the best thing is it doesn’t take long. Your first time may take 30 minutes, but once you have everything together you will be able to create the ISO in about five. Here’s how you do it…

Download the ESXi Offline Bundle. You can use the generic or vendor provided image.

download_offline_bundle'

 

Download the driver and other offline bundles you want to pack into your image. Copy everything to a folder. (Note that offline bundles may be inside the zip file you download.)

copy_offline_bundles_to_folder

 

Open PowerCLI and add the ESXi offline bundle.

Add-EsxSoftwareDepot .\VMware-ESXi-5.5.0-Update3-3248547-HPE-550.9.4.5.7-Dec2015-depot.zip

add_esxi_offline_bundle

 

Add the driver offline bundles.

Add-EsxSoftwareDepot .\hpsa-5.5.0.106-offline_bundle-2734178.zip

add_driver_bundles

We need to get the name of the image by entering…

Get-EsxImageProfile | Select Name

In this case our image name is HPE-ESXi-5.5.0-Update3-550.9.4.5.7.

get-esximagteprofile

We’ll take the name of the profile from the previous step and create a new image with it.

New-EsxImageProfile -CloneProfile HPE-ESXi-5.5.0-Update3-550.9.4.5.7 -Name ESXi-5.5-VMSpot-Customized

By default the acceptance level will be Partner Supported. More info available here.

New-EsxImageProfile

Export the image to an ISO by typing…

Export-EsxImageProfile -ImageProfile ESXi-5.5-VMSpot-Customized -ExportToIso -Filepath .\ESXi-5.5.0.VMSpot.iso

Export-To-Iso

Launch WinISO and open the ISO.

WinISO_OpenISO

Create a file called KS_CUST.CFG and add the following…

# Accept the VMware End User License Agreement
vmaccepteula
# Set the root password for the DCUI
rootpw VMwareR0cks!
# The install media is in the CD-ROM drive
installorupgrade --firstdisk --overwritevmfs
# Set the network to DHCP on the first network adapter
network --bootproto=dhcp --device=vmnic0
# reboots the host after the scripted installation is completed
Reboot

Create_KS_CUST_CFG

Copy BOOT.CFG from the ISO and change the kernelopt line as such…

kernelopt=runweasel ks=cdrom:/KS_CUST.CFG

modify_boot_cfg_one_line

Add the KS_CUST.CFG file to the root of the ISO and overwrite BOOT.CFG. Save the ISO.

Add_Files_To_Iso

Mount the ISO to your host and boot.

Mount_the_ISO

The installation process will now run without any manual intervention.

Boot_Menu

Loading_Custom_Installer

Reading_Installation_Script

It’s okay to ignore the DHCP warning. It will clear automatically after a few seconds.

DHCP_Warning

writing_first_boot_scripts

The installation is finished! The host will now reboot automatically!

system_finished_upgrading

(Courtesy of VMSpot)


VMware Social Media Advocacy

Working with the VMware vCenter Server Appliance

Working with the VMware vCenter Server Appliance

While working with the VMware vCenter Server Appliance (VCSA) the last couple of years I came across several bits and pieces of information that I collected which, I think, are useful for working with the VMware vCenter Server Appliance (VCSA) and combined them in this blog post.

VMware vCenter Server provides a centralized platform for managing your VMware vSphere environments through a single pane of glass. The VMware vCenter Server Appliance (VCSA) is a preconfigured Linux-based virtual appliance that can be deployed simply as a Virtual Machine. This VM is optimized for running vCenter Server and the associated services on Linux.

Highlighted in this VMware vCenter Server Appliance blogpost:

  • Change the Password and Password Expiration Settings of the Root User
  • Enabling SSH, Local Access and Bash shell
  • Unlocking a locked out Root account
  • Updating or patching the VCSA
  • VCSA startup stages after reboot
  • WinSCP to vCenter Server Appliance

 

Change the Password and Password Expiration Settings of the Root User

When you deploy the vCenter Server Appliance, you set the initial password of the root user, which expires after 365 days by default. For security reasons, you can change the root password, as well as the password expiration settings. In version 5.5 and 6.0 of the VCSA the root password expires in 90 days, with the updated version by default the root password will expire in 365 days. You can login to the VMware Appliance Management Interface (VAMI) with a web browser on the following address:

Important: If there is no VAMI page showing up on port 5480 you are probably running VCSA version 6.0, because VMware removed the VAMI from vCenter Server 6.0. This issue can be resolved by updating the VCSA to Update 1 or later. For the necessary steps on upgrading please check the paragraph about Updating or patching the VCSA.

  1. Login with Root and the root-password.

VCSA_VAMI_LOGIN

  1. Go to Administration in the left panel

VCSA_VAMI_Administration

  1. In the right panel you can Change the Root Password
  2. In the panel below you can adjust the Password Expiry Settings

 


Enabling SSH, Local Access and Bash shell

After installing the VCSA local access and SSH access will be disabled. If you need to install plugins in the VCSA like the NexentaConnect for VSAN you will need SSH access to adjust some local settings and add the package for the plugin. You have multiple ways to activate Local Access and SSH possibilities.

Option 1: Through the VMware Appliance Management Interface

  • Login to the VAMI
  • Go to Access in the left pane
  • Check the two boxes enabling ssh login and bash shell

VCSA_VAMI_BASH

Option 2: Through the vSphere Web Client

  • Login to the vSphere Web Client
  • Go to Administration > System Configuration > Right-Click the correct VCSA node > Edit settings

VCSA_WEB_EDIT

  • Adjust accordingly how you would like it to behave

VCSA_WEB_ACCESS

 


Unlocking a locked out Root account

If the root account is not accessible through the console, the secure shell, and the Virtual Appliance Management Interface (VAMI) (vCenter Server Appliance 5.5 and 6.0 Update 1+), the root account has been inactivated due to password expiration. To reactivate the root account, the vCenter Server appliance must be rebooted and the kernel option modified in the GRUB bootloader to obtain a root shell.

First of all you have to edit the settings of the VCSA to delay the boot sequence through the vSphere Client. Make sure you know on which ESX host the VCSA runs before you shut it down. The time between when you power on the virtual machine and when it exits the BIOS or EFI and launches the guest operating system software is short. You can change the boot delay or force the virtual machine to enter the BIOS or EFI setup screen after power on.

Delaying the boot operation is useful for changing BIOS or EFI settings such as the boot order. For example, you can change the BIOS or EFI settings to force a virtual machine to boot from a CD-ROM.

Procedure:

  1. In the vSphere Client inventory, right-click the virtual machine and select Edit Settings.
  2. Click the Options tab and under Advanced select Boot Options.
  3. In the Power on Boot Delay panel, select the time in milliseconds to delay the boot operation.
  4. (Optional) Select whether to force entry into the BIOS or EFI setup screen the next time the virtual machine boots.
  5. (Optional) Select whether to try to reboot after a boot failure.
  6. Click OK to save your changes.
  7. Power-On the VCSA

To reactivate the root account:

  • When the GRUB bootloader appears, press the spacebar to disable autoboot
  • Type p to access the appliance boot options
  • Enter the GRUB password

Note: If the vCenter Server appliance was deployed without editing the root password in the Virtual Appliance Management Interface (VAMI), the default GRUB password is vmware. If the vCenter Server appliance root password was reset using the VAMI, then the GRUB password is the password last set in the VAMI for the root account.

Use the arrow keys to highlight VMware vCenter Server Appliance and type e to edit the boot settings

  • Scroll to the second line displaying the kernel boot parameters
  • Type e to edit the boot command
  • Append init=/bin/bash to the kernel boot options
  • Press Enter. The GRUB menu reappears
  • Type b to start the boot process. The system boots to a shell
  • Reset the root password by running the passwd root command
  • Restart the appliance by running the reboot command

 


Updating or patching the VCSA

Depending on which VCSA version you are running you have two options to update the VCSA.

Option 1 – Updating or Patching the VCSA through a SSH connection

  • Download VCSA update from the following location:
  • Upload the ISO to a Datastore
  • Attach the downloaded ISO to the VCSA virtual machine (Do not forget to check the connected box)
  • SSH to the VCSA

    ssh root@vcsa_hostname

  • Run the following commands

To stage the ISO

software-packages stage –iso

Run through the EULA (with ENTER) and answer with yes. To see the staged content

software-packages list –staged

To install the staged rpms

software-packages install –staged

VCSA_CONSOLE_UPDATEINSTALL

After patching is successful use the following command to reboot the VCSA

Shutdown reboot –r Update_to_last_patches

VCSA_CONSOLE_SHUTDOWN

Option 2 – Updating or Patching the VCSA through the VAMI

You can also update the VCSA throught the VAMI web interface when you are running a version of VCSA which has a active/available VAMI

  • Go to Update in the left panel and than in the right panel to Check Updates

VCSA_VAMI_UPDATE

You have the choice to use a CDROM or download it through a URL.

 


VCSA startup stages after reboot

The VCSA goes through different stages while booting, it has five visible stages:

  • You can connect to the IP address/FQDN of the VCSA

VCSA_WebStartScreen

  • Error message 503 when trying to connect to the vSphere Web Client

503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http16LocalServiceSpecE:0x7f809c7187b0] _serverNamespace = /vsphere-client _isRedirect = false _port = 9090)

  • You will see a Blanc screen while trying to connect to the vSphere Web Client
  • The vSphere Client web server is initializing message is visible

VCSA_Starting_Step4_Init

  • You can login through the vSphere Web Client Login Screen  (Do not forget the administrator@vsphere.local instead of root)

VCSA_Login_vSphereWebClient

Now the VCSA is fully booted and operational.

 


WinSCP to vCenter Server Appliance

When trying to connect WinSCP to the vCenter Server Appliance (VCSA) you will get an error message and you can not connect to upload or retrieve files from the VCSA. When you copy files using WinSCP, part of the operation happens on the target Linux system. The default Appliance Shell cannot be the remote partner of WinSCP. You must enable the Bash shell on the appliance, you can do that through the VAMI as described in the paragraph about Enabling SSH, Local Access and Bash shell. You can also do it by

  • Login to the VCSA through a SSH connection
  • Provide the the username root and the root password when prompted
  • Inserted the following commands:

Than go to the Bash shell

shell

In the bash shell switch from default shell to Bash

chsh -s /bin/bash root

Now you can use WinSCP to place or get files on the VCSA

To return the Bash shell to the Appliance shell use

chsh -s /bin/appliancesh root

When using Linux to place or retrieve files you can use PSCP.

By Edwin Weijdema


VMware Advocacy

In Guest VMware Tools CLI commands

In Guest VMware Tools CLI commands

In general it seems typical that VMware Tools gets installed on the Guest OS and then left alone after that. While doing some reading and working on some “slowness” issues, I’ve found the Tools CLI to become very handy and powerful.

On the Windows side of things here are a few “common” commands to use tools via the command line. First we need to get into the directory where tools is installed and the toolbox command can be run. The default directory is “C:\Program Files\VMware\VMware Tools”

The command below in the screenshot lists the base commands available with the VMwareToolboxCmd: VMwareToolboxCmd.exe help

vmwaretoolbox-help

I’m not covering all of the commands there but the documentation from VMware does a good job.

I’ve been using the VmwareToolboxCmd.exe stat “subcommandhere” for seeing stats within the GuestOS and I’ve included the snipit from the VMware doc with a little detail for each stat subcommand:

vmwaretoolbox-help-statsubcommands.PNG

As you can see it covers many useful areas to see if the VM is having performance issues related to CPU Limits perhaps or to see if any memory is ballooning, or swapping(I’ve also included memres and cpures just to see if your VM has any reservations):

vmwaretoolbox-stats

You can manually turn timesync with the host on/off/and check status:

vmwaretoolbox-timesync

Another command that I would imagine is useful would be the disk command and shrink subcommands that can be used to actually shrink and reduce the space the virtual disk takes up. As you can see from the screenshot my test VM is a linked clone and this can not be run against it. This doesn’t work against thick provisioned VMs as it wouldn’t shrink the virtual disk since the space has already been allocated for the virtual disk:

vmwaretoolbox-help-disk

**NOTE certain version of Fusion have a “Clean Up Virtual Machine” button and Workstation has a “Compact” menu command that will do the same thing.

The commands are pretty much the same within a Linux OS, below is a screenshot of a CentOS VM. The default directory for this is /usr/sbin/ and the command is “vmware-toolbox-cmd”:vmware-toolbox-cmd-help

There are many more commands that can be run from within the Guest OS, as I stated I’ve been using and seeing these commands used to track down slowness issues within VMs.

Note these commands were taken from the following User’s Guide from VMware andVMware vSphere 6.0 Documentation Center.

By Brandon Bazan Twitter – @bbazan


VMware Advocacy

How to update ESXi via CLI

How to update ESXi via CLI

If you don’t want to use VMware Update Manager (VUM) you can leverage several CLI update alternatives.

First of all you should download patch bundle from VMware Product Patches page available at http://www.vmware.com/go/downloadpatches. It is important to know that patch bundles are cumulative. That means you need to download and install only the latest Patch Bundle to make ESXi fully patched.

ESXCLI

You can use esxcli command on each ESXi host.

To list image profiles that are provided by the Patch Bundle use following command

esxcli software sources profile list -d /path/to/.zip

The output will look like this:

[root@esx01:~] esxcli software sources profile list -d /vmfs/volumes/NFS-SYNOLOG
Y-SATA/ISO/update-from-esxi6.0-6.0_update02.zip
Name                              Vendor        Acceptance Level
——————————–  ————  —————-
ESXi-6.0.0-20160301001s-no-tools  VMware, Inc.  PartnerSupported
ESXi-6.0.0-20160302001-standard   VMware, Inc.  PartnerSupported
ESXi-6.0.0-20160301001s-standard  VMware, Inc.  PartnerSupported
ESXi-6.0.0-20160302001-no-tools   VMware, Inc.  PartnerSupported

Now you can update the system with specific profile:
esxcli software profile update -d /path/to/.zip -p ESXi-5.5.0-profile-standard

Note: You can run an ESXCLI vCLI command remotely against a specific host or against a vCenter Server system.

ESXCLI over PowerCLI

The same can be done via PowerCLI. The code below is optimized for ESXCLI-Version2 releases in PowerCLI 6.3 R1.

#get esxcli object on particular host
$esxcli = Get-EsxCli -VMhost -V2

#list profiles in patch bundle
$arguments = $esxcli2.software.profile.list.CreateArgs()

$arguments.depot = “vmfs/volumes///update-from-esxi6.0-6.0_update02.zip”
$esxcli2.software.profile.update.Invoke($arguments)

#update to patch bundle profile
$arguments = $esxcli2.software.profile.update.CreateArgs()
$arguments.depot = “vmfs/volumes///update-from-esxi6.0-6.0_update02.zip”
$arguments.profile = “ESXi-5.5.0-profile-standard”
$esxcli2.software.profile.update.Invoke($arguments)

PowerCLI Install-VMHostPatch

You can also use special PowerCLI cmdlet Install-VMHostPatch

  1. Download the Update file “ESXi Offline Bundle” update-from-esxi6.0-6.0_update02.zip
  2. Extract the ZIP file and upload the resulting folder to a datastore on the Virtual Host.
  3. Put host in to maintenance mode
  4. Open PowerCLI
  5. Connect-VIServer
  6. Install-VMHostPatch -HostPath /vmfs/volumes/Datastore/update-from-esxi6.0-6.0_update02/metadata.zip
Note: For Install-VMHostPatch method Patch Bundle must be explicitly unzipped. 

VMware Advocacy