manualshive.com logo in svg

VMware VS4-ENT-PL-A - vSphere Enterprise Plus, Руководство по установке

Поделиться
Скачать
VMware VS4-ENT-PL-A - vSphere Enterprise Plus Скачать руководство пользователя страница 263

Enable Lockdown Mode Using the Direct Console

To increase the security of your ESXi hosts, you can put them in lockdown mode.
When you enable lockdown mode, no users other than 

vpxuser

 have authentication permissions, nor can

they perform operations against the host directly. Lockdown mode forces all operations to be performed

through vCenter Server.
When a host is in lockdown mode, you cannot run vSphere CLI commands from an administration server,

from a script, or from vMA against the host. External software or management tools might not be able to

retrieve or modify information from the ESXi host.

N

OTE

   Users with the DCUI Access privilege are authorized to log in to the Direct Console User Interface

(DCUI) when lockdown mode is enabled. When you disable lockdown mode using the DCUI, all users with

the DCUI Access privilege are granted the Administrator role on the host. You grant the DCUI Access

privilege in Advanced Settings.

Enabling or disabling lockdown mode affects which types of users are authorized to access host services,

but it does not affect the availability of those services. In other words, if the ESXi Shell, SSH, or Direct

Console User Interface (DCUI) services are enabled, they will continue to run whether or not the host is in

lockdown mode.
You can enable lockdown mode using the Add Host wizard to add a host to vCenter Server, using the

vSphere Web Client to manage a host, or using the direct console user interface.

N

OTE

   If you enable or disable lockdown mode using the Direct Console User Interface (DCUI), permissions

for users and groups on the host are discarded. To preserve these permissions, you must enable and disable

lockdown mode using the vSphere Web Client connected to vCenter Server.

Lockdown mode is available only on ESXi hosts that you add to vCenter Server.
See the vSphere Security documentation for more information about lockdown mode.

Procedure

1

In the direct console, select Configure Lockdown Mode and press Enter.

2

Press the spacebar to select Enable Lockdown Mode and press Enter.

3

Press Enter.

The host is in lockdown mode.

Enable Lockdown Mode Using the vSphere Web Client

Enable lockdown mode to require that all configuration changes go through vCenter Server. You can also

enable or disable lockdown mode through the Direct Console User Interface (DCUI).

Procedure

1

Browse to the host in the vSphere Web Client inventory.

2

Click the Manage tab and click Settings.

3

Under System, select Security Profile.

4

In the Lockdown Mode panel, click Edit.

5

Select Enable Lockdown Mode.

6

Click OK.

Chapter 8 Setting Up ESXi

VMware, Inc. 

 263

Содержание VS4-ENT-PL-A - vSphere Enterprise Plus

Страница 1: ... This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition To check for more recent editions of this document see http www vmware com support pubs EN 001266 02 ...

Страница 2: ...ware com Copyright 2009 2013 VMware Inc All rights reserved This product is protected by U S and international copyright and intellectual property laws VMware products are covered by one or more patents listed at http www vmware com go patents VMware is a registered trademark or trademark of VMware Inc in the United States and other jurisdictions All other marks and names mentioned herein may be t...

Страница 3: ... On Inventory Service and vCenter Server 49 How vCenter Single Sign On Affects vCenter Server Installation 51 vCenter Single Sign On Deployment Modes 52 vCenter Single Sign On and High Availability 54 vCenter Single Sign On Components 56 Setting the vCenter Server Administrator User 56 Authenticating to the vCenter Server Environment 57 How vCenter Single Sign On Affects Log In Behavior 57 Identit...

Страница 4: ...Windows 118 Restore an Inventory Service Database Backup on Windows 118 Back Up the Inventory Service Database on Linux 119 Restore an Inventory Service Database Backup on Linux 119 Reset the vCenter Inventory Service Database 120 Enable IPv6 Support for vCenter Inventory Service 121 6 Before You Install ESXi 123 Options for Installing ESXi 123 Media Options for Booting the ESXi Installer 125 Usin...

Страница 5: ...h the Direct Console User Interface 264 Set the Host Image Profile Acceptance Level 264 Reset the System Configuration 265 Remove All Custom Packages on ESXi 266 Disable Support for Non ASCII Characters in Virtual Machine File and Directory Names 266 Disable ESXi 266 9 After You Install and Set Up ESXi 267 Managing the ESXi Host with the vSphere Web Client 267 Licensing ESXi Hosts 267 Index 269 Co...

Страница 6: ...vSphere Installation and Setup 6 VMware Inc ...

Страница 7: ... vCenter Server and ESXi Intended Audience vSphere Installation and Setup is intended for anyone who needs to install and set up vCenter Server and ESXi This information is written for experienced Windows or Linux system administrators who are familiar with virtual machine technology and datacenter operations VMware Inc 7 ...

Страница 8: ...vSphere Installation and Setup 8 VMware Inc ...

Страница 9: ...nstallation and Setup Revision Description EN 001266 02 Corrected location of dbschema directory in the following topics n Configure an Oracle Database User on page 43 n Use a Script to Create a Local or Remote Oracle Database on page 44 n Optional Use a Script to Create the Oracle Database Schema on page 44 EN 001266 01 Updated Table 2 8 EN 001266 00 Initial release VMware Inc 9 ...

Страница 10: ...vSphere Installation and Setup 10 VMware Inc ...

Страница 11: ...ter Server Appliance see Download and Deploy the VMware vCenter Server Appliance on page 94 The following illustration shows the order of installation for vCenter Server components vCenter Server vCenter Inventory Service vCenter Server vSphere Web Client vCenter Single Sign On Installing vSphere includes the following tasks 1 Read the vSphere release notes 2 Verify that your system meets vSphere ...

Страница 12: ...PXE booting the installer verify that your network PXE infrastructure is properly set up See PXE Booting the ESXi Installer on page 129 d Use the topic Required Information for ESXi Installation on page 136 to create a worksheet with the information you will need when you install ESXi e Install ESXi using the installation option you chose n Installing ESXi Interactively on page 139 n Installing Up...

Страница 13: ...80 on page 26 n DNS Requirements for vSphere on page 26 n Supported Remote Management Server Models and Minimum Firmware Versions on page 27 ESXi Hardware Requirements Make sure the host meets the minimum hardware configurations supported by ESXi 5 5 Hardware and System Resources To install and use ESXi 5 5 your hardware and system resources must meet the following requirements n Supported server ...

Страница 14: ...s will not be used as a scratch partition by default because they are seen as remote NOTE You cannot connect a SATA CD ROM device to a virtual machine on an ESXi 5 5 host To use the SATA CD ROM device you must use IDE emulation mode Storage Systems For a list of supported storage systems see the VMware Compatibility Guide at http www vmware com resources compatibility ESXi 5 5 supports installing ...

Страница 15: ...d memory optimization VMware recommends that you do not leave scratch on the ESXi host ramdisk To reconfigure scratch see Set the Scratch Partition from the vSphere Web Client on page 260 Due to the I O sensitivity of USB and SD devices the installer does not create a scratch partition on these devices As such there is no tangible benefit to using large USB SD devices as ESXi uses only the first 1...

Страница 16: ... physical network cards Dedicated Gigabit Ethernet cards for virtual machines such as Intel PRO 1000 adapters improve throughput to virtual machines with high network traffic Disk location Place all data that your virtual machines use on physical disks allocated specifically to virtual machines Performance is better when you do not place your virtual machines on the disk containing the ESXi boot i...

Страница 17: ...eployment Minimum Requirement Processor Intel or AMD x64 processor with two or more logical cores each with a speed of 2GHz Memory 12GB Memory requirements are higher if the vCenter Server database runs on the same machine as vCenter Server vCenter Server includes several Java services VMware VirtualCenter Management Webservices tc Server Inventory Service and Profile Driven Storage Service When y...

Страница 18: ... Service depend on inventory size and the amount of activity in the virtual machines in the inventory At typical activity rates Inventory Service uses 6GB 12GB of disk space for 15 000 virtual machines distributed among 1 000 hosts A high rate of activity more than 20 percent of your virtual machines changing per hour results in write ahead logs WAL being written to disk to handle updates instead ...

Страница 19: ...ed on a different host machine than vCenter Single Sign On and vCenter Inventory Service 4GB are required n If vCenter Server vCenter Single Sign On and vCenter Inventory Service are installed on the same host machine as with vCenter Simple Install at least 40 60GB of free disk space are required after installation depending on the size of your inventory You should provide more space to allow for ...

Страница 20: ... free disk space Networking Gigabit connection recommended JVM heap settings for vCenter Server The JVM heap settings for vCenter Server depend on your inventory size See Configuring VMware vCenter Server tc Server Settings in vCenter Server on page 116 Table 2 7 JVM Heap Settings for vCenter Server vCenter Server Inventory VMware VirtualCenter Management Webservices tc Server Inventory Service Pr...

Страница 21: ...chines at least 16GB n Medium inventory the maximum inventory supported with the embedded database 50 100 hosts or 1500 3000 virtual machines at least 24GB Using an external Oracle database the vCenter Server Appliance supports up to 1000 hosts or 10000 registered virtual machines and 10000 powered on virtual machines and has the following memory requirements n Very small inventory 10 or fewer hos...

Страница 22: ...re Lifecycle Policy at http support microsoft com lifecycle ServicePackSupport If you plan to use the Microsoft SQL Server 2008 R2 Express database that is bundled with vCenter Server Microsoft Windows Installer version 4 5 MSI 4 5 is required on your system You can download MSI 4 5 from the Microsoft Web site You can also install MSI 4 5 directly from the vCenter Server autorun exe installer The ...

Страница 23: ...ded Minimum Size and Rotation Configuration for hostd vpxa and fdm Logs Log Maximum Log File Size Number of Rotations to Preserve Minimum Disk Space Required Management Agent hostd 10240KB 10 100MB VirtualCenter Agent vpxa 5120KB 10 50MB vSphere HA agent Fault Domain Manager fdm 5120KB 10 50MB For information about setting up a remote log server see Configure Syslog on ESXi Hosts on page 262 and I...

Страница 24: ...ows Active Directory change the port number from 389 to an available port from 1025 through 65535 636 For vCenter Server Linked Mode this is the SSL port of the local instance If another service is running on this port it might be preferable to remove it or change its port to a different port You can run the SSL service on any port from 1025 through 65535 902 The default port that the vCenter Serv...

Страница 25: ... if you accidentally use http server instead of https server 443 The vCenter Server system uses port 443 to monitor data transfer from SDK clients 902 The default port that the vCenter Server system uses to send data to managed hosts Managed hosts also send a regular heartbeat over UDP port 902 to the vCenter Server system This port must not be blocked by firewalls between the server and the hosts...

Страница 26: ...t name to the Windows server that will host the vCenter Server system This IP address must have a valid internal domain name system DNS registration Ensure that the ESXi host management interface has a valid DNS resolution from the vCenter Server and all vSphere Web Clients Ensure that the vCenter Server has a valid DNS resolution from all ESXi hosts and all vSphere Web Clients Ensure that the vCe...

Страница 27: ...pported Remote Management Server Models and Firmware Versions Remote Controller Make and Model Firmware Version Java Dell DRAC 6 1 54 Build 15 1 70 Build 21 1 6 0_24 Dell DRAC 5 1 0 1 45 1 51 1 6 0_20 1 6 0_203 Dell DRAC 4 1 75 1 6 0_23 HP ILO 1 81 1 92 1 6 0_22 1 6 0_23 HP ILO 2 1 8 1 81 1 6 0_20 1 6 0_23 IBM RSA 2 1 03 1 2 1 6 0_22 Chapter 2 System Requirements VMware Inc 27 ...

Страница 28: ...vSphere Installation and Setup 28 VMware Inc ...

Страница 29: ...r Administrator User on page 56 n Authenticating to the vCenter Server Environment on page 57 n How vCenter Single Sign On Affects Log In Behavior on page 57 n Identity Sources for vCenter Server with vCenter Single Sign On on page 58 n Synchronizing Clocks on the vSphere Network on page 59 n Download the vCenter Server Installer on page 61 n Using a User Account for Running vCenter Server on page...

Страница 30: ...ter database that you want to preserve do not perform a fresh installation of vCenter Server See the vSphere Upgrade documentation VMware recommends using separate databases for vCenter Server and Update Manager For a small deployments a separate database for Update Manager might not be necessary vCenter Server Database Configuration Notes After you choose a supported database type make sure you u...

Страница 31: ...ases Procedure 1 Select Control Panel Administrative Tools Data Sources ODBC 2 Use the application to create a system DSN If you have a Microsoft SQL database create the system DSN for the SQL Native Client driver 3 Test the connectivity The system now has a DSN that is compatible with vCenter Server When the vCenter Server installer prompts you for a DSN select the 64 bit DSN Confirm That vCenter...

Страница 32: ...vCenter Server 5 x the vCenter Server database administrator can set permissions for vCenter Server users and administrators to be granted through Microsoft SQL Server database roles 3 Set Database Permissions by Using the dbo Schema and the db_owner Database Role on page 35 If you use Microsoft SQL Server database the simplest way to assign permissions for a vCenter Server database user is throug...

Страница 33: ...s created by this script is not subject to any security policy Change the passwords as appropriate Procedure 1 Log in to a Microsoft SQL Server Management Studio session as the sysadmin SA or a user account with sysadmin privileges 2 Run the following script The script is located in the vCenter Server installation package at installation directory vCenter Server dbschema DB_and_schema_creation_scr...

Страница 34: ...a VMW to the user vpxuser 3 In the vCenter Server database create the user role VC_ADMIN_ROLE 4 In the vCenter Server database grant privileges to the VC_ADMIN_ROLE a Grant the schema permissions ALTER REFERENCES and INSERT b Grant the permissions CREATE TABLE VIEW and CREATE PROCEDURES 5 In the vCenter Server database create the VC_USER_ROLE 6 In the vCenter Server database grant the schema permi...

Страница 35: ...ema and db_owner role for vCenter Server users who install and upgrade vCenter Server Prerequisites Create the vCenter Server database See Create a SQL Server Database and User for vCenter Server on page 33 Procedure 1 Assign the role dbo to the vCenter Server and Microsoft SQL databases 2 For any user who will install or upgrade vCenter Server assign the user the default schema dbo When you insta...

Страница 36: ... VMW Schema on page 34 and Use a Script to Create a Microsoft SQL Server Database Schema and Roles on page 36 Prerequisites Create the SQL Server database and user for vCenter Server You can create the database manually or by using a script See Create a SQL Server Database and User for vCenter Server on page 33 Procedure 1 Log in to a Microsoft SQL Server Management Studio session as the sysadmin ...

Страница 37: ...RANT EXECUTE ON msdb dbo sp_update_job TO VC_ADMIN_ROLE go GRANT EXECUTE ON msdb dbo sp_add_jobserver TO VC_ADMIN_ROLE go GRANT EXECUTE ON msdb dbo sp_add_jobschedule TO VC_ADMIN_ROLE go GRANT EXECUTE ON msdb dbo sp_add_category TO VC_ADMIN_ROLE go sp_addrolemember VC_ADMIN_ROLE vpxuser go Optional Use a Script to Create Microsoft SQL Server Database Objects Manually You can create database object...

Страница 38: ... user must own the objects created by these scripts Open the scripts one at a time in Microsoft SQL Server Management Studio and press F5 to execute each script in the order shown here VCDB_mssql SQL load_stats_proc_mssql sql purge_stat2_proc_mssql sql purge_stat3_proc_mssql sql purge_usage_stats_proc_mssql sql stats_rollup1_proc_mssql sql stats_rollup2_proc_mssql sql stats_rollup3_proc_mssql sql ...

Страница 39: ...sage_stats_proc to vCenter_db_user grant execute on load_stats_proc to vCenter_db_user grant execute on calc_topn1_proc to vCenter_db_user grant execute on calc_topn2_proc to vCenter_db_user grant execute on calc_topn3_proc to vCenter_db_user grant execute on calc_topn4_proc to vCenter_db_user grant execute on clear_topn1_proc to vCenter_db_user grant execute on clear_topn2_proc to vCenter_db_user...

Страница 40: ... do not name the instance MSSQLSERVER If you do the JDBC connection does not work and certain features such as Performance Charts are not available Prerequisites n Review the required database patches specified in vCenter Server Database Configuration Notes on page 30 n Create a database using SQL Server Management Studio on the SQL Server See Create a SQL Server Database and User for vCenter Serv...

Страница 41: ...namic ports are not set the JDBC connection remains closed The closed connection causes the vCenter Server statistics to malfunction You can configure the server TCP IP for JDBC This task applies to remote Microsoft SQL Server database servers You can skip this task if your database is local Procedure 1 Select Start All Programs Microsoft SQL Server Configuration Tool SQL Server Configuration Mana...

Страница 42: ... database to work with vCenter Server Procedure 1 Configure an Oracle Database User on page 43 To use an Oracle database when you install vCenter Server you must configure the database user 2 Use a Script to Create a Local or Remote Oracle Database on page 44 When you use an Oracle database with vCenter Server the database must have certain table spaces and privileges To simplify the process of cr...

Страница 43: ... TABLESPACE VPX ACCOUNT UNLOCK grant connect to VPXADMIN grant resource to VPXADMIN grant create view to VPXADMIN grant create sequence to VPXADMIN grant create table to VPXADMIN grant create materialized view to VPXADMIN grant execute on dbms_lock to VPXADMIN grant execute on dbms_job to VPXADMIN grant select on dba_tablespaces to VPXADMIN grant select on dba_temp_files to VPXADMIN grant select o...

Страница 44: ... ON NEXT 10M MAXSIZE UNLIMITED LOGGING EXTENT MANAGEMENT LOCAL SEGMENT SPACE MANAGEMENT AUTO For a Windows installation change the directory path to the vpx01 dbf file You now have an Oracle database that you can use with vCenter Server What to do next You can run a script to create the database schema Optional Use a Script to Create the Oracle Database Schema The vCenter Server installer creates ...

Страница 45: ...e_snapshot_oracle sql path l_stats_rollup3_proc_oracle sql path l_purge_stat2_proc_oracle sql path l_purge_stat3_proc_oracle sql path l_stats_rollup1_proc_oracle sql path l_stats_rollup2_proc_oracle sql path process_temptable0_proc_oracle sql path process_temptable1_proc_oracle sql path process_temptable2_proc_oracle sql 4 Optional You can also run the following scripts to enable database health m...

Страница 46: ...lays error and warning messages Procedure 1 Download Oracle 10g or Oracle 11g from the Oracle Web site 2 Install Oracle 10g or Oracle 11g and create a database 3 Configure the TNS Service Name option in the ODBC DSN The TNS Service Name is the net service name for the database to which you want to connect You can find the net service name in the tnsnames ora file located in the NETWORK ADMIN folde...

Страница 47: ...a file located in the directory C Oracle Oraxx NETWORK ADMIN where xx is either 10g or 11g Add the following entry where HOST is the managed host to which the client must connect VPX DESCRIPTION ADDRESS_LIST ADDRESS PROTOCOL TCP HOST vpxd Oracle PORT 1521 CONNECT_DATA SERVICE_NAME VPX 7 Configure the TNS Service Name option in the ODBC DSN The TNS Service Name is the net service name for the datab...

Страница 48: ...ter Server Optional Configure an Oracle Database User to Enable Database Monitoring vCenter Server Database Monitoring captures metrics that enable the administrator to assess the status and health of the database server Enabling Database Monitoring helps the administrator prevent vCenter downtime because of a lack of resources for the database server Database Monitoring for vCenter Server enables...

Страница 49: ...entory Service and vCenter Single Sign On on page 17 and vCenter Server Software Requirements on page 22 and that the required ports are open as discussed in Required Ports for vCenter Server on page 23 n Before you install or upgrade any vSphere product synchronize the clocks of all machines on the vSphere network See Synchronizing Clocks on the vSphere Network on page 59 n Verify that the DNS na...

Страница 50: ...stallation of the web server component that supports the vSphere Web Client fails if the installer cannot look up the fully qualified domain name of the vCenter Server from its IP address Reverse lookup is implemented using PTR records To create a PTR record see the documentation for your vCenter Server host operating system n Verify that no Network Address Translation NAT exists between the vCent...

Страница 51: ...instances to the same vCenter Single Sign On service You must install an Inventory Service instance for each vCenter Server instance Simple Install The Simple Install option installs vCenter Single Sign On the vSphere Web Client vCenter Inventory Service and vCenter Server on the same host or virtual machine Simple Install is appropriate for most deployments Custom Install If you want to customize...

Страница 52: ...Center Servers Basic vCenter Single Sign On Multiple remote vCenter Servers Basic vCenter Single Sign On Multiple vCenter Servers in Linked Mode Multisite vCenter Single Sign On vCenter Servers with high availability Basic vCenter Single Sign On with VMware vSphere HA provides high availability for vCenter Server and vCenter Single Sign On Basic vCenter Single Sign On with vCenter Server Heartbeat...

Страница 53: ...work load balancer for example Apache HTTPD or vCNS Each vCenter Single Sign On has its own VMware Directory Service that replicates information with other vCenter Single Sign On servers vCenter Single Sign On administrator users when connected to vCenter Server through the vSphere Web Client will see the primary vCenter Single Sign On instance This deployment mode has the following limitations n ...

Страница 54: ... of local operating system user accounts n Secondary vCenter Single Sign On instances must belong to the same Active Directory or OpenLDAP domain as the primary vCenter Single Sign On server and must have a local domain controller available You can install the vCenter Single Sign On nodes in this deployment in any order Any node that is installed after the first node can point to any node that is ...

Страница 55: ...mponent and replicates changes to a cloned virtual machine The cloned virtual machine can take over when a failure event is triggered The recovery can be accomplished by restarting the component by restarting the entire application or by the entire failover of the component or application to one or more paired virtual machines Recovery time is measured in minutes vCenter Single Sign On Deployment ...

Страница 56: ...Center Single Sign On Administration server The administration server allows users with administrator privileges to vCenter Single Sign On to configure the vCenter Single Sign On server and manage users and groups from the vSphere Web Client Initially only the user administrator vsphere local has these privileges vCenter Lookup Service vCenter Lookup Service contains topology information about the...

Страница 57: ... to vCenter Server no further authentication is required The actions users can perform on objects depend on the user s vCenter Server permissions on those objects For more information about vCenter Single Sign On see vSphere Security How vCenter Single Sign On Affects Log In Behavior vCenter Single Sign On log in behavior depends on the domain the user belongs to and the identity sources that you ...

Страница 58: ...y over LDAP vCenter Single Sign On supports multiple Active Directory over LDAP identity sources This identity source type is included for compatibility with the vCenter Single Sign On service included with vSphere 5 1 Shown as Active Directory as an LDAP Server in the vSphere Web Client n OpenLDAP versions 2 4 and later vCenter Single Sign On supports multiple OpenLDAP identity sources Shown as O...

Страница 59: ...er Server Appliance make sure that all machines on the vSphere network have their clocks synchronized If the clocks on vCenter Server network machines are not synchronized SSL certificates which are time sensitive might not be recognized as valid in communications between network machines Unsynchronized clocks can result in authentication problems which can cause the vSphere Web Client installatio...

Страница 60: ...rs to configure the appliance to synchronize with an NTP server directly VMware Tools synchronization Select this option to synchronize all virtual machines Active Directory synchronization This option becomes available only if you add the appliance to an Active Directory domain If you select this option none of the other options is available 5 Click Save Settings The vCenter Server Appliance cloc...

Страница 61: ...and it provides more security The user account must be an administrator on the local machine In the installation wizard you specify the account name as DomainName Username You must configure the SQL Server database to allow the domain account access to SQL Server The Microsoft Windows built in system account has more permissions and rights on the server than the vCenter Server system needs which c...

Страница 62: ...n Connect to local server with integrated security jdbc sqlserver localhost SQLEXP_VIM databaseName VIM_VCDB integratedSecurity true n Connect to local server without integrated security jdbc sqlserver localhost SQLEXP_VIM databaseName VIM_VCDB user name password and database type to be passed separately VMware vCenter Server JDBC configuration for Microsoft SQL Server might not work by default wi...

Страница 63: ... install the software on the local machine Required Information for Installing or Upgrading vCenter Single Sign On Inventory Service vCenter Server and the vSphere Web Client Prepare for the vCenter Server installation by recording the values that vCenter Server and related components require The vCenter Single Sign On vSphere Web Client vCenter Inventory Service and vCenter Server installation wi...

Страница 64: ...he default during installation Password for the vCenter Single Sign On administrator account in the default domain You must use the same vCenter Single Sign On password name when you install or upgrade vCenter Single Sign On Inventory Service vCenter Server and the vSphere Web Client IMPORTANT Be sure to record the password If you need to restore the vCenter Single Sign On configuration from a bac...

Страница 65: ...Service vCenter Server and the vSphere Web Client IMPORTANT Be sure to record the password If you need to restore the vCenter Single Sign On configuration from a backup the restore process requires the password you enter for the original vCenter Single Sign On installation even if you change the password later Lookup Service URL The Lookup Service URL takes the form https SSO_host_FQDN_or_IP 7444 ...

Страница 66: ...n On HTTPS port number If you enter a different port number when you install vCenter Single Sign On use that port number Table 3 6 Information Required for vCenter Server Installation or Upgrade Required Information Default Your Entry Setup Language This selection controls the language only for the installer English vCenter Server license key If you omit the license key vCenter Server is installed...

Страница 67: ...ne Fully qualified domain name of Directory Services for the vCenter Server group The FQDN of a remote instance of vCenter Server Required if this instance of vCenter Server is joining a group The local and remote instances will be members of a Linked Mode group LDAP port for the Directory Services for the remote vCenter Server instance The LDAP port of the remote instance Required if this instanc...

Страница 68: ...ign On user name and password name when you install vCenter Single Sign On and install or upgrade Inventory Service vCenter Server and the vSphere Web Client administrator Password for the vCenter Single Sign On administrator user account Lookup Service URL The Lookup Service URL takes the form https SSO_host_FQDN_or_IP 7444 lookupservice sdk where 7444 is the default vCenter Single Sign On HTTPS ...

Страница 69: ...install and configure vCenter Server with the selected DB Please correct the following error s s Cause The database version must be supported for vCenter Server For SQL even if the database is a supported version if it is set to run in compatibility mode with an unsupported version this error occurs For example if SQL 2008 is set to run in SQL 2000 compatibility mode this error occurs Solution u M...

Страница 70: ...vSphere Installation and Setup 70 VMware Inc ...

Страница 71: ... Process As part of installation you are prompted to make choices Understand the complete installation vCenter Single Sign On setup and permission assignment process before you start Before installing vCenter Server consider your environment and requirements to make the fofllowing decisions n Decide how to set up vCenter Server services on a single Windows platform or vCenter Server Appliance or d...

Страница 72: ... location 1 Log in SSO add domain Set default domain Yes System replicates domain info to SSO2 Log in to VC and assign permissions Log in to VC1 and assign permissions Log in to VC2 and assign permissions Done Done Done Custom install SSO2 and VC2 at location 2 Point SSO2 to SSO1 Custom install No Yes First VC Localos only Simple install No Point to local SSO during Install The interaction proceed...

Страница 73: ... you want to use an Active Directory or OpenLDAP identity source a Log in to the vCenter Single Sign On server as administrator vsphere local and add the domain as an identity source b Add the Active Directory or OpenLDAP domain as an identity source c Log in to vCenter Server and assign permissions so users in your domain can access vCenter Server components See Add a vCenter Single Sign On Ident...

Страница 74: ...equired on your system You can also install MSI 4 5 directly from the vCenter Server autorun exe installer VMware vCenter Orchestrator vCenter Server module that provides a set of tools to manage your virtual IT environment vCenter Orchestrator module is not supported on IPv6 only operating systems If you install vCenter Server in a mixed environment both IPv4 and IPv6 enabled the vCenter Orchestr...

Страница 75: ...er Inventory Service and vCenter Server together on a single host machine by using the vCenter Server Simple Install option This option is appropriate for most deployments Alternatively you can use Custom Install to install vCenter Single Sign On the vSphere Web Client vCenter Inventory Service and vCenter Server separately and customize the location and configuration of each component See Use Cus...

Страница 76: ...ry double click the autorun exe file to start the installer 2 Select vCenter Simple Install and click Install 3 Follow the prompts in the installation wizard to choose the installer language and agree to the end user patent and license agreements 4 If the prerequisites check screen shows any problems cancel the installation correct the problems and restart the installer 5 Set the password for the ...

Страница 77: ...nter Server is in evaluation mode which allows you to use the full feature set for a 60 day evaluation period After installation you can enter the license key to convert vCenter Server to licensed mode 2 Choose the type of database that you want to use n To use the bundled database click Install a Microsoft SQL Server 2008 Express instance for small scale deployments This database is suitable for ...

Страница 78: ...r and other vCenter components separately to customize the location and configuration of each component For most basic vCenter Single Sign On deployments if all components are on the same host machine you can install vCenter Single Sign On the vSphere Web Client Inventory Service and vCenter Server together on a single host machine using the vCenter Server Simple Install option See Install vCenter...

Страница 79: ...On instance in a deployment with multiple vCenter Single Sign On instances These instructions let you install vCenter Single Sign On only You must install vCenter Single Sign On and Inventory Service before installing vCenter Server For most deployments you can install vCenter Single Sign On the vSphere Web Client vCenter Inventory Service and vCenter Server together on a single host machine by us...

Страница 80: ...ity sources and users are available localos All local operating system users These users can be granted permissions to vCenter Server If you are upgrading those users who already have permissions keep those permissions vsphere local Contains all users who have administrator access to the vCenter Single Sign On server Initially only the user administrator is defined What to do next To deploy vCente...

Страница 81: ...local 7 Select an existing site as the partner or enter a new site 8 Click Install Optional Install an Additional vCenter Single Sign On Node at a New Site Create an additional vCenter Single Sign On node for a multisite vCenter Single Sign On installation An additional node can be useful if you need multiple vCenter Server instances in different locations Authentication information is replicated ...

Страница 82: ...environment you must use the fully qualified domain name FQDN or host name of the vCenter Server The best practice is to use the FQDN which works in all cases instead of the IP address which can change if assigned by DHCP Prerequisites n Download the vCenter Server installer See Download the vCenter Server Installer on page 61 n Verify that the system has an Internet connection n Verify that the s...

Страница 83: ...indows Start menu by selecting Programs VMware VMware vSphere Web Client vSphere Web Client NOTE After you upgrade the vSphere Web Client when you log in for the first time you may see the error message Failed to navigate to desired location This can happen when a vSphere Web Client session from the previous version remains open when you upgrade In this case refresh the browser and log in again Wh...

Страница 84: ...or several Java services that are used by vCenter Server This setting determines the maximum JVM heap settings for VMware VirtualCenter Management Webservices Tomcat Inventory Service and Profile Driven Storage Service You can adjust this setting after installation if the number of hosts in your environment changes See the recommendations in the topic vCenter Server Hardware Requirements 9 Enter t...

Страница 85: ...n Deployment Modes on page 52 n Review How vCenter Single Sign On Affects vCenter Server Installation on page 51 n Review Prerequisites for Installing vCenter Single Sign On Inventory Service and vCenter Server on page 49 n Install vCenter Single Sign On and Inventory Service n To install the vCenter Server on a drive other than C verify that there is enough space in the C drive to install the Mic...

Страница 86: ...e default port numbers 10 Optional Select Increase the number of available ephemeral ports 11 Select the size of your vCenter Server inventory to allocate memory for several Java services that are used by vCenter Server This setting determines the maximum JVM heap settings for VMware VirtualCenter Management Webservices Tomcat Inventory Service and Profile Driven Storage Service You can adjust thi...

Страница 87: ...tity source vCenter Single Sign On administrator users can add identity sources from the vSphere Web Client An identity source can be a native Active Directory Integrated Windows Authentication domain or an OpenLDAP directory service For backward compatibility Active Directory as an LDAP Server is also available Immediately after installation the following default identity sources and users are av...

Страница 88: ...ers to enable them to log in to vCenter Server See Assign Permissions in the vSphere Web Client on page 89 Active Directory Identity Source Settings If you select the Active Directory Integrated Windows Authentication identity source type you can either use the local machine account as your SPN Service Principal Name or specify an SPN explicitly Select Use machine account to speed up configuration...

Страница 89: ...tory domain as an alias of the identity source if you are using SSPI authentications Base DN for groups Optional The base domain name for groups Primary Server URL Primary domain controller LDAP server for the domain Use the format ldap hostname port or ldaps hostname port The port is typically 389 for ldap connections and 636 for ldaps connections For Active Directory multi domain controller depl...

Страница 90: ...the role title 7 Optional Deselect the Propagate to Child Objects check box The role is applied only to the selected object and does not propagate to the child objects 8 Verify that the users and groups are assigned to the appropriate permissions and click OK The server adds the permission to the list of permissions for the object The list of permissions references all users and groups that have r...

Страница 91: ...t inventory objects inherit permissions from a single parent object in the hierarchy For example a datastore inherits permissions from either its parent datastore folder or parent datacenter Virtual machines inherit permissions from both the parent virtual machine folder and the parent host cluster or resource pool simultaneously To restrict a user s privileges on a virtual machine you must set pe...

Страница 92: ...r Java Components Separately The required vCenter Server Java Components JRE are installed or upgraded silently when you install or upgrade vCenter Server You can also install or upgrade vCenter Server Java Components separately By using the separate installer you can update or upgrade JRE to a version that is released asynchronously from vCenter Server releases If an earlier version of JRE is pre...

Страница 93: ...Server installer from the VMware downloads page at http www vmware com support and extract the zip archive Procedure 1 In Windows Explorer double click the file vCenter_Server_installation_directory vtcServer VMware tcserver exe The VMware vCenter Server tc Server installer wizard opens 2 Accept the license agreement 3 Accept or change the default installation folder 4 Click Install vCenter Server...

Страница 94: ...abase instead of IBM DB2 which is used in vCenter Server Appliance 5 0 The vCenter Server Appliance does not support Linked Mode configuration Version 5 5 of the vCenter Server Appliance is deployed with virtual hardware version 7 which supports eight virtual CPUs per virtual machine in ESXi Depending on the hosts that you will manage with the vCenter Server Appliance you might want to upgrade the...

Страница 95: ...running ESX version 4 x or ESXi version 4 x or later n Synchronize the clocks of all machines on the vSphere network See Synchronizing Clocks on the vSphere Network on page 59 n If you plan to configure the vCenter Server Appliance from a configuration file prepare the file and store it in a location that is accessible from the vCenter Server Appliance host machine See Format for the vCenter Serve...

Страница 96: ...nd password vmware You can also create a custom password that the vCenter Server Appliance reads the first time you boot the appliance By creating a custom password the first time you start the vCenter Server Appliance you ensure that the default password cannot be used NOTE When you change the root vCenter Server Appliance password using the vCenter Server Appliance Web interface the GRUB passwor...

Страница 97: ...ver Appliance to use an external vCenter Single Sign On instance when you run the vCenter Server Setup wizard for a newly deployed vCenter Server Appliance See Download and Deploy the VMware vCenter Server Appliance on page 94 Prerequisites n Verify that you have the URL of the Lookup Service for the target instance of vCenter Single Sign On Procedure 1 Connect to the vCenter Server Appliance from...

Страница 98: ...WORD vCenter Single Sign On options SSO_TYPE embedded or external Additional vCenter Single Sign On options if SSO_TYPE external SSO_LS_LOCATION vCenter Single Sign On Lookup Service URL SSO_LS_CERT_THUMBPRINT vCenter Single Sign On Lookup Service certificate thumbprint SSO_REG_ADMIN_USERNAME fully qualified name of a user with vCenter Single Sign On administrative privileges SSO_REG_ADMIN_PASSWOR...

Страница 99: ... Server Preseed Config v1 0 Database options VC_DB_TYPE oracle VC_DB_SERVER 10 111 11 111 VC_DB_SERVER_PORT 1521 VC_DB_INSTANCE orcl VC_DB_USER VCA 6 VC_DB_PASSWORD vCenter Single Sign On options SSO_TYPE external SSO_LS_LOCATION https machinename corp com 7444 lookupservice sdk SSO_LS_CERT_THUMBPRINT Microsoft Active Directory options VC_AD_STATUS 0 VC_AD_DOMAIN Chapter 4 Installing vCenter Serve...

Страница 100: ...vSphere Installation and Setup 100 VMware Inc ...

Страница 101: ...r product 11 1 0 instance_name sqldeveloper jdbc lib The vCenter Server installer copies the file from the Oracle client installation location to the vCenter Server tomcat directory vCenter install location Infrastructure tomcat lib n If neither the ojdbc14 jar file nor the ojdbc5 jar file is found in the Oracle 10g or Oracle 11g client location the vCenter Server installer prompts you to copy the...

Страница 102: ...ug in to deploy OVF or OVA templates and transfer files with the datastore browser You can also use the Client Integration Plug in to connect virtual devices that reside on a client computer to a virtual machine Install the Client Integration Plug in only once to enable all the functionality the plug in delivers You must close the Web browser before installing the plug in If you install the Client...

Страница 103: ...er version of the vSphere Web Client is installed this procedure upgrades the vSphere Web Client NOTE vCenter Server 5 5 supports connection between vCenter Server and vCenter Server components by IP address only if the IP address is IPv4 compliant To connect to a vCenter Server system in an IPv6 environment you must use the fully qualified domain name FQDN or host name of the vCenter Server The b...

Страница 104: ...vCenter Single Sign On use that port number 7 Click Install 8 Start the vSphere Web Client by taking one of the following actions n If you are starting the vSphere Web Client for the first time open a supported browser and go to https vSphere_Web_Client_host_name_or_IP 9443 vsphere client n In subsequent sessions you can start the vSphere Web Client from the Windows Start menu by selecting Program...

Страница 105: ...ether to download updates from the default download sources immediately after installation and click Next If you deselect Download updates from default sources immediately after installation Update Manager downloads updates once daily according to the default download schedule or immediately after you click the Download Now button on the Download Settings page You can modify the default download s...

Страница 106: ...ports in this range to allow outbound HTTP traffic to the patch store 12 Optional Provide information about the proxy server the port and whether the proxy should be authenticated and click Next 13 Select the Update Manager installation and patch download directories and click Next If you do not want to use the default locations you can click Change to browse to a different directory 14 Optional I...

Страница 107: ... vCenter Single Sign On on page 17 n Verify that the host machine has a valid IPv4 address You can install the vSphere ESXi Dump Collector on a machine in an IPv4 only or IPv4 IPv6 mixed mode network environment but you cannot install the vSphere ESXi Dump Collector on a machine in an IPv6 only environment n If you are using a network location for the Dump Collector repository make sure the networ...

Страница 108: ... Collector with a vCenter Server vSphere Syslog Collector is not supported for integration with vCenter Server versions earlier than version 5 0 n Verify that the host machine has a valid IPv4 address You can install vSphere Syslog Collector on a machine in an IPv4 only or IPv4 IPv6 mixed mode network environment but you cannot install vSphere Syslog Collector on a machine in an IPv6 only environm...

Страница 109: ...ssors and operating systems as vCenter Server See vCenter Server Software Requirements on page 22 and Hardware Requirements for vCenter Server the vSphere Web Client vCenter Inventory Service and vCenter Single Sign On on page 17 Gather the following information to complete the installation or upgrade n The location to install vSphere Auto Deploy in if you are not using the default location n The ...

Страница 110: ...nter Server See vCenter Server Software Requirements on page 22 and Hardware Requirements for vCenter Server the vSphere Web Client vCenter Inventory Service and vCenter Single Sign On on page 17 n Verify that the host machine has a valid IPv4 address You can install vSphere Authentication Proxy on a machine in an IPv4 only or IPv4 IPv6 mixed mode network environment but you cannot install vSphere...

Страница 111: ...d on vCenter Server Java Components JRE Uninstall vCenter Single Sign On Inventory Service vCenter Server and the vSphere Web Client before you uninstall vCenter Server Java Components JRE and vCenter Server tc Server Uninstalling the vCenter Server system or the vSphere Web Client does not uninstall any of the other components such as the bundled database or Microsoft NET Framework Do not uninsta...

Страница 112: ...rver and vCenter Single Sign On instances in a Linked Mode group are upgraded to the same 5 x version you can rejoin them n Each vCenter Server user sees the vCenter Server instances on which they have valid permissions n When you set up your vCenter Server Linked Mode group you must install the first vCenter Server as a standalone instance because you do not yet have a remote vCenter Server machi...

Страница 113: ... the join operation requires elevated privileges through the Run as administrator option This is true even if the logged in user is a domain administrator user n To join a Linked Mode group the vCenter Server must be in evaluation mode or licensed as a Standard edition vCenter Server Foundation and vCenter Server Essentials editions do not support Linked Mode n DNS must be operational for Linked M...

Страница 114: ...Next If you enter an IP address for the remote server the installer converts it into a fully qualified domain name 6 If the vCenter Server installer detects a role conflict select how to resolve the conflict Option Action Yes let VMware vCenter Server resolve the conflicts for me Click Next The role on the joining system is renamed to vcenter_namerole_name where vcenter_name is the name of the vCe...

Страница 115: ...pending on the size of your inventory the change to Linked Mode configuration might take from a few seconds to a few minutes to complete The vCenter Server instance is no longer part of the Linked Mode group Set the IP Address for a Linked Mode vCenter Server with Multiple Network Interfaces If a vCenter Server in a Linked Mode group has multiple network interfaces you must set the IP address that...

Страница 116: ...hich uses the Windows RPC port mapper to open RPC ports for replication When you install vCenter Server in Linked Mode the firewall configuration on any network based firewalls must be modified Incorrect configuration of firewalls can cause licenses and roles to become inconsistent between instances Procedure u Configure Windows RPC ports to generically allow selective ports for machine to machine...

Страница 117: ...vCenter Server Port and Security Settings in the server xml and catalina properties Files vCenter Server Port or Security Setting Setting and Default Value Base shutdown port base shutdown port 8003 Base JMX port The listener implemented by the com springsource tcserver serviceability rmi JmxSocketList ener class is specific to tc Server This listener enables JMX management of tc Server and is the...

Страница 118: ...See the vendor documentation for your vCenter server database type Prerequisites n Consult your database administrator about backing up and restoring databases n Verify that you have system administrator privileges to perform backup or restore operations Procedure 1 On the source machine stop the Inventory Service a From the Windows Administrative Tools control panel select Services b Right click ...

Страница 119: ...base on the source machine and restore the database on the destination machine Prerequisites n Consult your database administrator about backing up and restoring databases n Verify that you have system administrator privileges to perform backup or restore operations Procedure 1 On the source machine open a console and run the service vmware inventory service stop command to stop the Inventory Serv...

Страница 120: ... Service Database can cause data loss Perform this procedure only with VMware Technical Support Procedure 1 Stop the vCenter Inventory Service a From the Windows Administrative Tools control panel select Services b Right click VMware vCenter Inventory Service and select Stop 2 Open a command prompt 3 Delete the entire contents of the C Program Files VMware Infrastructure Inventory_Service data dir...

Страница 121: ...is reset Enable IPv6 Support for vCenter Inventory Service vCenter Inventory Service does not support binding on IPv6 interfaces by default When you install vCenter Server vCenter Inventory Service supports only IPv4 by default You can enable IPv6 support for vCenter Inventory Service by modifying the Inventory Service dataservice properties file Procedure 1 Stop the vCenter Inventory Service a Fr...

Страница 122: ...vSphere Installation and Setup 122 VMware Inc ...

Страница 123: ...ing the installer Interactive ESXi Installation Interactive installations are recommended for small deployments of fewer than five hosts You boot the installer from a CD or DVD from a bootable USB device or by PXE booting the installer from a location on the network You follow the prompts in the installation wizard to install ESXi to disk See Installing ESXi Interactively on page 139 Scripted ESXi...

Страница 124: ...rage drivers that are released between vSphere releases You can deploy an ESXi image created with Image Builder in either of the following ways n By burning it to an installation DVD n Through vCenter Server using the Auto Deploy feature See Using vSphere ESXi Image Builder CLI on page 225 and Installing ESXi Using vSphere Auto Deploy on page 157 About ESXi Evaluation and Licensed Modes After you ...

Страница 125: ...he ESXi Installer ISO Image to a CD or DVD If you do not have an ESXi installation CD DVD you can create one You can also create an installer ISO image that includes a custom installation script See Create an Installer ISO Image with a Custom Installation or Upgrade Script on page 128 Procedure 1 Download the ISO image for ESXi from the VMware download page at http www vmware com download 2 Burn t...

Страница 126: ...to set the type to an appropriate setting for the FAT32 file system such as c d Type a to set the active flag on partition 1 e Type p to print the partition table The result should be similar to the following text Disk dev sdb 2004 MB 2004877312 bytes 255 heads 63 sectors track 243 cylinders Units cylinders of 16065 512 8225280 bytes Device Boot Start End Blocks Id System dev sdb1 1 243 1951866 c ...

Страница 127: ... are using to boot the installation or upgrade Prerequisites n Linux machine n ESXi installation or upgrade script the ks cfg kickstart file n USB flash drive Procedure 1 Attach the USB flash drive to a Linux machine that has access to the installation or upgrade script 2 Create a partition table sbin fdisk dev sdb a Type d to delete partitions until they are all deleted b Type n to create primary...

Страница 128: ...f ESXi you are installing and XXXXXX is the build number of the installer ISO image n Your custom installation or upgrade script the ks_cust cfg kickstart file Procedure 1 Download the ESXi ISO image from the VMware Web site 2 Mount the ISO image into a folder mount o loop VMware VMvisor Installer 5 x x XXXXXX x86_64 iso esxi_cdrom_mount XXXXXX is the ESXi build number for the version that you are...

Страница 129: ...32 jounin net Earlier versions of tftpd32 were incompatible with PXELINUX and gPXE You can also acquire a TFTP server from one of the packaged appliances on the VMware Marketplace The PXELINUX and gPXE environments allow your target machine to boot the ESXi installer PXELINUX is part of the SYSLINUX package which can be found at http www kernel org pub linux utils boot syslinux although many Linux...

Страница 130: ...tory The DHCP server is used by the target machine to obtain an IP address The DHCP server must be able to determine whether the target machine is allowed to boot and the location of the PXELINUX binary which usually resides on a TFTP server When the target machine first boots it broadcasts a packet across the network requesting this information to boot itself The DHCP server responds CAUTION Do n...

Страница 131: ...t the DHCP server provides an IP address and the location of the gpxelinux 0 binary file on the TFTP server The IP address assigned is in the range defined in the subnet section of the configuration file PXELINUX without gPXE Example This example shows how to configure a ISC DHCP version 3 0 server to enable PXELINUX DHCP Server Configuration file see usr share doc dhcp dhcpd conf sample ddns upda...

Страница 132: ...m IP address Ultimately it tries to load a file named default File Location for the PXE Configuration File Save the file in var lib tftpboot pxelinux cfg on the TFTP server For example you might save the file on the TFTP server at tftpboot pxelinux cfg 01 00 21 5a ce 40 f6 The MAC address of the network adapter on the target ESXi host is 00 21 5a ce 40 f6 PXE Boot the ESXi Installer by Using PXELI...

Страница 133: ...ver where the installation script resides and esxi_ksFiles is the directory containing the ks cfg file kernelopt ks http XXX XXX XXX XXX esxi_ksFiles ks cfg 6 Create a PXE configuration file This file defines how the host boots when no operating system is present The PXE configuration file references the boot files Use the following code as a model where XXXXXX is the build number of the ESXi inst...

Страница 134: ...e Linux machine install PXELINUX PXELINUX is included in the SYSLINUX package Extract the files locate the file pxelinux 0 and copy it to the tftpboot directory on your TFTP server 3 Configure the DHCP server The DHCP server sends the following information to your client hosts n The name or IP address of your TFTP server n The name of your initial boot file This is pxelinux 0 4 Copy the contents o...

Страница 135: ... at http www vmware com resources compatibility search php n gPXELINUX n Optional ESXi installation script See About Installation and Upgrade Scripts on page 144 Use a native VLAN in most cases If you want to specify the VLAN ID to be used with PXE booting check that your NIC supports VLAN ID specification Procedure 1 Copy the contents of the ESXi installer ISO image to the var www html directory ...

Страница 136: ...ndor You can use remote management applications to do both interactive and scripted installations of ESXi remotely If you use remote management applications to install ESXi the virtual CD might encounter corruption problems with systems or networks operating at peak capacity If a remote installation from an ISO image fails complete the installation from the physical CD media Required Information f...

Страница 137: ...u install the components on a single disk Migrate existing ESX or ESXi settings Preserve existing VMFS datastore Required if you are installing ESXi on a drive with an existing ESXi or ESX installation None If you have an existing ESX ESXi 4 x or ESXi 5 0 installation the ESXi installer offers a choice between preserving or overwriting the VMFS datastore during installation Root password Optional ...

Страница 138: ...vSphere Installation and Setup 138 VMware Inc ...

Страница 139: ...ns and associated data NOTE To ensure that you do not lose any data migrate the data to another machine before you install ESXi If you are installing ESXi on a disk that contains a previous installation of ESXi or ESX or a VMFS datastore the installer provides you with options for upgrading See the vSphere Upgrade documentation Install ESXi Interactively You use the ESXi CD DVD or a USB flash driv...

Страница 140: ...selected disk NOTE Do not rely on the disk order in the list to select a disk The disk order is determined by the BIOS and might be out of order This might occur on systems where drives are continuously being added and removed If you select a disk that contains data the Confirm Disk Selection page appears If you are installing on a disc with a previous ESXi or ESX installation or VMFS datastore th...

Страница 141: ...ter attempts to connect to the target but does not boot from it See Prerequisites If the connection to the iSCSI target is successful the iSCSI boot firmware saves the iSCSI boot configuration in the iBFT The next adapter to boot must be the ESXi installation media either a mounted ISO image or a physical CD ROM Prerequisites n Verify that the target IQN is configured in the iBFT BIOS target param...

Страница 142: ...gle script for all of them or a separate script for each machine For example because disk names vary from machine to machine one of the settings that you might want to configure in a script is the selection for the disk to install ESXi on Table 7 1 Scripted Installation Choices Option Action Always install on the first disk on multiple machines Create one script Install ESXi on a different disk fo...

Страница 143: ...ption BOOTIF hwtype MAC address Similar to the netdevice option except in the PXELINUX format as described in the IPAPPEND option under SYSLINUX at the syslinux zytor com site gateway ip address Sets this network gateway as the default gateway to be used for downloading the installation script and installation media ip ip address Sets up a static IP address to be used for downloading the installat...

Страница 144: ...pt and installation media Specify as a MAC address for example 00 50 56 C0 00 01 This location can also be a vmnicNN name If not specified and files need to be retrieved over the network the installer defaults to the first discovered network adapter that is plugged in netmask subnet mask Specifies subnet mask for the network interface that downloads the installation script and the installation med...

Страница 145: ... accessible through the following protocols NFS HTTP HTTPS FTP Path to the Installation or Upgrade Script You can specify the path to an installation or upgrade script ks http XXX XXX XXX XXX kickstart KS CFG is the path to the ESXi installation script where XXX XXX XXX XXX is the IP address of the machine where the script resides See About Installation and Upgrade Scripts on page 144 To start an ...

Страница 146: ...nge the order of the disks by using a comma separated list appended to the argument If you provide a filter list the default settings are overridden You can combine filters to specify a particular disk including esx for the first disk with ESX installed on it model and vendor information or the name of the vmkernel device driver For example to prefer a disk with the model name ST3120814A and any d...

Страница 147: ...d with the upgrade and installorupgrade commands See the vSphere Storage documentation for more information about preventing SSD formatting during auto partitioning overwritevsan You must use the overwritevsan option when you install ESXi on a disk either SSD or HDD magnetic that is in a Virtual SAN disk group If you use this option and there is no Virtual SAN partition on the selected disk the in...

Страница 148: ...l local disk the argument is firstdisk ST3120814A mptsas local overwritevsan You must use the overwritevsan option when you install ESXi on a disk either SSD or HDD magnetic that is in a Virtual SAN disk group If you use this option and there is no Virtual SAN partition on the selected disk the installation will fail When you install ESXi on a disk that is in Virtual SAN disk group the result depe...

Страница 149: ... imformation about upgrading hosts that have third party custom VIBs CAUTION Using the forcemigrate option might cause the upgraded host to not boot properly to exhibit system instability or to lose functionality keyboard optional Sets the keyboard type for the system keyboardType Specifies the keyboard map for the selected keyboard type keyboardType must be one of the following types n Belgian n ...

Страница 150: ... otherwise gateway Designates the default gateway as an IP address in the form xxx xxx xxx xxx Used with the bootproto static option nameserver Designates the primary name server as an IP address Used with the bootproto static option Omit this option if you do not intend to use DNS The nameserver option can accept two IP addresses For example nameserver 10 126 87 104 10 126 87 120 netmask Specifie...

Страница 151: ...ample to prefer a disk with the model name ST3120814A and any disk that uses the mptsas driver rather than a normal local disk the argument is firstdisk ST3120814A mptsas local reboot optional Reboots the machine after the scripted installation is complete noeject The CD is not ejected after the installation rootpw required Sets the root password for the system iscrypted Specifies that the passwor...

Страница 152: ...ed You do not need to to use the forcemigrate option See the vSphere Upgrade documentation for imformation about upgrading hosts that have third party custom VIBs CAUTION Using the forcemigrate option might cause the upgraded host to not boot properly to exhibit system instability or to lose functionality include or include optional Specifies another installation script to parse This command is tr...

Страница 153: ...x scripted installation and upgrade commands In ESXi 5 x because the installation image is loaded directly into the host RAM when the host boots you do not need to include the location of the installation media in the installation script ESXi 5 x supports scripted upgrades in addition to scripted installation Command differences are noted in the following summary accepteula or vmaccepteula Only in...

Страница 154: ...tifier is generated by ESXi to represent the LUN or disk The identifier takes a form similar to the canonical name of previous versions of ESXi with the mpx prefix This identifier can be used exactly as the NAA ID See Knowledge Base article 1014953 About the boot cfg File The boot loader configuration file boot cfg specifies the kernel the kernel options and the boot modules that the mboot c32 boo...

Страница 155: ...ended installation when you boot the resulting installer ISO image See Create an Installer ISO Image with a Custom Installation or Upgrade Script on page 128 Prerequisites Before you run the scripted installation upgrade or migration verify that the following prerequisites are met n The system on which you are installing upgrading or migrating meets the hardware requirements See ESXi Hardware Requ...

Страница 156: ...e See ESXi Hardware Requirements on page 13 n You have the ESXi installer ISO on a bootable USB flash drive See Format a USB Flash Drive to Boot the ESXi Installation or Upgrade on page 125 n The default installation or upgrade script ks cfg or a custom installation or upgrade script is accessible to the system See About Installation and Upgrade Scripts on page 144 n You have selected a boot optio...

Страница 157: ...ess caching or stateful installs Stateless caching By default Auto Deploy does not store ESXi configuration or state on the host disk Instead an image profile defines the image that the host is provisioned with and other host attributes are managed through host profiles Stateful installs You can provision a host with Auto Deploy and set up the host to store the image to disk On subsequent boots th...

Страница 158: ...e a host profile that requires user input for certain values When Auto Deploy applies a host profile that requires an answer to a host the host comes up in maintenance mode Use the host profiles interface to check the host profile compliance and respond to the prompt to customize the host The host customization information is stored with the host Auto Deploy Architecture The Auto Deploy infrastruc...

Страница 159: ...settings to hosts based on the attributes of the host For example you can deploy image profiles or host profiles to two clusters of hosts by writing two rules each matching on the network address of one cluster For hosts that have not yet been added to a vCenter Server system the Auto Deploy server checks with the rules engine before serving image profiles host profiles and inventory location info...

Страница 160: ...ctivate the rules in the working rule set If you add a rule and do not specify the NoActivate parameter all rules that are currently in the working rule set are activated You cannot activate individual rules See the PowerCLI command line help and Managing Auto Deploy with PowerCLI Cmdlets on page 173 Auto Deploy Boot Process When you boot a host that you want to provision or reprovision with vSphe...

Страница 161: ... specified in the image profile the optional host profile and optional vCenter Server location information 5 The host boots using the image profile If the Auto Deploy server provided a host profile the host profile is applied to the host 6 Auto Deploy adds the host to the vCenter Server system that Auto Deploy is registered with a If a rule specifies a target folder or cluster on the vCenter Serve...

Страница 162: ...tual machines that were successfully migrated to other hosts stay there Virtual machines for which no host had enough resources are registered to the rebooted host If the vCenter Server system is unavailable the host contacts the Auto Deploy and is provisioned with an image profile The host continues to contact the Auto Deploy server until Auto Deploy reconnects to the vCenter Server system Auto D...

Страница 163: ... Update the Host Customization in the vSphere Web Client on page 180 See Test and Repair Rule Compliance on page 176 Figure 7 3 Auto Deploy Installation Subsequent Boots Auto Deploy subsequent boots vCenter Server provisions host using host image profiles edit and update rule set subsequent boot with image update subsequent boot with no update check ruleset compliance use updated image profile upd...

Страница 164: ...ncludes vCenter Server and the Auto Deploy server The Auto Deploy server on the vCenter Server appliance is disabled by default You can use both servers on the appliance use a standalone vCenter Server installation with Auto Deploy on the appliance or use a standalone Auto Deploy installation with the vCenter Server appliance See Using Auto Deploy with the VMware vCenter Server Appliance on page 1...

Страница 165: ...luster ReplacePattern ipv4 192 XXX 1 10 192 XXX 1 20 my_host_profile_from_reference_host is the name of the reference host profile my_targetcluster is the name of the target cluster 9 Turn on the hosts you want to provision If the hosts that are specified by the pattern are not currently managed by a vCenter Server system Auto Deploy provisions them with the already stored image profile and the sp...

Страница 166: ...h the rule set Get VMHostMatchingRules Retrieves rules matching a pattern For example you can retrieve all rules that apply to a host or hosts Use this cmdlet primarily for debugging Test DeployRulesetCompliance Checks whether the items associated with a specified host are in compliance with the active rule set Repair DeployRulesetCompliance Given the output of Test DeployRulesetCompliance this cm...

Страница 167: ...to create and modify the rules and rule sets that govern Auto Deploy behavior you must install vSphere PowerCLI and all prerequisite software The Auto Deploy cmdlets are included with the PowerCLI installation n Using Auto Deploy Cmdlets on page 170 Auto Deploy cmdlets are implemented as Microsoft PowerShell cmdlets and included in vSphere PowerCLI Users of Auto Deploy cmdlets can take advantage o...

Страница 168: ...rver already in your environment or install a DHCP server For your Auto Deploy setup replace the gpxelinux 0 file name with undionly kpxe vmw hardwired n Secure your network as you would for any other PXE based deployment method Auto Deploy transfers data over SSL to prevent casual interference and snooping However the authenticity of the client or the Auto Deploy server is not checked during a PX...

Страница 169: ...anage tab select Settings and click Auto Deploy c Click Download TFTP Boot Log to download the TFTP configuration file and unzip the file to the directory in which your TFTP server stores files 3 Set up your DHCP server to point to the TFTP server on which the TFTP ZIP file is located a Specify the TFTP Server s IP address in DHCP option 66 frequently called next server b Specify the boot file nam...

Страница 170: ...rosoft Web site for information about installing the Microsoft software See the vSphere PowerCLI Installation Guide for detailed instructions for PowerCLI installation Procedure 1 Verify that Microsoft NET 2 0 is installed or install it from the Microsoft Web site following the instructions on that Web site 2 Verify that Microsoft Powershell 2 0 is installed or install it from the Microsoft Web si...

Страница 171: ...ty reasons Windows PowerShell supports an execution policy feature It determines whether scripts are allowed to run and whether they must be digitally signed By default the execution policy is set to Restricted which is the most secure policy If you want to run scripts or load configuration files you can change the execution policy by using the Set ExecutionPolicy cmdlet To do this type the follow...

Страница 172: ... located hostContainer Get Datacenter Name Datacenter X You can also run a cmdlet that retrieves a cluster to use bulk licensing for all hosts in a cluster or retrieves a folder to use bulk licensing for all hosts in a folder 3 Create a new LicenseData object and a LicenseKeyEntry object with associated type ID and license key licenseData New Object VMware VimAutomation License Types LicenseData l...

Страница 173: ...are depot or define a custom image profile using the Image Builder PowerCLI 3 Run Add EsxSoftwareDepot to add the software depot that contains the image profile to the PowerCLI session Depot Type Cmdlet Remote depot Run Add EsxSoftwareDepot depot_url ZIP file a Download the ZIP file to a local file path b Run Add EsxSoftwareDepot C file_path my_offline_depot zip 4 In the depot find the image profi...

Страница 174: ... on page 176 n Turn on unprovisioned hosts to provision them with the new image profile Assign a Host Profile to Hosts Auto Deploy can assign a host profile to one or more hosts The host profile might include information about storage configuration network configuration or other characteristics of the host If you add a host to a cluster that cluster s host profile is used The following procedure e...

Страница 175: ...DeployRule testrule2 By default the working rule set becomes the active rule set and any changes to the rule set become active when you add a rule If you use the NoActivate parameter the working rule set does not become the active rule set What to do next n Upgrade existing hosts to use the new host profile by performing compliance test and repair operations on those hosts See Test and Repair Rule...

Страница 176: ...hose hosts See Test and Repair Rule Compliance on page 176 n Turn on unprovisioned hosts to add them to the specified vCenter Server location Test and Repair Rule Compliance When you add a rule to the Auto Deploy rule set or make changes to one or more rules hosts are not updated automatically Auto Deploy applies the new rules only when you test their rule compliance and perform remediation This t...

Страница 177: ... did not previously run ESXi software first boot reboot hosts or reprovision hosts with a different image profile host profile or folder or cluster location The Auto Deploy process differs depending on the state of the host and on the changes that you want to make Provision a Host First Boot Provisioning a host that has never been provisioned with Auto Deploy first boot differs from subsequent boo...

Страница 178: ...peration See Test and Repair Rule Compliance on page 176 Reprovisioning Hosts vSphere Auto Deploy supports multiple reprovisioning options You can perform a simple reboot or reprovision with a different image profile or a different host profile A first boot using Auto Deploy requires that you set up your environment and add rules to the rule set See Preparing for vSphere Auto Deploy on page 167 Th...

Страница 179: ...sociation between the host and the image profile but does not install VIBs on the host n In all other cases use this procedure Prerequisites n Create the image profile you want to boot the host with Use the Image Builder PowerCLI discussed in Using vSphere ESXi Image Builder CLI on page 225 n Make sure that the setup that you performed during the first boot operation is in place Procedure 1 At the...

Страница 180: ...ate hosts when you place the host in maintenance mode Host is not part of a DRS cluster You must migrate all virtual machines to different hosts and place each host in maintenance mode 2 In the vSphere Web Client remediate the host a Right click the host and click All vCenter Actions Host Profiles Remediate 3 When prompted provide the user input You can now direct the host to exit maintenance mode...

Страница 181: ...to be provisioned with Auto Deploy Stateful installs support network installation through Auto Deploy After the initial installation hosts that are provisioned with stateful install host profile settings will boot from disk Use Cases The System Cache Configuration host profile supports the following use cases Hosts provisioned with Auto Deploy cache the image stateless caching Set up and apply a h...

Страница 182: ...ctivity If the ESXi hosts that run your virtual machines lose connectivity to the Auto Deploy server the vCenter Server system or both some limitations apply when you next reboot n If vCenter Server is available but the Auto Deploy server is unavailable hosts do not connect to the vCenter Server automatically You can manually connect the hosts to the vCenter Server or wait until the Auto Deploy se...

Страница 183: ...oy and applies a host profile that is set up for stateful installs Reboot is required Applying the System Cache Configuration Host Profile from the vSphere Web Client You can create a host profile on a reference host and apply that host profile to additional hosts or to a vCenter Server folder or cluster The following workflow results 1 You provision a host with Auto Deploy and edit that host s Sy...

Страница 184: ...rtual machines are migrated to the host if the host reboots Because vCenter Server assigns virtual machines to the host vCenter Server must be available See Set up a Highly Available Auto Deploy Infrastructure on page 204 You can set up your environment for stateless caching by applying host profiles directly or by using PowerCLI rules Table 7 10 Setting up hosts for stateless caching or stateful ...

Страница 185: ...set up to use stateless caching the host uses a cached image if the Auto Deploy Server is not available To use stateless caching you must configure a host profile You can apply that host profile to other hosts that you want to set up for stateless caching You can configure the host profile on a single host that you want to set up to use caching You can also create a host profile that uses caching ...

Страница 186: ...ee Assign a Host Profile to Hosts on page 174 Enable Stateful Installs for Hosts Provisioned with Auto Deploy You can set up hosts provisioned with Auto Deploy to cache the image to disk and to use the cached image on subsequent boots After the image is cached the hosts act like hosts on which an image is installed Prepare Hosts Provisioned with Auto Deploy for Stateful Installs In some situations...

Страница 187: ...stalled on it use model and vendor information or specify the name of the vmkernel device driver For example to have the system first look for a disk with the model name ST3120814A second for any disk that uses the mptsas driver and third for the local disk specify ST3120814A mptsas local as the value of this field Check to overwrite any VMFS volumes on the selected disk If you click this check bo...

Страница 188: ...o a shared SAN LUN or you can install ESXi Dump Collector in your environment and set up the reference host to use ESXi Dump Collector See Configure ESXi Dump Collector with ESXCLI on page 189 You can either install ESXi Dump Collector by using the vCenter Server installation media or use the ESXi Dump Collector that is included in the vCenter Server Appliance After setup is complete VMkernel memo...

Страница 189: ...esxcli system syslog set up a syslog server and esxcli network route add routes and set up the default route See Configure ESXi Dump Collector with ESXCLI on page 189 Host Profiles Interface Best practice is to set up a host with vSphere Web Client or vCLI and create a host profile from that host You can also configure the host profiles directly with the Host Profiles interface in the vSphere Web ...

Страница 190: ...e on page 176 n Turn on unprovisioned hosts to provision them with the new host profile Configure Host Profiles for an Auto Deploy Reference Host with the vSphere Web Client You can set up host profiles in a reference host and apply the host profile settings to all other hosts that you provision with vSphere Auto Deploy You can either configure the reference host and export the host profile or for...

Страница 191: ...ump Collector for a reference host with esxcli or directly in the Host Profiles panels of the vSphere Web Client You can export the host profile and write a rule that applies the profile to all hosts provisioned with Auto Deploy Best practice is to set up hosts to use ESXi Dump Collector with the esxcli system coredump command and save the host profile see Configure ESXi Dump Collector with ESXCLI...

Страница 192: ...to create a host profile 3 Right click the host profile you want to modify and select Edit Host Profile 4 Leave the name and description and click Next 5 Click Advanced Configuration Settings click the Advanced Options folder and click Advanced configuration options You can specify syslog settings from here 6 If you are setting up an ESXi 5 0 host that did not have a previously configured syslog s...

Страница 193: ...er and Implement Your Partitioning Stategy By default Auto Deploy provisions hosts only if a partition is available on the host You can set up a reference host to auto partition all hosts that you provision with Auto Deploy CAUTION If you change the default auto partitioning behavior Auto Deploy overwrites existing partitions regardless of their content If you turn on this option ensure that no un...

Страница 194: ...Data VMware VMware vCenter Auto Deploy vmconfig autodeploy xml and specify the new IP address You do not have to edit the file if you reregister for other reasons than a new IP address c Run the autodeploy register exe command specifying all required options autodeploy register exe R a vCenter IP p vCenter Port u user_name w password s setup file path d Restart the Auto Deploy process net start vm...

Страница 195: ...tion a Right click the host select All vCenter Actions Host Profiles Attach Host Profile select the profile to attach and click OK b Right click the host and select Enter Maintenance Mode c Right click the host and select All vCenter Actions Host Profiles Remediate d When prompted provide the IP address e Right click the host and select Exit Maintenance Mode The IP address is saved as a host custo...

Страница 196: ...for Auto Deploy meets the requirements for vCenter Server installation Auto Deploy has the same requirements Procedure 1 If Auto Deploy is running on the vCenter Server Appliance stop the built in Auto Deploy server and unregister Auto Deploy from the Linux command prompt service vmware rdb watchdog stop autodeploy register unregister a localhost l If you never started Auto Deploy on the appliance...

Страница 197: ...t The system stores your input and uses it the next time the host boots NOTE The host customization is not stored in a location or format that administrators can access Use the Host Profiles UI in the vSphere Web Client to modify customization When the host profile is set to prompt for user input you must specify a value in the dialog that appears when you reset the host customization An error res...

Страница 198: ... select User Input Password to be Used to Configure Administrator Password from the Administrator password drop down menu Preconfigures a user for the ESXi host but prompts for the password for that user on each host when the host boots for the first time You can perform this task only if a user configuration already exists Configure the user by selecting one of the options n Assigned fixed user c...

Страница 199: ...s User specified IPv6 address or prompt the user only if no default is available 1 Select Edit Host Profile click Networking configuration and click Host port group 2 Click Management Network and click IP address settings 3 In the Static IPv6 address field select how the system manages the IPv4 address n User specified IPv6 Address to be used while applying the configuration n Prompt the user for ...

Страница 200: ...ser for IPv6 address if no default is available Auto Deploy Best Practices and Security Consideration Follow best practices when installing vSphere Auto Deploy and when using Auto Deploy with other vSphere components Set up a highly available Auto Deploy infrastructure in large production environments or when using stateless caching Follow all security guidelines that you would follow in a PXE boo...

Страница 201: ... through the host profile Contact your network administrator to determine the steps for allowing hosts to reach the DHCP server Auto Deploy and VMware Tools Best Practices See the VMware Knowledge Base article 2004018 for Auto Deploy and VMware Tools best practices Auto Deploy Load Management Best Practice Simultaneously booting large numbers of hosts places a significant load on the Auto Deploy s...

Страница 202: ...g and enables network logging and combining of logs from multiple hosts Setting Up ESXi Dump Collector Hosts provisioned with Auto Deploy do not have a local disk to store core dumps on Install ESXi Dump Collector and set up your first host so all core dumps are directed to ESXi Dump Collector and apply the host profile from that host to all other hosts See Configure ESXi Dump Collector with ESXCL...

Страница 203: ...t provide accurate location information for on board devices ESXi applies heuristics for this case to keep the alias stable even for these devices Always bring the BIOS up to the latest level The heuristic is designed to keep built in devices that lack proper BIOS information stable even when cards in slots are added or removed VMware cannot guarantee this will function under all conditions for ex...

Страница 204: ...astructure VM Active Directory DNS vCenter Server Auto Deploy environment PowerCLI Auto Deploy server vCenter Server Set up this environment on a single virtual machine or on three separate virtual machines in production systems The vCenter Server on the infrastructure virtual machine differs from the vCenter Server in the Auto Deploy environment 3 Set up Auto Deploy to provision other hosts as ne...

Страница 205: ...sing the Active Directory passwords n The host s public and private SSL key and certificate are included in the boot image You can greatly reduce the security risk of Auto Deploy by completely isolating the network where Auto Deploy is used Troubleshooting Auto Deploy The Auto Deploy troubleshooting topics offer solutions for situations when provisioning hosts with Auto Deploy does not work as exp...

Страница 206: ...ploy server Solution u Correct the IP address of the Auto Deploy server in the tramp file as explained in the vSphere Installation and Setup documentation Auto Deploy Host with a Built In USB Flash Drive Does Not Send Coredumps to Local Disk If your Auto Deploy host has a built in USB flash drive and an error results in a coredump the coredump is lost Set up your system to use ESXi Dump Collector ...

Страница 207: ... to view the VIBs in the image profile 2 Remove any VIBs that are not stateless ready 3 Rerun the Auto Deploy PowerCLI cmdlet Auto Deploy Host Reboots After Five Minutes An Auto Deploy host boots and displays iPXE information but reboots after five minutes Problem A host to be provisioned with Auto Deploy boots from iPXE and displays iPXE information on the console However after five minutes the h...

Страница 208: ...switch the EFI system to BIOS compatibility mode 2 In the BIOS configuration enable Network Boot in the Boot Device configuration Auto Deploy Host Does Not Get a DHCP Assigned Address The host you provision with Auto Deploy fails to get a DHCP Address Problem When you attempt to boot a host provisioned with Auto Deploy the host performs a network boot but is not assigned a DHCP address The Auto De...

Страница 209: ...ut the host cannot contact the TFTP server Cause The TFTP server might have stopped running or a firewall might block the TFTP port Solution n If you installed the WinAgents TFTP server open the WinAgents TFTP management console and verify that the service is running If the service is running check the Windows firewall s inbound rules to make sure the TFTP port is not blocked Turn off the firewall...

Страница 210: ... the firewall run netsh firewall set opmode disable To enable the firewall run netsh firewall set opmode enable Recovering from Database Corruption on the Auto Deploy Server In some situations you might have a problem with the Auto Deploy database The most efficient recovery option is to replace the existing database file with the most recent backup Problem When you use Auto Deploy to provision th...

Страница 211: ...ith vSphere HA agent version 5 1 or later on each ESXi host On hosts provisioned with Auto Deploy the replacement is not permanent because no state is on the host If vCenter Server is not available the ESXi hosts do not have the correct vSphere HA agent and cannot join a cluster Cause The Auto Deploy 5 0 server does not automatically upgrade the FDM VIB to version 5 1 or later Unless you create a ...

Страница 212: ...at includes an IPv6 vCenter Server The Auto Deploy server must have an IPv4 address because PXE booting is supported only with IPv4 Proof of Concept Preinstallation Checklist Before you can start the proof of concept setup make sure that your environment meets the hardware and software requirements and that you have the necessary permissions for the components that are included in the setup You ne...

Страница 213: ... a TFTP server for sending the boot image to the hosts that it provisions You must install a TFTP server in your environment This task only installs the TFTP server You later download a configuration file to the server See Configure the Auto Deploy and TFTP Environment in the vSphere Web Client on page 218 Prerequisites Make sure your system meets the requirements in the Preinstallation Checklist ...

Страница 214: ...ess Enter PowerCLI displays a list of cmdlets and their definitions in the PowerCLI window What to do next n If you do not see a list of cmdlets when you run Get DeployCommand check your PowerCLI version and uninstall and reinstall if necessary n For some background information on PowerCLI see Using Auto Deploy Cmdlets on page 170 See the vSphere PowerCLI documentation set for details n Prepare th...

Страница 215: ...2 Create a DHCP scope for your IP address range a Click Start Settings Control Panel Administrative Tools and click DHCP b Drill down to DHCP hostname IPv4 right click and click New Scope c Click Next on the Welcome screen and specify a name and description for the scope d Specify an IP address range and click Next e Click Next until you reach the Configure DHCP Options screen and select No I will...

Страница 216: ...the window 5 In the DHCP window right click DHCP hostname IPv4 Scope Activate and click Activate 6 Do not log out from the DHCP Server if you are using Active Directory for DHCP and DNS or log out otherwise What to do next Prepare the DNS Server See Prepare the DNS Server on page 216 Prepare the DNS Server Preparing the DNS server involves adding the DHCP information to the DNS server and verifyin...

Страница 217: ...ecklist See Proof of Concept Preinstallation Checklist on page 212 n Perform all preceding proof of concept setup tasks See Auto Deploy Proof of Concept Setup on page 212 for the complete list Procedure 1 Log in to the console of the Windows system on which vCenter Server is installed with administrator privileges either directly or by using RDP 2 Secure the installation media for the Auto Deploy ...

Страница 218: ...t setup tasks See Auto Deploy Proof of Concept Setup on page 212 for the complete list Procedure 1 From your Web browser access the URL of the vSphere Web Client that connects to the vCenter Server system which manages the Auto Deploy Server 2 When the Certificate warning appears continue to the vCenter Server system 3 In the inventory drill down to the vCenter Server system 4 Click the Manage tab...

Страница 219: ...e 212 n Perform all preceding proof of concept setup tasks See Auto Deploy Proof of Concept Setup on page 212 for the complete list Procedure 1 Log in to the console of the Windows system on which vCenter Server is installed with administrator privileges either directly or by using RDP 2 Download the ESXi Depot ZIP file from the VMware Web site to a location the PowerCLI Windows system can access ...

Страница 220: ...Pattern The pattern specifies the host or group of hosts to which the rule applies Choose one of the following vendor Machine vendor name model Machine model name serial Machine serial number hostname Machine hostname domain Domain name ipv4 IPv4 address of the machine mac Boot NIC MAC address asset Machine asset tag oemstring OEM specific strings in the SMBIOS Specify AllHosts to apply the item o...

Страница 221: ... page 212 n Perform all preceding proof of concept setup tasks See Auto Deploy Proof of Concept Setup on page 212 for the complete list Procedure 1 Open a console session to the physical host that you want to use as the first ESXi target host boot the host and look for messages that indicate a successful iPXE boot During the boot process DHCP assigns an IP address to the host The IP address matche...

Страница 222: ...ost customizations Prerequisites n Make sure your system meets the requirements in the preinstallation checklist See Proof of Concept Preinstallation Checklist on page 212 n Perform all preceding proof of concept setup tasks See Auto Deploy Proof of Concept Setup on page 212 for the complete list Procedure 1 Use the vSphere Web Client to connect to the vCenter Server system In this proof of concep...

Страница 223: ...einstallation checklist See Proof of Concept Preinstallation Checklist on page 212 n Perform all preceding proof of concept setup tasks See Auto Deploy Proof of Concept Setup on page 212 for the complete list Procedure 1 Log in to a vSphere Web Client that is connected to the vCenter Server system with administrator privileges 2 Click Rules and Profiles and select Host Profiles 3 Click the Extract...

Страница 224: ...host profile you created from the reference host type the following command and press Enter New DeployRule name Production01Rule item image_profile ESXiGold target_cluster Pattern ipv4 IP_range Option Description image_profile The ESXi image profile you used in the first deploy rule target_cluster Name of the cluster in vCenter Server to which you want to add all hosts IP_range Either a single IP ...

Страница 225: ...ith a vSphere Web Client connect to the vCenter Server system 3 Click Home and select Host Profiles 4 In the panel on the left select the ESXiGold profile and add the newly booted hosts to that profile 5 Apply the host profile to each of the hosts provide the user input information and reboot each host When the reboot progress completes all hosts are running with the image you specify and use the ...

Страница 226: ...ort to ISO or to offline bundle ZIP file Perform upgrades If you upgrade from a 4 0 or 4 1 system that includes custom extensions or drivers you can use Image Builder to create an image profile that includes the vSphere 5 base VIB You can create vSphere 5 VIBs for the custom extensions and add those VIBs to the base VIB Export the custom image profile to an ISO you can install or to a ZIP that you...

Страница 227: ...nto the hosts See SoftwarePackage Object Properties on page 231 Image Profile An image profile defines an ESXi image and consists of VIBs An image profile always includes a base VIB and might include more VIBs You examine and define an image profile using the Image Builder PowerCLI See ImageProfile Object Properties on page 230 Software Depot A software depot is a collection of VIBs and image prof...

Страница 228: ...ructure that shows whether the two profiles have the same VIB list and acceptance level See Acceptance Levels on page 229 Remove EsxImageProfile Removes the image profile from the software depot Add EsxSoftwarePackage Adds one or more new packages VIBs to an existing image profile Remove EsxSoftwarePackage Removes one or more packages VIBs from an image profile Image Profiles Image profiles define...

Страница 229: ...e following actions n Checks that no conflicts exist by checking the Conflicts property of each SoftwarePackage object n Performs VIB signature validation Signature validation prevents unauthorized modification of VIB packages The signature is a cryptographic checksum that guarantees that a VIB was produced by its author Signature validation also happens during installation of VIBs on an ESXi host...

Страница 230: ...ct which is accessible with the Get EsxImageProfile PowerCLI cmdlet has the following properties Name Type Description AcceptanceLevel AcceptanceLevel Determines which VIBs you can add to the profile Levels are VMwareCertified VMwareAccepted PartnerSupported and CommunitySupported See Acceptance Levels on page 229 Author System String Person who created the profile 60 characters or fewer CreationT...

Страница 231: ...Name of the VIB Usually uniquely describes the package on a running ESXi system Provides SoftwareProvides List of virtual packages or interfaces this VIB provides See SoftwareProvide Object Properties on page 233 ReferenceURLs SupportReference List of SupportReference objects with in depth support information The SupportReference object has two properties Title and URL both of type System String R...

Страница 232: ... profiles have identical packages and acceptance levels OnlyInComp System String List of VIBs found only in the second profile that you passed to Compare EsxImageProfile OnlyInRef System String List of VIBs found only in the first profile that you passed to Compare EsxImageProfile PackagesEqual System Boolean True if the image profiles have identical sets of VIB packages RefAcceptanceLevel System ...

Страница 233: ...nt against This property can be null if the constraint does not have a Relation and Version property VersionObject SoftwareVersion The version represented by a SoftwareVersion object SoftwareProvide Object Properties The SoftwareProvide object includes the following properties Name Type Description Name System String Name of the provide Version System String Version of the provide Can be null if t...

Страница 234: ...nning Get Help cmdlet_name n Remember that PowerShell is not case sensitive n Use tab completion for cmdlet names and parameter names n Format any variable and cmdlet output by using Format List or Format Table or their short forms fl or ft See Get Help Format List Passing Parameters by Name You can pass in parameters by name in most cases and surround parameter values that contain spaces or speci...

Страница 235: ...e or if you want to use hosts from different vendors and want to use the same basic profile but want to add vendor specific VIBs VMware partners or large installations might consider creating a profile from scratch Administrators performing this task must have some experience with PowerCLI or Microsoft PowerShell Prerequisites n Install the VMware PowerCLI and all prerequisite software See Image B...

Страница 236: ...alid NOTE VMware can support only environments and configurations that have been proven to be stable and fully functional through rigorous and extensive testing Use only those supported configurations If you have to go outside of that clearly defined space use custom VIBs Custom VIBs lower your host compliance and as a result supportability But you know the changes you made and can maintain those ...

Страница 237: ... can export an image profile to an ISO image or a ZIP file of component files and folders You cannot create both by running the cmdlet once You can use the ISO image as an ESXi installer or upload the ISO into vSphere Update Manager for upgrades You can use the ZIP file which contains metadata and the VIBs specified in the image profile for upgrades to ESXi 5 0 and later Administrators performing ...

Страница 238: ...dle FilePath C my_bundle zip What to do next Use the ISO image in an ESXi installation or upload the ISO image into vSphere Update Manager to perform upgrades Use the ZIP file to upgrade an ESXi installation n Import the ZIP file into vSphere Update Manager for use with patch baselines n Download the ZIP file to an ESXi host or a datastore and run esxcli software vib commands to import the VIBs in...

Страница 239: ...ted to allow for easy updates with PartnerSupported VIBs NOTE VMware supports hosts at the PartnerSupported acceptance level For problems with individual VIBs with PartnerSupported acceptance level VMware refers you to the partner s support organization Image profile acceptance levels The image profile acceptance level is set to the lowest VIB acceptance level in the image profile If you want to a...

Страница 240: ...CommunitySupported The Community Supported acceptance level is for VIBs created by individuals or companies outside of VMware partner programs VIBs at this level have not gone through any VMware approved testing program and are not supported by VMware Technical Support or by a VMware partner Change the Host Acceptance Level You can lower the host acceptance level to match the acceptance level for ...

Страница 241: ...evel you can clone the image profile with a lower acceptance level or change the image profile acceptance level Prerequisites n Install the VMware PowerCLI and all prerequisite software See Install Image Builder PowerCLI and Prerequisite Software on page 233 n If you encounter problems running PowerCLI cmdlets consider changing the execution policy See Using Image Builder Cmdlets on page 234 Proce...

Страница 242: ...dcard characters 1 At the PowerShell prompt add the depot that you want to examine to the current session For remote depots run Add EsxSoftwareDepot DepotUrl depot_url For an offline depot ZIP file you must download the ZIP file first a Download the ZIP file to a local file path but do not unzip it b Run Add EsxSoftwareDepot DepotUrl C file_path offline bundle zip 2 Retrieve image profiles You can...

Страница 243: ... 0 123456 full ip1 VibList Get EsxSoftwarePackage CreatedAfter 7 1 2010 Creating Image Profiles by Cloning Workflow You can use Image Builder cmdlets to check which depots are available to add a depot to display image profile information and to create a new image profile by cloning one of the available image profiles Before you use the cmdlets in this workflow make sure your environment meets the ...

Страница 244: ...n in a variable instead of passing parameters by name You can run the following cmdlets in sequence from the PowerCLI prompt DefaultSoftwareDepots Add EsxSoftwareDepot DepotUrl depot_url DefaultSoftwareDepots profs Get EsxImageProfile profs ip New EsxImageProfile CloneProfile profs 2 Name new_profile_name Vendor my_vendor ip Creating Image Profiles from Scratch Workflow In most situations you crea...

Страница 245: ...by quotes 4 Pipe the information about the new image profile to format list for detailed information about the new package Get EsxImageProfile Name Test 2 VibList format list Example Creating Image Profiles from Scratch Using Variables This command sequence repeats the steps of the workflow but passes parameters as objects accessed by position in a variable instead of passing parameters by name Yo...

Страница 246: ...ular format Name Vendor Last Modified Acceptance Level Test 2 Vendor42 9 22 2010 12 05 VMwareAccepted 4 Add a software package VIB to the image profile You can add the package by name Add EsxSoftwarePackage ImageProfile Test 2 SoftwarePackage NewPack3 PowerShell returns the information about the image profile in tabular format Name Vendor Last Modified Acceptance Level Test 2 Vendor42 9 22 2010 12...

Страница 247: ...hat Is Not Attached to the Network on page 253 n Managing ESXi Remotely on page 254 n Configuring Network Settings on page 254 n Storage Behavior on page 258 n View System Logs on page 261 n Configure Syslog on ESXi Hosts on page 262 n Enable Lockdown Mode Using the Direct Console on page 263 n Enable Lockdown Mode Using the vSphere Web Client on page 263 n Enable ESXi Shell and SSH Access with th...

Страница 248: ...are not compatible with your network environment Key operations available to you in the direct console include n Configuring hosts n Setting up administrative access n Troubleshooting You can also use vSphere Web Client to manage the host through vCenter Server Table 8 1 Navigating in the Direct Console Action Key View and change the configuration F2 Change the user interface to high contrast mode...

Страница 249: ...options the change does not persist for subsequent boots n Redirect the Direct Console to a Serial Port from the vSphere Web Client on page 250 You can manage the ESXi host remotely from a console that is connected to the serial port by redirecting the direct console to either of the serial ports com1 or com2 When you use the vSphere Web Client to redirect the direct console to a serial port the b...

Страница 250: ...ging or for ESX Shell tty1Port Procedure 1 From the vSphere Web Client connect to the vCenter Server 2 Select the host in the inventory 3 Click the Manage tab 4 Click Settings 5 Under System select Advanced System Settings 6 Make sure that the VMkernel Boot logPort and VMkernel Boot gdbPort fields are not set to use the com port that you want to redirect the direct console to 7 Set VMkernel Boot t...

Страница 251: ...n determines how your server boots Generally the CD ROM device is listed first NOTE If you are using ESXi Embedded the BIOS boot configuration determines whether your server boots into the ESXi boot device or another boot device Generally the USB flash device is listed first in the BIOS boot settings on the machine that hosts ESXi You can change the boot setting by configuring the boot order in th...

Страница 252: ...ccess Controller DRAC or a similar remote management interface and select a physical floppy or CD ROM drive or provide a path to a floppy image or CD ROM image 2 Reboot the server 3 While the server is powering on enter the device selection menu Depending on your server hardware the key might be a function key or Delete 4 Follow the instructions to select the virtual device The server boots from t...

Страница 253: ...connected to a functioning DHCP server but you do not want to use the DHCP configured IP address During the autoconfiguration phase the software assigns a DHCP configured IP address You can make the initial connection by using the DHCP configured IP address Then you can configure a static IP address If you have physical access to the ESXi host you can override the DHCP configured IP address by con...

Страница 254: ...ent Network Traffic between an ESXi host and any external management software is transmitted through an Ethernet network adapter on the host You can use the direct console to choose the network adapters that are used by the management network Examples of external management software include the vCenter Server and SNMP client Network adapters on the host are named vmnicN where N is a unique number ...

Страница 255: ...nfigure a static network address The default subnet mask is 255 255 0 0 Configure IP Settings from the Direct Console If you have physical access to the host or remote access to the direct console you can use the direct console to configure the IP address subnet mask and default gateway Procedure 1 Select Configure Management Network and press Enter 2 Select IP Configuration and press Enter 3 Sele...

Страница 256: ...e direct console to configure DNS information Procedure 1 Select Configure Management Network and press Enter 2 Select DNS Configuration and press Enter 3 Select Use the following DNS server addresses and hostname 4 Enter the primary server an alternative server optional and the host name Configure DNS Suffixes If you have physical access to the host you can use the direct console to configure DNS...

Страница 257: ...re networking or to renew a DHCP lease Restarting the management network will result in a brief network outage that might temporarily affect running virtual machines If a renewed DHCP lease results in a new network identity IP address or host name remote management software will be disconnected Procedure 1 From the direct console select Restart Management Network and press Enter 2 Press F11 to con...

Страница 258: ...he host When the host is not connected to vCenter Server most Distributed Switch features are unavailable to the host Prerequisites Verify that your management network is connected to a distributed switch Procedure 1 From the direct console select Restore Standard Switch and press Enter If the host is on a standard switch this selection is dimmed and you cannot select it 2 Press F11 to confirm Tes...

Страница 259: ...r the first time after installation or upgrade One 4GB VFAT scratch partition is created for system swap See About the Scratch Partition on page 260 The VFAT scratch partition is created only on the disk from which the ESXi host is booting NOTE To create the VMFS volume and a scratch partition with the installation the ESXi installer requires a minimum of 5 2GB of free space on the installation di...

Страница 260: ...is not found but an empty local disk exists the system formats it and creates a scratch partition If no scratch partition is created you can configure one but a scratch partition is not required You can also override the default configuration You might want to create the scratch partition on a remote NFS mounted directory NOTE The installer can create multiple VFAT partitions The VFAT designation ...

Страница 261: ... Settings 6 Under System select Advanced System Settings 7 Select ScratchConfig The field ScratchConfig CurrentScratchLocation shows the current location of the scratch partition 8 In the field ScratchConfig ConfiguredScratchLocation enter a directory path that is unique for this host 9 Reboot the host for the changes to take effect View System Logs System logs provide detailed information about s...

Страница 262: ...on the local file system is persistent across reboots The directory should be specified as datastorename path_to_file where the path is relative to the root of the volume backing the datastore For example the path storage1 systemlogs maps to the path vmfs volumes storage1 systemlogs Syslog global logDirUnique Selecting this option creates a subdirectory with the name of the ESXi host under the dir...

Страница 263: ...nabled they will continue to run whether or not the host is in lockdown mode You can enable lockdown mode using the Add Host wizard to add a host to vCenter Server using the vSphere Web Client to manage a host or using the direct console user interface NOTE If you enable or disable lockdown mode using the Direct Console User Interface DCUI permissions for users and groups on the host are discarded...

Страница 264: ...y ESXi Shell and SSH timeouts and press Enter b Enter the availability timeout in minutes The availability timeout is the number of minutes that can elapse before you must log in after the ESXi Shell is enabled c Press Enter d Enter the idle timeout The idle timeout is the number of minutes that can elapse before the user is logged out of an idle interactive sessions Changes to the idle timeout ap...

Страница 265: ... system configuration does not solve the problem it can still rule out configuration changes made since the initial setup as the source of the problem When you reset the configuration the software overrides all your configuration changes deletes the password for the administrator account root and reboots the host Configuration changes made by your hardware vendor such as IP address settings and li...

Страница 266: ... support you can still enter non ASCII characters for virtual machine names vSphere user interfaces will display the virtual machine names in the non ASCII characters but ESXi will convert the actual file and directory names to ASCII strings Procedure 1 Using a text editor open the etc vmware hostd config xml file for the ESXi host 2 Within the config config tag add the following code g11nSupport ...

Страница 267: ...r and Host Management You can set up bulk licensing using PowerCLI commands Bulk licensing works for all ESXi hosts but is especially useful for hosts provisioned with Auto Deploy See Set Up Bulk Licensing on page 171 You can also operate ESXi without licensing for a 60 day evaluation period during which you can access the full ESXi feature set See About ESXi Evaluation and Licensed Modes on page ...

Страница 268: ... Client If the host becomes inaccessible or unbootable it is important that you have a record of the license key Access the ESXi License Key from the Direct Console If you have physical access to the host or remote access to the direct console you can use the direct console to access the ESXi license key Procedure u From the direct console select View Support Information The license key appears in...

Страница 269: ...ver 216 EFI 167 enable caching 182 failing to complete boot 207 failure to boot 209 highly available 204 host profiles 223 image profile warning 207 installing 217 iPXE boot 221 network boot problem 208 networking 193 PowerCLI cmdlets 165 PowerCLI installation 213 PowerCLI setup 213 preparing 167 proof of concept 212 proof of concept checklist 212 provisioning hosts 177 rebooting 178 redirection p...

Страница 270: ...Center user rights 34 databases maintaining 32 Oracle 46 preparing 113 SQL Server 40 41 DBO privileges 33 deactivating ESXi 266 default installation scripts 144 default root password 144 default storage behavior 258 defaults restoring 265 deployment scenarios vCenter Single Sign On 57 deployment modes vCenter Single Sign On 52 depots 242 DHCP direct console 255 256 for PXE booting the ESXi install...

Страница 271: ...ce command 116 gPXE 129 group policy update 116 groups requirements 113 GUID 116 H hardware requirements ESXi 13 vCenter Server 17 vCenter Server Appliance 17 hardware requirements ESXi 15 high availability and vCenter Single Sign On 54 highly available Auto Deploy environment 184 host customization 157 180 194 197 host customizations 225 host image profile acceptance level 264 host profile from r...

Страница 272: ...e network interfaces 115 IP addressing direct console 255 256 vSphere Web Client 255 IPv6 61 IPv6 address format 61 IPv6 support enabling for Inventory Service 121 iSCSI software disk installing ESXi on 141 ISO create 237 export 237 ISO image with custom installation script 128 J Java Components JRE installing or upgrading separately 92 JDBC 41 JDBC URL formats 62 JRE installing or upgrading separ...

Страница 273: ... P paranoid command 145 part command 145 partition command 145 partitions 258 260 password administrative 251 permissions assigning 89 distributed switches 90 inheritance 90 plug ins for vCenter Server 102 port 80 conflict between vCenter Server and IIS 26 ports configuring 23 25 firewall 23 25 ports used by vCenter Server 23 ports used by vCenter Server Appliance 25 PowerCLI 173 PowerCLI cmdlets ...

Страница 274: ...oftware depot 219 software depots examining 242 SoftwarePackage structure 230 specifications ESXi hardware requirements 13 15 performance recommendations 13 15 SQL compatibility mode 69 SQL Server changing the computer name 31 Microsoft Windows authentication 61 preparing the database 40 41 script for creating 33 SSH access to host 264 Standard switch restoring 258 state 157 stateful installs 186 ...

Страница 275: ...machine 97 vCenter Server databases preparing 30 vCenter Server installation post installation 101 vCenter Server administrator user setting 51 vCenter Server Appliance Auto Deploy 195 196 configuration file format 98 ports 25 synchronize clock with NTP server 60 See also VMware vCenter Server Appliance vCenter Server Appliance creating a custom password 96 vCenter Server Appliance Auto Deploy 195...

Страница 276: ...watchdog 196 vSphere Authentication Proxy IIS installation causes port 80 conflict 26 install or upgrade 110 vSphere Auto Deploy installing ESXi with 157 installing or upgrading 109 vSphere CLI 260 vSphere Distributed Switch restoring standard switch 258 vSphere ESXi Dump Collector install or upgrade 106 vSphere ESXi Image Builder CLI using 225 vSphere installation and setup introduction 11 vSpher...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды