Difference between revisions of "Installing VMware ESX6"

From vmWIKI
Jump to: navigation, search
(Video Content)
(Enabling ESXi Shell and SSH together with Timeout Values)
Line 373: Line 373:
 
[[File:Screen_Shot_2013-10-21_at_18.38.06.png]]
 
[[File:Screen_Shot_2013-10-21_at_18.38.06.png]]
  
'''6.''' Accessing the ESXi Shell requires exiting the DCUI back to the main screen and then pressing '''[ALT+F1]''' on the keyboard. The keystroke '''[ALT+F2]''' will toggle the SysAdmin back to the DCUI. Typing the command 'exit' at the ESXi Shell prompt logs the SysAdmin out of the environment.
+
'''6.''' Accessing the ESXi Shell requires exiting the DCUI back to the main screen and then pressing '''[ALT+F1]''' on the keyboard. The keystroke '''[ALT+F2]''' will toggle the SysAdmin back to the DCUI. Typing the command 'exit' at the ESXi Shell prompt logs the SysAdmin out of the environment. Nothing drives any SysAdmin nutter than a Windows or Apple Mac system that exhibits conflicting and overlap keyboard strokes - such that pressing [Alt-F1] is discovered to be shortcut key to starting all out thermo-nuclear war or engaging the ejector seat to your office chair.. To send [Alt+F1} on a Apple Mac keyboard press [FN+Alt+F1.] The [Fn] key tells Apple Mac to use the Function key (no shit Sherlock) as Function Key, and not as many facetted way of making your keyboard brighter! Because in the world of Apple Mac a Function Key isn't a Function Key until you press another button to tell it to do so. And they call this "PROGRESS"
  
 
'''7.''' Accessing the ESXi SSH Service requires a SSH Client. For Windows systems the most popular is the free PuTTy tool. Linux and Apple support their own native SSH command-line utilities.  
 
'''7.''' Accessing the ESXi SSH Service requires a SSH Client. For Windows systems the most popular is the free PuTTy tool. Linux and Apple support their own native SSH command-line utilities.  

Revision as of 06:07, 20 April 2018

Originating Author

Michelle Laverick

Michelle Laverick.jpg

Video Content

Note: This video were original recorded when vSphere5 was the latest version. However, much of the issue discussed remain the same.

In video discussion with Edward Haletky talks about the different methods of installing VMware ESX - which focuses on the advantages and disadvantages of installing to local disk, USB/SD-card, Boot-From-SAN and Auto Deploy. Finally, the third video walks you though the use of the Direct Console User Interface (or DCUI)

Introduction

Version: vSphere 6.0 Update 1

The VMware ESX is one the primary building blocks of the vSphere environment. It can be regarded as the "crown jewels" of VMware's product portfolio because on its slim shoulders much of the rest of the platform sits. In the community its common to refer to VMware ESX, but you will also occasionally hear people refer to it as the "vSphere Host". The name change is a curious one, and it might indicate an attempt by VMware to distance itself from its "hypervisor" past, and attempt not to be pigeon-holed as virtualization vendor only.

The ESX host is installed in most case to a physical server which is packed with CPU/Memory and access to high-speed networking (1/10gps) and storage (local Direct Attached Storage or DAS, Fibre-Channel, NFS, iSCSI). The vSphere Host is what enables the SysAdmin to have virtual machines. It can be installed to either local disk, USB/SD-Cards or boot from over the network with PXE (see the "AutoDeploy" chapter) or using Fibre-Channel SAN volumes or LUNs. VMware ESX owns all the devices of the physical server sitting on Ring0 of a typical processor architecture. VMware ESX has it own internal process (or Worlds as they referred to) but its sole and only task is running virtual machines and nothing else. The VMware ESX kernel is extremely light-weight and present a very small surface attack area from a security perspective. This in marked contrast to general purpose operating systems that have been retro-fitted with a virtualization layer, essentially treating the virtualization process as merely another "role" along side others.

The VMware ESX product does come with its own hardware compatibility list or HCL, as well as number of specific minimum hardware requirements which are significant in homelab environments or you are using "nested ESX". Nested ESX is where you use one virtualization layer (VMware Workstation on PC, or VMware Fusion on the Mac) to run ESX inside a VM. This is popular method of creating a 'virtual lab' environment that does require plenty of free memory and good underlying disk subsystem, in most case SSD. The minimum requirements currently are:

NOTE: This bulleted list is a direct cut and paste from the publicly available admin guides on vmware.com

  • ESXi will install and run only on servers with 64-bit x86 CPUs.
  • To support 64-bit virtual machines, support for hardware virtualization (Intel VT-x or AMD RVI) must be enabled on x64 CPUs.
  • ESXi requires a host machine with at least two cores.
  • ESXi supports only LAHF and SAHF CPU instructions.
  • ESXi requires the NX/XD bit to be enabled for the CPU in the BIOS
  • ESXi requires a minimum of 4GB of physical RAM. Provide at least 8GB of RAM to take full advantage of ESXi features and run virtual machines in typical production environments.
  • One or more Gigabit or 10Gb Ethernet controllers
  • Any combination of one or more of the following controllers:
  • Basic SCSI controllers. Adaptec Ultra-160 or Ultra-320, LSI Logic Fusion-MPT, or most NCR/Symbios SCSI. RAID controllers. Dell PERC (Adaptec RAID or LSI MegaRAID), HP Smart Array RAID, or IBM (Adaptec) ServeRAID controllers. SCSI disk or a local, non-network, RAID LUN with unpartitioned space for the virtual machines. For Serial ATA (SATA), a disk connected through supported SAS controllers or supported on-board SATA controllers. SATA disks will be considered remote, not local. These disks will not be used as a scratch partition by default because they are seen as remote

VMware offers a rich array of getting VMware ESX on to the hardware. Of course installation to locally attached, mirrored hard-drives is supported - as is an installation to USB/SD-cards. You will find some blades support a small SD-Card slot to allow for boot from this media. Ever since the early days a boot-from-SAN configuration is supported, and this increasingly easier to manage with the onset of converged blade architectures such as Cisco UCS. Additionally, VMware support "AutoDeploy" this allows for the ESX host to boot across the network using PXE. Ancillary services such as DHCP/TFTP and the AutoDeploy Service are used to provide the boot process across the network. In this model the VMware ESX host is "stateless" with its configuration being provided during each boot process using the "Host Profiles" feature. You should be aware that both AutoDeploy and Host Profiles are licensed technologies and are currently only available to Enterprize+ customers. As such this could limit it applicability to your production environment. Finally, what ever "install" method you adopt (local, media, SAN) VMware ESX does support scripted installation which can massively decrease the deployment time as well as enforcing company standards and settings. These topics are beyond the scope of this article where the focus is on a manual installation to local storage. For other methods please consult the other chapter of the vmWIKI for vSphere.

During the setup process the install media can see any storage that the vSphere Host is configured to access. Care must be taken to not accidentally destroy data on LUNs/Volumes presented to the host. There a number of methods to stop the vSphere Host being able to see remote storage. These include:

  • Disconnect Fibre-Channel Cables/Ethernet Cables
  • Disable the Fibre-Channel PCI Device from within the server BIOS
  • Use Storage Management to Storage to ensure access to remote storage is not possible

The vSphere Host/VMware ESX software downloads as DVD .iso image that can either be mounted directly using your server vendors ILO/DRAC/RAC/BMC board or else burned to a DVD disk, and then used with the DVD player. It's recommend to use the "Download Manager" option as this support auto-resumme in the event of network outage. It's also recommend to use a md5sum tool to validate the downloaded .ISO is not corrupted. If your using Linux or Apple Mac these operating systems ship with a "md5" command-line tool. Those SysAdmin using Windows are recommend to use NullRiver Software's WinMD5sum

Caption: This screen shot shows the main download page at vmware.com. Highlighted in red is the MD5 hash value.

alt VMware's Corporate download page with md5sum value

Caption: This screen shot show the Windows WinMD5sum application. The MD5 hash of the download .ISO file matches the one published on VMware's website.

alt Using WinMD5sum to verify the .ISO image is not corrupted

Installing VMware ESX

1. Attach the DVD to your server - in this example a HP ML350e G8 was used which has an onboard "ILO4" Management Card. This is quite an old server, and should see a more modern UI on a contemporary system. In this case the HP ILO's "Virtual Drives" feature was used to mount the VMware ESX DVD .ISO to the physical host, and the host powered on. By default the VMware ESX host installer pauses briefly for 10seconds at this boot menu screen.

Screen Shot 2016-01-11 at 13.48.58.png

2. After this the install will continue to load the files required for installation.

Screen Shot 2016-01-11 at 13.50.26.png

3. Once completed the kernel that makes up VMware ESX (referred to as the VMKernel) is loaded.

Screen Shot 2016-01-11 at 13.52.51.png

4. Once the system load has completed, you will see the welcome screen

Screen Shot 2016-01-11 at 13.56.54.png

5. And the obligatory EULA - pressing [F11] Accepts and Continues this.

Screen Shot 2016-01-11 at 14.00.52.png

6. Next you will need select a disk to hold the VMware ESX software. In this case we have select the local volume attached to the RAID controller card.

Screen Shot 2018-02-12 at 14.53.43.png

7. It is possible to select each disk/volume/LUN and request details with [F1]. In this case the disk has already been formatted with the VMware File System - VMFS. In a clean installation this disk would be found to be blank.

Screen Shot 2018-02-12 at 14.56.18.png

8. Select your language.

Screen Shot 2016-01-11 at 16.05.58.png

9. Set the password for the "root" user account. The installer does not enforce or warning you about complexity. So very simple passwords such as Password1 or VMware1! will work. However, if you try to reset the root password to a simple password this will fail once the installer has finished. vSphere 6.0 Update1 introduced a number of prohibited 'dictionary' words than before, so think about your password. Generally a combination of the 4 characters classes (Upper-case, Lower-case, Special Character and a number will meet the requirements, as well as being beyond 8 characters in length will work. For instance VMW@re123 currently meets the complexity requirements.

Screen Shot 2016-01-11 at 16.06.12.png

10. Finally, you are given one last chance to abort the installation.

11. Then the installer will copy the software to the disk/volume/LUN you selected earlier.

Screen Shot 2016-01-11 at 16.13.16.png

14. At the end of the install pressing [ENTER] will trigger a reboot - be sure to eject or close any mounted .ISO or physical DVD in the server.

15. After the reboot you should be confronted with the VMware ESX "Direct User Console Interface" (DUCI). This allows a number of post-configuration tasks to take place, and also be used as one method of troubleshooting an ESX host if become unresponsive. Notice how by default VMware ESX defaults to using DHCP, and will recieve a DHCP delivered IP address if the service exists on your network.

Screen Shot 2016-01-18 at 12.51.57.png

Managing VMware ESX Direct User Interface (DCUI)

Video Content

In this video discussion we talk about the different methods of installing VMware ESX - which focuses on the advantages and disadvantages of installing to local disk, USB/SD-card, Boot-From-SAN and Auto Deploy.

{{#ev:youtube|2RBxxkDqCPI||center|Discuss The Options with Mike Laverick & Duncan James}}

Discuss The Options: Installing VMware ESX Discussion - Native Quality

Introduction

Version: vSphere 6.5 Update 1

The Direct Console User Interface (DCUI) is the front-end management system that allows for some basic configuration changes and troubleshooting options should the VMware ESX host become unmanagable via conventional tools such as the vSphere Client or vCenter.

Screen Shot 2013-10-21 at 13.24.32.png

Typical administration tasks include:

  • Reset 'root' password
  • Configure Lockdown mode
  • Configure, Restart, Test and Restore the VMware ESX Management Network
  • Restart Management Agents
  • Configure Keyboard
  • Troubleshoot
  • View System Logs
  • Reset System Configuration (Factory Reset)
  • Shutdown/Restart the VMware ESX Host

Most actions are carried out by using [F2] on the keyboard or [F11] confirm changes, along with typical options such as [Y] and [N] to various system prompts. Before carrying out any task you will be required to supply the 'root' password. However, the first law of security is to secure the physical server - so take care to ensure your access to ILO/RAC/BMC interfaces are properly secured. Although the VMware ESX host can be rebooted from the DCUI this is regarded as an action of last resort. If the VMware ESX hosts has running VMs these will crash, and may or may not be restarted on other hosts depending on whether they are part of a cluster.

Reset 'root' password

You may need to reset the 'root' password because an inappropriate one was initially assigned, or it has become disclosed to individuals who should be denied access. There are easier ways to change the root password using the vSphere Client, and if you need to change the 'root' account password for many hosts (say on a quarterly basis) you might find VMware's PowerCLI and other scripting automation tools are a better approach.

Whilst special characters are supported with the 'root' passwords there have been reported cases of certain character types causing a problem. Generally, if you stick with alphanumerics and common characters such as !@$%&*()}{|":?><,./\';][ then you should have no problem. Avoid special characters which are region or culturally specific. Indeed there have been cases were even very common characters such as the $ dollar sign have caused problems. So tread carefully.

1. Open a console window to the physical VMware ESX hosts

2. Press [F2] on the keyboard, and supply your current 'root' logon password and press [ENTER]

Screen Shot 2013-10-21 at 13.44.10.png

3. Select "Configure Password" and press [ENTER]

4. Supply the old password together with two copies of the new password, and press [ENTER]

Screen Shot 2013-10-21 at 13.46.41.png

NOTE: To carry out this same task in VMware PowerShell first authenticate to the VMware ESX host, and use the "Set-VMHostAccount"

Reset 'root' password (PowerCLI)

PowerCLI is an incredible handy scripting and administration tool. It can be download from https://my.vmware.com/web/vmware/details?downloadGroup=PCLI650R1&productId=614. Once installed to Windows execute with "Run As Administrator" and apply these two policy settings:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
Set-PowerCLIConfiguration -InvalidCertificateAction ignore -confirm:$false

This will stop any warning messages about unsigned scripts and untrusted certificates.

You can connect to a VMware ESXi host or VMware vCenter Server using:

Connect-VIServer -Server esx01yc.corp.com -User root -Password VMware1!

OR

Connect-VIServer -Server vcnyc.corp.com -User administrator@vsphere.local -Password VMware1!

Screen Shot 2013-10-21 at 14.01.16.png - Resetting the Root Password in PowerCLI for Single ESX host

Connect-VIServer esx01nyc.corp.com -User root -password Password1
Set-VMHostAccount -UserAccount root -password P@ssw0rd  

Screen Shot 2013-10-21 at 14.01.16.png - Resetting the Root Password in PowerCLI for Multiple ESX hosts

In this case the .PS1 script attaches to vSphere and dumps a list of ESX hosts, and then is disconnected. It then logs into each ESX host as root/Password1, and then uses Set-VMHostAccount to reset the password to P@ssw0rd. Note - neither of these passwords are very good!

Write-Host "Connecting to vCenter" 
Connect-VIServer "vcnyc.corp.com" -user administrator -password Password1 
$VMHosts = Get-VMHost | Sort-Object Name 
Disconnect-VIServer -Confirm:$False  
ForEach ($VMHost in $VMHosts) 
{ 
$HostName = $VMHost.Name 
Connect-VIServer $HostName -User root -password Password1
Set-VMHostAccount -UserAccount root -password P@ssw0rd  
Disconnect-VIServer -Confirm:$False
}

Configure Lockdown mode

Lockdown mode is a method of restricting direct access to the VMware ESX host using the vSphere Client. It is enabled when adding the VMware ESX host to vCenter. Without "Lockdown Mode" enabled an administrator can bypass the vCenter management server - and modify advanced settings on the host. This can bypass methods of generating audit trails, and centralized management. Enabling the "Lockdown Mode" prevents this from happening. There are two modes "Normal" and "Strict" - In strict and normal lockdown mode, privileged users can access the host through vCenter Server. In normal lockdown mode, accounts on the Exception User list can access the DCUI if they have administrator privileges. In addition, all users who are specified in the DCUI.Access advanced system setting can access the DCUI. In strict lockdown mode, the Direct Console User Interface (DCUI) service is disabled and the only way to re-enable it is via vCenter.

Screen Shot 2018-02-12 at 15.10.49.png

Note: Screen grab taken from the vCenter Web Client as an ESX host is being added into the Inventory.

Once enabled attempts to connect directly to the host using the legacy vSphere Client will result in an error message indicating a lack of privileges even when the 'root' account is being used. Even if the SSH Protocol is enabled on the host, although PuTTy and SSH client sessions could be established. Logons would fail because of lockdown mode. vSphere 6.0 introduces a more 'strict mode' where even the DCUI is disabled. This means the only way to turn of 'lockdown mode' is via vCenter. There's a risk here, if vCenter is not available - then other methods of troubleshooting could be unavailable. The ESXI host became unresponsive, and unmanagable then your only recourse would be a reboot and hope that vCenter reconnected to the ESXi host.

Screen Shot 2013-12-04 at 11.35.34.png

Note: VMware has been gradually degrading support for the now 'legacy' vSphere Desktop Client (sometimes referred to as the C# Client. It is now only really functional for accessing ESXi hosts directly.

Screen Shot 2013-12-04 at 11.39.25.png

If a case does arise where direct host access is required using the vSphere Client or PuTTy - then the mode can be disabled from the DCUI.

1. Open a console window to the physical VMware ESX hosts

2. Press [F2] on the keyboard, and supply your current 'root' logon password and press [ENTER]

Screen Shot 2013-10-21 at 13.44.10.png

3. Select Configure Lockdown mode, and use the [Spacebar] to toggle the option off/on

Screen Shot 2013-12-04 at 11.46.58.png]

Configure, Restart, Test and Restore the VMware ESX Management Network

The installation of VMware ESX defaults to assigning the first network card discovered to the management network, and configuring the host for a DHCP assigned address. This might be unsuccessful depending on how the physical server is patched to the switch, and whether a DHCP server is present on the network. Additionally, the physical switch maybe configured for VLANs. The default installation of VMware ESX does not allow for the setting of VLAN Tags until after the vmkernel has been loaded, and the DCUI enabled.

Almost all of the changes made in the "Configure Management Network" require a restart of the networking for the management of the ESX host. This is something you will prompted to do when ever you exit these pages.

Screen Shot 2018-02-12 at 17.08.57.png

The following instructions are illustration of changing the default physical NIC, setting the VLAN value and configuring a static IP options.

Network Card Assignment

1. Open a console window to the physical VMware ESX hosts

2. Press [F2] on the keyboard, and supply your current 'root' logon password and press [ENTER]

Screen Shot 2013-10-21 at 13.44.10.png

3. Use the cursor keys to scroll down and select "Configure Management Network" and press [ENTER]

4. Select "Network Adapters" and press [ENTER]

5. Using the [SPACEBAR] and cursor keys you can select network interfaces. In the screen grab below two physical NICs (vmnic0 and vmnic1) have been allocated to the VMware ESX host. This will automatically offer out of the box load-balancing and redundancy.

Screen Shot 2013-10-21 at 15.31.36.png


VLAN Configuration

1. Open a console window to the physical VMware ESX hosts

2. Press [F2] on the keyboard, and supply your current 'root' logon password and press [ENTER]

Screen Shot 2013-10-21 at 13.44.10.png

3. Use the cursor keys to scroll down and select "Configure Management Network" and press [ENTER]

4. Select "VLAN (Optional)" and press [ENTER]

5. Type in the VLAN ID value, and press [ENTER]

Screen Shot 2013-10-21 at 15.43.16.png


IPv4 Configuration

Note: By default both IPv4 and IPv6 are bound to the network adapters for the management network using an automatic configuration. Most customers opt for a IPv4 Static configuration unless they have deployed an IPv6 infrastructure in their environment.

1. Open a console window to the physical VMware ESX hosts

2. Press [F2] on the keyboard, and supply your current 'root' logon password and press [ENTER]

Screen Shot 2013-10-21 at 13.44.10.png

3. Use the cursor keys to scroll down and select "Configure Management Network" and press [ENTER]

4. Scroll down and select "IPv4 Configuration" and press [ENTER]

5. Complete the IP configuration as it befits your local network requirements. The IPv4 binding to the adapter can now be disabled, dynamic (using DHCP service or auto-IP) or static IPv4 address.

Screen Shot 2018-02-12 at 17.12.10.png

6. The DNS settings can be modified by selecting "DNS Configuration" and press [ENTER]. The DNS Configuration allows for the setting of a primary and secondary DNS server, together with the short "hostname". The fully-qualified domain name (FQDN) is completed by configuring the full name in this edit box, and custom DNS suffixes allows for short hostname queries by pre-setting the preferred domain suffix.

Screen Shot 2018-02-12 at 17.43.16.png

Screen Shot 2018-02-12 at 17.19.59.png

7. The IP Configuration can be tested using the "Test Management Network" options. This allows the SysAdmin to test communication to the router (if present) and the DNS servers on the network - as well as confirming the hostname is resolvable to via DNS. In this case the 3rd IP address was adjusted to be the IP for the vCenter Server system on the network. Thus validating the host accessibility to the router, DNS, and vCenter - as well as the name resolution of the host as well.

Screen Shot 2018-02-12 at 17.46.58.png

Screen Shot 2018-02-12 at 17.46.42.png

IMPORTANT: Although the test here passed on the hostname, the test merely checks to see if the hostname is present on the DNS server. It does not verify if the hostname (or ANAME record) is valid or pointing at the correct address. As such this means you could still have incorrect entries in the DNS database. It's recommend to use a utility like nslookup to confirm that both forward and reverse DNS looks resolve to the correct name. Whilst reverse looksup using the PTR record in DNS aren't always required customer often find these useful as well.

Screen Shot 2018-02-12 at 17.50.10.png


Restore Network Configuration

Restoring the network configuration is quite a dangerous option if not used correctly. It has the potential to reset the network to such a state that you will not be able to communicate to the VMware ESX host without resorting to the DCUI to resume communication. It also has the possibility of disconnecting virtual machines (VMs) that are running on the VMware ESX host. Additionally, it has the ability to remove standard and distributed virtual switches (vSwitch) from the host in event that these have become broken on the host beyond repair.

CAUTION: As such you should approach these options with extreme care.

1. Open a console window to the physical VMware ESX hosts

2. Press [F2] on the keyboard, and supply your current 'root' logon password and press [ENTER]

Screen Shot 2013-10-21 at 13.44.10.png

3. Use the cursor keys to scroll down and select "Network Restore Options" and press [ENTER]

4. Select the Restore option required, and press [ENTER]. In the following case the option "Restore Network Settings" was selected.

Screen Shot 2013-10-21 at 17.24.49.png

Configure Keyboard

Whilst the VMware ESX host keyboard settings can be configured during installation, it possible to modify this after the installation itself.

1. Open a console window to the physical VMware ESX host

2. Press [F2] on the keyboard, and supply your current 'root' logon password and press [ENTER]

Screen Shot 2013-10-21 at 13.44.10.png

3. Use the cursor keys to scroll down and select "Configure Keyboard" and press [ENTER]

4. Use the cursor keys to highlight the preferred language, and then spacebar to select the new keyboard type. Press [ENTER] to make the change.

Screen Shot 2013-10-21 at 19.02.41.png

Troubleshooting Options

Restart Management Agents

In the early days of VMware ESX occasionally the host would appear as being "disconnected" in the management system of vCenter. Although the host has a "WatchDog" service designed to restart the core management agent, this would be unsuccessful. In recent years these random disconnections have been resolved - and its now highly unusual for an VMware ESX host to enter a disconnected state. Nowadays, if this happens its is more normally another cause such as an IP conflict, or the host being rebooted in non-authorised manner or some type of hardware failure. Nonetheless, the option to restart management agents does exist in the DCUI. If you do use this option you will need to be patient as it can take time for other systems to "retry" the connection and reconnect to the host.

1. Open a console window to the physical VMware ESX host

2. Press [F2] on the keyboard, and supply your current 'root' logon password and press [ENTER]

Screen Shot 2013-10-21 at 13.44.10.png

3. Use the cursor keys to scroll down and select "Troubleshoot Options" and press [ENTER]

4. Use the cursor keys to scroll down to "Restart Management Agents" and press [ENTER]. In the following page not only do you have the option to simply restart the management agents, but also collect extra troubleshooting information. Notice the warning about this disconnects all existing remote management software.

Screen Shot 2013-10-21 at 17.42.29.png

Enabling ESXi Shell and SSH together with Timeout Values

It is possible to get true command-line access to the VMware ESX host. This can be either by the "ESXi Shell" normally access via the ILO/RAC/BMC card or using the Secure Shell protocol (SSH) commonly access on TCP port 22 using a SSH client like PuTTy. In addition to these options being enabled they can be enabled for a designated period as well, to allow temporary console access. This is prevents the need to have protocols like SSH enabled all the time, which could be regarded by some as a security weakness. If you do have a require to permanently enabled SSH access this can be done from the "Security Profile" on the VMware ESX host either with the vSphere Client or using vCenter with the Web-Client.

Important: If you intend to set timeout values you must set these before enabling the ESXi Shell and/or SSH.

1. Open a console window to the physical VMware ESX host

2. Press [F2] on the keyboard, and supply your current 'root' logon password and press [ENTER]

Screen Shot 2013-10-21 at 13.44.10.png

3. Use the cursor keys to scroll down and select "Troubleshoot Options" and press [ENTER]

4. Use the cursor keys to select "Modify ESXi Shell and SSH Timeouts", and press [ENTER]. Configure the durations for the "Availability Timeout" and "Idle Timeout". A zero value can be specified which indicates that sessions never expire.

Screen Shot 2013-10-21 at 18.34.07.png

5. Next we can Enable the ESXi Shell and SSH. These a toggle options where pressing [ENTER] switches the option from "Enable..." to "Disable..."

Screen Shot 2013-10-21 at 18.38.06.png

6. Accessing the ESXi Shell requires exiting the DCUI back to the main screen and then pressing [ALT+F1] on the keyboard. The keystroke [ALT+F2] will toggle the SysAdmin back to the DCUI. Typing the command 'exit' at the ESXi Shell prompt logs the SysAdmin out of the environment. Nothing drives any SysAdmin nutter than a Windows or Apple Mac system that exhibits conflicting and overlap keyboard strokes - such that pressing [Alt-F1] is discovered to be shortcut key to starting all out thermo-nuclear war or engaging the ejector seat to your office chair.. To send [Alt+F1} on a Apple Mac keyboard press [FN+Alt+F1.] The [Fn] key tells Apple Mac to use the Function key (no shit Sherlock) as Function Key, and not as many facetted way of making your keyboard brighter! Because in the world of Apple Mac a Function Key isn't a Function Key until you press another button to tell it to do so. And they call this "PROGRESS"

7. Accessing the ESXi SSH Service requires a SSH Client. For Windows systems the most popular is the free PuTTy tool. Linux and Apple support their own native SSH command-line utilities.

Screen Shot 2013-10-21 at 18.53.19.png

Unsupported Tip: The DCUI is a process like any other on the VMware ESXi host. It is possible to access the DCUI from a SSH session using PuTTy. This is not a support usage, and it runs the risk of disconnecting the very SSH session that allows it work. The DCUI is accessed from the SSH session by typing the command "dcui" and the SysAdmin can exit the shell using the keystroke [CTRL+C]

Screen Shot 2018-02-12 at 18.27.51.png

View System Logs

There many ways of viewing and gathering the system logs from a VMware ESX host. Viewing them via the DCUI is perhaps least friendly method but it is possible.

1. Open a console window to the physical VMware ESX host

2. Press [F2] on the keyboard, and supply your current 'root' logon password and press [ENTER]

Screen Shot 2013-10-21 at 13.44.10.png

3. Use the cursor keys to scroll down and select "View System Logs" and press [ENTER]

4. Pressing a number on the keyboard from 1-6 will allow you to view the system logs, and [Q] on the keyboard will quit the log view, and return the SysAdmin back to the DCUI screen.

Screen Shot 2013-10-21 at 19.18.40.png

Screen Shot 2013-10-21 at 19.19.13.png

Reset System Configuration (Factory Reset)

A "Reset System Configuration" (or more commonly referred to as a 'factory reset') reconfigures the ESX host back to its initial installation. This achieve by maintain various system states between reboots. Before issuing a "Reset System Configuration" its is recommended to carry out a manual backup of the VMware ESX host. This can be done using the command vicfg-cfgbackup or PowerCLI.

IMPORTANT: A reset of the VMware ESX host also resets the root password back to being blank. As consequence all previous passwords including the one configured at the installation are lost.

1. Open a console window to the physical VMware ESX host

2. Press [F2] on the keyboard, and supply your current 'root' logon password and press [ENTER]

Screen Shot 2013-10-21 at 13.44.10.png

3. Use the cursor keys to scroll down and select "Reset System Configuration" and press [ENTER]. Next press [F11] to confirm you wish to carry-out the reset, followed by [ENTER] to confirm a reboot of the system.

Screen Shot 2013-10-21 at 19.30.00.png

Screen Shot 2013-10-21 at 14.01.16.png
Get-VMHostFirmware -VMHost esx01nyc.corp.com -BackupConfiguration -DestinationPath C:\
Set-VMHostFirmware -ResetToDefaults

Note: This will back up the VMware ESX host called "esx01nyc.corp.com". After the backup has completed a zip file in the .tgz format will be created called C:\configBundle-esx01nyc.corp.com.tgz. The cmdlet "Set-VMHostFirmware" has the capacity to send the reset process to the host as well.

Shutdown/Restart the VMware ESX Host

There are many ways to shutdown or reboot the VMware ESX host. By far the most appropriate method would be use vCenter "maintenance mode" which in conjunction with the VMotion and the Distributed Resource Schedule (DRS) feature successfully evacuate all the VMs from the host, before a shutdown or reboot instruction is given. You should exhaust all reasonable efforts to gain control over the the VMware ESX host to carry out a graceful outage of the host. Only use the power button or the shutdown/restart functionality of the DCUI if you have no other option.

1. Open a console window to the physical VMware ESX host

2. Press [F12] on the keyboard, and supply your current 'root' logon password and press [ENTER]

Screen Shot 2013-10-21 at 20.08.11.png

3. Pressing [F2] on the keyboard will trigger a shutdown, whereas pressing [F11] will trigger a reboot. Before using the [F2] ensure you have suitable access to trigger a power on of the physical server!

Screen Shot 2013-10-21 at 14.01.16.png
Set-VMHost esx01nyc.corp.com -State maintenance
Restart-VMHost -vmhost esx01nyc.corp.com

Note: Once a host is in maintenance mode it remains in this mode even after a reboot. An VMware ESX in maintenance mode cannot power on a VM, nor have VMs moved to it.