Professional Documents
Culture Documents
vSphere 4.1
This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
EN-000319-00
You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com
Copyright 20082010 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies.
VMware, Inc.
Contents
AboutThisBook
1 IntroductiontovMA 7
vMACapabilities 7 vMAComponentOverview 8 vSphereAuthenticationMechanism 8 vSphereLoggingComponent 9 vMASamples 9 vMAUseCases 9 WritingorConvertingScripts 9 WritingorConvertingAgents 10
2 GettingStartedwithvMA 11
HardwareRequirements 12 SoftwareRequirements 12 RequiredAuthenticationInformation 12 DeployvMA 13 ConfigurevMAatFirstBoot 13 ConfigurevMAforActiveDirectoryAuthentication 14 ConfigureUnattendedAuthenticationforActiveDirectoryTargets TroubleshootingUnattendedAuthentication 15 EnabletheviuserAccount 16 AddTargetServerstovMA 16 RunningvSphereCLIfortheTargets 18 ReconfigureaTargetServer 19 RemoveTargetServersfromvMA 19 ModifyingScripts 19 ShutDownvMA 20 DeletevMA 20 TroubleshootingvMA 21
15
3 vMAInterfaces 23
vMAInterfaceOverview 23 vifptargetCommandforvifastpassInitialization 24 vifpTargetManagementCommands 24 vifpaddserver 24 vifpremoveserver 26 vifprotatepassword 26 vifplistservers 27 vifpreconfigure 28 TargetManagementExampleSequence 28 viloggerDaemonandLogManagementCommands 28 ManagementServiceInterfaceforvilogd 29 viloggerenable 29 viloggerdisable 30 viloggerupdatepolicy 31 viloggerlist 31
VMware, Inc. 3
Appendix:UpdatingvMAwithvmaupdate
Introductiontovmaupdate 35 Usevmaupdate 35 UsevmaupdatewithUpdateDepots 37 vmaupdateTroubleshooting 37
35
Index 39
VMware, Inc.
Revision History
Thisbook,thevSphereManagementAssistantGuide,isrevisedwitheachreleaseoftheproductorwhen necessary.Arevisedversioncancontainminorormajorchanges.Table 1summarizesthesignificantchanges ineachversionofthisbook. Table 1. Revision History
Revision 13JUL2010 16NOV2009 Description vMA4.1release Chapter1isenhancedtoprovidedetailsaboutvMAsenhancedcapabilities,authenticationmechanisms andthechangestothesamplesisnowaCentOSbasedvirtualmachine. Chapter2providesinformationaboutconfiguringvMAforActiveDirectory.Italsoexplainshowto reconfigureatargetserver. Chapter3providesinformationaboutthenewvifptargetandvifp reconfigurecommands.Italso describestheVmaTargetLiblibrary. 21MAY2009 27OCT2008 vMA4.0documentation VIMA1.0documentation
Intended Audience
ThisbookisforadministratorsanddeveloperswithsomeexperiencesettingupaLinuxsystemandworking inaLinuxenvironment.AdministratorscanusethevMAautomatedauthenticationfacilitiesandthesoftware packagedwithvMAtointeractwithESX/ESXihostsandvCenterServersystems.Developerscancreateagents thatinteractwithESX/ESXihostsandvCenterServersystems.
Document Feedback
VMwarewelcomesyoursuggestionsforimprovingourdocumentation.Sendyourfeedbackto docfeedback@vmware.com.
VMware, Inc.
Support Offerings
TofindouthowVMwaresupportofferingscanhelpmeetyourbusinessneeds,goto http://www.vmware.com/support/services.
VMware, Inc.
Introduction to vMA
TogetstartedwithvMArightaway,gotoGettingStartedwithvMAonpage 11.
vMA Capabilities
vMAprovidesaflexibleandauthenticatedplatformforrunningscriptsandprograms.
VMware, Inc.
CentOSrelease5.364bitEnterpriseLinuxvMArunsCentOSonthevirtualmachine.Youcanmovefiles betweentheESX/ESXihostandthevMAconsolebyusingthevifsvSphereCLIcommand. VMwareToolsInterfacetothehypervisor. vSphereCLICommandsformanagingvSpherefromthecommandline.SeethevSphereCommandLine InterfaceInstallationandReferenceGuide. vSphereSDKforPerlClientsidePerlframeworkthatprovidesascriptinginterfacetothevSphereAPI. TheSDKincludesutilityapplicationsandsamplesformanycommontasks. SMISvMAincludestheVMwareimplementationoftheCIMprofilescompatiblewiththeStorage ManagementInitiativeSpecification(SMISversion1.0.2)oftheStorageNetworkIndustryAssociation. WithvMA4.1,youcanspecifyESX/ESXiandvCenterServersystemsastargetservers.Thescriptthat establishestheSMIStargetserverusestheVmaTargetLiblibrary. JavaJREversion1.6RuntimeengineforJavabasedapplicationsbuiltwiththevSphereWebServices SDK.
vMAalsoincludesanauthenticationcomponent(vifastpass)andaloggingcomponent(vilogger).
viadminwithadministratorprivileges viuserwithreadonlyprivileges
vifastpassstoresthepasswordinformationforthetargetserveronvMA. ThecreationofviadminandviuserdoesnotapplyforActiveDirectoryauthenticationtargets.Whenyouadd asystemasanActiveDirectorytarget,vMAdoesnotstoreanyinformationaboutthecredentials.Tousethe ActiveDirectoryauthentication,theadministratormustconfigurevMAforActiveDirectory.Formore informationonhowtoconfigurevMAforActiveDirectory,seeConfigurevMAforActiveDirectory Authenticationonpage 14. Afteraddingatargetserver,youmustinitializevifastpasssothatyoudonothavetoauthenticateeachtime yourunvSphereCLIcommands.IfyourunavSphereCLIcommandwithoutinitializingvifastpass,youwill beaskedforusernameandpassword.
VMware, Inc.
Youcaninitializevifastpassusingoneofthefollowingmethods:
Aftersettingupatargetusingthevifptargetcommand,youcanrunvSphereCLIcommandsorscriptsthat usevSphereSDKforPerlwithoutprovidinganyauthenticationinformation.Toruncommandsagainstan ESXorESXisystemthatismanagedbyavCenterserver,youcanusethe-vihostoption. YouneedtorunthevifptargetcommandortheLoginmethodonce,eachtimeyoulogintovMA.Thetarget thatyouspecifyinthevifptargetcommandisthedefaulttarget.Targetserversremaintargetsacross reboots.Youcanoverrideitbyusingthe-serveroptionofthevSphereCLIcommandsasshowninthe followingexample: vifptarget -s esx1.foo.com vicfg-nics -l #liststhenicsonesx1.foo.com
vMA Samples
vMAsamplesillustratethevMACLIsandtheVmaTargetLiblibrary.ThesamplesareavailableinvMAat /opt/vmware/vma/samples.EachsampleincludesaREADMEfile.
VMware, Inc.
Thepartnerchangestheagenttousecodesimilartothefollowingpseudocodeinstead:
LoginToMyEsx(String myESXName) { VmaTarget target = VmaTargetLib.queryTarget(myESXName); UserSession us = target.login(); }
ThispseudocodeassumesonlyonevMAtarget.Formultipletargetservers,thecodecanspecifyany targetserverorloopthroughalistoftargetservers.
10
VMware, Inc.
YoushouldhavesomeexperiencesettingupaLinuxsystemandworkinginaLinuxenvironment.This chapterexplainshowtodeployandconfigurevMA,howtoaddandremovetargetservers,andhowto prepareandrunscripts.Thechapteralsoincludestroubleshootinginformation. ReadChapter 1,IntroductiontovMA,onpage 7forbackgroundinformationonvMAfunctionalityand availablevMAcomponents. IMPORTANTYoucanupgradeavMA4.0systemtovMA4.1GA.However,youcannotupgradeaVIMA1.0 systemtovMA4.1. Thischapterincludesthefollowingtopics:
HardwareRequirementsonpage 12 SoftwareRequirementsonpage 12 RequiredAuthenticationInformationonpage 12 DeployvMAonpage 13 ConfigurevMAatFirstBootonpage 13 ConfigurevMAforActiveDirectoryAuthenticationonpage 14 ConfigureUnattendedAuthenticationforActiveDirectoryTargetsonpage 15 EnabletheviuserAccountonpage 16 AddTargetServerstovMAonpage 16 RunningvSphereCLIfortheTargetsonpage 18 ReconfigureaTargetServeronpage 19 RemoveTargetServersfromvMAonpage 19 ModifyingScriptsonpage 19 ShutDownvMAonpage 20 DeletevMAonpage 20 TroubleshootingvMAonpage 21
VMware, Inc.
11
Hardware Requirements
TosetupvMA,youmusthaveanESX/ESXihost.BecausevMArunsa64bitLinuxguestoperatingsystem, theESX/ESXihostonwhichitrunsmustsupport64bitvirtualmachines. TheESX/ESXihostmusthaveoneofthefollowingCPUs:
AMDOpteron,revEorlater IntelprocessorswithEM64TsupportwithVTenabled.
Software Requirements
YoumusthavethefollowingsoftwaretodeployvMA:
12
VMware, Inc.
Deploy vMA
YoucandeployvMAbyusingafileorfromaURL.Ifyouwanttodeployfromafile,downloadandunzipthe vMAZIPfilebeforeyoustartthedeploymentprocess. IMPORTANTYoucanupgradeavMA4.0systemtovMA4.1.However,youcannotupgradeaVIMA1.0 systemtovMA4.1 To deploy vMA 1 2 3 UseavSphereClienttoconnecttoasystemthatisrunningESX/ESXi4.1,ESX/ESXi4.0,ESX/ESXi3.5 Update2orlater,orvCenterServer4.0. IfconnectedtoavCenterServersystem,selectthehosttowhichyouwanttodeployvMAintheinventory pane. SelectFile>DeployOVFTemplate. TheDeployOVFTemplatewizardappears. 4 5 6 7 8 9 SelectDeployfromfileifyouhavealreadydownloadedandunzippedthevMAvirtualappliance package. Click Browse,selecttheOVF,andclickNext. ClickNextwhenthedownloaddetailsaredisplayed. Acceptthelicenseagreement. (Optional)Specifyanameforthevirtualmachine. Selectalocationforthevirtualmachinewhenprompted. IfyouareconnectedtoavCenterServersystem,youcanselectafolder. 10 IfconnectedtoavCenterServersystem,selecttheresourcepoolforthevirtualmachine. Bydefault,thetoplevelrootresourcepoolisselected. 11 12 Ifprompted,selectthedatastoretostorethevirtualmachineonandclickNext. SelectthenetworkmappingandclickNext. IMPORTANTMakesurevMAisconnectedtothemanagementnetworkonwhichthevCenterServerand ESX/ESXisystemsthatareintendedvMAtargetsarelocated. 13 ReviewtheinformationandclickFinish. ThewizarddeploysthevMAvirtualmachinetothehostthatyouselected.The deployprocesscantake severalminutes. NextyouconfigureyourvMAvirtualmachine.YouperformthistaskwhenyoulogintovMAthefirsttime.
VMware, Inc.
13
ThecommanddisplaysthenameofthedomaintowhichvMAhasjoined.
14
VMware, Inc.
ThevMAconsoledisplaysamessagestatingwhethervMAhaslefttheActiveDirectorydomain.
OnvMA,createascriptin/etc/cron.hourly/kticket-renewwiththefollowingcontents:
#!/bin/sh su - vma-dc\\foo -c '/usr/kerberos/bin/kinit -k -t /home/local/VMA-DC/foo/foo.keytab foo'
VMware, Inc.
15
AftertheviuseraccountisenabledonvMA,ithasnormalprivilegesonvMAbutisnotinthesudoerslist. WhenyouaddESX/ESXitargetservers,vMAcreatestwousersoneachtarget:
WhenauserisloggedintovMAasviuser,vMAusesthataccountontargetESX/ESXihosts,andtheusercan runonlycommandsontargetESX/ESXihoststhatdonotrequireadministrativeprivileges.
16
VMware, Inc.
Verifythatthetargetserverhasbeenadded. Thedisplayshowsalltargetserversandtheauthenticationpolicyusedforeachtarget.
vifp listservers --long server1.mycomp.com server2.mycomp.com server3.mycomp.com vc1.mycomp.com ESX ESX ESXi vCenter adauth fpauth adauth adauth
Setthetargetasthedefaultforthecurrentsession:
vifptarget --set | -s <server>
VerifythatyoucanrunavSphereCLIcommandwithoutauthenticationbyrunningacommandonone oftheESX/ESXihosts,forexample:
vicfg-nics -l --vihost <esx_host>
Thecommandrunswithoutpromptingforauthenticationinformation. IMPORTANTIfthenameofatargetserverchanges,youmustremovethetargetserverbyusingvifp removeserverwiththeoldname,thenaddtheserverusingvifp addserverwiththenewname. To add a vCenter Server system as a vMA target for fastpass Authentication 1 2 LogintovMAasviadmin. AddaserverasavMAtargetbyrunningthefollowingcommand:
vifp addserver vc2.mycomp.com --authpolicy fpauth
Here,authpolicyfpauthindicatesthatthetargetneedstousethefastpassauthentication. 3 Specifytheusernamewhenprompted:
Enter username for machinename.example.com: MYDOMAIN\user1
Specifythepasswordforthatuserwhenprompted.
user1@machine.company.com's password: <not echoed to screen>
5 6
Setthetargetasthedefaultforthecurrentsession.
vifptarget --set | -s <server>
VerifythatyoucanrunavSphereCLIcommandwithoutauthenticationbyrunningacommandonone oftheESX/ESXihosts,forexample:
vicfg-nics -l --vihost <esx_host>
VMware, Inc.
17
Youarepromptedforthetargetserversrootuserpassword.
root@<servername>s password:
Verifythatthetargetserverhasbeenadded:
vifp listservers
Setthetargetasthedefaultforthecurrentsession.
vifptarget --set | -s <server>
VerifythatyoucanrunavSphereCLIcommandwithoutauthenticationbyrunningacommand,forexample:
vicfg-nics -l
Runvifptarget.
vifptarget -s <server2>
InitializevifastpassforuseofvSphereSDKforPerlandvSphereCLIscriptsonthetargetserver.
vifptarget --set | -s <server>
RunvSphereCLIorvSphereSDKforPerlscripts,byspecifyingthetargetserver.Forexample:
vicfg-nics --server server2 --list
UsethefollowingcommandforanActiveDirectorytarget:
vicfg-nics -l --vihost <esx_host>
18 VMware, Inc.
Whenprompted,specifytherootusernameonthetargetserver.
Whenprompted,specifytherootusernameonthetargetserver.
TheRecentTaskspanelofthetargetserverdisplaysinformationabouttheviadminandviuserusersthat arebeingremoved.TheUsersandGroupspanelofthetargetservernolongerdisplaystheusers.
Modifying Scripts
YoucanmodifyserviceconsolescriptstorunfromvMA.
VMware, Inc.
19
ReferencestolocalhostScriptscannotrefertolocalhost.
ProgrammaticconnectionInPerlscriptsorJavaprograms,youcancallVmaTarget.login() method of vMATargetLibandspecifythehosttoconnectto.Thedirectory/opt/vmware/vma/samplescontains examplesinPerlandJava.vMAhandlesauthenticationiftheserverhasbeenestablishedasatarget server.Programscanusevifpliblibrarycommands.SeeUsingtheVmaTargetLibLibraryonpage 32. NoprocnodesSomeserviceconsolescriptsstilluseVMwareprocnodes,whichwereofficiallymade obsoletewithESXServer3.0andarenotavailableinESX/ESXi4.0andlater.Youcanextractinformation thatwasavailableinVMwareprocnodesusingthevSphereCLIcommandsavailableonvMA. TargetspecificationYoumustspecifythetargetserverwhenyouruncommandsorscripts.
Table 21liststhevMAcomponentsthatyoucanuseformodifyingscriptsthatincludeprocnodesandLinux commands. Table 2-1. vMA Components for Use in Scripts
vMA Component vSphereCLIcommands vifsvSphereCLI command vSphereSDKforPerl Description ManageESX/ESXihostsandvirtualmachines. Performcommonoperations,suchascopy,remove, get,andput,onfilesanddirectories. AccessthevSphereAPI,aWebservicesbasedAPIfor managing,monitoring,andcontrollingthelifecycleof allvSpherecomponents. Performcommonadministrativetasks. For more information vSphereCommandLineInterface InstallationandReferenceGuide. vSphereCommandLineInterface InstallationandReferenceGuide. vSphereSDKforPerlProgramming Guide. vSphereSDKforPerlUtility ApplicationsReference. CommandsareonvMAin /usr/lib/vmware-vcli/apps vSphereSDKforPerlWS Managementcomponent AccessCIM/SMASHdata.ESX/ESXisupportsmany SystemsManagementArchitectureforServer Hardware(SMASH)profiles,enablingsystem managementclientapplicationstocheckthestatusof underlyingservercomponentssuchasCPU,fans, powersupplies,andsoon. vSphereSDKforPerlProgramming Guide.
vSphereSDKforPerl utilityapplications
Delete vMA
IfyouintendtodeployanewerversionofvMA,orifyounolongerneedvMA,youcandeletethevMAvirtual machine. IMPORTANTIfyoudeletevMAwithoutremovingallservers,theviadminandviuserusersremainonthe targetESX/ESXihosts.ThenexttimeyouaddthehosttoavMAinstance,vMAcreatesausernamewitha differentnumericextension.
20
VMware, Inc.
To delete the vMA virtual machine 1 2 3 4 RemoveallvMAtargetserversyouadded.SeeRemoveTargetServersfromvMAonpage 19. ShutdownvMA. PoweroffthevirtualmachinebyusingthevSphereClient. InthevSphereClient,rightclickthevirtualmachineandselectDeletefromDisk.
Troubleshooting vMA
YoucanfindtroubleshootinginformationforallVMwareproductsinVMwareKnowledgeBasearticlesand informationaboutvMAknownissuesinthereleasenotes.Table 22explainsafewcommonlyencountered issuesthatareeasilyresolved. Table 2-2. Troubleshooting vMA
Issue YoucandeployvMAbutwhenyoustartupthevirtual machine,anerroroccurs. YouaddaserverbutthevSphereCLIcommandorPerl scriptstillpromptsforauthentication. Youhaveaddedmultipleservers.Youdonotknow wherevMArunsvSphereCLIcommandsifyoudonot specify--server. YouwanttoenableDNSresolutioninvMA. Resolution Checkwhetheryoursetupmeetsthehardwareandsoftware requirementslistedinHardwareRequirementson page 12. Runviftargetforthetargetserver. Afteracalltovifptarget,yourpromptchangestoinclude thecurrenttarget. YoucanconfiguretheDNSresolutionnameserverforvMA byupdatingthe/etc/resolv.conffile.Addthefollowing lineforeachDNSserverinyournetwork: nameserver <dns server ip address> Typeman resolv.conffordetailsonthatfile. IfvMAissetupforDHCP,andthenetworkisrestarted, changesyoumadeto/etc/resolv.confarelost. ProblemswhileaddingActiveDirectorytarget orconfiguringvMAforActiveDirectory. IfyouareunabletoauthenticatefromvMAorcannotadd vMAtothedomaincontroller,checkthefollowing:
YourDNSserversetupinvMAresolvestheIPaddressor hostnameofthevCenterservertoanFQDNandthe FQDNcontainsthedomainnametowhichvMAis added. Thevifp listservercommandshowsthenameof vCenterastheFQDNthatcontainsthedomainnameto whichvMAisaddedasthesuffix. ThedateandtimesettingsonvMA,thedomain controllerandvCenterServerareidentical.Checkthe timezoneaswell.Thetimemaynotexactlybethesame butmayvarybyanhour.However,alargeskewinthe timemaycauseauthenticationproblems.
VMware, Inc.
21
22
VMware, Inc.
vMA Interfaces
VMware, Inc.
23
Usage
vifptarget --set | --clear | --display | --help | -s <server> -c -d -h
Description ThevifptargetcommandenablesseamlessauthenticationforremotevSphereCLIandvSphereSDKforPerl commands. Youcanestablishmultipleserversastargetservers,andthencallvifptargetoncetoinitializeallserversfor vifastpassauthentication.Youcanthenruncommandsagainstanytargetserverwithoutadditional authentication.Youcanusethe--serveroptiontospecifytheservertoruncommandson. ThevMApromptdisplaysthecurrentdefaultexecutionserver.Ifyouremovethatdefaultserver,theprompt doesnotchangeuntilyouhaveexplicitlychangedtoadifferentdefaultexecutionserver. WhilehostsremaintargetserversacrossvMAreboots,youmustrunvifptargetaftereachlogouttoenable vifastpassforvSphereCLIandvSphereSDKforPerlcommands. Options
Option set display clear help Description Initializesthefastpasstarget. Displaystheinitializedfastpasstarget. Resetsthefastpasstarget. Displayhelpforthecommand.
Example vifptarget --set | -s <server> Initializesthefastpasstarget. vifptarget --display | -d Displaystheinitializedfastpasstarget. vifptarget --clear | -c Resetsthefastpasstarget.
vifp addserver
AddsavCenterServerorESX/ESXisystemasavMAtargetserver.
24
VMware, Inc.
Usage
vifp addserver <server> [--authpolicy <fpauth | adauth>] [--protocol <http | https>] [--portnumber <portnum>] [--servicepath <servicepath>] [--username <username>] [--password <password>]
Example
vifp addserver my_vCenter
AddsavCenterServersystemasavMAtarget.Youarepromptedforausernameandpassword.Theuser musthaveloginprivilegesonthevCenterServersystem.
vifp addserver myESX42
AddsanESX/ESXisystemtovifastpass.Youarepromptedfortherootpasswordforthetargetsystem.
VMware, Inc.
25
vifp removeserver
RemovesaspecifiedvMAtargetthatwaspreviouslyaddedwithvifp addserver. IfthetargetisanESX/ESXisystem,youneedsuperuserprivilegesforremoval.IfthetargetisavCenterServer system,anyuserwithconnectionprivilegescanremovethetarget.Youonlyhavetospecifythe<server> option,withoutthepassword. Usage
vifp removeserver <server> [--protocol <http | https>] [--portnumber <portnum>] [--servicepath <servicepath>] [--username <username>] [--password <password>] [--force]
Examples
vifp removeserver <vCenter_Address>
RemovesavCenterServersystem.Youarenotpromptedforapassword.
vifp removeserver <esx_Address>
RemovesanESX/ESXisystem.
vifp rotatepassword
Specifiesviadminandviuserpasswordrotationparameters. IMPORTANTThiscommandappliesonlytoESX/ESXitargetservers.YoucannotrotatepasswordsforvCenter Serversystems. Usage
vifp rotatepassword [--now [--server <server>] | --never | --days <days>]
26 VMware, Inc.
Examples
vifp rotatepassword --now
ImmediatelyrotatespasswordsofallESX/ESXivMAtargetservers.
vifp rotatepassword --now --server <server_address>
Immediatelyrotatesthepasswordofaspecificserver.
vifp rotatepassword --days 7
SetsthepasswordrotationpolicytorotatethepasswordofallESX/ESXivMAtargetseverysevendays. Forexample,ifyouaddserver1on9/1,andserver2on9/2,andrunvifp rotatepassword --days 7,vMA rotatesthepasswordforserver1atmidnighton9/8andthepasswordforserver2atmidnighton9/9.vMA rotatestheserver1passwordagainon9/15andtheserver2passwordagainon9/16.Ifyouthenrunvifp rotatepassword --days 3,vMArotatestheserver1passwordon9/18andtheserver2passwordon9/19.
vifp rotatepassword
Displaysthecurrentpasswordrotationpolicy.
vifp listservers
Liststargetsystems. Usage
listservers [-l | --long]
ListsallserversthatarevMAtargets,forexample:
server1.mycomp.com server2.mycomp.com server3.mycomp.com vc42.mycomp.com ESX ESX ESXi vCenter fpauth adauth fpauth adauth
VMware, Inc.
27
vifp reconfigure
Reconfigurestargetsystems.ThiscanbedonetochangeauthenticationpolicyortheconfiguredActive Directoryuser. Usage
reconfigure <server> [--authpolicy <fpauth | adauth>] [--protocol <http | https>] [--portnumber <portnum>] [--servicepath <servicepath>] [--username <username>] [--password <password>]
28
VMware, Inc.
/sbin/service
vmware-vilogd
vilogger enable
EnableslogcollectionforthespecifiedvMAtarget. Usage
vilogger enable [--server <vMA_target>] [--logname <logname>] [--collectionperiod <period_in_seconds>] [--numrotation <rotation>] [--maxfilesize <size_in_MB>]
Description YoucanenableloggingforasingletargetorforallvMAtargets.You canalsoenableloggingselectivelyfor specificlogfiles.Bydefault,loggingisdisabledforatargetwhenyouaddittovMAandmustbeenabled explicitly. Bydefault,vilogdplacesthelogsin/var/log/vmware.Tospecifyadifferentloglocation,makechangesto the/etc/vmware/vMA/vMA.conffile.Whenyoustartvmware-vilogdthenexttime,itplacesthelogsinthe newlocationifviadminhasaccesstoit.Seeviloggerlistonpage 31foralistingofthelogscollectedonESX, ESXi,andvCenterServersystems. Options
Option server logname collectionperiod maxfilesize numrotation Description IPaddressornameofthevMAtargettoenablelogcollectionfor.EnablesloggingforallvMA targetsbydefault. Logthatyouwanttoenable.Enablesalllogsbydefault.Youcandisplaythelistofthelogsusing vilogger list. Logsarecollectedatregularintervals.Thisoptionspecifiestheinterval,inseconds.Specifya numberbetween10and3600.Thedefaultis10. Maximumsizeofthelogfilebeforerollover,inMB.Specifyanumberbetween1and1024.The defaultis5MB. Numberoflogfilestokeepbeforetheoldestfileisoverwritten.Specifyanumberbetween 1 and1024.Thedefaultis5.
Examples
vilogger enable
EnableslogcollectionforallvMAtargetsbyusingthedefaultvaluesforcollectionperiod,logrotation,and logsize.
vilogger enable --server myServer42
VMware, Inc.
29
EnableslogcollectionforthemyServer42vMAtargetusingdefaultvaluesforcollectionperiod,logrotation, andlogsize.
vilogger enable --server myServer42 --logname messages
Enableslogcollectionforthe/var/log/messageslogforthemyServer42ESX/ESXisystemusingthedefault valuesforcollectionperiod,logrotation,andlogsize.
vilogger enable --collectionperiod 60
EnableslogcollectionforallvMAtargetserversusingacollectionperiodof60seconds.
vilogger enable --numrotation 8
EnableslogcollectionforallvMAtargetserverswithlogrotationsetto8.
vilogger enable --maxfilesize 10
EnableslogcollectionforallvMAtargetserverswiththemaximumlogfilesizesetto10MB.
vilogger disable
DisableslogcollectionforavMAtarget. Usage
vilogger disable [--server <server>] [--logname <logname>] [--force]
Examples
vilogger disable --server myserver42 --logname messages
Disableslogcollectionforthe/var/log/messageslogforthemyserver42ESX host.
vilogger disable --server myserver42
Disablesalllogcollectionforthemyserver42ESXhost.
vilogger disable
Disablesalllogcollection.
30
VMware, Inc.
vilogger updatepolicy
Customizeslogcollectionparameters. Usage
vilogger updatepolicy [--server <server>] [--logname <logname>] [--collectionperiod <period_in_seconds>] [--numrotation <rotation>] [--maxfilesize <size_in_MB>]
Examples
vilogger updatepolicy --server myserver42 --logname messages --collectionperiod 30
Updatesthelogcollectionperiodto30secondsforpreviouslyenabledlogs.
vilogger updatepolicy --server myserver42 --maxfilesize 7
UpdatesthemaximumlogfilesizeforallenabledlogsforthespecifiedESX/ESXisystem(myserver42)to7MB.
vilogger list
Listsavailablelogscollectedbythevilogddaemon. Usage
vilogger list [--server <server>] [--logname <logname>]
VMware, Inc.
31
ThefollowinglogsareavailableforVMwareESXsystems:
ThefollowinglogsareincludedforVMwareESXisystems.
ListstheloggingstatusforallvMAtargetservers.
VmaTargetLib Reference
YoucanusethefollowingVmaTargetLibcommandsinPerlorJavaprograms.
Enumerating Targets
Usage Perl Java
enumerate_targets() enumerateTargets()
32
VMware, Inc.
Querying Targets
Usage Perl Java Description Allowsthecaller,forexample,anagent,toretrievelogincredentialsfromavMAtargetandtousethose credentialstoconnecttothevMAtarget. Options
Option servername Description OneoftheserversaddedtothisvMAinstanceusingvifp addserver.CanbeanESX/ESXi systemoravCenterServersystem. query_target (<servername>) queryTarget (string <servername>)
Returns ReturnsaspecificvMAtargetserver.
Programmatic Login
Usage Perl Java Description Allowsaprogramtologintoatargetserverprogrammatically. Options
Option service svcRef servername Language Java Java Java,Perl Description Javaserviceinstance. JavaserviceManagedObjectReference. OneoftheserversaddedtothisvMAinstanceusingvifp addserver. VmaTarget.login() VmaTarget.login()
Returns ReturnsavMAtargetsessionthattheagentcanusetoruncommandsonthehost.
VMware, Inc.
33
Programmatic Logout
Usage Perl Java Description Allowsaprogramtologoutofatargetserverprogrammatically. Options None
VmaTarget.logout() VmaTarget.logout()
34
VMware, Inc.
Introduction to vma-update
Youcanusevma-updatetoperformthefollowingtasks:
DownloadpatchesforvMA. UpgradevMA4.0tovMA4.1.
IMPORTANTYoucannotusevma-updatetoupgradeVIMA1.0tovMA4.1.Youalsocannotusevma-updateto
upgradeVMwareTools.YouneedtoupgradeVMwareToolsmanually.
Use vma-update
Youcanusevma-updatetoscanforupdatesandtoinstallupdates. Ifyouwanttospecifyaproxyserver,editthe/etc/vmware/esxupdate/vmaupdate.conffilebeforeyouuse vma-update.Forexample:
# Proxy settings # Uncomment these options if a proxy is required to access the # URL specified in vma.depot #proxy = http://proxy.example.com #proxyport = 12345
VMware, Inc. 35
Thiscommandgetsinformationaboutthebulletinintheonlinedepot.
sudo vma-update info --bundle=<offline-bundlezip-url>
Thiscommandscansthebulletinintheonlinedepot.
sudo vma-update scan --bundle=<offline-bundlezip-url>
Examples Thefollowingexamplesassumeadepotisavailable.
sudo vma-update scan
Listsapplicablebulletinswithupdates.
sudo vma-update -b 'vma 4.01' update
UpdatesvMAtopatchlevel4.01.
sudo vma-update update
Appliesallcurrentlyavailableupdates.
36
VMware, Inc.
vma-update Troubleshooting
Table A1listsafewofthecommonlyencounteredissueswithvmaupdateutility. Table A-1. Troubleshooting vMA
Issue Ifyourunvma-update,andtheURLspecifiedinthe /etc/vmware/esxupdate/vmaupdate.conffileis wrong,thefollowingmessageappears: Encountered error MetadataDownloadError:...Failed to download metadata. vma-updateresultsinanerror. Seetheexitcodesanderrormessagesforesxupdateutility intheESX4PatchManagementGuide. Resolution ChecktheURLandsupplyonethatpointstovMAupdates.
VMware, Inc.
37
38
VMware, Inc.
Index
A
adding target servers 16 addserver command 24 authentication component 8 authentication prerequisites 12
M
managing logs 31 modifying scripts 19 multiple target servers 18
N
name change 17, 18 network configuration 13 network setup 13
C
CentOS 8 configuring vMA 16
D
deleting vMA 20 deploying vMA 13 disabling logging 30 DNS resolution 21
P
passwords ESX/ESXi hosts 12 vCenter Server systems 12 proc nodes 20
E
enabling logging 29 ESX/ESXi 3.5 Update 2 12 ESX/ESXi systems, vMA target 18 example sequence 28
R
Red Hat Enterprise Linux 8 removeservers command 26 removing target servers 19 RHEL 8 root user account 12 rotatepassword command 26 rotatepassword example 27
H
hardware prerequisites 12 host name 14
I
initialization 24 insecure passwords 14
S
scripts, modifying 19 shutting down vMA 20 SMI-S 8 SNMP 8 storage required for vMA 12 sudo 12
J
Java JRE 8
L
Linux 8 list logs 31 listservers command 27 local update depots 37 localhost 20 log management commands 28 logging component 9 disabling 30 enabling 29 list 31 setting policy 31
T
target servers commands 24 multiple 18 name change 17, 18 removing 19 single 16 technical support resources 6 troubleshooting vMA 21
U
update depots 37 updating vMA 35
VMware, Inc.
39
V
vCenter Server systems, vMA target 16 VI CLI vifpinit 24 vifs 19 without vi-fastpass 18 vi-admin insecure password 14 privileges 16 setting password 14 vi-fastpass initialization 24 overview 8 vifp addserver 24 vifp listservers 27 vifp removeserver 26 vifp rotatepassword 26 vifp target management 24 vifpinit command 24 vifplib 32 vifs command 19 vilogd interface 29 vilogger daemon 28 disable command 30
enable command 29 list command 31 updatepolicy command 31 vi-logger component 9 vima-update 35 introduction 35 local depots 37 troubleshooting 37 using 35 vi-user privileges 16 setup 16 vMA component overview 8 getting started 11 interface overview 23 samples 9 use cases 9 vMA targets ESX/ESXi systems 18 vCenter Server systems 16 VMware Tools 8 vSphere CLI 8 vSphere SDK for Perl 8
40
VMware, Inc.