VMWare hat die Version 4.1 von vSphere veröffentlicht und kann unter folgender URL heruntergeladen werden:
http://downloads.vmware.com/d/
ACHTUNG, das vCenter benötigt eine 64Bit Version des Betriebsystems!
Archives for VMware
Use VMWare VMA to manager your VI
They are three different ways to manage the VI with a vma.
If you want to run only a single command use: working without sessionfile
If you want to run commands withing a timeperiod of 30 minutes use: working with sessionfile
If you want to run commands for more than 30 minutes use: vifastpass
working without sessionfile (username and password must be entered for each command)
e.g.
vicfg-nics -l –server server1 –username xxx –vihost xxxx
resxtop –server server1 –username xxx –vihost xxx
working with sessionfile (session lasts for 30 minutes)
Create sessionfile per vcenter server:
1. type cd /usr/share/doc/vmware-cli/samples/session
2. for vcenter-p: ./save_session.pl –savesessionfile /tmp/vcenter1 –server xxx –username xxx
for vcenter-t: ./save_session.pl –savesessionfile /tmp/vcenter2 –server xxx –username xxx
3. run commands:
e.g.
vicfg-nics -l –sessionfile /tmp/vcenter1 –vihost xxx
vicfg-nics -l –sessionfile /tmp/vcenter2 –vihost xxx
resxtop does not work with sessionfile!
working with vifastpass
1. sudo vifp addserver vcenter1 or/and sudo vifp addserver vcenter2
2. run vifp listservers to verify that the vcenter server(s) have been added as target.
3. Inititalize the vcenter server you need to manage (e.g. vifpinit vcenter1)
4. run commands
e.g.
resxtop –vihost xxx (esxhost)
vicfg-nics -l –xxx
tags: vma
How to Update Driver on ESXi via vMA or CLI
If you need to update a driver on ESXi which is not yet available with vCenter UpdateManager, you need to login to vmax or vmay to update the driver.
1. Download the driver ISO on the VMWare site: http://downloads.vmware.com/d/info/datacenter_downloads/vmware_esxi/4#drivers_tools
2. Place the driver CD in the CD-ROM drive of the host where either the vSpher CLI package is installed or vMA is hosted.
3. Mount the driver CD: sudo mount /dev/cdrom /mnt
4. Navigate to /offline-bundle/ and locate the .zip file.
5. Run the vihostupdate command to install drivers using the offline bundle: vihostupdate –server XXX –install –bundle xxxxx.zip
6. Reboot the ESXi Host
7. Check if the patch has been installed: vihostupdate –server XXX –query
category: esxi
vSpehre ESX4 HP EVA 5000 Active/Passive solution
I recently discovered a problem with a HP EVA 5000 Firmware 3028 which is only able for active/passive, but the driver loaded by esx was: VMW_SATP_DEFAULT_AA
This resulted in two dead paths for each attached LUN.
To fix this issue run following command:
esxcli nmp satp addrule –satp=”VMW_SATP_DEFAULT_AP” –vendor=”COMPAQ” –model=”HSV110 (C)COMPAQ” –description=”active/passive Compaq EVA 5000″
esxcli nmp satp listrules -s VMW_SATP_DEFAULT_AP should now list your new rule.
Reboot the host and make sure VMW_SATP_DEFAULT_AP driver is loaded.
category: esx
tags: eva
Manually patch a ESX4 Host through cli
When I install new ESX4 Hosts, most of the time I patch them manually, have the patches with me on a USB Stick. This saves me lot of time.
- Use following cli command on ESX4 to put the host into maintenance mode: vimsh -n -e /hostsvc/maintenance_mode_enter
- Put the Patch Archive e.g. ESX400-200909001.zip to the ESX4 Host
- Run following cli to manually install the Patch Bundle: esxupdate –bundle ESX400-200909001.zip update
- Reboot the Host: reboot
- Exit maintenance mode: vimsh -n -e /hostsvc/maintenance_mode_exit
category: esx
How to kill a Virtual Machine on ESX 3.5 / 4.0
User following command on the esx console to get the pid of the “running” virtual machine:
ps auxfww | grep Name_of_the_VM
kill -9 PID (numer of the PID)
category: esx
Replace VMware VirtualCenter Certificate
I messed around with the official Whitepaper of VMware to replace the VC Certificate with SSL, but this did not work for me.
How i maked it working:
1. Download the openssl binaries on following site:
http://gnuwin32.sourceforge.net/packages/openssl.htm
2. Extract the folder to c:\openssl
3. Create a file: serial in the bin directory, open it and write 10000 into this file
4. Create a file: certindex.txt in the bin directory
5. Create a file openssl.cnf in the bin directory with following content:
dir = .
[ ca ]
default_ca = CA_default
[ CA_default ]
serial = serial
database = certindex.txt
new_certs_dir = certs
certificate = cacert.pem
private_key = cakey.pem
default_days = 3650
default_md = md5
preserve = no
email_in_dn = no
nameopt = default_ca
certopt = default_ca
policy = policy_match
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ req ]
default_bits = 1024 # Size of keys
default_keyfile = key.pem # name of generated keys
default_md = md5 # message digest algorithm
string_mask = nombstr # permitted characters
distinguished_name = req_distinguished_name
req_extensions = v3_req
[ req_distinguished_name ]
# Variable name Prompt string
#————————- ———————————-
0.organizationName = Organization Name (company)
organizationalUnitName = Organizational Unit Name (department, division)
emailAddress = Email Address
emailAddress_max = 40
localityName = Locality Name (city, district)
stateOrProvinceName = State or Province Name (full name)
countryName = Country Name (2 letter code)
countryName_min = 2
countryName_max = 2
commonName = Common Name (hostname, IP, or your name)
commonName_max = 64
# Default values for the above, for consistency and less typing.
# Variable name Value
#———————— ——————————
0.organizationName_default = Example Company
localityName_default = Location
stateOrProvinceName_default = ZH
countryName_default = CH
[ v3_ca ]
basicConstraints = CA:TRUE
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
[ v3_req ]
basicConstraints = CA:FALSE
subjectKeyIdentifier = hash
6. Open CMD and navigate to the openssl/bin directory
7. Use following command to create the CA Cert:
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650 -config openssl.cnf
8. Import the cacert.pem to your local Trusted Root CA (use MMC)
9. Create the certificate request for VC
openssl req -new -nodes -out mycsr.csr -config openssl.cnf
10. Send this Request to an official CA or use your newly created CA to sign this request:
openssl ca -out rui.crt -config openssl.cnf -infiles mycsr.csr
11. Rename key.pem to rui.key
12. Create a PFX
openssl pkcs12 -export -in rui.crt -inkey rui.key -passout pass:YOURPASSWORD -out rui.pfx
13. Install the PFX to your local computer account certificates (use mmc)
14. Place the following files to your VC Cert directory:
C:\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\SSL
- rui.crt
- rui.key
- rui.pfx
15. Restart VC Service and reconnect all your ESX Hosts.
16. Have Fun 
You can also use your Windows CA to generate a VC Cert
On your CA certificate request web form, choose advanced then on Advanced Certificate Request page select Webserver template and type in the name of the server (usually the DNS or FQDN) in Name text box.Certificate Add-in in MMC
Select Mark keys as exportable check box and submit.
You still need to install openssl to export the private key from the certificate .
# Export the private key file from the pfx file
openssl pkcs12 -in rui.pfx -nocerts -out key.pem
# Convert .pem to .key
openssl rsa -in key.pem -out rui.key
category: vcenter