module 1-5- remote cli - vma
Post on 24-Apr-2015
63 Views
Preview:
TRANSCRIPT
ESX/ESXi 4.0 Remote CLI
Product Support Engineering
VMware Confidential
VI4 - Mod 1-5 - Slide 2
Module 1-5 Lessons
Lesson 1 – Virtual Infrastructure Upgrade
Lesson 2 – ESX 4.0 Install
Lesson 3 – vCenter Server 4.0
Lesson 4 – Virtual Infrastructure 4.0 Licensing
Lesson 5 – Remote CLI & vSphere Management Assistant (vMA)
VI4 - Mod 1-5 - Slide 3
Module 1-6 Lessons
Lesson 1 – Overview of Remote CLI
Lesson 2 – Using the Remote CLI
Lesson 3 – Installing Remote CLI on Linux
Lesson 4 – Installing Remote CLI on Windows
Lesson 5 – Installing vSphere Management Assistant (vMA)
Lesson 6 – Configuring vSphere Management Assistant (vMA)
VI4 - Mod 1-5 - Slide 4
vSphere CLI Overview
vSphere CLI commands allow you to perform many of the operations you might currently perform using the ESX Server service console.
vSphere CLI commands are especially useful for an ESXi host because it does not include a service console
You can use vSphere CLI commands in scripts that run on those hosts.
vSphere CLI commands run on top of the vSphere SDK Perl Toolkit
The vSphere SDK Perl Toolkit and prerequisite software are included in the installation package on Windows and on supported Linux distributions.
You can use an installable package to run vSphere CLI and vSphere SDK Perl Toolkit commands
VI4 - Mod 1-5 - Slide 5
Using vSphere CLI Commands
You can install a vSphere CLI package on either Linux or Microsoft Windows, or import a virtual appliance (vMA) that includes the vSphere CLI and all prerequisite software into your ESX/ESXi host.
vSphere CLI packages – You can install a vSphere CLI package on one server, which could become the administration server for all ESX/ESXi hosts. After you have installed the package, you can run vSphere CLI commands or
invoke scripts from the operating system command line.Each time you run a command, you specify the connection options directly or indirectly.
vMA (vSphere Management Assistant) – A virtual machine that includes prepackaged software that developers and administrators can use to run agents and scripts to manage ESX/ESXi systems.vMA includes the vSphere SDK for Perl and vSphere CLI in a Linux environment.
VI4 - Mod 1-5 - Slide 6
Using vSphere CLI Commands
You can use the vSphere CLI commands interactively or in scripts, as follows:
Open a command prompt on a Linux or Windows system where you installed the vSphere CLI and enter commands there.
Prepare scripts with sets of vSphere CLI commands. Then run the scripts from an administration server that has the vSphere CLI package installed or from a vSphere CLI virtual appliance Linux console.
Open or access a Linux console on the virtual appliance (vMA), and enter vSphere CLI commands there.
When you execute commands, you must specify the ESX/ESXi host on which you want to run the command and the user name and password
VI4 - Mod 1-5 - Slide 7
Using vSphere CLI Commands
Specifying the password in plain text risks exposing the password to other users. The password might also become exposed in backup files. Do not provide plain-text passwords on production systems.
You have the following alternatives:
If you use a vSphere CLI command interactively and do not specify a user name and password, you are prompted. What you type is not echoed to the screen.
For noninteractive use, you can create a session file using the save_session.pl script included in the apps/session directory of the VI Perl Toolkit.
If you are running on Windows systems, you can use the –passthroughauth command. If the user who runs the command is known, no password is required.
If you are running vMA, you can set up target servers and execute vSphere CLI commands against target servers without additional authentication.
VI4 - Mod 1-5 - Slide 8
ESX Management vs. vMA
End-user ScriptsVMware CLI:
esxcfg-*, vmware-cmd
End-user ScriptsVMware CLI:
esxcfg-*, vmware-cmd
Management Agents
Hardware Agents
Service Console (COS) vMA
VMware ESX/ESXi
CIM SMASH
Updated Management Agents
“Classic” VMware ESX
UpdatedHardware Agents
End-user ScriptsRemote CLI:
vicfg-*, vmware-cmd
End-user ScriptsRemote CLI:
vicfg-*, vmware-cmd
VI API
VI4 - Mod 1-5 - Slide 9
vSphere CLI - Linux
The Perl installation script for the vSphere CLI is supported on default installations of the following Linux distributions:
Red Hat Enterprise Linux (RHEL) 5.1 (32-bit)
vMA (64 bit)
A number of prerequisite libraries are included in the default installation of each supported Linux distribution.
The vSphere CLI package installer installs the vSphere CLI scripts and the vSphere SDK for Perl
VI4 - Mod 1-5 - Slide 10
To install the vSphere CLI package - Linux
Copy and extract the vSphere CLI package on your RedHat VM
Start the installer > vmware-install.pl – (vmware-rcli-distrib folder)The installer prompts you to accept the terms of the license agreement.
Type yes at the prompt to accept the license terms and press Enter to continue.
When prompted, specify an installation directory, or press Enter to accept the default (/usr/bin).
If a previous version of the vSphere SDK for Perl or the vSphere CLI package exists on the target system, the installer offers to replace the previous version.
[Optional] If prompted to remove older versions of vSphere SDK for Perl or vSphere CLI, you can either accept the offer or install the package on a different system.
VI4 - Mod 1-5 - Slide 11
Executing vSphere CLI Commands
After you have installed the vSphere CLI, you can execute commands from the Linux command prompt or include them in scripts
To execute a vSphere CLI command from a Linux command prompt
Open a command prompt.
Go to the directory where you installed the vSphere CLI. (/usr/bin)
Execute the command including the connection options.<command> <conn_params> <params>Specify connection options in a configuration or pass them on the command line. The extension .pl is not required on Linux.
For example:
vicfg-nas --server my_vcserver --username u42 --password mypwd --vihost my_esxhost --list
VI4 - Mod 1-5 - Slide 12
Uninstalling the vSphere CLI Package
To uninstall the vSphere CLI on a Linux system
Connect to the directory where you installed the vSphere CLI. (default is/usr/bin)
Execute the vmware-uninstall-rcli.pl script.The command uninstalls both the vSphere CLI and the VI Perl Toolkit.
VI4 - Mod 1-5 - Slide 13
Lab Installing vSphere CLI on Linux
Lab 6 Part 1 – Installing the RCLI for Linux
VI4 - Mod 1-5 - Slide 14
vSphere CLI - Windows
When you install the vSphere CLI package on Windows, the installation package includes all prerequisite software.
The vSphere CLI package is supported on the following Windows operating systems:
Windows Vista SP 1
Windows XP SP 2
VI4 - Mod 1-5 - Slide 15
Installing the Windows vSphere CLI Package
Download the vSphere CLI Windows installer from the VMware Communities site for the Release Candidate.The vSphere CLI package is not included with the ESX/ESXi installation.
Start the installer.If a previous version of the vSphere SDK for Perl or the vSphere CLI package exists on the target Windows system, the installer offers to replace the previous version.
[Optional] If prompted to remove older versions of vSphere SDK for Perl or vSphere CLI, you can either accept the offer or install the package on a different system.
Click Next in the Welcome page to continue.
VI4 - Mod 1-5 - Slide 16
Installing the Windows vSphere CLI Package
If you do not want to install the vSphere CLI in the default directory, click Change and select a different directory.The default location is the following:C:\Program Files\VMware\VMware Infrastructure CLI\bin
Click Next to continue.
Click Install to proceed with the installation.The installation might take several minutes to complete.
Utility applications
C:\Program Files\VMware\VMware Infrastructure CLI\Perl\apps
Sample scripts
C:\Program Files\VMware\VMware Infrastructure CLI\Perl\samples
VI4 - Mod 1-5 - Slide 17
Executing vSphere CLI Commands
After you install the vSphere CLI, you can execute commands from the Windows command prompt or include them in scripts
To execute a vSphere CLI command from a Windows command prompt
Open a command prompt.
Navigate to the directory in which the vSphere CLI is installed.cd C:\Program Files\VMware\VMware VI Remote CLI\bin
Execute the command, passing in the connection options and any other options.<command>.pl <conn_params> <params>The extension .pl is required. For example:vicfg-nas.pl --server my_vcserver --username u42 --password mypwd –vihost my_esxhost --list
VI4 - Mod 1-5 - Slide 18
Executing vSphere CLI Commands
VI4 - Mod 1-5 - Slide 19
Uninstalling the vSphere CLI Package
You can uninstall the vSphere CLI package like any other package.
To uninstall the vSphere CLI on a Windows system
Choose Start > Settings > Control Panel > Add or Remove Programs.
In the panel that appears, select vSphere CLI, and click Remove.
Click Yes when prompted.
The system uninstalls both the vSphere SDK for Perl and the vSphere CLI package.
VI4 - Mod 1-5 - Slide 20
Specifying Options for vSphere CLI CommandsWhen you execute a vSphere CLI command, you must specify at a minimum the name of the execution server and the name and password of a user with login privileges.
Order of Precedence
When you execute a vSphere CLI command, the appliance or vSphere CLI package uses the following order of precedence:
Command line – Password (--password), session file (--sessionfile), or configuration file (--config) specified on the command line
Configuration file – Passwords specified in .visdkrc configuration file
Environment variable — Password specified in an environment variable
Credential store — Password retrieved from the credential store.
Current account (Active Directory)— You can set up a current account connection using the Windows Security Support Provider Interface (SSPI).
Prompt the user for a password.
This order of precedence always applies. You cannot override an environment variable setting in a configuration file.
VI4 - Mod 1-5 - Slide 21
vSphere CLI - Using a Session FileConnect to the directory where the script is located. For example:Windows: cd C:\Program Files\VMware\VMware CLI\Perl\apps\sessionLinux: cd /usr/share/doc/vmware-vicli/samples/session
Call save_session.plYou must specify the server to connect to and the name of a session file in which the script saves an authentication cookie.For example:
Windows: save_session.pl --savesessionfile C:\Temp\my_session-server my_vc_server --vihost my_esx1
Linux: save_session.pl --savesessionfile /tmp/vimsession –server<servername_or_address> --username <username> --password <password>
If you specify a server but no user name or password, the script prompts you.
VI4 - Mod 1-5 - Slide 22
Adding Target Servers to vMA
Adding Target Servers
sudo vifp addserver <servername>
Example:
sudo vifp addserver cs-tse-f113.csl.vmware.com
Result :
Creates users “vi-admin” and “vi-user” on the added server
Stores obfuscated credentials on the VIMA appliance
VI4 - Mod 1-5 - Slide 23
vSphere CLI - Using a Session File
Pass in the session file using the --sessionfile option when you execute vSphere CLI commands, as follows:
<command> --sessionfile <sessionfile_location> <command_options>
For example:
Windows: vicfg-mpath.pl --sessionfile C:\Temp\my_session --list
Linux: vicfg-mpath --sessionfile /tmp/vimsession --list
VI4 - Mod 1-5 - Slide 24
vSphere CLI - Using Environment Variables
You can set environment variables
In a Linux profile,
In the Environment properties of the dialog box of the Microsoft System control panel
For the current session, at the command line.
For example:
set VI_SERVER=<your_server_name_or_address>
VI4 - Mod 1-5 - Slide 25
vSphere CLI - Using a Configuration File
You use a text file that contains variable names and settings as a configuration file.
Pass in the configuration file when you execute vSphere CLI commands, as follows:
<command> --config <my_saved_config> --list
For example:
vicfg-mpath --config <my_saved_config> --list
To administer multiple vCenter Server or ESX/ESXi systems create multiple configuration files with different names.
To execute a command or a set of commands on a server, you pass in the--config option with the appropriate filename at the command line.
If you specify --config, the system ignores the settings in the .visdkrc file.
VI4 - Mod 1-5 - Slide 26
Examples for Specifying Connection Options
Example for Using a Configuration File
The following example shows the contents of a configuration file:
VI_SERVER = NN.NNN.NNN.NNVI_USERNAME = rootVI_PASSWORD = my_passwordVI_PROTOCOL = httpsVI_PORTNUMBER = 443
If you have set up your system to run this file, you can execute scripts on the specified server afterwards.
NOTE The password is in plain text, so you must limit access to this file.
VI4 - Mod 1-5 - Slide 27
vSphere CLI - Using Command-Line Options
You can pass in command-line options using option name and option value pairs. Some options have no value (--help)
--<optionname optionvalue>
The following syntax results:
<command> --server <vc_server> --username <privileged_user> --password <pw> --vihost <esx_host> <--option_name option_value>
NOTE: Enclose passwords and other text with special characters in quotation marks. On Linux, use single quotes (‘ ‘), on Windows, use double quotes (“ “). On Linux, you can also use a backslash (\) before special characters.
Linux
vicfg-mpath --server <server> --user snow\-white --password dwarf\$vicfg-mpath --server <server> --user ‘snow-white’ --password ‘dwarf$’
Windows
vicfg-mpath.pl --server <server> --user “snow-white” --password “dwarf$”
VI4 - Mod 1-5 - Slide 28
Microsoft Windows Security Support Provider Interface
You can use the --passthroughauth command-line argument to log in to a vCenter Server
Using --passthroughauth passes the credentials of the user who runs the command to the server
If the executing user is known by the Source and Destination no additional authentication is required.
SSPI supports a number of protocols.
By default, it chooses the Negotiate protocol
you can use --passthroughauthpackage to specify another protocol supported by SSPI e.g. Kerberos
vicfg-mpath --server <vc_server> --passthroughauth --passthroughauthpackage “Kerberos” --list
VI4 - Mod 1-5 - Slide 29
Using vSphere CLI Commands in Scripts
Editing Files on ESXi HostsYou cannot edit a file on ESXi hosts directly because there is no service console. You must retrieve the file from the host, make the change or changes, and
then place the file on the ESXi host.
For example, to change the host agent log level, you must edit the hostAgentConfig.xml file.
The following script uses vifs to download the host agent configuration file, uses sed to replace the log level with a user-supplied string, and replaces the file on the ESX/ESXi host with the changed configuration file. The script then deletes temporary files it generated as part of the process.
HOST=your.hostname.com
vifs --server $HOST --username admin --password xxyyzz –get/host/hostAgentConfig.xml /tmp/ha.xml
sed -e "s#<level>.*</level>#<level>$1</level>#" < /tmp/ha.xml > /tmp/ha_new.xml
vifs --server $HOST --username admin --password xxyyzz --put /tmp/ha_new.xml/host/hostAgentConfig.xml
rm /tmp/ha.xml
rm /tmp/ha_new.xml
VI4 - Mod 1-5 - Slide 30
Using vSphere CLI Commands in Scripts
The following sample script illustrates how to make a NAS datastore available to three hosts (esxi_server_a, esxi_server_b, and esxi_server_c).
The sample assumes that a configuration file /home/admin/.visdkrc.<hostname> exists for each host.For example, the configuration file for esxi_server_a has the following contents:
VI_SERVER = esxi_server_aVI_USERNAME = rootVI_PASSWORD = xysfdjkat
The script itself adds the NAS datastore by calling the different configuration files.
#!bin/shfor i in {"esxi_server_a","esxi_server_b","esxi_server_c"}doecho "Adding NAS datastore for $i...“vicfg-nas --config /home/admin/.visdkrc.$i -a -o mainnas.x.com -s /shared nas_dsvicfg-nas --config /home/admin/.visdkrc.$i –ldone
VI4 - Mod 1-5 - Slide 31
Lab – Install vSphere CLI on Windows
Lab 6 Part 2 – Installing the RCLI for Windows
top related