vSphere Command-Line Interface Concepts and Examples ESXi 6.0 vCenter Server 6.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
vSphere Command-Line Interface Concepts and Examples You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com Copyright © 2008 - 2015 VMware, Inc. All rights reserved. Copyright and trademark information VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com 2 VMware, Inc.
Contents About This Book 9 1 vSphere CLI Command Overviews 11 Introduction 11 Documentation 12 Command‐Line Help 12 List of Available Host Management Commands 12 Targets and Protocols for vCLI Host Management Commands 14 Supported Platforms for vCLI Commands 15 Commands with an esxcfg Prefix 16 ESXCLI Overview 16 ESXCLI Commands Available on Different ESXi Hosts 16 Trust Relationship Requirement for ESXCLI Commands 17 Downloading and Installing the vCenter Server Certificate 17 Using the ‐‐cacertsfile Op
Getting Started with vSphere Command-Line Interfaces Mounting and Unmounting with ESXCLI 30 Mounting and Unmounting with vicfg‐volume 30 Resignaturing VMFS Copies 30 Resignaturing a VMFS Copy with ESXCLI 31 Resignaturing a VMFS Copy with vicfg‐volume 31 Reclaiming Unused Storage Space 31 Using vifs to View and Manipulate Files on Remote ESXi Hosts 32 Examples 34 Example Scenario 35 4 Managing Storage 37 Introduction to Storage 37 How Virtual Machines Access Storage 38 Datastores 39 Storage Device Naming 3
Contents Configuring FCoE Adapters 57 Scanning Storage Adapters 58 Retrieving SMART Information 58 5 Managing iSCSI Storage 59 iSCSI Storage Overview 59 Discovery Sessions 60 Discovery Target Names 61 Protecting an iSCSI SAN 61 Protecting Transmitted Data 61 Securing iSCSI Ports 62 Setting iSCSI CHAP 62 Command Syntax for esxcli iscsi and vicfg‐iscsi 63 esxcli iscsi Command Syntax 63 Key to esxcli iscsi Short Options 64 vicfg‐iscsi Command Syntax 65 iSCSI Storage Setup with ESXCLI 68 Setting Up Software i
Getting Started with vSphere Command-Line Interfaces Customizing Round Robin Setup 90 Retrieving Path Selection Settings 90 Specifying Conditions for Path Changes 91 Managing SATPs 91 Retrieving Information About SATPs 91 Adding SATP Rules 91 Removing SATP Rules 92 Retrieving and Setting SATP Configuration Parameters 93 Path Claiming with esxcli storage core claiming 93 Using the Reclaim Troubleshooting Command 94 Unclaiming Paths or Sets of Paths 94 Managing Claim Rules 95 Adding Claim Rules 95 Converting
Contents Adding and Deleting Virtual Switches with vicfg‐vswitch 119 Setting Switch Attributes with esxcli network vswitch standard 119 Setting Switch Attributes with vicfg‐vswitch 120 Checking, Adding, and Removing Port Groups 120 Managing Port Groups with ESXCLI 120 Managing Port Groups with vicfg‐vswitch 120 Managing Uplinks and Port Groups 121 Connecting and Disconnecting Uplink Adapters and Port Groups with ESXCLI 121 Connecting and Disconnecting Uplinks and Port Groups with vicfg‐vswitch 121 Setting
Contents Index 147 VMware, Inc.
About This Book The Getting Started with vSphere Command‐Line Interfaces documentation explains how to use the commands in the VMware vSphere® Command‐Line Interface (vCLI) and includes command overviews and examples. Intended Audience This book is for experienced Windows or Linux system administrators who are familiar with vSphere administration tasks and data center operations and know how to use commands in scripts. Document Feedback VMware welcomes your suggestions for improving our documentation.
Getting Started with vSphere Command-Line Interfaces Support Offerings To find out how VMware support offerings can help meet your business needs, go to http://www.vmware.com/support/services. VMware Professional Services VMware Education Services courses offer extensive hands‐on labs, case study examples, and course materials designed to be used as on‐the‐job reference tools. Courses are available onsite, in the classroom, and live online.
1 vSphere CLI Command Overviews 1 This chapter introduces the command set, presents supported commands for different versions of vSphere, lists connection options, and discusses vCLI and lockdown mode.
Getting Started with vSphere Command-Line Interfaces You can install the vSphere CLI command set on a supported Linux or Windows system. See Getting Started with vSphere Command‐Line Interfaces. You can also deploy the vSphere Management Assistant (vMA) to an ESXi system of your choice. After installation, run vCLI commands from the Linux or Windows system or from vMA.
Chapter 1 vSphere CLI Command Overviews Table 1-2. vCLI and ESXCLI Commands vCLI 4.1 Command vCLI 5.1 and later Command esxcli esxcli (new syntax) All vCLI 4.1 commands have been renamed. Significant additions have been made to ESXCLI. Many tasks previously performed with a vicfg- command is now performed with ESXCLI. resxtop resxtop (No ESXCLI equivalent) Monitors in real time how ESXi hosts use resources. Runs in interactive or batch mode. Supported only on Linux.
Getting Started with vSphere Command-Line Interfaces Table 1-2. vCLI and ESXCLI Commands (Continued) vCLI 4.1 Command vCLI 5.1 and later Command Comment vicfg-scsidevs esxcli storage core device Finds and examines available LUNs. See “Examining LUNs” on page 40. vicfg-snmp esxcli system snmp Manages the SNMP agent. “Managing ESXi SNMP Agents” on page 143. Using SNMP in a vSphere environment is discussed in detail in the vSphere Monitoring and Performance documentation. New options added in vCLI 5.
Chapter 1 vSphere CLI Command Overviews Supported Platforms for vCLI Commands You cannot run the vihostupdate command against an ESXi 5.0 or later system. You cannot run vicfg-syslog --setserver or vicfg-syslog --setport with an ESXi 5.0 or later target. Table 1‐3 lists platform support for the different vCLI commands. Table 1-3. Platform Support for vCLI 5.x Commands Command ESXi 5.x and 6.0 VC 5.xand 6.0 ESXi 4.x ESX 4.x VC 4.
Getting Started with vSphere Command-Line Interfaces Commands with an esxcfg Prefix To facilitate easy migration if shell scripts that use esxcfg‐ commands, the vCLI package includes a copy of each vicfg- command that uses an esxcfg- prefix. IMPORTANT VMware recommends that you use ESXCLI or the vCLI commands with the vicfg prefix. Commands with the esxcfg prefix are available mainly for compatibility reasons and are now obsolete.
Chapter 1 vSphere CLI Command Overviews Trust Relationship Requirement for ESXCLI Commands Starting with vSphere 6.0, ESXCLI checks whether a trust relationship exists between the machine where you run the ESXCLI command and the ESXi host. An error results if the trust relationship does not exist. To establish the trust relationship, you have these options.
Getting Started with vSphere Command-Line Interfaces To establish trust for a user with the credential store 1 Add the user and password for the target ESXi host to the local credential store. credstore_admin.pl add --server --username --password 2 Add the thumbprint for the target ESXi host. This thumbprint was returned in the error when you attempted to connect to the host. credstore_admin.
Chapter 1 vSphere CLI Command Overviews vCLI Host Management Commands and Lockdown Mode For additional security, an administrator can place one or more hosts managed by a vCenter Server system in lockdown mode. Lockdown mode affects login privileges for the ESXi host. See the vSphere Security document in the vSphere 6.0 Documentation Center for a detailed discussion of normal lockdown mode and strict lockdown mode, and of how to enable and disable them.
Getting Started with vSphere Command-Line Interfaces 20 VMware, Inc.
2 Managing Hosts 2 Host management commands can stop and reboot ESXi hosts, back up configuration information, and manage host updates. You can also use a host management command to make your host join an Active Directory domain or exit from a domain.
Getting Started with vSphere Command-Line Interfaces Shutting down a managed host disconnects it from the vCenter Server system, but does not remove the host from the inventory. You can shut down a single host or all hosts in a data center or cluster. Specify one of the options listed in “Connection Options for vCLI Host Management Commands” on page 18 in place of . Single host. Run vicfg-hostops with --operation shutdown.
Chapter 2 Managing Hosts 2 Run esxcli system maintenanceMode set --enable false to have a host existing maintenance mode. If you attempt to exit maintenance mode when the host is no longer in maintenance mode, an error informs you that maintenance mode is already disabled. Entering and Exiting Maintenance Mode with vicfg-hostops You place a host in maintenance mode to service it, for example, to install more memory.
Getting Started with vSphere Command-Line Interfaces Backing Up Configuration Data You can back up configuration data by running vicfg-cfgbackup with the -s option. vicfg-cfgbackup -s /tmp/ESXi_181842_backup.txt For the backup filename, include the number of the build that is running on the host that you are backing up. If you are running vCLI on vMA, the backup file is saved locally on vMA.
Chapter 2 Managing Hosts vicfg-module and esxcli system module commands are implementations of the deprecated esxcfg-module service console command. The two commands support most of the options esxcfg-module supports. vicfg-module and esxcli system module are commonly used when VMware Technical Support, a Knowledge Base article, or VMware documentation instruct you to do so. Managing Modules with esxcli system module Not all VMkernel modules have settable module options.
Getting Started with vSphere Command-Line Interfaces vicfg-authconfig allows you to remotely configure Active Directory settings on ESXi hosts. You can list supported and active authentication mechanisms, list the current domain, and join or part from an Active Directory domain. Before you run the command on an ESXi host, you must prepare the host. IMPORTANT All hosts that join Active Directory must also be managed by an NTP Server to avoid issues with clock skews and Kerberos tickets.
Chapter 2 Managing Hosts Update ESXi 5.5 hosts with esxcli software vib commands discussed in the vSphere Upgrade documentation included in the vSphere 5.5 documentation set. Update ESXi 6.0 hosts with esxcli software vib commands discussed in the vSphere Upgrade documentation included in the vSphere 6.0 documentation set. VMware, Inc.
Getting Started with vSphere Command-Line Interfaces 28 VMware, Inc.
3 Managing Files 3 The vSphere CLI includes two commands for file manipulation. vmkfstools allows you to manipulate VMFS (Virtual Machine File System) and virtual disks. vifs supports remote interaction with files on your ESXi host. NOTE See “Managing Storage” on page 37 for information about storage manipulation commands.
Getting Started with vSphere Command-Line Interfaces You manage NAS storage devices from the vSphere Web Client or with the esxcli storage nfs command. The diagram below illustrates different types of storage, but it is for conceptual purposes only. It is not a recommended configuration. Figure 3-1.
Chapter 3 Managing Files --migratevirtualdisk -M --parseimage -Y --punchzero -K --snapshotdisk -I --verbose -v Upgrading VMFS3 Volumes to VMFS5 vSphere 5.0 supports VMFS5 volumes, which have improved scalability and performance. You can upgrade from VMFS3 to VMFS5 by using the vSphere Web Client, the vmkfstools ESXi Shell command, or the esxcli storage vmfs upgrade command. Pass the volume label or the volume UUID to the ESXCLI command.
Getting Started with vSphere Command-Line Interfaces You can mount a datastore with vicfg-volume (see “To mount a datastore with vicfg‐volume” on page 30) or with ESXCLI (see “To mount a datastore with ESXCLI” on page 30). Mounting and Unmounting with ESXCLI The esxcli storage filesystem commands support mounting and unmounting volumes. You can also specify whether to persist the mounted volumes across reboots by using the --no-persist option.
Chapter 3 Managing Files When you perform datastore resignaturing, consider the following points: Datastore resignaturing is irreversible. The LUN copy that contains the VMFS datastore that you resignature is no longer treated as a LUN copy. A spanned datastore can be resignatured only if all its extents are online. The resignaturing process is crash and fault tolerant. If the process is interrupted, you can resume it later.
Getting Started with vSphere Command-Line Interfaces In each iteration, the command issues unmap commands to the number of file system blocks that are specified by the optional reclaim-unit argument, which defaults to 200. For newly created VMFS‐5 file systems, the filesystem block size is always 1 MB. For VMFS‐3 filesystems or VMFS‐5 filesystems that were upgraded from VMFS‐3, the filesystem block size could be one of 1, 2, 4, 8 MB. The following examples illustrate how to use the command.
Chapter 3 Managing Files Temp vSphere 4.x vSphere 5.0 The /tmp directory and files in that directory. Not supported. Specify temp locations by using the /tmp/dir/subdir syntax. Datastores Datastore files and directories. You have two choices for specifying a datastore: Datastore prefix style: '[ds_name] relative_path'. For example: '[myStorage1] testvms/VM1/VM1.vmx'(Linux) or "[myStorage1] testvms/VM1/VM1.vmx" (Windows) URL style: /folder/dir/subdir/file?dsName=.
Getting Started with vSphere Command-Line Interfaces Command Description Target Syntax --move -m Moves a file in a datastore to another location in a datastore. The must be a remote source path, the a remote target path or directory. Datastore Temp move src_file_path dst_directory_path [‐‐force] move src_file_path dst_file_path [‐‐force] The --force option replaces existing destination files.
Chapter 3 Managing Files vifs --dir '[osdc-cx700-02]' The command lists the complete contents of the datastore. Working with Directories and Files on the Remote Server Create a new directory in a datastore with --mkdir . vifs --server --username root --password --mkdir '[Storage1] test' Remove a directory with --rmdir . vifs --server --username root --password --rmdir '[Storage1] test'.
Getting Started with vSphere Command-Line Interfaces 2 Place a file that is on the system from which you are running the commands into the newly created directory. vifs --put /tmp/test_doc '[osdc-cx700-03] vcli_test/test_doc' 3 Move a file into a virtual machine directory. vifs --move '[osdc-cx700-03] vcli_test/test_doc' '[osdc-cx700-03] winxpPro-sp2/test_doc A message indicates success or failure. 4 Retrieve one of the files from the remote ESXi system.
4 Managing Storage 4 A virtual machine uses a virtual disk to store its operating system, program files, and other data associated with its activities. A virtual disk is a large physical file, or a set of files, that can be copied, moved, archived, and backed up. To store virtual disk files and manipulate the files, a host requires dedicated storage space. ESXi storage is storage space on a variety of physical storage systems, local or networked, that a host uses to store virtual machine disks.
Getting Started with vSphere Command-Line Interfaces Figure 4-1. vSphere Data Center Physical Topology vCenter Server Web access vSphere Client server group 1 server group 2 terminal server group 3 virtual machines VM VM VM VM VM VM fibre channel switch fabric / IP network ESX/ESXi fibre channel storage array iSCSI storage array NAS storage array How Virtual Machines Access Storage A virtual disk hides the physical storage layer from the virtual machine’s operating system.
Chapter 4 Managing Storage You can use vCLI commands to manage the virtual machine file system and storage devices. VMFS. Use vmkfstools to create, modify, and manage VMFS virtual disks and raw device mappings. See “Managing the Virtual Machine File System with vmkfstools” on page 28 for an introduction and the vSphere Storage documentation for a detailed reference. Datastores. Several commands allow you to manage datastores and are useful for multiple protocols. LUNs.
Getting Started with vSphere Command-Line Interfaces Device Identifiers Depending on the type of storage, the ESXi host uses different algorithms and conventions to generate an identifier for each storage device. SCSI INQUIRY identifiers. The host uses the SCSI INQUIRY command to query a storage device and uses the resulting data, in particular the Page 83 information, to generate a unique identifier.
Chapter 4 Managing Storage Figure 4-3. Target and LUN Representations target LUN LUN LUN target target target LUN LUN LUN storage array storage array In Figure 4‐3, three LUNs are available in each configuration. On the left, the host sees one target, but that target has three LUNs that can be used. Each LUN represents an individual storage volume. On the right, the host sees three different targets, each having one LUN.
Getting Started with vSphere Command-Line Interfaces esxcli storage core path list Examining LUNs with vicfg-scsidevs Use vicfg-scsidevs to display information about available LUNs on ESXi 4.x hosts. IMPORTANT You can run vicfg-scsidevs --query and vicfg-scsidevs --vmfs against ESXi version 3.5. The other options are supported only against ESXi version 4.0 and later. You can run one of the following commands to examine LUNs.
Chapter 4 Managing Storage Detaching Devices and Removing a LUN Before you can remove a LUN, you must detach the corresponding device by using the vSphere Web Client, or the esxcli storage core device set command. Detaching a device brings a device offline. Detaching a device does not impact path states. If the LUN is still visible, the path state is not set to dead. To detach a device and remove a LUN 1 Migrate virtual machines from the device you plan to detach.
Getting Started with vSphere Command-Line Interfaces In ESXi 5.0, the ESXi host can determine whether the cause of an All Paths Down (APD) event is temporary, or whether the cause is permanent device loss. A PDL status occurs when the storage array returns SCSI sense codes indicating that the LUN is no longer available or that a severe, unrecoverable hardware problem exist with it. ESXi has an improved infrastructure that can speed up operations of upper‐layer applications in a device loss scenario.
Chapter 4 Managing Storage Figure 4-4. FC Multipathing Host 1 HBA2 Host 2 HBA1 HBA3 HBA4 switch switch SP1 SP2 storage array If SP1 or the link between SP1 and the switch breaks, SP2 takes over and provides the connection between the switch and the storage device. This process is called SP failover. ESXi multipathing supports HBA and SP failover. After you have set up your hardware to support multipathing, you can use the vSphere Web Client or vCLI commands to list and manage paths.
Getting Started with vSphere Command-Line Interfaces esxcli storage core path list Limit the display to only a specified path or device. esxcli storage core path list --path esxcli storage core path list --device List the statistics for the SCSI paths in the system. You can list all paths or limit the display to a specific path.
Chapter 4 Managing Storage Changing Path State with ESXCLI You can temporarily disable paths for maintenance or other reasons, and enable the path when you need it again. You can disable paths with ESXCLI. Specify one of the options listed in “Connection Options for vCLI Host Management Commands” on page 18 in place of . If you are changing a path’s state, the change operation fails if I/O is active when the path setting is changed. Reissue the command.
Getting Started with vSphere Command-Line Interfaces Table 4-1. Supported Path Policies Policy Description VMW_PSP_FIXED The host uses the designated preferred path, if it has been configured. Otherwise, the host selects the first working path discovered at system boot time. If you want the host to use a particular preferred path, specify it through the vSphere Web Client, or by using esxcli storage nmp psp fixed deviceconfig set. See “Changing Path Policies” on page 49.
Chapter 4 Managing Storage While VMW_PSP_MRU is typically selected for ALUA arrays by default, certain ALUA storage arrays need to use VMW_PSP_FIXED. To check whether your storage array requires VMW_PSP_FIXED, see the VMware Compatibility Guide or contact your storage vendor. When using VMW_PSP_FIXED with ALUA arrays, unless you explicitly specify a preferred path, the ESXi host selects the most optimal working path and designates it as the default preferred path.
Getting Started with vSphere Command-Line Interfaces See Table 4‐1, “Supported Path Policies,” on page 48. 3 (Optional) If you specified the VMW_PSP_FIXED policy, you must make sure the preferred path is set correctly. a First check which path is the preferred path for a device. esxcli storage nmp psp fixed deviceconfig get -d naa.xxxx b If necessary, change the preferred path. esxcli storage nmp psp fixed deviceconfig set --device naa.
Chapter 4 Managing Storage To enable or disable per file I/O scheduling Run esxcli system settings kernel set -s isPerFileSchedModelActive -v FALSE to disable per file scheduling. Run esxcli system settings kernel set -s isPerFileSchedModelActive -v TRUE to enable per file scheduling. Managing NFS/NAS Datastores ESXi hosts can access a designated NFS volume located on a NAS (Network Attached Storage) server, can mount the volume, and can use it for its storage needs.
Getting Started with vSphere Command-Line Interfaces To manage a NAS file system 1 List all known NAS file systems. esxcli storage nfs list For each NAS file system, the command lists the mount name, share name, and host name and whether the file system is mounted. If no NAS file systems are available, the system does not return a NAS filesystem and returns to the command prompt. 2 Add a new NAS file system to the ESXi host.
Chapter 4 Managing Storage Monitoring and Managing SAN Storage The esxcli storage san commands help administrators troubleshoot issues with I/O devices and fabric, and include Fibre Channel, FCoE, iSCSI, SAS protocol statistics. The commands allow you to retrieve device information and I/O statistics from those device. You can also issue Loop Initialization Primitives (LIP) to FC/FCoE devices and you can reset SAS devices.
Getting Started with vSphere Command-Line Interfaces To manage a Virtual SAN cluster 1 Join the target host to a given Virtual SAN cluster. esxcli vsan cluster join --cluster-uuid The UUID of the cluster is required. 2 Verify that the target host is joined to a Virtual SAN cluster. esxcli vsan cluster get 3 Remove the target host from the Virtual SAN cluster. esxcli vsan cluster leave To add and remove Virtual SAN storage 1 Add an hdd (or data disk) for use by Virtual SAN.
Chapter 4 Managing Storage Flash Read Cache supports write‐through or read caching. Write‐back or write caching are not supported. Data reads are satisfied from the cache, if present. Data writes are dispatched to the backing storage, such as a SAN or NAS. All data that is read from or written to the backing storage is unconditionally stored in the cache. NOTE Not all workloads benefit with a Flash Read Cache. The performance boost depends on your workload pattern and working set size.
Getting Started with vSphere Command-Line Interfaces Migrating Virtual Machines with svmotion Storage vMotion moves a virtual machine’s configuration file, and, optionally, its disks, while the virtual machine is running. You can perform Storage vMotion tasks from the vSphere Web Client or with the svmotion command. IMPORTANT No ESXCLI command for Storage vMotion is available.
Chapter 4 Managing Storage Running svmotion in Noninteractive Mode IMPORTANT When you run svmotion, --server must point to a vCenter Server system. In noninteractive mode, the svmotion command uses the following syntax: svmotion [standard vCLI options] --datacenter= --vm : [--disks :, :] Square brackets indicate optional elements, not datastores.
Getting Started with vSphere Command-Line Interfaces To use FCoE, you need to install FCoE adapters. The adapters that VMware supports generally fall into two categories, hardware FCoE adapters and software FCoE adapters. Hardware FCoE Adapters. Hardware FCoE adapters include completely offloaded specialized Converged Network Adapters (CNAs) that contain network and Fibre Channel functionalities on the same card. When such an adapter is installed, your host detects and can use both CNA components.
Chapter 4 Managing Storage Raw Read Error Rate Drive Temperature Driver Rated Max Temperature Write Sectors TOT Count Read Sectors TOT Count Initial Bad Block Count VMware, Inc.
Getting Started with vSphere Command-Line Interfaces 60 VMware, Inc.
53 Managing iSCSI Storage 5 ESXi systems include iSCSI technology to access remote storage using an IP network. You can use the vSphere Web Client, commands in the esxcli iscsi namespace, or the vicfg-iscsi command to configure both hardware and software iSCSI storage for your ESXi system.
vSphere Command-Line Interface Concepts and Examples You must configure iSCSI initiators for the host to access and display iSCSI storage devices. Figure 5‐1 depicts hosts that use different types of iSCSI initiators. The host on the left uses an independent hardware iSCSI adapter to connect to the iSCSI storage system. The host on the right uses software iSCSI. Dependent hardware iSCSI can be implemented in different ways and is not shown.
Chapter 5 Managing iSCSI Storage Discovery Target Names The target name is either an IQN name or an EUI name. The IQN name uses the following format: iqn.yyyy-mm.{reversed domain name}:id_string For example: iqn.2007-05.com.mydomain:storage.tape.sys3.abc The ESXi host generates an IQN name for software iSCSI and dependent hardware iSCSI adapters. You can change that default IQN name.
vSphere Command-Line Interface Concepts and Examples Securing iSCSI Ports When you run iSCSI devices, the ESXi host does not open ports that listen for network connections. This measure reduces the chances that an intruder can break into the ESXi host through spare ports and gain control over the host. Therefore, running iSCSI does not present an additional security risks at the ESXi host end of the connection. An iSCSI target device must have one or more open TCP ports to listen for iSCSI connections.
Chapter 5 Managing iSCSI Storage Returning Authentication to Default Inheritance The values of iSCSI authentication settings associated with a dynamic discovery address or a static discovery target are inherited from the corresponding settings of the parent. For the dynamic discovery address, the parent is the adapter. For the static target, the parent is the adapter or discovery address.
vSphere Command-Line Interface Concepts and Examples Table 5-2. esxcli iscsi Command Overview networkportal [add|list|remove] ipconfig [get|set] physicalnetworkportal [list] param [get|set] session [add|list|remove] connection list ibftboot [get|import] logicalnetworkportal list plugin list software [get|set] Key to esxcli iscsi Short Options ESXCLI commands for iSCSI management consistently use the same short options. For several options, the associated full option depends on the command.
Chapter 5 Managing iSCSI Storage vicfg-iscsi Command Syntax vicfg-iscsi supports a comprehensive set of options, listed in Table 5‐4. Table 5-4. Options for vicfg-iscsi Option Suboptions Description -A --authentication -c -m -b -v -x [-i [:] [-n ]] Enables mutual authentication. You must enable authentication before you can enable mutual authentication.
vSphere Command-Line Interface Concepts and Examples Table 5-4. Options for vicfg-iscsi (Continued) Option Suboptions Description -l -t --list --target_id Lists LUN information for a specific target. -L --lun -N --network (Independent hardware iSCSI only) -l --list Lists network properties.
Chapter 5 Managing iSCSI Storage Table 5-4. Options for vicfg-iscsi (Continued) Option Suboptions Description -S --static -a -i [:] -n --add --ip [:] -name Adds a static discovery address. -l --list Lists external, vendor‐specific properties of an iSCSI adapter.
vSphere Command-Line Interface Concepts and Examples iSCSI Storage Setup with ESXCLI You can set up iSCSI storage using vSphere Web Client, commands in the esxcli iscsi namespace, or vicfg-iscsi commands (see “iSCSI Storage Setup with vicfg‐iscsi” on page 73). Setting Up Software iSCSI with ESXCLI Software iSCSI setup requires several tasks.
Chapter 5 Managing iSCSI Storage Adapter‐level CHAP esxcli iscsi adapter auth chap set --direction=uni --chap_username= --chap_password= --level=[prohibited, discouraged, preferred, required] --secret= --adapter= Discovery‐level CHAP esxcli iscsi adapter discovery sendtarget auth chap set --direction=uni --chap_username= --chap_password= --level=[prohibited, discouraged, preferred, required] --secret= --adapter= --address Target‐le
vSphere Command-Line Interface Concepts and Examples 11 (Optional) If you want to make additional iSCSI login parameter changes (see “Listing and Setting iSCSI Parameters” on page 78), you must log out of the corresponding iSCSI session and log back in. a Run esxcli iscsi session remove to log out. b Run esxcli iscsi session add or rescan the adapter to add the session back. Setting Up Dependent Hardware iSCSI with ESXCLI Dependent hardware iSCSI setup requires several high‐level tasks.
Chapter 5 Managing iSCSI Storage Adapter‐level CHAP esxcli iscsi adapter auth chap set --direction=uni --chap_username= --chap_password= --level=[prohibited, discouraged, preferred, required] --secret= --adapter= Discovery‐level CHAP esxcli iscsi adapter discovery sendtarget auth chap set --direction=uni --chap_username= --chap_password= --level=[prohibited, discouraged, preferred, required] --secret= --adapter= --address Target‐le
vSphere Command-Line Interface Concepts and Examples 9 (Optional) If you want to make additional iSCSI login parameter changes (see “Listing and Setting iSCSI Parameters” on page 78), you must log out of the corresponding iSCSI session and log back in. a Run esxcli iscsi session remove to log out. b Run esxcli iscsi session add or rescan the adapter to add the session back.
Chapter 5 Managing iSCSI Storage Adapter‐level CHAP esxcli iscsi adapter auth chap set --direction=uni --chap_username= --chap_password= --level=[prohibited, discouraged, preferred, required] --secret= --adapter= Discovery‐level CHAP esxcli iscsi adapter discovery sendtarget auth chap set --direction=uni --chap_username= --chap_password= --level=[prohibited, discouraged, preferred, required] --secret= --adapter= --address Target‐le
vSphere Command-Line Interface Concepts and Examples vicfg-iscsi --swiscsi --enable 3 (Optional) Check the status. vicfg-iscsi --swiscsi --list The system prints Software iSCSI is enabled or Software iSCSI is not enabled. 4 (Optional) Set the iSCSI name and alias.
Chapter 5 Managing iSCSI Storage 9 After setup is complete, run vicfg-rescan to rescan all storage devices. Setting Up Dependent Hardware iSCSI with vicfg-iscsi Dependent hardware iSCSI setup requires a number of high‐level tasks. For each task, see the discussion of the corresponding command‐line option in this chapter, or the reference information. Specify one of the options listed in “Connection Options for vCLI Host Management Commands” on page 18 in place of .
vSphere Command-Line Interface Concepts and Examples 6 Option Result -i and ‐n Command applies to per‐target CHAP for static targets. Only ‐i Command applies to the discovery address. Neither -i nor ‐n Command applies to per‐adapter CHAP. (Optional) Set the authentication information for mutual CHAP by running vicfg-iscsi -A again with the -b option and a different authentication user name and password. For , specify chapProhibited or chapRequired.
Chapter 5 Managing iSCSI Storage vicfg-iscsi --iscsiname --alias 4 Add a dynamic discovery address or a static discovery address. The two types of target differ as follows: With dynamic discovery, all storage targets associated with an IP address are discovered.
vSphere Command-Line Interface Concepts and Examples Setting MTU with ESXCLI If you want to change the MTU used for your iSCSI storage, you must make the change in two places. Run esxcli network vswitch standard set to change the MTU of the virtual switch. Run esxcli network ip interface set to change the MTU of the network interface. Listing and Setting iSCSI Options with vicfg-iscsi Use vicfg-iscsi information retrieval options to list external HBA properties, information about targets, and LUNs.
Chapter 5 Managing iSCSI Storage Listing and Setting iSCSI Parameters with ESXCLI You can retrieve and set iSCSI parameters by running one of the following commands. Adapter‐level parameters esxcli iscsi adapter param set --adapter= --key= --value= Target‐level parameters esxcli iscsi adapter target portal param set --adapter= --key= --value= --address= --name=
vSphere Command-Line Interface Concepts and Examples Returning Parameters to Default Inheritance The values of iSCSI parameters associated with a dynamic discovery address or a static discovery target are inherited from the corresponding settings of the parent. For the dynamic discovery address, the parent is the adapter. For the static target, the parent is the adapter or discovery address.
Chapter 5 Managing iSCSI Storage You can use the following vicfg-iscsi options to list parameter options. Specify one of the options listed in “Connection Options for vCLI Host Management Commands” on page 18 in place of . Run vicfg-iscsi -W -l to list parameter options for the HBA.
vSphere Command-Line Interface Concepts and Examples Enabling iSCSI Authentication You can enable iSCSI authentication with ESXCLI or with vicfg-iscsi. Enabling iSCSI Authentication with ESXCLI The esxcli iscsi adapter auth commands enable iSCSI authentication. Mutual authentication is supported for software iSCSI and dependent hardware iSCSI, but not for independent hardware iSCSI (see “Setting iSCSI CHAP” on page 62). 1 (Optional) Set the authentication information for CHAP.
Chapter 5 Managing iSCSI Storage 3 Enable mutual authentication. esxcli iscsi adapter auth chap set --direction=mutual --mchap_username= --mchap_password= --level=[prohibited, required] --secret= --adapter= The specified mchap_username and secret must be supported on the storage side. Make sure the following requirements are met. 4 CHAP authentication is already set up when you start setting up mutual CHAP.
vSphere Command-Line Interface Concepts and Examples To specify port binding 1 Find out which uplinks are available for use with iSCSI adapters. esxcli iscsi physicalnetworkportal list --adapter= 2 Connect the software iSCSI or dependent hardware iSCSI initiator to the iSCSI VMkernel ports by running the following command for each port.
Chapter 5 Managing iSCSI Storage IMPORTANT The ESX/ESXi 4.x ESXCLI commands for managing iSCSI sessions are not supported against ESXi 5.0 hosts. Listing iSCSI Sessions List a software iSCSI session at the adapter level. esxcli iscsi session list --adapter= List a software iSCSI session at the target level.
vSphere Command-Line Interface Concepts and Examples Remove sessions from the current software iSCSI or dependent hardware iSCSI configuration with target and session ID. esxcli iscsi session remove --name= --isid= --adapter= iqn.xxxx is the target IQN, which you can determine by listing all sessions. session_id is the session’s iSCSI ID. For example: esxcli --config /host-config-file iscsi session remove --name=iqn.
6 Managing Third-Party Storage Arrays 6 VMware partners and customers can optimize performance of their storage arrays in conjunction with VMware vSphere using VMware PSA (pluggable storage architecture). The esxcli storage core namespace manages VMware PSA and the esxcli storage nmp namespace manages the VMware NMP plug‐in.
Getting Started with vSphere Command-Line Interfaces esxcli storage nmp device list The list command lists the devices controlled by VMware NMP and shows the SATP and PSP information associated with each device. To show the paths claimed by NMP, run esxcli storage nmp path list to list information for all devices, or for just one device with the --device option. Options Description --device -d Filters the output of the command to show information about a single device.
Chapter 6 Managing Third-Party Storage Arrays Retrieving PSP Information The esxcli storage nmp psp generic deviceconfig get and esxcli storage nmp psp generic pathconfig get command retrieves PSP configuration parameters. The type of PSP determines which command to use. Use nmp psp generic deviceconfig get for PSPs that are set to VMW_PSP_RR, VMW_PSP_FIXED or VMW_PSP_MRU. Use nmp psp generic pathconfig get for PSPs that are set to VMW_PSP_FIXED or VMW_PSP_MRU.
Getting Started with vSphere Command-Line Interfaces Options Description --device -d Device for which you want to get the preferred path. This device must be controlled by the VMW_PSP_FIXED PSP. To return the path configured as the preferred path for the specified device, run the following command. Specify one of the options listed in “Connection Options for vCLI Host Management Commands” on page 18 in place of .
Chapter 6 Managing Third-Party Storage Arrays Specifying Conditions for Path Changes The esxcli storage nmp psp roundrobin deviceconfig set command specifies under which conditions a device that is using the VMW_PSP_RR PSP changes to a different path. You can use --bytes or --iops to specify when the path should change. Options Description --bytes -B Number of bytes to send along one path for this device before the PSP switches to the next path. You can use this option only when --type is set to bytes.
Getting Started with vSphere Command-Line Interfaces Option Description --driver Driver string to set when adding the SATP claim rule. -D -d Device to set when adding SATP claim rules. Device rules are mutually exclusive with vendor/model and driver rules. --force Force claim rules to ignore validity checks and install the rule even if checks fail. --device -f --model -M Model string to set when adding the SATP claim rule.
Chapter 6 Managing Third-Party Storage Arrays The following example removes the rule that assigns devices with vendor string VMWARE and model string Virtual to VMW_SATP_LOCAL.
Getting Started with vSphere Command-Line Interfaces Using the Reclaim Troubleshooting Command The esxcli storage core claiming reclaim troubleshooting command is intended for PSA plugin developers or administrators who troubleshoot PSA plugins. The command proceeds as follows. Attempts to unclaim all paths to a device. Runs the loaded claim rules on each of the unclaimed paths to reclaim those paths. It is normal for this command to fail if a device is in use.
Chapter 6 Managing Third-Party Storage Arrays Options Description --path -p If --type is path, unclaims a path specified by its path UID or runtime name. --plugin -P If --type is plugin, unclaims all paths for a specified multipath plugin. can be any valid PSA plugin on the system. By default only NMP and MASK_PATH are available, but additional plugins might be installed.
Getting Started with vSphere Command-Line Interfaces Options Description --claimrule-class -c Claim rule class to use in this operation. You can specify MP (default), Filter, or VAAI. --driver To configure hardware acceleration for a new array, add two claim rules, one for the VAAI filter and another for the VAAI plugin. See vSphere Storage for detailed instructions. Driver for the HBA of the paths to use. Valid only if --type is driver.
Chapter 6 Managing Third-Party Storage Arrays Rules 65436–65535 are reserved for internal use by VMware. When claiming a path, the PSA runs through the rules starting from the lowest number and determines is a path matches the claim rule specification. If the PSA finds a match, it gives the path to the corresponding plugin. This is worth noticing because a given path might match several claim rules. The following examples illustrate adding claim rules.
Getting Started with vSphere Command-Line Interfaces Removing Claim Rules The esxcli storage core claimrule remove command removes a claim rule from the set of claim rules on the system. IMPORTANT By default, the PSA claim rule 101 masks Dell array pseudo devices. Do not remove this rule, unless you want to unmask these devices. Option Description --rule -r ID of the rule to be removed. Run esxcli storage core claimrule list to see the rule ID.
Chapter 6 Managing Third-Party Storage Arrays Running Path Claiming Rules The esxcli storage core claimrule run command runs path claiming rules. Run this command apply claim rules that are loaded. If you do not call run, the system checks for claim rule updates every five minutes and applies them. Specify one of the options listed in “Connection Options for vCLI Host Management Commands” on page 18 in place of . To load and apply claim rules 1 Modify rules and load them.
Getting Started with vSphere Command-Line Interfaces 100 VMware, Inc.
7 Managing Users 7 An ESXi system grants access to its resources when a known user with appropriate permissions logs on to the system with a password that matches the one stored for that user. You can use the vSphere Client or the vSphere SDK for all user management tasks. You cannot create ESXi users with the vSphere Web Client. You can use the vicfg-user command to create, modify, delete, and list local direct access users on an ESXi host. You cannot run this command against a vCenter Server system.
Getting Started with vSphere Command-Line Interfaces IMPORTANT If you create a user with the vSphere Client, you cannot make changes to that user with the vicfg-user command. Options The vicfg-user command‐specific options manipulate users. You must also specify connection options. See “Connection Options for vCLI Host Management Commands” on page 18. Option Description --adduser -u Adds the specified users. Takes a comma‐separated list of users.
Chapter 7 Managing Users CAUTION See the Authentication and User Management chapter of vSphere Security for information about root users before you make any changes to the default users. Mistakes regarding root users can have serious access consequences. Each ESXi host has several default users: The root user has full administrative privileges. Administrators use this login and its associated password to log in to a host through the vSphere Client.
Getting Started with vSphere Command-Line Interfaces 6 Remove the user with login ID user27. vicfg-user -e user -o delete -l user27 The system removes the user and prints a message. Removed the user user27 successfully. Assigning Permissions with ESXCLI Starting with vSphere 6.0, a set of ESXCLI commands allows you to: Give permissions to local users and groups by assigning them one of the predefined roles.
8 Managing Virtual Machines 8 You can manage virtual machines with the vSphere Web Client or the vmware-cmd vCLI command. Using vmware-cmd you can register and unregister virtual machines, retrieve virtual machine information, manage snapshots, turn the virtual machine on and off, add and remove virtual devices, and prompt for user input.
Getting Started with vSphere Command-Line Interfaces Connection Options for vmware-cmd The vmware-cmd vCLI command supports only the following connection options. Other vCLI connection options are not supported, for example, you cannot use variables because the corresponding option is not supported. Option Description --server Target ESXi or vCenter Server system.
Chapter 8 Managing Virtual Machines To list, unregister, and register virtual machines 1 Run vmware-cmd -l to list all registered virtual machines on a server. vmware-cmd -H -U -P --vihost -l The command lists the VMX file for each virtual machine. /vmfs/volumes//winxpPro-sp2/winxpPro-sp2.vmx /vmfs/volumes//RHEL-lsi/RHEL-lsi.vmx /vmfs/volumes//VIMA0809/VIMA0809.vmx .....
Getting Started with vSphere Command-Line Interfaces The return value is esx (VMware ESX), embeddedESX (VMware ESXi), or unknown. The getproductinfo platform option lists the platform that the virtual machine runs on. vmware-cmd -H -U -P --vihost /vmfs/volumes/Storage2/testvm/testvm.vmx getproductinfo platform The return value is win32-x86 (x86‐based Windows system), linux-x86 (x86‐based Linux system), or vmnix-x86 (x86‐based ESXi microkernel).
Chapter 8 Managing Virtual Machines Taking Virtual Machine Snapshots You can take a snapshot while a virtual machine is running, shut down, or suspended. If you are in the process of suspending a virtual machine, wait until the suspend operation has finished before taking a snapshot. If a virtual machine has multiple disks in different disk modes, you must shut down the virtual machine before taking a snapshot.
Getting Started with vSphere Command-Line Interfaces Soft power operations. When you specify soft as the powerop_mode value, the result of the call depends on the operation. Operation Result Stop vmware-cmd attempts to shut down the guest operating system and powers off the virtual machine. Reset vmware-cmd attempts to shut down the guest operating system and reboots the virtual machine.
Chapter 8 Managing Virtual Machines The command options connect and disconnect a defined ISO or FLP file or a physical device on the host. After you connect a device, its content can be accessed from the Guest OS. For network adapters, the options connect the virtual NIC to its defined port group or disconnect the NIC. This is equivalent to selecting or deselecting the Connected check box in the vSphere Web Client. NOTE The terms CD/DVD drive, Floppy drive. and Network adapter are case‐sensitive.
Getting Started with vSphere Command-Line Interfaces hard. Stops the VMX process immediately (like kill -9 or kill -SIGKILL) force. Stops the VMX process when other options do not work. If all three options do not work, reboot your ESXi host to resolve the issue. 112 VMware, Inc.
9 Managing vSphere Networking 9 The vSphere CLI networking commands allow you to manage the vSphere network services. You can connect virtual machines to the physical network and to each other and configure vSphere standard switches. Limited configuration of vSphere distributed switches is also supported. You can also set up your vSphere environment to work with external networks such as SNMP or NTP.
Getting Started with vSphere Command-Line Interfaces IP storage refers to any form of storage that uses TCP/IP network communication as its foundation and includes iSCSI and NFS for ESXi. Because these storage types are network based, they can use the same VMkernel interface and port group. The network services that the VMkernel provides (iSCSI, NFS, and vMotion) use a TCP/IP stack in the VMkernel. The VMkernel TCP/IP stack is also separate from the guest operating system’s network stack.
Chapter 9 Managing vSphere Networking Networking Using vSphere Distributed Switches When you want to connect a virtual machine to the outside world, you can use a standard switch or a distributed switch. With a distributed switch, the virtual machine can maintain its network settings even if the virtual machine is migrated to a different host. Figure 9-2.
Getting Started with vSphere Command-Line Interfaces You can also ping individual hosts with the esxcli network diag ping command. The command includes options for using ICMPv4 or ICMPv6 packet requests, specifying an interface to use, specifying the interval, and so on. Network Troubleshooting You can use vCLI network commands to view network statistics and troubleshoot your networking setup. The nested hierarchy of commands allows you to drill down to potential trouble spots.
Chapter 9 Managing vSphere Networking Packets filtered: 0 Packets faulted: 0 Packets queued: 0 Packets injected: 0 Packet errors: 0 5 Retrieve complete statistics for a NIC. esxcli network nic stats get -n vmnic0 6 Get a per‐VLAN packed breakdown on a NIC. esxcli network nic vlan stats get -n vmnic0 The command returns the number of packets sent and received for the VLAN you specified.
Getting Started with vSphere Command-Line Interfaces When working with virtual switches and port groups, perform the following tasks: 1 Find out which virtual switches are available and (optionally) what the associated MTU and CDP (Cisco Discovery Protocol) settings are. See “Retrieving Information about Virtual Switches with ESXCLI” on page 118 and “Retrieving Information about Virtual Switches with vicfg‐vswitch” on page 118. 2 Add a virtual switch.
Chapter 9 Managing vSphere Networking If CDP is enabled on a virtual switch, ESXi administrators can find out which Cisco switch port is connected to which virtual switch uplink. CDP is a link‐level protocol that supports discovery of CDP‐aware network hardware at either end of a direct connection. CDP is bit forwarded through switches. CDP is a simple advertisement protocol which beacons information about the switch or host and some port information.
Getting Started with vSphere Command-Line Interfaces esxcli network vswitch standard set --mtu=9000 --vswitch-name=vSwitch1 The MTU is the size, in bytes, of the largest protocol data unit the switch can process. When you set this option, it affects all uplinks assigned to the virtual switch. Set the CDP value for a vSwitch. You can set status to down, listen, advertise, or both.
Chapter 9 Managing vSphere Networking The command returns 0 if the specified port group is associated with the virtual switch, and returns 1 otherwise. Use vicfg-vswitch --list to list all port groups. Add a port group. vicfg-vswitch --add-pg vSwitch1 Delete one of the existing port groups. vicfg-vswitch --del-pg vSwitch1 Managing Uplinks and Port Groups You can manage uplinks and port groups with ESXCLI and with vicfg-vswitch.
Getting Started with vSphere Command-Line Interfaces You can use the following commands for VLAN management: Allow port groups to reach port groups located on other VLANs. esxcli network vswitch standard portgroup set -p --vlan-id 4095 Call the command multiple times to allow all ports to reach port groups located on other VLANs.
Chapter 9 Managing vSphere Networking 3 Change uplink adapter settings. esxcli network nic set
Getting Started with vSphere Command-Line Interfaces Managing Uplink Adapters with vicfg-nics The following example workflow lists an uplink adapter’s properties, changes the duplex and speed, and sets the uplink to autonegotiate its speed and duplex settings. Specify one of the options listed in “Connection Options for vCLI Host Management Commands” on page 18 in place of . To manipulate uplink adapter setup 1 List settings.
Chapter 9 Managing vSphere Networking Add a new uplink adapter to a virtual switch. vicfg-vswitch --link vmnic15 vSwitch0 Remove an uplink adapter from a virtual switch. vicfg-vswitch --unlink vmnic15 vSwitch0 Adding and Modifying VMkernel Network Interfaces VMkernel network interfaces are used primarily for management traffic, which can include vMotion, IP Storage, and other management traffic on the ESXi system.
Getting Started with vSphere Command-Line Interfaces The command displays the network information, port group, MTU, and current state for each virtual network adapter in the system. You can add and configure an IPv6 VMkernel NIC with ESXCLI. To add and configure a VMkernel Network Interface for IPv6 1 Run esxcli network ip interface add to add a new VMkernel network interface.
Chapter 9 Managing vSphere Networking 2 Change the IP address as needed. vicfg-vmknic --ip VMSF-VMK-363 For IPv4, choose one of the following formats: – Static IPv4 address. DHCP – Use IPv4 DHCP. The VMkernel supports DHCP only for ESXi 4.0 and later. 3 (Optional) Enable vMotion. By default, vMotion is disabled. vicfg-vmknic --enable-vmotion VMSF-VMK-363 You can later use --disable-vmotion to disable vMotion for this VMkernel network interface.
Getting Started with vSphere Command-Line Interfaces vicfg-vmknic --unset-ip VMSF-VMK-363 vicfg-vmknic --enable-ipv6 false VMSF-VMK-363 Setting Up vSphere Networking with vSphere Distributed Switch A distributed switch functions as a single virtual switch across all associated hosts. A distributed switch allows virtual machines to maintain a consistent network configuration as they migrate across multiple hosts.
Chapter 9 Managing vSphere Networking In network environments where a DHCP server and a DNS server are available, ESXi hosts are automatically assigned DNS names. In network environments where automatic DNS is not available or you do not want to use automatic DNS, you can configure static DNS information, including a host name, primary name server, secondary name server, and DNS suffixes. The esxcli network ip dns namespace includes two namespaces.
Getting Started with vSphere Command-Line Interfaces 2 If the DNS properties are set, and you want to change the DHCP settings, you must specify the virtual network adapter to use when overriding the system DNS.
Chapter 9 Managing vSphere Networking Adding and Starting an NTP Server Some protocols, such as Kerberos, must have accurate information about the current time. In those cases, you can add an NTP (Network Time Protocol) server to your ESXi host. IMPORTANT No ESXCLI command exists for adding and starting an NTP server. The following example illustrates setting up an NTP server. Specify one of the options listed in “Connection Options for vCLI Host Management Commands” on page 18 in place of .
Getting Started with vSphere Command-Line Interfaces 2 List route entries to check that your route was added by running the command without options. vicfg-route The output lists all networks and corresponding netmasks and gateways. 3 Set the default gateway. For IPv4, use this syntax: vicfg-route 192.XXX.0.1 or vicfg-route -a default 192.XXX.0.
Chapter 9 Managing vSphere Networking vicfg-ipsec esxcli network ip ipsec sa-src and sa-dst --sa-source and --sa-destination spi (security parameter index) --sa-spi sa-mode (tunnel or transport) --sa-mode ealgo and ekey ‐-encryption-algorithm and --encryption-key ialgo and ikey --integrity-algorithm and --integrity-key An SP identifies and selects traffic that must be protected. An SP consists of two logical sections, a selector, and an action.
Getting Started with vSphere Command-Line Interfaces vicfg-ipsec Option esxcli Option Description ekey encryption-key Encryption key to be used by the encryption algorithm. A series of hexadecimal digits with a 0x prefix or an ASCII string. ialgo [hmac-sha1 | hmac-sha2-256 ] integrity-algorithm [hmac-sha1 | hmac-sha2-256 ] Authentication algorithm to be used. Choose hmac-sha1 or hmac-sha2-256. ikey integrity-key Authentication key to be used.
Chapter 9 Managing vSphere Networking vicfg-ipsec Option esxcli Option Description dir [in | out] flow-direction [in | out] Direction in which you want to monitor the traffic. To monitor traffic in both directions, create two policies. action [none | discard | ipsec] action [none | discard | ipsec] Action to take when traffic with the specified parameters is encountered. none ‐‐ Take no action, that is, allow traffic unmodified. discard ‐‐ Do not allow data in or out.
Getting Started with vSphere Command-Line Interfaces Enabled: true Loaded: true esxcli network firewall ruleset list --ruleset-id sshServer Name Enabled --------- ------sshServer true 2 Enable the sshServer ruleset if it is disabled. esxcli network firewall ruleset set --ruleset-id sshServer --enabled true 3 Obtain access to the ESXi Shell and check the status of the allowedAll flag.
Chapter 9 Managing vSphere Networking Run the following command to view the network statistics for a particular segment ID esxcli network vswitch dvs vmware vxlan network stats list --vds-name Cluster01-VXLAN-VDS --vxlan-id 5000 Retrieve natwork mappin if some virtual machine communication is occurring. esxcli network vswitch dvs vmware vxlan network mapping list --vds-name Cluster01-VXLAN-VDS --vxlan-id 5000 6 View VXLAN statistics for a VDS Port ID.
Getting Started with vSphere Command-Line Interfaces 138 VMware, Inc.
10 Monitoring ESXi Hosts 10 Starting with the vSphere 4.0 release, the vCenter Server makes performance charts for CPU, memory, disk I/O, networking, and storage available. You can view these performance charts by using the vSphere Web Client and read about them in the vSphere Monitoring documentation. You can also perform some monitoring of your ESXi system using vCLI commands.
Getting Started with vSphere Command-Line Interfaces If multiple hosts share a diagnostic partition on a SAN LUN, configure a large diagnostic partition that the hosts share. If a host that uses a shared diagnostic partition fails, reboot the host and extract log files immediately after the failure. Otherwise, the second host that fails before you collect the diagnostic data of the first host might not be able to save the core dump.
Chapter 10 Monitoring ESXi Hosts esxcli system coredump partition list If a diagnostic partition is set, the command displays information about it. Otherwise, the command shows that no partition is activated and configured. Managing Core Dumps with ESXi Dump Collector By default, a core dump is saved to the local disk. You can use ESXi Dump Collector to keep core dumps on a network server for use during debugging.
Getting Started with vSphere Command-Line Interfaces 5 Run vicfg-dumppart -t again to verify that a diagnostic partition is set. vicfg-dumppart -t If a diagnostic partition is set, the command displays information about it. Otherwise, the command informs you that no partition is set. Configuring ESXi Syslog Services All ESXi hosts run a Syslog service, which logs messages from the VMkernel and other system components to local files or to a remote host.
Chapter 10 Monitoring ESXi Hosts Option Description config logger list Show currently configured subloggers. config logger set Set configuration options for a specific sublogger. Use one of the following options. --id= – ID of the logger to configure (required). --reset= – Reset values to default. --rotate= – Number of rotated logs to keep for a specific logger (requires --id). --size= – Size of logs before rotation for a specific logger, in KB (requires --id).
Getting Started with vSphere Command-Line Interfaces vCenter Server SNMP agent. The SNMP agent included with vCenter Server can send traps when the vCenter Server system is started or when an alarm is triggered on vCenter Server. The vCenter Server SNMP agent functions only as a trap emitter and does not support other SNMP operations (for example, GET). You can manage the vCenter Server agent with the vSphere Web Client but not with the vCLI command. Host‐based embedded SNMP agent. ESXi 4.
Chapter 10 Monitoring ESXi Hosts 2 Set the target address, port number, and community. esxcli system snmp set -t target.example.com@163/public Each time you specify a target with this command, the settings you specify overwrite all previously specified settings. To specify multiple targets, separate them with a comma. You can change the port that the SNMP agent sends data to on the target using the --targets option. That port is UDP 162 by default.
Getting Started with vSphere Command-Line Interfaces Each time you specify a target with this command, the settings you specify overwrite all previously specified settings. To specify multiple targets, separate them with a comma. You can change the port that the SNMP agent sends data to on the target by using the --targets option. That port is UDP 162 by default. 2 (Optional) Specify a port for listening for polling requests.
Index Numerics 3.5 LUN masks 97 A Active Directory 25, 26 active path 47 ARP redirect 76 authentication algorithm (IPsec) 134 default inheritance 63 key (IPsec) 134 returning to default inheritance 63 AUTOCONF 127 B backing up configuration data 24 C CDP 118, 119, 120 Challenge Handshake Authentication Protocol 62 changing IP gateway 131 CHAP 62 chapDiscouraged 62 chapPreferred 62 chapProhibited 62 chapRequired 62 Cisco Discovery Protocol 118 claim rules adding 95 converting 97 deleting 98 from 3.
Getting Started with vSphere Command-Line Interfaces claimrule delete command 98 claimrule list command 98 claimrule load command 98 claimrule move command 98 claimrule run command 99 device list 41 esxcli storage core adapter rescan 58 esxcli storage core claiming reclaim command 94 unclaim command 94 esxcli storage core path 45, 47 esxcli storage nmp 87 device list command 88 device set command 88 fixed deviceconfig commands 89 path list command 88 psp commands 88, 89 psp roundrobin commands 90 roundrobi
Index names 45, 46 overview 40 M MAC address, VMkernel NIC 125 MagicPacket 123 maintenance mode 22, 23 Managing 44, 59, 122 managing 140 managing local core dumps 140 managing NMP 87 managing paths 44 managing physical network interfaces 122 migrating virtual machines,svmotion 55 mount datastores 30 MTU 119, 120 multipathing 44, 45 mutual authentication 82, 83 mutual CHAP 69, 71, 74, 76, 82, 83 N naa.
Getting Started with vSphere Command-Line Interfaces S SATP configuration parameters 93 deleting rules 92 retrieve settings 91 rules, adding 91 securing iSCSI ports 62 security associations (IPsec) 133 security policies (IPsec) 134 sessions, iSCSI 85 Simple Network Management Protocol 143 snapshots 108, 109 SNMP communities 144 management 143 polling 145 traps 144 soft power operations 110 software iSCSI setup tasks 68, 70, 73, 75 spaces in directory names 33 special characters in directories 33 vicfg-iscs
Index registering 106, 107 starting 109 stopping 111 storage VMotion 56 vmware-cmd 107 virtual switches 113, 117, 118 MTU 119, 120 retrieving information 118 vicfg-vswitch 117 VLAN ID 121, 122 VMFS duplicate datastores 29 resignature copy 30 resignaturing 31 VMFS3 to VMFS5 conversion 29 VMkernel modules 24 VMkernel network interfaces 125 VMkernel NIC 125 enable VMotion 127 IPv4 125, 126 IPv6 126, 127 VMkernel NICs 125 vmkfstools 28 VML LUN names 45, 46 VMotion 114, 127 VMW_PSP_FIXED 48 VMW_PSP_MRU 48 VMW_P
Getting Started with vSphere Command-Line Interfaces 152 VMware, Inc.
