Getting Started with vSphere Command-Line Interfaces ESXi 6.0 vCenter Server 6.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
Getting Started with vSphere Command-Line Interfaces You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com Copyright © 2007–2015 VMware, Inc. All rights reserved. Copyright and trademark information VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com 2 VMware, Inc.
Contents About This Book 5 1 Managing vSphere with Command‐Line Interfaces 7 Overview of vSphere Command‐Line Interfaces 8 Using ESXCLI for Host Management 10 ESXCLI Syntax 10 Running ESXCLI vCLI Commands 10 ESXCLI Command Support when Host and vCLI Version Do Not Match 11 Using PowerCLI to Manage Hosts and Virtual Machines 11 Using DCLI to Manage vCenter Services 11 DCLI Syntax 12 vCLI Package Contents 12 2 Installing vCLI 15 Installation Overview 15 Overview of Linux Installation Process 16 Installing
Getting Started with vSphere Command-Line Interfaces Authenticating Directly to the Host 30 Using a Session File 30 Using Environment Variables 30 Using a Configuration File 31 Using Command‐Line Options 31 Using Microsoft Windows Security Support Provider Interface 32 vCLI and Lockdown Mode 32 Trust Relationship Requirement for ESXCLI Commands 33 Downloading and Installing the vCenter Server Certificate 33 Using the ‐‐cacertsfile Option 33 Using the ‐‐thumbprint Option 33 Using the Credential Store 34 Com
About This Book Getting Started with vSphere Command‐Line Interfaces gives an overview of command‐line interfaces in vSphere 5.0 and later and gets you started with ESXi Shell commands and vCLI (VMware® vSphere Command‐Line Interface) commands. This book also includes instructions for installing vCLI and a reference to connection parameters. Intended Audience This book is for experienced Windows or Linux system administrators who are familiar with vSphere administration tasks and data center operations.
Getting Started with vSphere Command-Line Interfaces The vSphere SDK for Perl documentation explains how you can use the vSphere SDK for Perl and related utility applications to manage your vSphere environment. The vSphere Management Assistant Guide explains how to install and use the vSphere Management Assistant (vMA). vMA is a virtual machine that includes vCLI and other prepackaged software. See “Deploying vMA” on page 22.
1 Managing vSphere with Command-Line Interfaces 1 vSphere supports several command‐line interfaces for managing your virtual infrastructure including a set of ESXi Shell commands, PowerCLI commands, and DCLI commands for management of vCenter services. You can run commands locally, from an administration server, or from scripts. You can choose the CLI best suited for your needs, and write scripts to automate your management tasks.
Getting Started with vSphere Command-Line Interfaces Overview of vSphere Command-Line Interfaces vSphere includes commands for managing different aspects of your environment. The following CLIs are available for managing hosts, either directly or through the vCenter Server system that manages the host. Linux vSphere Management Assistant Windows vCLI vicfg-* ESXCLI Others (esxtop, vimcmd, vsish, rvc...) PowerCLI API vCenter Server API API ESXi ESXi ESXCLI esxcfg-* ESXCLI esxcfg-* Figure 1-1.
Chapter 1 Managing vSphere with Command-Line Interfaces Command set Description See esxcfg- commands Available in the ESXi Shell. esxcfg- commands are still included in this release but are deprecated. Migrate to ESXCLI where possible. Command‐Line Management of vSphere 5 and vSphere 6 for Service Console Users DCLI commands Manage VMware SDDC services. “Running DCLI Commands” on page 39 DCLI is a CLI client to the vCloud Suite SDK interface for managing VMware SDDC services.
Getting Started with vSphere Command-Line Interfaces Using ESXCLI for Host Management You can manage many aspects of an ESXi host with commands in the ESXCLI command set. You can run ESXCLI commands as vCLI commands, or run them in the ESXi Shell in troubleshooting situations. You can also run ESXCLI commands from the PowerCLI shell by using the Get-EsxCli cmdlet. See the vSphere PowerCLI Administration Guide and the vSphere PowerCLI Reference.
Chapter 1 Managing vSphere with Command-Line Interfaces Install the vCLI package on one of the supported Windows or Linux systems. The ESXCLI command set is included. Specify connection options to run commands against an ESXi host directly, or target a vCenter Server system and specify the ESXi host to run the command against. See “Installing vCLI” on page 15. NOTE Starting with vSphere 6.
Getting Started with vSphere Command-Line Interfaces 2 If the user is not yet authenticated, DCLI prompts for a password. 3 The user specifies a password. 4 The command connects to the vCenter Single Sign‐On service and checks whether the user specified on the command‐line or in a certificate store file can authenticate. 5 If the user can authenticate, DCLI communicates with the vCenter Server and execute the vCloud Suite SDK command that corresponds to the DCLI command.
Chapter 1 Managing vSphere with Command-Line Interfaces ESXCLI commands. The ESXCLI commands included in the vCLI package are equivalent to the ESXCLI commands available in the ESXi Shell. vicfg‐ commands. The vicfg- command set is similar to the deprecated esxcfg- command set in the ESXi Shell. Miscellaneous commands. A small set of commands for managing and monitoring ESXi hosts, including vmkfstools and resxtop.
Getting Started with vSphere Command-Line Interfaces 14 VMware, Inc.
2 2 Installing vCLI You can install a vCLI package on a Linux or a Microsoft Windows system, or deploy the vSphere Management Assistant (vMA) on an ESXi host.
Getting Started with vSphere Command-Line Interfaces After installation, you can run vCLI commands and vSphere SDK for Perl utility applications from the operating system command line. Each time you run a command, you specify the target server connection options directly or indirectly. You can also write scripts and manage your vSphere environment using those scripts. vSphere Management Assistant (vMA).
Chapter 2 Installing vCLI XML‐SAX‐0.16 Data‐Dump‐1.15 URI‐1.37 UUID‐0.03 SOAP‐Lite‐0.710.08 HTML‐Parser‐3.60 version‐0.78 Class‐MethodMaker‐2.10 JSON‐PP‐2.27203 Devel‐StackTrace‐131 Class‐Data‐Inheritable‐0.08 Convert‐ASN1‐0.26 Cyrpt‐OpenSSL‐RSA‐0.28 Crypt‐X509‐0.51 Exception‐Class‐1.37 MIME‐Base64‐3.14 UUID‐Random‐0.04 Socket6‐023 IO‐Socket‐INET6‐2.71 Net‐INET6Glue‐0.
Getting Started with vSphere Command-Line Interfaces 5 After all required software and all prerequisite Perl modules are installed, you can install vCLI. See “Installing the vCLI Package on Red Hat Enterprise Linux” on page 18 and “Installing the vCLI Package on a Linux System with Internet Access” on page 20. If a previous version of vCLI, Remote CLI, or vSphere SDK for Perl is installed on your system, and you install vCLI in a different directory, you must reset the PATH environment variable.
Chapter 2 Installing vCLI To install vCLI on RHEL 1 Untar the vCLI binary that you downloaded. tar –zxvf VMware-vSphere-CLI-6.X.X-XXXXX.XXXX.x86_64.tar.gz A vmware-vsphere-vcli-distrib directory is created. 2 Log in as superuser and run the installer: //sudo vmware-vsphere-cli-distrib/vmware-install.pl 3 To accept the license terms, type yes and press Enter. 4 To install Perl modules locally, type yes and press Enter.
Getting Started with vSphere Command-Line Interfaces Table 2-1. Installing Required Prerequisite Software Platform Installation RHEL 6.3 32 bit Find the required modules on the installation DVD, or use yum to install them. yum install e2fsprogs-devel libuuid-devel yum install perl-XML-LibXML RHEL 6.3 64 bit Find the required modules on the installation DVD, or use yum to install them. yum install e2fsprogs-devel libuuid-devel yum install glibc.
Chapter 2 Installing vCLI A complete installation process has the following result: A success message appears. The installer lists different version numbers for required modules (if any). The prompt returns to the shell prompt.
Getting Started with vSphere Command-Line Interfaces 7 Click Install to proceed with the installation. The installation might take several minutes to complete. 8 Reboot your system. Without reboot, path settings might not be correct on your Windows platform. Uninstalling the vCLI Package on Windows You can uninstall the vCLI package as you would other programs. To uninstall vCLI on Windows 1 Find the option for adding and removing programs on the Windows operating system you are using.
3f Running Host Management Commands in the ESXi Shell 3 In most cases, installing vCLI and running commands from a remote system, with one or more hosts as targets, is recommended. However, for maintenance and troubleshooting tasks you might prefer to run ESXCLI commands in the ESXi Shell or connect to the ESXi Shell with SSH. You first establish access, and can then run commands.
Getting Started with vSphere Command-Line Interfaces 3 Choose Enable ESXi Shell and press Enter. On the left, Enable ESXi Shell changes to Disable ESXi Shell. On the right, ESXi Shell is Disabled changes to ESXi Shell is Enabled. 4 Press Esc until you return to the main direct console screen. If you do not have access to the Direct Console Interface, you can enable the ESXi Shell from the vSphere Web Client.
Chapter 3 Running Host Management Commands in the ESXi Shell Enabling SSH for the ESXi Shell By default, remote command execution is disabled on an ESXi host, and you cannot log in to the host using a remote shell. You can enable remote command execution from the direct console or from the vSphere Web Client. To enable SSH access in the direct console 1 At the direct console of the ESXi host, press F2 and provide credentials when prompted. 2 Scroll to Troubleshooting Options and press Enter.
Getting Started with vSphere Command-Line Interfaces Lockdown Mode To increase the security of your ESXi hosts, you can put them in lockdown mode. In lockdown mode, all operations must be performed through vCenter Server. By default, only the vCenter Server system, represented by the vpxuser user, has authentication permissions. No other users can perform operations against a host in Lockdown Mode. vSphere 5.x and later supports normal lockdown mode, as discussed in the vSphere 5.x documentation center.
4f Running vCLI Host Management Commands 4 You can run vSphere Command‐Line Interface (vCLI) host management commands from the command line of the system where you installed the package, from the vMA command line, and from scripts. Host management commands, which include ESXCLI and vicfg- commands, require at a minimum the target server to run the command on. Users must authenticate to the host, and can only perform tasks that they are authorized to perform.
Getting Started with vSphere Command-Line Interfaces Access the vMA Linux console. Set up target servers and run vCLI commands against the targets without additional authentication. Prepare scripts that contain vCLI commands. Then run the scripts from a system that has the vCLI package installed or from the vMA Linux console. See “Using vCLI Commands in Scripts” on page 36. NOTE Different command sets in the vCLI package require different connection options.
Chapter 4 Running vCLI Host Management Commands Order of Precedence for vCLI Host Management Commands When you run a vCLI host management command, authentication happens in the order of precedence shown in Table 4‐1. This order of precedence always applies. That means, for example, that you cannot override an environment variable setting in a configuration file. NOTE Available options and order of precedence are different for DCLI. See “Order of Precedence for DCLI Authentication” on page 43.
Getting Started with vSphere Command-Line Interfaces vicfg-nics -l --username --password "" --server --psc --vihost Using a session file results in less overhead and better performance than connecting to the Platform Services Controller repeatedly. Authenticating Directly to the Host vCLI offers several options for authenticating directly to the host.
Chapter 4 Running vCLI Host Management Commands On Windows, you can set environment variables in the Environment properties dialog box of the System control panel. For the current session, you can set environment variables at the command line by using a command like the following: set VI_SERVER= IMPORTANT Do not use escape characters in environment variables. See “Using vCLI Commands in Scripts” on page 36 for an environment variable example.
Getting Started with vSphere Command-Line Interfaces Linux esxcli --server --username snow\-white --password dwarf\$ network ip interface list esxcli --server --username snow\-white --password ‘dwarf$’ network ip interface list vicfg-mpath --server --username snow\-white --password dwarf\$ --list vicfg-mpath --server --username ‘snow-white’ --password ‘dwarf$’ --list Windows esxcli --server --user
Chapter 4 Running vCLI Host Management Commands vicfg-ipsec If you have problems running a command on an ESXi host directly (without specifying a vCenter Server target), check whether lockdown mode is enabled on that host. See the vSphere Security documentation. Trust Relationship Requirement for ESXCLI Commands Starting with vSphere 6.0, ESXCLI checks whether a trust relationship exists between the machine where you run the ESXCLI command and the ESXi host.
Getting Started with vSphere Command-Line Interfaces Using the Credential Store Your vCLI installation includes a credential store. You can manage the credential store with the credstore-admin utility application, which is located in the /Perl/apps/general directory inside the VMware vSphere CLI directory. IMPORTANT Updating the credential store is a two‐step process. First you add the user and password for the server, and then you add the thumbprint for the server.
Chapter 4 Running vCLI Host Management Commands Table 4-2. vCLI Connection Options (Continued) Option and Environment Variable Description --passthroughauth If you specify this option, the system uses the Microsoft Windows Security Support Provider Interface (SSPI) for authentication. Trusted users are not prompted for a user name and password. See the Microsoft Web site for a detailed discussion of SSPI.
Getting Started with vSphere Command-Line Interfaces Table 4-2. vCLI Connection Options (Continued) Option and Environment Variable Description --username Uses the specified user name. VI_USERNAME= If --server specifies a vCenter Server system, the user name and password apply to that server. If you can log in to the vCenter Server system, you need no additional authentication to run commands on the ESXi hosts that server manages.
Chapter 4 Running vCLI Host Management Commands Running Host Management Commands from a Windows System After you install vCLI and reboot your system, you can test the installation by running a vCLI or SDK for Perl command from the Windows command prompt. To run a vCLI command on Windows 1 From the Windows Start menu, choose Programs > VMware > VMware vSphere CLI > Command Prompt. A command prompt shell for the location where vCLI is installed appears.
Getting Started with vSphere Command-Line Interfaces 38 VMware, Inc.
5f Running DCLI Commands 5 You can run DCLI commands as vCLI commands, from the vCenter Server Appliance shell, and from the command prompt of a vCenter Server Windows installation. IMPORTANT Authentication options for DCLI commands differ from options for vCLI host management commands.
Getting Started with vSphere Command-Line Interfaces DCLI Syntax Each DCLI command uses the same syntax. The command name is followed by DCLI connection and formatting options, each preceded by a + sign. After the DCLI options come the name space, the command, and the command options, as in the following example: dcli +[DCLI options] [ ...] --[cmd option] [option value] DCLI options. Predefined options for connection information and formatting options.
Chapter 5 Running DCLI Commands Table 5-1. DCLI Options Option formatter Description Default Output formatter, one of the following: Default is table for lists of structures and simple for all other output. simple table xml json html csv loglevel The log level, one of debug, info, warning, or error. username If you run from the local shell, most DCLI commands do not require the user name.
Getting Started with vSphere Command-Line Interfaces Example dcli com vmware cis tagging tag create --help usage: com vmware cis tagging tag create [-h] --create-spec-name CREATE_SPEC_NAME --create-spec-description CREATE_SPEC_DESCRIPTION --create-spec-category-id CREATE_SPEC_CATEGORY_ID Creates a tag Input Arguments: -h, --help show this help message and exit --create-spec-name CREATE_SPEC_NAME The display name of the tag (required string) --create-spec-description CREATE_SPEC_DESCRIPTION The description
Chapter 5 Running DCLI Commands dcli +credstore-remove +server +username user1 3 List all credential store entries. dcli +credstore-list Order of Precedence for DCLI Authentication When you run a DCLI command, authentication happens in the order of precedence shown in Table 5‐2, “DCLI Authentication Precedence,” on page 43. This order of precedence always applies. That means, for example, that you can override an environment variable setting from the command line.
Getting Started with vSphere Command-Line Interfaces Table 5-3. Variables Supported by DCLI Variable Description DCLI_CREDFILE Set this variable to point to a DCLI credential store file. Default value is ~/.dcli/.dcli_credstore Passing the credstore-file option on the command line overrides variable. DCLI_HISTFILE Set this variable to point to a DCLI interactive shell history file path. Default value is ~/.dcli/.dcli_history .
Index A P Active Directory 22 authentication information 30 Perl 15 precedence 29 prerequisites Red Hat Enterprise Linux 5.2 18 C command-line connection parameters 31 configuration files for authentication 31 usage 31 connection options 30, 34 cp936 encoding 34 creating session files 30 credential store precedence 29, 43 R Red Hat Enterprise Linux 5.
Getting Started with vSphere Command-Line Interfaces vSphere SDK for Perl 15 W Windows executing commands 32 installing vCLI 21 running vCLI commands 37 using vCLI 21 46 VMware, Inc.
