vCenter Server Appliance Configuration Update 1 vSphere 6.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
vCenter Server Appliance Configuration You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com Copyright © 2009–2016 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com 2 VMware, Inc.
Contents About vCenter Server Appliance Configuration 5 Updated Information 7 1 vCenter Server Appliance Overview 9 2 Using the Appliance Management Interface to Configure the vCenter Server Appliance 11 Log In to the vCenter Server Appliance Management Interface 11 View the vCenter Server Appliance Health Status 12 Reboot or Shut Down the vCenter Server Appliance 12 Export a Support Bundle 13 Enable or Disable SSH and Bash Shell Access 13 Configure the DNS, IP Address, and Proxy Settings 13 Configure
vCenter Server Appliance Configuration Managing Local User Accounts in the vCenter Server Appliance 45 Monitor Health Status and Statistics in the vCenter Server Appliance 47 Using the vimtop Plug-In to Monitor the Resource Usage of Services 48 5 Using the Direct Console User Interface to Configure the vCenter Server Appliance 51 Log In to the Direct Console User Interface 51 Change the Password of the Root User 52 Configure the Management Network of the vCenter Server Appliance 52 Restart the Managem
About vCenter Server Appliance Configuration vCenter Server Appliance Configuration provides information about configuring the vCenter Server Appliance. Intended Audience This information is intended for anyone who wants to use the vCenter Server Appliance. The information is written for experienced Windows or Linux system administrators who are familiar with virtual machine technology and data center operations.
vCenter Server Appliance Configuration 6 VMware, Inc.
Updated Information This vCenter Server Appliance Configuration is updated with each release of the product or when necessary. This table provides the update history of the vCenter Server Appliance Configuration. Revision Description EN-001785-06 Updated topic “Plug-Ins in the vCenter Server Appliance Shell,” on page 31 to add the cmsso-util and psc-restore plug-ins.
vCenter Server Appliance Configuration 8 VMware, Inc.
vCenter Server Appliance Overview 1 The vCenter Server Appliance is a preconfigured Linux virtual machine, which is optimized for running vCenter Server and the associated services on Linux. You can download the vCenter Server Appliance installer, install the VMware Client Integration Plug-In, and deploy the vCenter Server Appliance.
vCenter Server Appliance Configuration Initially, only the user administrator@your_domain_name has the privileges to log in to the vCenter Server system in the vCenter Server Appliance. By default, the administrator@your_domain_name user is a member of the SystemConfiguration.Administrators group and can add an identity source in which additional users and groups are defined to vCenter Single Sign-On or give permissions to the users and groups. For more information, see vSphere Security.
Using the Appliance Management Interface to Configure the vCenter Server Appliance 2 After you deploy the vCenter Server Appliance that contains vCenter Server with an embedded Platform Services Controller, vCenter Server with an external Platform Services Controller, or a Platform Services Controller, you can log in to the vCenter Server Appliance Management Interface and edit the appliance settings.
vCenter Server Appliance Configuration View the vCenter Server Appliance Health Status You can use the vCenter Server Appliance Management Interface to view the overall health status of the vCenter Server Appliance and health messages.
Chapter 2 Using the Appliance Management Interface to Configure the vCenter Server Appliance Procedure 1 In the vCenter Server Appliance Management Interface, click Summary. 2 Click Reboot or Shutdown to restart or power off the virtual machine. 3 In the confirmation dialog window, click Yes to confirm the operation. Export a Support Bundle You can export a support bundle that contains the log files for the vCenter Server instance running in the appliance.
vCenter Server Appliance Configuration Procedure 1 In the vCenter Server Appliance Management Interface, click Networking. 2 In the Hostname, Name Servers, and Gateways pane, click Edit. 3 In the Name Servers section, configure the DNS settings. Option Description Obtain DNS settings automatically Obtains the DNS settings automatically from the network. Enter settings manually Lets you set the DNS address settings manually.
Chapter 2 Using the Appliance Management Interface to Configure the vCenter Server Appliance Configure the System Time Zone and Time Synchronization Settings After you deploy the vCenter Server Appliance, you can change the system time zone and time synchronization settings. When you deploy the vCenter Server Appliance, you either use the time settings of the ESXi host on which the appliance is running or you configure the time synchronization based on an NTP server.
vCenter Server Appliance Configuration 3 Configure the password expiration settings for the root user. a In the Root password expires section, set the password expiration policy. Option Description Yes The password of the root user expires after a particular number of days. You must provide the following information: n Root password validity (days) n The number of days after which the password expires.
Using the vSphere Web Client to Configure the vCenter Server Appliance 3 After you deploy the vCenter Server Appliance, you can perform some configuration operations from the vSphere Web Client such as joining the appliance to an Active Directory domain, managing the services that are running in the vCenter Server Appliance, networking, and other settings.
vCenter Server Appliance Configuration For example, to enable an Active Directory user to log in to the vCenter Server instance in a vCenter Server Appliance with an embedded Platform Services Controller by using the vSphere Web Client with Windows session authentication (SSPI), you must join the vCenter Server Appliance to the Active Directory domain and assign the Administrator role to this user.
Chapter 3 Using the vSphere Web Client to Configure the vCenter Server Appliance 11 Select Active Directory (Integrated Windows Authentication), enter the identity source settings of the joined Active Directory domain, and click OK. Table 3‑1. Add Identity Source Settings Field Description Domain name FDQN of the domain. Do not provide an IP address in this field. Use machine account Select this option to use the local machine account as the SPN.
vCenter Server Appliance Configuration 3 Under System Configuration, click Nodes. 4 Under Nodes, select a node and click the Manage tab. 5 Under Advanced, select Active Directory and click Leave. 6 Type the Active Directory user name and password. 7 Click OK to leave the Active Directory domain. 8 Click the Actions menu, and select Reboot to restart the appliance so that the changes are applied. Add a User to the SystemConfiguration.
Chapter 3 Using the vSphere Web Client to Configure the vCenter Server Appliance 2 On the vSphere Web Client Home page, click System Configuration. 3 Under System Configuration, click Nodes. 4 Under Nodes, select a node and click the Manage tab. 5 Under Common, select Access and click Edit. 6 Select how you can access the vCenter Server Appliance. Option 7 Description Enable local login Enables local login to the vCenter Server Appliance console.
vCenter Server Appliance Configuration 6 Expand DNS and edit the settings. Option Description Obtain DNS server address automatically Obtains the DNS settings automatically from the network. Enter settings manually Lets you specify the DNS address settings manually. If you select this option, you must provide: n Hostname n Name of the vCenter Server Appliance machine. Preferred DNS server n IP address of the preferred DNS server. Alternate DNS server n IP address of the alternate DNS server.
Chapter 3 Using the vSphere Web Client to Configure the vCenter Server Appliance Edit the Firewall Settings of the vCenter Server Appliance After you deploy the vCenter Server Appliance, you can edit the firewall settings of the vCenter Server Appliance and can create firewall rules. You can edit the firewall settings by using the vSphere Web Client. By using the firewall rules, you can allow or block the traffic between the vCenter Server Appliance and specific servers, hosts, or virtual machines.
vCenter Server Appliance Configuration Edit the Startup Settings of a Service The Message Bus Configuration, ESXi Dump Collector, and Auto Deploy services are optional services in the vCenter Server Appliance and they are not running by default. You can edit the startup settings of these services in the vCenter Server Appliance. Prerequisites Verify that the user name you use to log in to the vCenter Server instance in the vCenter Server Appliance is a member of the SystemConfiguration.
Chapter 3 Using the vSphere Web Client to Configure the vCenter Server Appliance 5 From the Actions menu, select an operation. You can start, stop, and restart the service. View the Health Status of Services and Nodes In the vSphere Web Client, you can view the health status of vCenter Server services and nodes. vCenter Server instances and machines that run vCenter Server services are considered nodes. Graphical badges represent the health status of services and nodes.
vCenter Server Appliance Configuration Procedure 1 Log in as administrator@your_domain_name to the vCenter Server instance by using the vSphere Web Client. 2 On the vSphere Web Client Home page, under Administration, click System Configuration. 3 Under System Configuration click Nodes and select a node from the list. 4 Click the Related Objects tab. You see the list of services running in the node you selected. Editable settings are not available for all manageable services.
Chapter 3 Using the vSphere Web Client to Configure the vCenter Server Appliance 7 Click the Export Support Bundle and save the bundle on your local machine. You saved the support bundle to your machine and can explore it. Redirect vCenter Server Appliance Log Files to Another Machine You can redirect the vCenter Server Appliance log files to another machine for example, when you want to preserve storage space on the vCenter Server Appliance.
vCenter Server Appliance Configuration 10 28 From the Remote Syslog Protocol drop-down select the protocol to use. Option Description TCP Transmission Control Protocol UDP User Datagram Protocol TLS Transport Layer Security 11 Click OK. 12 From the Actions menu, click Restart so that the configuration changes are applied. VMware, Inc.
Using the Appliance Shell to Configure the vCenter Server Appliance 4 You can access all of the vCenter Server Appliance API commands and plug-ins that you can use for monitoring, troubleshooting, and configuring the appliance by using the appliance shell. You can run all commands in the appliance shell with or without the pi keyword.
vCenter Server Appliance Configuration Enable Bash Shell Access From the Appliance Shell If you log in to the appliance shell as a user who has a super administrator role, you can enable access to the Bash shell of the appliance, by using the appliance shell. Procedure 1 Access the appliance shell and log in as a user who has a super administrator role. The default user with a super administrator role is root. 2 Run the command to enable access the Bash shell. shell.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance Table 4‑1. Keyboard Shortcuts and Function (Continued) Keyboard Shortcut Details Down arrow or Ctrl+N Returns to more recent commands in the history buffer after you use the Up arrow or Ctrl+P to recall commands. Ctrl+Y Recalls the most recent entry in the delete buffer. The delete buffer contains the last ten items you have cut or deleted. Esc, Y Recalls the next entry in the delete buffer.
vCenter Server Appliance Configuration Table 4‑2. Plug-Ins Available in the vCenter Server Appliance (Continued) 32 Plug-In Description com.vmware.nslookup A plug-in that you can use to query the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record. com.vmware.ntpq A standard NTP query program. com.vmware.pgrep A plug-in that you can use to search for all named processes. com.vmware.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance API Commands in the vCenter Server Appliance Shell The API commands in the vCenter Server Appliance let you perform various administrative tasks in the vCenter Server Appliance. The API commands are provided by appliance management service in the vCenter Server Appliance. You can edit time synchronization settings, monitor processes and services, set up the SNMP settings, and so on. Table 4‑3.
vCenter Server Appliance Configuration Table 4‑3. API Commands Available in the vCenter Server Appliance (Continued) 34 API Command Description com.vmware.appliance.version1.networking.dns.domains.add Add domains to DNS search domains. com.vmware.appliance.version1.networking.dns.domains.list Get a list of DNS search domains. com.vmware.appliance.version1.networking.dns.domains.set Set DNS search domains. com.vmware.appliance.version1.networking.dns.hostname.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance Table 4‑3. API Commands Available in the vCenter Server Appliance (Continued) API Command Description com.vmware.appliance.version1.networking.proxy.delete Delete the proxy configuration for a protocol that you provide as input. com.vmware.appliance.version1.networking.proxy.get Get proxy configuration information for all protocols. com.vmware.appliance.version1.networking.proxy.
vCenter Server Appliance Configuration Table 4‑3. API Commands Available in the vCenter Server Appliance (Continued) API Command Description com.vmware.appliance.version1.resources.softwarepackages.health .get Get the health of the update component. com.vmware.appliance.version1.resources.storage.health.get Get storage health statistics. com.vmware.appliance.version1.resources.storage.stats.list Get storage statistics for each logical disk. com.vmware.appliance.version1.resources.swap.health.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance Configure the SNMP Agent for Polling If you configure the vCenter Server Appliance SNMP agent for polling, it can listen for and respond to requests from SNMP management client systems, such as GET, GETNEXT, and GETBULK requests. By default, the embedded SNMP agent listens on UDP port 161 for polling requests from management systems. You can use the snmp.set --port command to configure an alternative port.
vCenter Server Appliance Configuration 2 Run the snmp.set --communities command to configure an SNMP community. For example, to configure public, east, and west network operation center communities, run the following command: snmp.set --communities public,eastnoc,westnoc Each time you specify a community with this command, the settings you specify overwrite the previous configuration. To specify multiple communities, separate the community names with a comma.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance 2 Configure SNMP Authentication and Privacy Protocols on page 39 SNMP v3 optionally supports authentication and privacy protocols. 3 Configure SNMP Users on page 40 You can configure up to five users who can access SNMP v3 information. User names must be no more than 32 characters long. 4 Configure SNMP v3 Targets on page 41 Configure SNMP v3 targets to allow the SNMP agent to send SNMP v3 traps.
vCenter Server Appliance Configuration 3 (Optional) Run the snmp.set --privacy command to configure privacy protocol. For example, run the following command: snmp.set --privacy protocol Here, protocol must be either none, for no privacy, or AES128. Configure SNMP Users You can configure up to five users who can access SNMP v3 information. User names must be no more than 32 characters long.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance Configure SNMP v3 Targets Configure SNMP v3 targets to allow the SNMP agent to send SNMP v3 traps. You can configure a maximum of three SNMP v3 targets, in addition to a maximum of three SNMP v1 or v2c targets. To configure a target, you must specify a host name or IP address of the system that will receive the traps, a user name, a security level, and whether to send traps.
vCenter Server Appliance Configuration Here, oid_list is a list of object IDs for the traps to filter, separated by commas. This list replaces any object IDs that were previously specified using this command. n To clear all trap filters, run the following command: snmp.set 3 --notraps reset (Optional) If the SNMP agent is not enabled, enable it by running the snmp.enable command.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance Procedure 1 Access the appliance shell and log in as a user who has the administrator or super administrator role. The default user with super administrator role is root. 2 To reset specific arguments, run the command snmp.set --arguments reset. For example, to reset the communities that you configured, run the following command: snmp.
vCenter Server Appliance Configuration Add or Replace NTP Servers in the vCenter Server Appliance Configuration To set up the vCenter Server Appliance to use NTP-based time synchronization, you must add the NTP servers to the vCenter Server Appliance configuration. Procedure 1 Access the appliance shell and log in as a user who has the administrator or super administrator role. The default user with super administrator role is root.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance Procedure 1 Access the appliance shell and log in as a user who has the administrator or super administrator role. The default user with super administrator role is root. 2 Run the command to enable NTP-based time synchronization. timesync.set --mode NTP 3 (Optional) Run the command to verify that you successfully applied the NTP synchronization. timesync.get The command returns that the time synchronization is in NTP mode.
vCenter Server Appliance Configuration Procedure 1 Access the appliance shell and log in as a user who has a super administrator role. The default user with a super administrator role is root. 2 Run the localaccounts.user.add -- role --username --password command. For example, to add the local user account test with the operator user role, run the following command: localaccounts.user.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance Here, user name is the name of the user that you want to edit and new email address is the new email address. n To update the full name of the local user, run the following command: localaccounts.user.set --username user name --fullname new full name Here, user name is the name of the user that you want to edit and new full name is the new full name of the user.
vCenter Server Appliance Configuration n n To view the health of the swap in the vCenter Server Appliance, run the swap.health.get command. To view the health of the update component in the vCenter Server Appliance, run the softwarepackages.health.get command. Important If you do not perform regular checks for available patches, the health status of the update component might become out-of-date.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance Table 4‑4. Interactive Mode Command-Line Options (Continued) Option Description -c filename Loads a user-defined vimtop configuration file. If the -c option is not used, the default configuration file is /root/vimtop/vimtop.xml. You can create your own configuration file, specifying a different file name and path by using the W single-key interactive command.
vCenter Server Appliance Configuration Table 4‑5. Interactive Mode Single-Key Commands (Continued) 50 Key Names Description d Sort the selected column in descending order. z Clear the sort order for all columns. l Set width for the selected column. x Return the column widths to their default values. + Expand selected item. - Collapse selected item. w Write the current setup to a vimtop configuration file. The default file name is the one specified by -c option, or /root/vimtop/vimtop.
Using the Direct Console User Interface to Configure the vCenter Server Appliance 5 After you deploy the vCenter Server Appliance, you can reconfigure the network settings and enable access to the Bash shell for troubleshooting. To access the Direct Console User Interface, you must log in as root. The home page of the Direct Console User Interface contains a link to the support bundle of the vCenter Server Appliance.
vCenter Server Appliance Configuration Change the Password of the Root User To prevent unauthorized access to the vCenter Server Appliance Direct Console User Interface, you can change the password of the root user. The default root password for the vCenter Server Appliance is the password you enter during deployment of the virtual appliance. Important The password for the root account of the vCenter Server Appliance expires after 365 days.
Chapter 5 Using the Direct Console User Interface to Configure the vCenter Server Appliance 4 5 6 Change the IPv6 settings from IPv6 Configuration. Option Description Enable IPv6 Enables or disables IPv6 on the appliance Use DHCP stateful configuration Uses a DHCP server to obtain IPv6 addresses and networking settings Use ICMP stateless configuration Uses a Stateless Address Autoconfiguration (SLAAC) to obtain IPv6 addresses and network settings Change the DNS settings from DNS Configuration.
vCenter Server Appliance Configuration Access the Appliance Bash Shell for Troubleshooting Log in to the vCenter Server Appliance shell for troubleshooting purposes only. Procedure 1 Access the appliance shell using one of the following methods. n If you have direct access to the appliance, press Alt+F1. n If you want to connect remotely, use SSH or another remote console connection to start a session to the appliance. 2 Enter a user name and password recognized by the appliance.
Index A E accessing Bash shell 30 Active Directory domain, leaving 19 Active Directory domain, joining 17 API commands in the vCenter Server Appliance, getting help 31 APIs 33 appliance console, logging in 51 appliance password, changing 15, 52 appliance shell accessing 29 using to edit the vCenter Server Appliance 29 appliance troubleshooting, enabling 53 appliance configure DNS settings 52 configure IPv4 52 configure IPv6 52 configure management network 52 configure static IP 52 appliance Bash shell en
vCenter Server Appliance Configuration deleting from the vCenter Server Appliance 47 updating in the vCenter Server Appliance 46 log bundle, exporting 13 log bundles, exporting 26 log files 36 M management network, restarting 53 Message Bus Configuration, setting up startup settings 24 monitoring health status, services, nodes 25 health status, vCenter Server Appliance 12 N new local user account, vCenter Server Appliance 45 NTP servers, adding 44 NTP-based time synchronization 44 O overview of, vCenter
Index changing the role of a user account 46 changing the root password 15 configuration 51 configuring a proxy server 13 configuring access settings 13, 20 configuring IP address 13, 21 configuring SNMP 36 configuring SNMP authentication 39 configuring SNMP communities 37 configuring SNMP privacy protocols 39 configuring SNMP users 40 configuring SNMP v1 and v2c 37 configuring SNMP v3 engine ID 39 configuring SNMP v3 targets 41 deleting a local user account 47 editing DNS settings 13, 21 enabling or disab
vCenter Server Appliance Configuration 58 VMware, Inc.
