vCenter Server Appliance Configuration Update 1 Modified on 04 OCT 2017 VMware vSphere 6.5 VMware ESXi 6.5 vCenter Server 6.
vCenter Server Appliance Configuration You can find the most up-to-date technical documentation on the VMware Web site at: https://docs.vmware.com/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com Copyright © 2009–2017 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com 2 VMware, Inc.
Contents About vCenter Server Appliance Configuration 5 Updated Information 7 1 vCenter Server Appliance Overview 9 2 Using the Appliance Management Interface to Configure the vCenter Server Appliance 11 Log In to the vCenter Server Appliance Management Interface 11 View the vCenter Server Appliance Health Status 12 Reboot or Shut Down the vCenter Server Appliance 13 Export a Support Bundle 13 Enable or Disable SSH and Bash Shell Access 13 Configure the DNS, IP Address, and Proxy Settings 14 Configure
vCenter Server Appliance Configuration API Commands in the vCenter Server Appliance Shell 37 Configuring SNMP for the vCenter Server Appliance 41 Configuring Time Synchronization Settings in the vCenter Server Appliance Managing Local User Accounts in the vCenter Server Appliance 50 Monitor Health Status and Statistics in the vCenter Server Appliance 52 Using the vimtop Plug-In to Monitor the Resource Use of Services 53 48 5 Using the Direct Console User Interface to Configure the vCenter Server Applia
About vCenter Server Appliance Configuration ® vCenter Server Appliance Configuration provides information about configuring the VMware vCenter Server Appliance™. Intended Audience This information is intended for anyone who wants to use the vCenter Server Appliance to run VMware ® ® vCenter Server and VMware Platform Services Controller . The information is written for experienced Windows or Linux system administrators who are familiar with virtual machine technology and data center operations.
vCenter Server Appliance Configuration 6 VMware, Inc.
Updated Information This vCenter Server Appliance Configuration is updated with each release of the product or when necessary. This table provides the update history of the vCenter Server Appliance Configuration. Revision Description 04 OCT 2017 n EN-002607-00 Initial release. VMware, Inc.
vCenter Server Appliance Configuration 8 VMware, Inc.
vCenter Server Appliance Overview 1 The vCenter Server Appliance is a preconfigured Linux virtual machine, which is optimized for running ® VMware vCenter Server and the associated services on Linux. During the deployment of the appliance, you select a deployment type of vCenter Server with an embedded Platform Services Controller, Platform Services Controller, or vCenter Server with an external Platform Services Controller.
vCenter Server Appliance Configuration Initially, only the user administrator@your_domain_name has the privileges to log in to the vCenter Server system in the vCenter Server Appliance. By default, the administrator@your_domain_name user is a member of the SystemConfiguration.Administrators group. This user can add an identity source in which additional users and groups are defined to vCenter Single Sign-On or give permissions to the users and groups. For more information, see vSphere Security.
Using the Appliance Management Interface to Configure the vCenter Server Appliance 2 After you deploy the vCenter Server Appliance that contains vCenter Server with an embedded Platform Services Controller, vCenter Server with an external Platform Services Controller, or a Platform Services Controller, you can log in to the vCenter Server Appliance Management Interface and edit the appliance settings.
vCenter Server Appliance Configuration n If you are using Internet Explorer, verify that TLS 1.0, TLS 1.1, and TLS 1.2 are enabled in the security settings. Procedure 1 In a Web browser, go to the vCenter Server Appliance Management Interface, https://appliance-IPaddress-or-FQDN:5480. 2 Log in as root. The default root password is the password you set while deploying the vCenter Server Appliance.
Chapter 2 Using the Appliance Management Interface to Configure the vCenter Server Appliance Reboot or Shut Down the vCenter Server Appliance You can use the vCenter Server Appliance Management Interface to restart or power off the virtual machine running. Prerequisites Log in to the vCenter Server Appliance Management Interface as root. Procedure 1 In the vCenter Server Appliance Management Interface, click Summary. 2 Click Reboot or Shutdown to restart or power off the virtual machine.
vCenter Server Appliance Configuration Configure the DNS, IP Address, and Proxy Settings You can assign static IPv4 and IPv6 addresses, edit the DNS settings, and define the proxy settings for the vCenter Server Appliance. Prerequisites n To change the IP address of the appliance, verify that the system name of the appliance is an FQDN.
Chapter 2 Using the Appliance Management Interface to Configure the vCenter Server Appliance 8 Edit the IPv6 settings. Option Description Obtain IPv6 settings automatically through DHCP Assigns IPv6 addresses to the appliance automatically from the network by using DHCP. Obtain IPv6 settings automatically through Router Advertisement Assigns IPv6 addresses to the appliance automatically from the network by using router advertisement.
vCenter Server Appliance Configuration 3 Configure the time synchronization settings. a In the Time Synchronization pane, click Edit. b From the Mode drop-down menu, configure the time synchronization method. Option c Description Disabled No time synchronization. Uses the system time zone settings. Host Enables VMware Tools time synchronization. Uses VMware Tools to synchronize the time of the appliance with the time of the ESXi host. NTP Enables NTP synchronization.
Chapter 2 Using the Appliance Management Interface to Configure the vCenter Server Appliance Procedure 1 In the vCenter Server Appliance Management Interface, select Syslog Configuration. 2 Click Edit. 3 From the Common Log Level drop-down menu, select the log files to redirect. Option Description * All log files are redirected to the remote machine. info Only informational log files are redirected to the remote machine. notice Only notices are redirected to the remote machine.
vCenter Server Appliance Configuration 3 From the table below the graph grid, select a packet or transmit byte rate to monitor. The options vary depending on your network settings. The network utilization graph refreshes to display the use of the item you select. 4 Point to the network utilization graph to see the network use data for a particular date and time.
Chapter 2 Using the Appliance Management Interface to Configure the vCenter Server Appliance 5 VMware, Inc. Point to the space utilization graph to see the database use value for a particular date and time.
vCenter Server Appliance Configuration 20 VMware, Inc.
Using the vSphere Web Client to Configure the vCenter Server Appliance 3 After you deploy the vCenter Server Appliance, you can perform some configuration operations from the vSphere Web Client such as joining the appliance to an Active Directory domain, managing the services that are running in the vCenter Server Appliance, networking, and other settings.
vCenter Server Appliance Configuration For example, to enable an Active Directory user to log in to the vCenter Server instance in a vCenter Server Appliance with an embedded Platform Services Controller by using the vSphere Web Client with Windows session authentication (SSPI), you must join the vCenter Server Appliance to the Active Directory domain and assign the Administrator role to this user.
Chapter 3 Using the vSphere Web Client to Configure the vCenter Server Appliance 12 Select Active Directory (Integrated Windows Authentication), enter the identity source settings of the joined Active Directory domain, and click OK. Table 3‑1. Add Identity Source Settings Text Box Description Domain name FDQN of the domain. Do not provide an IP address in this text box. Use machine account Select this option to use the local machine account as the SPN.
vCenter Server Appliance Configuration 2 On the vSphere Web Client main page, hover over the Home icon, click Home, and select System Configuration. 3 Under System Configuration, click Nodes. 4 Under Nodes, select a node and click the Manage tab. 5 Under Advanced, select Active Directory and click Leave. 6 Type the Active Directory user name and password. 7 Click OK to leave the Active Directory domain.
Chapter 3 Using the vSphere Web Client to Configure the vCenter Server Appliance Procedure 1 Use the vSphere Web Client to log in as administrator@your_domain_name to the vCenter Server instance in the vCenter Server Appliance. The address is of the type http://appliance-IP-address-or-FQDN/vsphere-client. 2 On the vSphere Web Client main page, hover over the Home icon, click Home, and select System Configuration. 3 Under System Configuration, click Nodes.
vCenter Server Appliance Configuration 6 Expand DNS and edit the settings. Option Description Obtain DNS server address automatically Obtains the DNS settings automatically from the network. Enter settings manually Lets you specify the DNS address settings manually. If you select this option, you must provide: n Hostname n Name of the vCenter Server Appliance machine. Preferred DNS server n IP address of the preferred DNS server. Alternate DNS server n IP address of the alternate DNS server.
Chapter 3 Using the vSphere Web Client to Configure the vCenter Server Appliance Edit the Firewall Settings of the vCenter Server Appliance After you deploy the vCenter Server Appliance, you can edit the firewall settings of the vCenter Server Appliance and can create firewall rules. You can edit the firewall settings by using the vSphere Web Client. By using the firewall rules, you can allow or block the traffic between the vCenter Server Appliance and specific servers, hosts, or virtual machines.
vCenter Server Appliance Configuration Edit the Startup Settings of a Service The Message Bus Configuration, ESXi Dump Collector, and Auto Deploy services are optional services in the vCenter Server Appliance and they are not running by default. You can edit the startup settings of these services in the vCenter Server Appliance. Prerequisites Verify that the user who logs in to the vCenter Server instance in the vCenter Server Appliance is a member of the SystemConfiguration.
Chapter 3 Using the vSphere Web Client to Configure the vCenter Server Appliance 5 From the Actions menu, select an operation. You can start, stop, and restart the service. View the Health Status of Services and Nodes In the vSphere Web Client, you can view the health status of vCenter Server services and nodes. vCenter Server instances and machines that run vCenter Server services are considered nodes. Graphical badges represent the health status of services and nodes.
vCenter Server Appliance Configuration Procedure 1 Log in as administrator@your_domain_name to the vCenter Server instance by using the vSphere Web Client. 2 On the vSphere Web Client Home page, under Administration, click System Configuration. 3 Under System Configuration, click Nodes and select a node from the list. 4 Click the Related Objects tab. You see the list of services running in the node you selected. Editable settings are not available for all manageable services.
Chapter 3 Using the vSphere Web Client to Configure the vCenter Server Appliance 7 Click the Export Support Bundle and save the bundle on your local machine. You saved the support bundle to your machine and can explore it. VMware, Inc.
vCenter Server Appliance Configuration 32 VMware, Inc.
Using the Appliance Shell to Configure the vCenter Server Appliance 4 You can access all of the vCenter Server Appliance API commands and plug-ins that you can use for monitoring, troubleshooting, and configuring the appliance by using the appliance shell. You can run all commands in the appliance shell with or without the pi keyword.
vCenter Server Appliance Configuration Enable and Access the Bash Shell from the Appliance Shell If you log in to the appliance shell as a user who has a super administrator role, you can enable access to the Bash shell of the appliance for other users. The root user has access to the appliance Bash shell by default. The appliance Bash shell is enabled by default for the root Procedure 1 Access the appliance shell and log in as a user who has a super administrator role.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance Table 4‑1. Keyboard Shortcuts and Function (Continued) Keyboard Shortcut Details Down arrow or Ctrl+N Returns to more recent commands in the history buffer after you use the Up arrow or Ctrl+P to recall commands. Ctrl+Y Recalls the most recent entry in the delete buffer. The delete buffer contains the last 10 items you have cut or deleted. Esc, Y Recalls the next entry in the delete buffer.
vCenter Server Appliance Configuration Table 4‑2. Plug-Ins Available in the vCenter Server Appliance (Continued) Plug-In Description com.vmware.nslookup A plug-in that you can use to query the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record. com.vmware.pgrep A plug-in that you can use to search for all named processes. com.vmware.pgtop A plug-in that you can use to monitor the PostgreSQL database. com.vmware.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance 2 Type the showlog command, add a space, and press the Tab key to view all the contents of the /var/log folder. 3 Run the command for viewing the firstboot log files of the vCenter Server Appliance. showlog /var/log/firstboot/cloudvm.log API Commands in the vCenter Server Appliance Shell The API commands in the vCenter Server Appliance let you perform various administrative tasks in the vCenter Server Appliance.
vCenter Server Appliance Configuration Table 4‑3. API Commands Available in the vCenter Server Appliance (Continued) 38 API Command Description com.vmware.appliance.version1.access.consolecli.get Get information about the state of the console-based controlled CLI (TTY1). com.vmware.appliance.version1.access.consolecli.set Set enabled state of console-based controlled CLI (TTY1). com.vmware.appliance.version1.access.dcui.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance Table 4‑3. API Commands Available in the vCenter Server Appliance (Continued) API Command Description com.vmware.appliance.version1.networking.dns.servers.get Get DNS server configuration. com.vmware.appliance.version1.networking.dns.servers.set Set the DNS server configuration. If the host is configured to acquire DNS servers and host name by using DHCP, a DHCP refresh is forced. com.vmware.appliance.version1.networking.
vCenter Server Appliance Configuration Table 4‑3. API Commands Available in the vCenter Server Appliance (Continued) 40 API Command Description com.vmware.appliance.version1.ntp.get Get NTP configuration settings. If you run the tymesync.get command, you can retrieve the current time synchronization method (by using NTP or VMware Tools). The ntp.get command always returns the NTP server information, even when the time synchronization method is not set to NTP.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance Table 4‑3. API Commands Available in the vCenter Server Appliance (Continued) API Command Description com.vmware.appliance.version1.resources.swap.stats.get Get swap statistics. com.vmware.appliance.version1.resources.system.health.get Get the overall health of the system. com.vmware.appliance.version1.resources.system.stats.get Get the system status. com.vmware.appliance.version1.services.
vCenter Server Appliance Configuration 2 Run the snmp.set --port command to configure the port. For example, run the following command: snmp.set --port port Here port is the port for the SNMP agent to use for listening for polling requests. Important The port you specify must not be already in use by other services. Use IP addresses from the dynamic range, port 49152 and up. 3 (Optional) If the SNMP agent is not enabled, enable it by running the snmp.enable command.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance Configure the SNMP Agent to Send v1 or v2c Notifications You can use the vCenter Server Appliance SNMP agent to send virtual machine and environmental notifications to management systems. To send SNMP v1 and v2c notifications with the SNMP agent, you must configure the target, that is the receiver, unicast address, community, and an optional port.
vCenter Server Appliance Configuration Configure the SNMP Engine ID Every SNMP v3 agent has an engine ID, which serves as a unique identifier for the agent. The engine ID is used with a hashing function to generate localized keys for authentication and encryption of SNMP v3 messages. If you do not specify an engine ID before you enable the SNMP agent, when you enable the standalone SNMP agent, an engine ID is generated.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance Configure SNMP Users You can configure up to five users who can access SNMP v3 information. User names must be no more than 32 characters long. While configuring a user, you generate authentication and privacy hash values based on the user's authentication and privacy passwords and on the SNMP agent's engine ID.
vCenter Server Appliance Configuration Procedure 1 Access the appliance shell and log in as a user who has the administrator or super administrator role. The default user with super administrator role is root. 2 Run the snmp.set --v3targets command to set up the SNMP v3 target. For example, run the following command: snmp.set --v3targets hostname@port/userid/secLevel/trap The parameters in the command are as follows.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance Configure SNMP Management Client Software After you have configured the vCenter Server Appliance to send traps, you must configure your management client software to receive and interpret those traps. To configure your management client software, specify the communities for the managed device, configure the port settings, and load the VMware MIB files.
vCenter Server Appliance Configuration Configuring Time Synchronization Settings in the vCenter Server Appliance You can change the time synchronization settings in the vCenter Server Appliance after deployment. When you deploy the vCenter Server Appliance, you can choose the time synchronization method to be either by using an NTP server or by using VMware Tools.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance Here IP-addresses-or-host-names is a comma-separated list of IP addresses or host names of the NTP servers. This command adds NTP servers to the configuration. If the time synchronization is based on an NTP server, then the NTP daemon is restarted to reload the new NTP servers. Otherwise, this command just adds the new NTP servers to the existing NTP configuration.
vCenter Server Appliance Configuration Managing Local User Accounts in the vCenter Server Appliance If you log in to the appliance shell as a super administrator, you can manage the local user accounts in the vCenter Server Appliance by running commands in the appliance shell. The default user with a super administrator role is root. User Roles in the vCenter Server Appliance There are three main user roles in the vCenter Server Appliance.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance You can also set up a new local user account and specify an email and the full name of the user. For example, to add the local user account test1 with the operator user role, full name TestName and the email address test1@mymail.com, run the following command: localaccounts.user.add --role operator --username test1 --password --fullname TestName -email test1@mymail.com You cannot use spaces in full names.
vCenter Server Appliance Configuration Here, user name is the name of the user that you want to edit and new full name is the new full name of the user. n To update the status of the local user, run the following command: localaccounts.user.set --username user name --status new status Here, user name is the name of the user that you want to edit and status is the new status of the local user. The status can be either disabled or enabled.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance n To view the health of the update component in the vCenter Server Appliance, run the softwarepackages.health.get command. Important If you do not perform regular checks for available patches, the health status of the update component might become out-of-date. For information about checking for vCenter Server Appliance patches and enabling automatic checks for vCenter Server Appliance patches, see vSphere Upgrade.
vCenter Server Appliance Configuration Table 4‑4. Interactive Mode Command-Line Options (Continued) Option Description -n number Sets the number of performed iterations before the vimtop exits interactive mode. vimtop updates the display number number of times and exits. The default value is 10000. -p / -d seconds Sets the update period in seconds. Interactive Mode Single-Key Commands for vimtop When running in interactive mode, vimtop recognizes several single-key commands.
Chapter 4 Using the Appliance Shell to Configure the vCenter Server Appliance Table 4‑5. Interactive Mode Single-Key Commands (Continued) Key Names Description x Return the column widths to their default values. + Expand selected item. - Collapse selected item. w Write the current setup to a vimtop configuration file. The default file name is the one specified by -c option, or /root/vimtop/vimtop.xml if the -c option is not used.
vCenter Server Appliance Configuration 56 VMware, Inc.
Using the Direct Console User Interface to Configure the vCenter Server Appliance 5 After you deploy the vCenter Server Appliance, you can reconfigure the network settings and enable access to the Bash shell for troubleshooting. To access the Direct Console User Interface, you must log in as root. The home page of the Direct Console User Interface contains a link to the support bundle of the vCenter Server Appliance.
vCenter Server Appliance Configuration Change the Password of the Root User To prevent unauthorized access to the vCenter Server Appliance Direct Console User Interface, you can change the password of the root user. The default root password for the vCenter Server Appliance is the password you enter during deployment of the virtual appliance. Important The password for the root account of the vCenter Server Appliance expires after 365 days.
Chapter 5 Using the Direct Console User Interface to Configure the vCenter Server Appliance 3 4 5 6 Change the IPv4 settings from IP Configuration. Option Description Use dynamic IP address and network configuration Obtains networking settings from a DHCP server if one is available on your network Set static IP address and network configuration Sets static networking configuration Change the IPv6 settings from IPv6 Configuration.
vCenter Server Appliance Configuration What to do next Access the vCenter Server Appliance Bash shell for troubleshooting. Access the Appliance Bash Shell for Troubleshooting Log in to the vCenter Server Appliance shell for troubleshooting purposes only. Procedure 1 Access the appliance shell using one of the following methods. n If you have direct access to the appliance, press Alt+F1. n If you want to connect remotely, use SSH or another remote console connection to start a session to the appliance.
Index A E accessing Bash shell 34 Active Directory domain, leaving 23 Active Directory domain, joining 21 API commands in the vCenter Server Appliance, getting help 35 APIs 37 appliance console, logging in 57 appliance password, changing 16, 58 appliance shell accessing 33 using to edit the vCenter Server Appliance 33 appliance troubleshooting, enabling 59 appliance configure DNS settings 58 configure IPv4 58 configure IPv6 58 configure management network 58 configure static IP 58 appliance Bash shell en
vCenter Server Appliance Configuration deleting from the vCenter Server Appliance 52 updating in the vCenter Server Appliance 51 log bundle, exporting 13 log bundles, exporting 30 log files 36 M management network, restarting 59 Message Bus Configuration, setting up startup settings 28 monitoring health status, services, nodes 29 health status, vCenter Server Appliance 12 N new local user account, vCenter Server Appliance 50 NTP servers, adding 48 NTP-based time synchronization 49 O overview of, vCenter
Index changing the role of a user account 51 changing the root password 16 configuration 57 configuring a proxy server 14 configuring access settings 13, 24 configuring IP address 14, 25 configuring SNMP 41 configuring SNMP authentication 44 configuring SNMP communities 42 configuring SNMP privacy protocols 44 configuring SNMP users 45 configuring SNMP v1 and v2c 42 configuring SNMP v3 engine ID 44 configuring SNMP v3 targets 45 deleting a local user account 52 editing DNS settings 14, 25 enabling or disab
vCenter Server Appliance Configuration 64 VMware, Inc.
