VMware ESXi esxcli Command: A Quick Tutorial
VMware ESXi esxcli Command: A Quick Tutorial
The esxcli is a command tool that is available on VMware ESXi for managing ESXi. Unlike the vim-cmd command, it focuses on underlying infrastructure and touches lower level of controls of the ESXi hypervisor itself. Although it’s just one command, it packs a lot of functionalities with different namespaces/sub-namespaces, and sub-commands. Because they are organized in nice tree hierarchy, it’s actually quite easy to use most times.
You can run the esxcli command directly in ESXi BusyBox Shell. For that you will need to have either direct access to the ESXi console, or SSH to the ESXi (you need to turn on the SSH Shell access). Should you have multiple ESXi servers to run the commands simultaneously, try the free DoubleCloud ICE I developed.
Alternatively, you can install vCLI on Windows or Linux from where you want to remotely manage ESXi servers. If you don’t want to install the package by yourself, you can download the vMA virtual appliance which has everything pre-installed and pre-configured. When you run the command this way, there is additional parameters for remote ESXi server address and credential. Other than that, the command syntax should be the same as native esxcli command.
There is actually another choice which is not documented but I digged it out anyway – You can run esxcli command in a browser. If you are interested, you can check out this post. Note that this is not supported by VMware.
This tutorial will guide you through all functionalities with samples and tips/tricks assuming we are using the native esxcli command. Given the complexity of the command, I cannot run all the combinations of parameters, please feel free to use the help and try by yourself when you cannot find exact sample. Should you find something worth sharing, please feel free to post them in the comments.
Where Is It Installed?
The esxcli command utility comes with the ESXi installation. If you type in the following commands you will find where it’s installed. Even more is that you will uncover the a little secret of esxcli – it’s essentially a Python script. If you are interested in what is in the script, you can simply check it out with vi command. We’ll not dig deeper there, but focus on the usage of the command as a user.
~ # which esxcli /sbin/esxcli ~ # ls -l /sbin/esxcli lrwxrwxrwx 1 root root 15 Aug 2 2012 /sbin/esxcli -> /sbin/esxcli.py |
What You Can Do With It?
Unlike the vim-cmd command which mainly focuses on the virtual machine related management, the esxcli focuses on the infrastructure like hardware, storage, networking, esxi software, etc.
Typing the esxcli command without any argument will displays the command usage. With the options, you can control the format of the output to be xml, csv, key/value pair, or json.
The esxcli command is a very complex command that achieve a lot given it’s a single command. To help user to use the command without getting confused, the namespaces are used to group the commands. The namespaces can be further divided into sub-namespaces depending the complexity.
The following command shows the top level namespaces, each of which can be nicely mapped to a group of functionality. Just reading description of these commands should give you an idea on what esxcli can do for you. We’ll dig deeper into each of them in the following sections.
~ # esxcli
Usage: esxcli [options] {namespace}+ {cmd} [cmd options]
Options:
--formatter=FORMATTER
Override the formatter to use for a given command.
Available formatter: xml, csv, keyvalue
--debug Enable debug or internal use options
--version Display version information for the script
-?, --help Display usage information for the script
Available Namespaces:
esxcli Commands that operate on the esxcli system itself
allowing users to get additional information.
fcoe VMware FCOE commands.
hardware VMKernel hardware properties and commands for
configuring hardware.
iscsi VMware iSCSI commands.
network Operations that pertain to the maintenance of
networking on an ESX host. This includes a wide
variety of commands to manipulate virtual networking
components (vswitch, portgroup, etc) as well as local
host IP, DNS and general host networking settings.
sched VMKernel system properties and commands for
configuring scheduling related functionality.
software Manage the ESXi software image and packages
storage VMware storage commands.
system VMKernel system properties and commands for
configuring properties of the kernel core system.
vm A small number of operations that allow a user to
Control Virtual Machine operations.
|
A bit more on the format. In the interactive mode, the default format of output is perfect. If you use the esxcli command for automation, other formats may be preferred. For example, the CSV can be easily imported into Excel or other spreadsheet for reporting and analytics. The XML is very good for data exchange. The key and value pairs are good shell script to consume. There are actually undocumented formats as I blogged about a while back.
High Level Conventions
In some way, the esxcli namespaces are like Java packages. At certain points down the namespace hierarchy, you can find available commands (think of them as methods on a class). One big difference is that there can be commands on a non-leaf namespace. Simply entering the full esxcli and namespace path will show both available namespaces and available commands.
The commands are mostly verbs as follows:
* list – retrieve a list of the objects that are represented by the namespace
* get – get information like property
* set – set a value
* load/unload – load/unload configuration
Note that they are not necessarily available in all the namespaces. When in double, always checkout the command line.
Depending on the command, there may be additional options specific to the command. These options are different from the general options which are always available for all commands.
Without further due, let’s jump to the sub-commands one by one.
Listing All esxcli Namespaces and Commands
Interestingly, the esxcli can also be a sub command to the esxcli command itself. What it does is very simple — list all the available namespaces and their commands. Because there are so many lines in the output, I will just show you the first few lines. You can easily find out in your SSH to ESXi.
~ # esxcli esxcli command
Usage: esxcli esxcli command {cmd} [cmd options]
Available Commands:
list This command will list all of the esxcli commands with their namespace,
object, command name and description.
~ # esxcli esxcli command list
Namespace Command
------------------------------------------------------ -----------
esxcli.command list
fcoe.adapter list
fcoe.nic disable
fcoe.nic discover
fcoe.nic list
hardware.bootdevice list
hardware.clock get
hardware.clock
...
|
Now, let’s take a look how to interpret the output. For each line, there is a corresponding esxcli command. Let’s pick up the second line “fcoe.adapter.” The related command is like the following:
$ esxcli fcoe adapter list |
The rule of thumb is to replace the dot with space and combine string together with top esxcli command and last command. For some commands, there are additional parameters, you may need to add there. For the list command, it’s mostly fine without additional parameters except the format as we discussed earlier.
Managing Fiber Channel Over Ethernet (FCOE)
We will not cover FCOE here as there are many good introduction already. Check out Cormac’s blog.
The following command shows it has two name spaces: adapter and nic.
~ # esxcli fcoe
Usage: esxcli fcoe {cmd} [cmd options]
Available Namespaces:
adapter Operations that can be performed on FCOE-type storage HBAs
nic Operations that can be performed on FCOE-capable CNA devices
|
To list adapters, you can use the following command:
# esxcli fcoe adapter list |
I don’t have a FCOE adapter in my home lab, but got a sample out from VMware KB article here for each adapter:
vmhba35 Source MAC: bc:30:5b:01:82:3c FCF MAC: 00:05:73:bf:48:33 VNPort MAC: 0e:fc:00:47:02:24 Physical NIC: vmnic8 User Priority: 3 VLAN id: 2008 |
For the NIC namespace, there are more commands available:
~ # esxcli fcoe nic
Usage: esxcli fcoe nic {cmd} [cmd options]
Available Commands:
disable Disable rediscovery of FCOE storage on behalf of an FCOE-capable CNA upon
next boot.
discover Initiate FCOE adapter discovery on behalf of an FCOE-capable CNA.
list List FCOE-capable CNA devices.
|
Here are the sample commands: (Again, the output sample from above KB article)
# esxcli fcoe nic list vmnic4 User Priority: 3 Source MAC: FF:FF:FF:FF:FF:FF Active: false Priority Settable: false Source MAC Settable: false VLAN Range Settable: false ~ # esxcli fcoe nic discover -n vmnic1 PNIC "vmnic1" is not FCoE-capable ~ # esxcli fcoe nic disable -n vmnic4 PNIC "vmnic4" is not FCoE-capable |
Managing Hardware
All the hardware related commands fit in the hardware namespace. As you can see the following output, you can retrieve information or manage various aspects of the hardware including cpu, ipmi, boot device, clock, memory, pci, platform (a little vague term, but will elaborate more soon), trusted boot.
Because hardware is hard, you cannot do much about it but retrieving the information about these components or aspects. So the list command is the most commonly used in this category.
~ # esxcli hardware
Usage: esxcli hardware {cmd} [cmd options]
Available Namespaces:
cpu CPU information.
ipmi IPMI information.
bootdevice Boot device information.
clock Interaction with the hardware clock.
memory Memory information.
pci PCI device information and configuration.
platform Platform information.
trustedboot Information about the status of trusted boot.
|
The following command lists the CPU related information. There are 8 cores, but I just show 2 core inforation here – the rest 6 is pretty much the same.
~ # esxcli hardware cpu list CPU:0 Id: 0 Package Id: 0 Family: 6 Model: 58 Type: 0 Stepping: 9 Brand: GenuineIntel Core Speed: 3392293892 Bus Speed: 99773344 APIC ID: 0x0 Node: 0 L2 Cache Size: 262144 L2 Cache Associativity: 8 L2 Cache Line Size: 64 L2 Cache CPU Count: 2 L3 Cache Size: 8388608 L3 Cache Associativity: 16 L3 Cache Line Size: 64 L3 Cache CPU Count: 2 CPU:1 Id: 1 Package Id: 0 Family: 6 Model: 58 Type: 0 Stepping: 9 Brand: GenuineIntel Core Speed: 3392293892 Bus Speed: 99773344 APIC ID: 0x1 Node: 0 L2 Cache Size: 262144 L2 Cache Associativity: 8 L2 Cache Line Size: 64 L2 Cache CPU Count: 2 L3 Cache Size: 8388608 L3 Cache Associativity: 16 L3 Cache Line Size: 64 L3 Cache CPU Count: 2 |
IPMI stands for Intelligent Platform Management Interface (http://en.wikipedia.org/wiki/Intelligent_Platform_Management_Interface). It allows remotely managing the server over IP network. From the esxcli commmand, you can further manage the Field Replaceable Unit, Sensor Data Repository, and System event log.
~ # esxcli hardware ipmi
Usage: esxcli hardware ipmi {cmd} [cmd options]
Available Namespaces:
fru Information from IPMI Field Replaceable Unit inventory (FRU).
sdr Information from IPMI Sensor Data Respository (SDR).
sel Information from IPMI System Event Log (SEL).
|
My server in use does not have the IPMI support, so the following commands return nothing or empty values. If you have enabled servers, you will see more with the same commands.
~ # esxcli hardware ipmi fru
Usage: esxcli hardware ipmi fru {cmd} [cmd options]
Available Commands:
get Get IPMI Field Replaceable Unit (FRU) device details.
list List IPMI Field Replaceable Unit (FRU) inventory.
~ # esxcli hardware ipmi fru list
~ # esxcli hardware ipmi fru get
Device IDs:
Features:
Raw:
Sizebytes:
~ # esxcli hardware ipmi sdr get
Feature:
Free Space:
Last Added:
Last Cleared:
Raw:
Total Records:
Version:
~ # esxcli hardware ipmi sdr list
~ # esxcli hardware ipmi sel get
Enabled:
Last Added:
Last Cleared:
Maximum Records:
Overflow:
Raw:
Sel Clock:
Total Records:
Version:
~ # esxcli hardware ipmi sel list
|
Listing the boot devices is supported with the bootdevice namespace as follows. Interestingly, the output lists nothing – the server did boot successfully.
~ # esxcli hardware bootdevice list |
Every computer has a clock. With esxcli command, you can get the time on the clock, and change the time on the clock. The parameters to set up new time is a little tricky, but using the help should be very easy. You can set individual component of the time, say year, month, etc.
~ # esxcli hardware clock get
2015-04-19T01:49:44Z
~ # esxcli hardware clock set
You must specify one of year, month, day, hour, minute or second
~ # esxcli hardware clock set 2015
Error: Unknown command or namespace hardware clock set 2015
~ # esxcli hardware clock set --help
Usage: esxcli hardware clock set [cmd options]
Description:
set Set the hardware clock time. Any missing parameters will default to the
current time.
Cmd options:
-d|--day= Day
-H|--hour= Hour
-m|--min= Minute
-M|--month= Month
-s|--sec= Second
-y|--year= Year
~ # esxcli hardware clock set -y 2015
|
Retrieving the physical memory of ESXi server is very simple with the following command. It also shows the NUMA node count.
~ # esxcli hardware memory get Physical Memory: 12845969408 Bytes NUMA Node Count: 1 |
PCI information can be retrieved with the pci name space as follows. The output is pretty long, so I just include the first device. With the long output, you can pipeline it to grep command for exact information you are interested in.
~ # esxcli hardware pci list 000:000:00.0 Address: 000:000:00.0 Segment: 0x0000 Bus: 0x00 Slot: 0x00 Function: 0x00 VMkernel Name: Vendor Name: Intel Corporation Device Name: Ivy Bridge DRAM Controller Configured Owner: Unknown Current Owner: VMkernel Vendor ID: 0x8086 Device ID: 0x0150 SubVendor ID: 0x17aa SubDevice ID: 0x364e Device Class: 0x0600 Device Class Name: Host bridge Programming Interface: 0x00 Revision ID: 0x09 Interrupt Line: 0xff IRQ: 255 Interrupt Vector: 0x00 PCI Pin: 0x74 Spawned Bus: 0x00 Flags: 0x0200 Module ID: -1 Module Name: None Chassis: 0 Physical Slot: 255 Slot Description: Passthru Capable: false Parent Device: Dependent Device: Reset Method: None FPT Sharable: false |
Now it’s time for the vague platform namespace. Let’s start with the command itself. With that, I don’t need to explain what the platform is.
~ # esxcli hardware platform get Platform Information UUID: 0x7a 0x9d 0x99 0xec 0x9d 0xa9 0x11 0xe1 0xaf 0x78 0xb8 0xfd 0x56 0x1b 0x2a 0x0 Product Name: IdeaCentre K430 Vendor Name: LENOVO Serial Number: ES09832596 IPMI Supported: false |
Last one in the hardware is the trusted boot. Again, my server does not have the feature. For more details on the technology, check out this wiki page: http://en.wikipedia.org/wiki/Trusted_Execution_Technology
~ # esxcli hardware trustedboot get Drtm Enabled: false Tpm Present: false |
ESXi Kernel Scheduling
With the sched namespace, we can manage VMKernel system properties and configure scheduling related functionality like swapping.
~ # esxcli sched swap system
Usage: esxcli sched swap system {cmd} [cmd options]
Available Commands:
get Get current state of the options of the system-wide shared
swap space.
set Change the configuration of system-wide shared swap space.
~ # esxcli sched swap system get
Datastore Active: false
Datastore Enabled: false
Datastore Name:
Datastore Order: 0
Hostcache Active: false
Hostcache Enabled: true
Hostcache Order: 1
Hostlocalswap Active: false
Hostlocalswap Enabled: true
Hostlocalswap Order: 2
|
The changing of properties is through the set command. You can change one or more properties at a time with the switches as listed below.
~ # esxcli sched swap system set --help
Usage: esxcli sched swap system set [cmd options]
Description:
set Change the configuration of system-wide shared swap space.
Cmd options:
-d|--datastore-enabled
If the datastore option should be enabled or not.
-n|--datastore-name=
The name of the datastore used by the datastore option.
-D|--datastore-order=
The order of the datastore option in the preference of the
options
-c|--hostcache-enabled
If the host cache option should be enabled or not.
-C|--hostcache-order=
The order of the host cache option in the preference of
the options.
-l|--hostlocalswap-enabled
If the host local swap option should be enabled or not.
-L|--hostlocalswap-order=
The order of the host local swap option in the preference
of the options.
|
Managing VIB Software
The design of ESXi is to keep the hypervisor as small as possible. Being small has many benefits, for example, less exposure to security attacks. At the same time, we need some flexibility to install new drivers or other software agents on the ESXi. This allows VMware partners to customize the system and extend the system with additional functionalities.
For that purpose, VMware created VIB format based on a Linux package system. It has related SDK for others to build the VIB. The commands in this section is about how to manage the VIBs with command line.
~ # esxcli software
Usage: esxcli software {cmd} [cmd options]
Available Namespaces:
sources Query depot contents for VIBs and image profiles
acceptance Retrieve and set the host acceptance level setting
profile Display, install, update or validates image profiles
vib Install, update, remove, or display individual VIB
packages
|
You can use the sources namespace to “browse” the VIB packages in a VIB depot. Before running the command, you want to modify firewall to allow HTTP client.
~ # esxcli network firewall ruleset set -e true -r httpClient ~ # esxcli software sources vib list -d http://vibsdepot.v-front.de Name Version Vendor Creation Date Acceptance Level Status ---------------------------- ------------------------- -------- ------------- ------------------ ------ sata-xahci 1.28-1 VFrontDe 2015-02-20 CommunitySupported New sata-xahci 1.25-1 VFrontDe 2014-11-23 CommunitySupported New sata-xahci 1.24-1 VFrontDe 2014-09-06 CommunitySupported New sata-xahci 1.16-1 VFrontDe 2014-04-12 CommunitySupported New ... |
In this sample, I used the v-front.de which has a rich collection of VIBs. In your company, you may have your own VIB depot.
If you use the get command, you will get a lot more details than the list. The following shows one part of the long output.
~ # esxcli software sources vib get -d http://vibsdepot.v-front.de VFrontDe_bootbank_sata-xahci_1.28-1 Name: sata-xahci Version: 1.28-1 Type: bootbank Vendor: VFrontDe Acceptance Level: CommunitySupported Summary: Adds mappings for unsupported SATA AHCI controllers Description: Adds mappings for unsupported SATA AHCI controllers ReferenceURLs: kb|http://vibsdepot.v-front.de/wiki/index.php/Sata-xahci Creation Date: 2015-02-20 Depends: sata-ahci Conflicts: Replaces: Provides: Maintenance Mode Required: True Hardware Platforms Required: Live Install Allowed: False Live Remove Allowed: False Stateless Ready: True Overlay: False Tags: Payloads: sata-xah |
This blog post has excellent introduction and more sample commands.
You can list the image profiles as follows. I intentionally used ESXi-6.0 for grep, or will get a lot more lines in output. Again, it connects to external site and you want to open firewall before this.
~ # esxcli software sources profile list -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml | grep ESXi-6.0 | sort ESXi-6.0.0-20150404001-no-tools VMware, Inc. PartnerSupported ESXi-6.0.0-20150404001-standard VMware, Inc. PartnerSupported ESXi-6.0.0-2494585-no-tools VMware, Inc. PartnerSupported ESXi-6.0.0-2494585-standard VMware, Inc. PartnerSupported |
To find out the exact content in an image profile:
~ # esxcli software sources profile get -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml -p ESXi-6.0.0-20150404001-no-tools
ESXi-6.0.0-20150404001-no-tools
Acceptance Level: PartnerSupported
Name: ESXi-6.0.0-20150404001-no-tools
Vendor: VMware, Inc.
Creation Time: 2015-03-26T01:59:10
Modification Time: 2015-03-26T01:59:10
Stateless Ready: True
Description:
For more information, see http://kb.vmware.com/kb/2111979.
VIBs: ata-pata-amd 0.3.10-3vmw.600.0.0.2494585, ata-pata-atiixp 0.4.6-4vmw.600.0.0.2494585, ata-pata-cmd64x 0.2.5-3vmw.600.0.0.2494585, ata-pata-hpt3x2n 0.3.4-3vmw.600.0.0.2494585, ata-pata-pdc2027x 1.0-3vmw.600.0.0.2494585, ata-pata-serverworks 0.4.3-3vmw.600.0.0.2494585, ata-pata-sil680 0.4.8-3vmw.600.0.0.2494585, ata-pata-via 0.3.3-2vmw.600.0.0.2494585, block-cciss 3.6.14-10vmw.600.0.0.2494585, cpu-microcode 6.0.0-0.0.2494585, ehci-ehci-hcd 1.0-3vmw.600.0.0.2494585, elxnet 10.2.309.6v-1vmw.600.0.0.2494585, emulex-esx-elxnetcli 10.2.309.6v-0.0.2494585, esx-base 6.0.0-0.5.2615704, esx-dvfilter-generic-fastpath 6.0.0-0.0.2494585, esx-tboot 6.0.0-0.0.2494585, esx-xserver 6.0.0-0.0.2494585, ima-qla4xxx 2.02.18-1vmw.600.0.0.2494585, ipmi-ipmi-devintf 39.1-4vmw.600.0.0.2494585, ipmi-ipmi-msghandler 39.1-4vmw.600.0.0.2494585, ipmi-ipmi-si-drv 39.1-4vmw.600.0.0.2494585, lpfc 10.2.309.8-2vmw.600.0.0.2494585, lsi-mr3 6.605.08.00-6vmw.600.0.0.2494585, lsi-msgpt3 06.255.12.00-7vmw.600.0.0.2494585, lsu-hp-hpsa-plugin 1.0.0-1vmw.600.0.0.2494585, lsu-lsi-lsi-mr3-plugin 1.0.0-1vmw.600.0.0.2494585, lsu-lsi-lsi-msgpt3-plugin 1.0.0-1vmw.600.0.0.2494585, lsu-lsi-megaraid-sas-plugin 1.0.0-1vmw.600.0.0.2494585, lsu-lsi-mpt2sas-plugin 1.0.0-1vmw.600.0.0.2494585, lsu-lsi-mptsas-plugin 1.0.0-1vmw.600.0.0.2494585, misc-cnic-register 1.78.75.v60.7-1vmw.600.0.0.2494585, misc-drivers 6.0.0-0.0.2494585, mtip32xx-native 3.8.5-1vmw.600.0.0.2494585, net-bnx2 2.2.4f.v60.10-1vmw.600.0.0.2494585, net-bnx2x 1.78.80.v60.12-1vmw.600.0.0.2494585, net-cnic 1.78.76.v60.13-2vmw.600.0.0.2494585, net-e1000 8.0.3.1-5vmw.600.0.0.2494585, net-e1000e 2.5.4-6vmw.600.0.0.2494585, net-enic 2.1.2.38-2vmw.600.0.0.2494585, net-forcedeth 0.61-2vmw.600.0.0.2494585, net-igb 5.0.5.1.1-5vmw.600.0.0.2494585, net-ixgbe 3.7.13.7.14iov-20vmw.600.0.0.2494585, net-mlx4-core 1.9.7.0-1vmw.600.0.0.2494585, net-mlx4-en 1.9.7.0-1vmw.600.0.0.2494585, net-nx-nic 5.0.621-5vmw.600.0.0.2494585, net-tg3 3.131d.v60.4-1vmw.600.0.0.2494585, net-vmxnet3 1.1.3.0-3vmw.600.0.0.2494585, nmlx4-core 3.0.0.0-1vmw.600.0.0.2494585, nmlx4-en 3.0.0.0-1vmw.600.0.0.2494585, nmlx4-rdma 3.0.0.0-1vmw.600.0.0.2494585, nvme 1.0e.0.35-1vmw.600.0.0.2494585, ohci-usb-ohci 1.0-3vmw.600.0.0.2494585, qlnativefc 2.0.12.0-5vmw.600.0.0.2494585, rste 2.0.2.0088-4vmw.600.0.0.2494585, sata-ahci 3.0-21vmw.600.0.0.2494585, sata-ata-piix 2.12-10vmw.600.0.0.2494585, sata-sata-nv 3.5-4vmw.600.0.0.2494585, sata-sata-promise 2.12-3vmw.600.0.0.2494585, sata-sata-sil 2.3-4vmw.600.0.0.2494585, sata-sata-sil24 1.1-1vmw.600.0.0.2494585, sata-sata-svw 2.3-3vmw.600.0.0.2494585, scsi-aacraid 1.1.5.1-9vmw.600.0.0.2494585, scsi-adp94xx 1.0.8.12-6vmw.600.0.0.2494585, scsi-aic79xx 3.1-5vmw.600.0.0.2494585, scsi-bnx2fc 1.78.78.v60.8-1vmw.600.0.0.2494585, scsi-bnx2i 2.78.76.v60.8-1vmw.600.0.0.2494585, scsi-fnic 1.5.0.45-3vmw.600.0.0.2494585, scsi-hpsa 6.0.0.44-4vmw.600.0.0.2494585, scsi-ips 7.12.05-4vmw.600.0.0.2494585, scsi-megaraid-mbox 2.20.5.1-6vmw.600.0.0.2494585, scsi-megaraid-sas 6.603.55.00-2vmw.600.0.0.2494585, scsi-megaraid2 2.00.4-9vmw.600.0.0.2494585, scsi-mpt2sas 19.00.00.00-1vmw.600.0.0.2494585, scsi-mptsas 4.23.01.00-9vmw.600.0.0.2494585, scsi-mptspi 4.23.01.00-9vmw.600.0.0.2494585, scsi-qla4xxx 5.01.03.2-7vmw.600.0.0.2494585, uhci-usb-uhci 1.0-3vmw.600.0.0.2494585, xhci-xhci 1.0-2vmw.600.0.0.2494585
|
Supposedly you can download a zip and point the depot to it as follows. Somehow it does not work even though I had the full path to the zip file as recommended by a few bloggers.
~ # esxcli software sources profile list -d /vmfs/volumes/datastore1/ESXi510-201406001.zip
[MetadataDownloadError]
Could not download from depot at zip:/vmfs/volumes/datastore1/ESXi510-201406001.zip?index.xml, skipping (('zip:/vmfs/volumes/datastore1/ESXi510-201406001.zip?index.xml', '', 'Error extracting index.xml from /vmfs/volumes/datastore1/ESXi510-201406001.zip: File is not a zip file'))
url = zip:/vmfs/volumes/datastore1/ESXi510-201406001.zip?index.xml
Please refer to the log file for more details.
|
The error message is not true because the zip file seems a valid zip file (not all output lines are listed)
~ # unzip -l /vmfs/volumes/datastore1/ESXi510-201406001.zip
Archive: /vmfs/volumes/datastore1/ESXi510-201406001.zip
Length Date Time Name
-------- ---- ---- ----
319 06-14-14 15:45 index.xml
207 06-14-14 15:45 vendor-index.xml
80403 06-14-14 15:45 metadata.zip
177231686 04-14-14 07:31 vib20/tools-light/VMware_locker_tools-light_5.1.0-2.28.1743533.vib
63758 08-01-12 20:49 vib20/scsi-bnx2i/VMware_bootbank_scsi-bnx2i_1.9.1d.v50.1-5vmw.510.0.0.799733.vib
|
ESXi has different level of acceptance for installing new VIBs. Changing acceptance levels enables installing VIBs from other vendors possible.
~ # esxcli software acceptance
Usage: esxcli software acceptance {cmd} [cmd options]
Available Commands:
get Gets the host acceptance level. This controls what VIBs will be allowed on a host.
set Sets the host acceptance level. This controls what VIBs will be allowed on a host.
~ # esxcli software acceptance get
PartnerSupported
~ # esxcli software acceptance set --level CommunitySupported
Host acceptance level changed to 'CommunitySupported'.
|
The level must be one of the values: VMwareCertified, VMwareAccepted, PartnerSupported, CommunitySupported. The acceptance level decides if some packages can be installed or not. From VMwareCertified to CommunitySupported, the criteria loosens up.
Different VIBs combined together forms a big collection called image profile. To manage image profile, the following commands can be used:
~ # esxcli software profile
Usage: esxcli software profile {cmd} [cmd options]
Available Commands:
get Display the installed image profile.
install Installs or applies an image profile from a depot to this host. This command
completely replaces the installed image with the image defined by the new image
profile, and may result in the loss of installed VIBs. The common vibs between host
and image profile will be skipped. To preserve installed VIBs, use profile update
instead. WARNING: If your installation requires a reboot, you need to disable HA
first.
update Updates the host with VIBs from an image profile in a depot. Installed VIBs may be
upgraded (or downgraded if --allow-downgrades is specified), but they will not be
removed. Any VIBs in the image profile which are not related to any installed VIBs
will be added to the host. WARNING: If your installation requires a reboot, you need
to disable HA first.
validate Validates the current image profile on the host against an image profile in a depot.
~ # esxcli software profile get
ESXi-5.1.0-799733-standard
Name: ESXi-5.1.0-799733-standard
Vendor: VMware, Inc.
Creation Time: 2012-12-16T13:24:21
Modification Time: 2015-04-19T13:06:04
Stateless Ready: True
Description:
The general availability release of VMware ESXi Server 5.1.0
brings whole new levels of virtualization performance to
datacenters and enterprises.
VIBs: ata-pata-amd 0.3.10-3vmw.510.0.0.799733, ata-pata-atiixp 0.4.6-4vmw.510.0.0.799733, ata-pata-cmd64x 0.2
~ # esxcli software vib
Usage: esxcli software vib {cmd} [cmd options]
Available Commands:
get Displays detailed information about one or more installed VIBs
install Installs VIB packages from a URL or depot. VIBs may be installed, upgraded, or
downgraded. WARNING: If your installation requires a reboot, you need to disable HA
first.
list Lists the installed VIB packages
remove Removes VIB packages from the host. WARNING: If your installation requires a reboot,
you need to disable HA first.
update Update installed VIBs to newer VIB packages. No new VIBs will be installed, only
updates. WARNING: If your installation requires a reboot, you need to disable HA
first.
|
It’s quite easy to list all the VIBs installed on the system. The following shows the command and part of output.
~ # esxcli software vib list Name Version Vendor Acceptance Level Install Date ----------------------------- ---------------------------------- ------ ---------------- ------------ ata-pata-amd 0.3.10-3vmw.510.0.0.799733 VMware VMwareCertified 2012-12-16 ata-pata-atiixp 0.4.6-4vmw.510.0.0.799733 VMware VMwareCertified 2012-12-16 ata-pata-cmd64x 0.2.5-3vmw.510.0.0.799733 VMware VMwareCertified 2012-12-16 ata-pata-hpt3x2n 0.3.4-3vmw.510.0.0.799733 VMware VMwareCertified 2012-12-16 ata-pata-pdc2027x 1.0-3vmw.510.0.0.799733 VMware VMwareCertified 2012-12-16 ata-pata-serverworks 0.4.3-3vmw.510.0.0.799733 VMware VMwareCertified 2012-12-16 ata-pata-sil680 0.4.8-3vmw.510.0.0.799733 VMware VMwareCertified 2012-12-16 ata-pata-via 0.3.3-2vmw.510.0.0.799733 VMware VMwareCertified 2012-12-16 block-cciss 3.6.14-10vmw.510.0.0.799733 VMware VMwareCertified 2012-12-16 ehci-ehci-hcd 1.0-3vmw.510.0.0.799733 VMware VMwareCertified 2012-12-16 esx-base 5.1.0-0.0.799733 VMware VMwareCertified 2012-12-16 esx-dvfilter-generic-fastpath 5.1.0-0.0.799733 VMware VMwareCertified 2012-12-16 esx-tboot 5.1.0-0.0.799733 VMware VMwareCertified 2012-12-16 esx-xlibs 5.1.0-0.0.799733 VMware VMwareCertified 2012-12-16 ... |
To get more details of a specific VIB, you can use the get command as follows with the VIB name.
~ # esxcli software vib get -n net-e1000e VMware_bootbank_net-e1000e_1.1.2-3vmw.510.0.0.799733 Name: net-e1000e Version: 1.1.2-3vmw.510.0.0.799733 Type: bootbank Vendor: VMware Acceptance Level: VMwareCertified Summary: e1000e: net driver for VMware ESX Description: Intel(R) PRO/1000 PCI-E Network Driver ReferenceURLs: Creation Date: 2012-08-02 Depends: vmkapi_2_1_0_0, com.vmware.driverAPI-9.2.1.0 Conflicts: Replaces: Provides: Maintenance Mode Required: True Hardware Platforms Required: Live Install Allowed: False Live Remove Allowed: False Stateless Ready: True Overlay: False Tags: driver, module Payloads: net-e100 |
To install a VIB, you should install command with VIB locations. For the VIB not signed, you want to turn off the signature checking with –no-sig-check option. WARNING: If your installation requires a reboot, you need to disable HA first.
$ esxcli software vib install -v /tmp/doublecloud-latest.vib --no-sig-check To remove a VIB, just use the remove command. $ esxcli software vib remove -n doublecloud |
iSCSI Management
iSCSI allows ESXi to use storages on remote iSCSC servers. The esxcli command can help to manage this feature on different layers in the stack. Again, I don’t have the set up with iSCSI support. Instead of real commands, the following commands shows mostly the help so that you can see what are theree.
~ # esxcli iscsi
Usage: esxcli iscsi {cmd} [cmd options]
Available Namespaces:
adapter Operations that can be performed on iSCSI adapters
networkportal Operations that can be performed on iSCSI Network Portal (iSCSI vmknic)
physicalnetworkportal Operations that can be performed on iSCSI Physical Network Portal (vmnic)
session Operations that can be performed on iSCSI sessions
ibftboot Operations that can be performed on iSCSI IBFT boot table
logicalnetworkportal Operations that can be performed on iSCSI Logical Network Portal (vmknic)
plugin Operations that can be performed on iSCSI management plugins
software Operations that can be performed on software iSCSI
~ # esxcli iscsi adapter
Usage: esxcli iscsi adapter {cmd} [cmd options]
Available Namespaces:
auth Operations that can be performed on iSCSI adapter authentications
discovery Operations that can be performed on iSCSI adapter discovery
target Operations that can be performed on iSCSI targets
capabilities Operations that can be performed on iSCSI adapter capabilities
firmware Operations that can be performed on iSCSI adapter firmware
param Operations that can be performed on iSCSI adapter parameters
Available Commands:
get List the iSCSI information for the iSCSI Host Bus Adapter.
list List all the iSCSI Host Bus Adapters on the system.
set Set the iSCSI name and alias for the iSCSI Host Bus Adapter.
~ # esxcli iscsi software
Usage: esxcli iscsi software {cmd} [cmd options]
Available Commands:
get Software iSCSI information.
set Enable or disable software iSCSI.
~ # esxcli iscsi software get
false
|
Network Management
ESXi has a rich set of features in networking. All the network related commands are grouped in the network namespace. To take a look at what are available there, simply type in:
~ # esxcli network
Usage: esxcli network {cmd} [cmd options]
Available Namespaces:
fence Commands to list fence information
firewall A set of commands for firewall related operations
ip Operations that can be performed on vmknics
nic Operations having to do with the configuration of
Network Interface Card and getting and updating the
NIC settings.
port Commands to get information about a port
sriovnic Operations having to do with the configuration of
SRIOV enabled Network Interface Card and getting and
updating the NIC settings.
vm A set of commands for VM related operations
vswitch Commands to list and manipulate Virtual Switches on an
ESX host.
diag Operations pertaining to network diagnostics
|
As you can find there are more sub-namespaces, each of which is still a big topic of itself.
Firewall Management
To find out the current firewall status, get command is the way to go:
~ # esxcli network firewall get Default Action: DROP Enabled: false Loaded: true |
Firewall module can be unloaded or loaded using the unload and load command as follows:
~ # esxcli network firewall unload ~ # esxcli network firewall load |
When firewall working, you can enable and disable the firewall as follows. You want to keep the firewall enabled all the time.
~ # esxcli network firewall set --enabled true ~ # esxcli network firewall set --enabled false |
You can also set the default action of firewall to let pass everything or block everything. When true is used, the firewall lets go everything unless specified otherwise; when false is used, it blocks everything by default.
~ # esxcli network firewall set --default-action=true ~ # esxcli network firewall set --default-action=false |
After you change firewall configuration, the ruleset may be out of sync with the active. To keep in sync, you can simply run the refresh command.
~ # esxcli network firewall refresh |
Above is the overall control of firewall. You can fine tune each individual rule set within the ruleset namespace.
~ # esxcli network firewall ruleset list Name Enabled ------------------ ------- sshServer true sshClient true nfsClient true dhcp true dns true snmp true ntpClient false CIMHttpServer true CIMHttpsServer true CIMSLP true iSCSI false vpxHeartbeats true updateManager false faultTolerance true webAccess true vMotion true vSphereClient true activeDirectoryAll false NFC true HBR true ftpClient false httpClient true gdbserver false DVFilter false DHCPv6 true DVSSync false syslog false IKED false WOL true vSPC false remoteSerialPort false vprobeServer false |
You can change individual ruleset to be enabled or disabled, and change the behavior to all all IP addresses or only those specified.
~ # esxcli network firewall ruleset set --ruleset-id=syslog --enabled true --allowed-all false |
Each ruleset consists of a collection of rules. You can list them using rule namespace. If you don’t provide ruleset-id as follows, you will get a long list of rules from all the rulesets.
~ # esxcli network firewall ruleset rule list --ruleset-id syslog Ruleset Direction Protocol Port Type Port Begin Port End ------- --------- -------- --------- ---------- -------- syslog Outbound UDP Dst 514 514 syslog Outbound TCP Dst 514 514 syslog Outbound TCP Dst 1514 1514 ~ # esxcli network firewall ruleset allowedip add --ruleset-id syslog --ip-address=10.20.30.1 ~ # esxcli network firewall ruleset allowedip list --ruleset-id syslog Ruleset Allowed IP Addresses ------- -------------------- syslog 10.20.30.1 ~ # esxcli network firewall ruleset allowedip remove --ruleset-id syslog --ip-address=10.20.30.1 |
Note that even with the powerful esxcli command, you can not modify much of the firewall configurations. For all the configurations, you want to go directly edit the configuration file then refresh the firewall:
~ # vi /etc/vmware/service/service.xml |
Managing Fencing Switches
For this feature, you must distributed virtual switch configured; or you will see the same output as I saw here.
~ # esxcli network fence list Unable to find vds with fence enabled |
To get all fence network bridge table entries information, you can use the following command.
~ # esxcli network fence network bte list --vds-name lab-switch1 --fence-id 10 |
To get all fence port info on the fence network, you can use the following command:
~ # esxcli network fence network bte list --vds-name lab-switch1 --fence-id 10 |
Managing IP Addresses and Configurations
To get the IPv6 related support, simply type the following.
~ # esxcli network ip get IPv6Enabled: true |
To turn off or turn on IPv6 support, you can use the set command. Note: you have to restart the ESXi for the configuration to take effect.
~ # esxcli network ip set --ipv6-enabled false |
To manage vmKernel network interfaces, you can use the interface namespace as follows:
# esxcli network ip interface add -i vmk3 -p bootPG ~ # esxcli network ip interface ipv4 get Name IPv4 Address IPv4 Netmask IPv4 Broadcast Address Type DHCP DNS ---- ------------- ------------- -------------- ------------ -------- vmk0 192.168.0.201 255.255.255.0 192.168.0.255 STATIC false |
To change the IP address for ESXi on an existing interface is easy too, but be careful with this operation because your SSH session may be terminated immediately.
# esxcli network ip interface ipv4 set -i vmk3 -I 192.168.2.2 -N 255.255.255.0 -t static |
Managing DNS server
The ESXi depends on the DNS setting to resolve server names. The following commands help manage the DNS.
~ # esxcli network ip dns server add -s 8.8.8.8 ~ # esxcli network ip dns server list DNSServers: 192.168.0.1, 8.8.8.8 ~ # esxcli network ip dns server remove -s 8.8.8.8 |
You also change the default search domain for the DNS settings.
~ # esxcli network ip dns search add -d doublecloud.net ~ # esxcli network ip dns search list DNSSearch Domains: doublecloud.net ~ # esxcli network ip dns search remove -d doublecloud.net |
Network Security
There are two aspects you can manage the security: security association, and security policy. There are quite a few options you can tune. Combined together, they can cover a lot of cases.
~ # esxcli network ip ipsec sa add --help
Usage: esxcli network ip ipsec sa add [cmd options]
Description:
add Add a Security Association.
Cmd options:
-e|--encryption-algorithm=
Encryption algorithm for the Security Association. Should be one in set [null, 3des-
cbc, aes128-cbc]. (required)
-k|--encryption-key=
Encryption key(ASCII or hex). Length of hex key is dependent upon algorithm used.
Required when a encryption algorithm has been specified.
-i|--integrity-algorithm=
Integrity algorithm for the Security Association. Should be one in set [hmac-sha1,
hmac-sha2-256]. (required)
-K|--integrity-key=
Integrity key(ASCII or hex). Length of hex key is dependent upon algorithm used.
(required)
-d|--sa-destination=
Ipv6 address of Security Association destination. Can be specified as 'any' or a
correct IPv6 address. (required)
-m|--sa-mode= Security Association mode. Should be one in set [transport, tunnel].
-n|--sa-name= Name for the Security Association to be added. (required)
-s|--sa-source= Ipv6 address of Security Association source. Can be specified as 'any' or a correct
IPv6 address. (required)
-p|--sa-spi= SPI value for the Security Association(hex). (required)
~ # esxcli network ip ipsec sp add --help
Usage: esxcli network ip ipsec sp add [cmd options]
Description:
add Add a Security Policy.
Cmd options:
-A|--action= Action for Security Policy. Should be one in set [none, discard, ipsec].
-P|--destination-port=
Destination Port for Security Policy. '0' stands for 'any' (required)
-w|--flow-direction=
Flow direction for Security Policy. Should be one in set [in, out].
-a|--sa-name= Name for the Security Association. Not being Specified lets vmkernel automatically
choose an Security Association. If no applicable Security Association exists, then
vmkernel may request one using IKE.
-p|--source-port=
Source Port for Security Policy. '0' stands for 'any' (required)
-d|--sp-destination=
Ipv6 address and prefix length of Security Policy destination. Can be specified as
'any' or a correct Ipv6 network address. (required)
-m|--sp-mode= Security Policy mode. Should be one in set [transport, tunnel].
-n|--sp-name= Name for the Security Policy to be added. (required)
-s|--sp-source= Ipv6 address and prefix length of Security Policy source. Can be specified as 'any' or
a correct IPv6 network address. (required)
-u|--upper-layer-protocol=
Upper layer protocol for Security Policy, Should be one in set [any, tcp, udp,
icmp6].
|
Managing Gateways
You can manage both IPv4 and IPv6 networks. I first show the IPv4 here because the IPv6 is very similar.
~ # esxcli network ip route ipv4 list Network Netmask Gateway Interface Source ----------- ------------- ----------- --------- ------ default 0.0.0.0 192.168.8.1 vmk0 MANUAL 192.168.8.0 255.255.255.0 0.0.0.0 vmk0 MANUAL |
To change the gateway, try the following command. Again, you session may be terminated with invalid parameter.
~ # esxcli network ip route ipv4 add --gateway=192.168.0.1 --network=default |
To remove a route, you can use remove command with same parameters as the add command. Again, be careful as your session may be terminated right away.
For the IPv6 listing of routes, you can see something similar as follows:
~ # esxcli network ip route ipv6 list Network Netmask Gateway Interface ------- --------------------- ------- --------- fe80:: ffff:ffff:ffff:ffff:: fe80::1 lo0 fe80:: ffff:ffff:ffff:ffff:: :: vmk0 ff01:: ffff:ffff:: ::1 lo0 ff01:: ffff:ffff:: :: vmk0 ff02:: ffff:ffff:: ::1 lo0 ff02:: ffff:ffff:: :: vmk0 |
List Live Network Connections
At any given time, you can find out what live connections are there.
~ # esxcli network ip connection list Proto Recv Q Send Q Local Address Foreign Address State World ID World Name ----- ------ ------ ------------------ ------------------- ----------- -------- --------------- tcp 0 0 127.0.0.1:8307 127.0.0.1:55067 ESTABLISHED 2931 hostd-worker tcp 0 0 127.0.0.1:55067 127.0.0.1:8307 ESTABLISHED 3864 rhttpproxy-work tcp 0 0 127.0.0.1:443 127.0.0.1:50352 ESTABLISHED 2752 rhttpproxy-work tcp 0 0 127.0.0.1:50352 127.0.0.1:443 ESTABLISHED 2333889 python |
The type of connection can be filtered as follows. I intentionally used udp as it’s a lot less than the tcp connections.
~ # esxcli network ip connection list --type udp Proto Recv Q Send Q Local Address Foreign Address State World ID World Name ----- ------ ------ ----------------- --------------- ----- -------- ---------- udp 0 0 192.168.0.201:427 0.0.0.0:0 2959 udp 0 0 0.0.0.0:427 0.0.0.0:0 2959 udp 0 0 :::8301 :::0 2421 udp 0 0 :::8302 :::0 2421 udp 0 0 :::8200 :::0 2548 |
Finding Neighbour on Network
You can use the esxcli command to list the network neighbors on the same network.
~ # esxcli network ip neighbor list Neighbor Mac Address Vmknic Expiry State ------------------------- ----------------- ------ -------- --------- 192.168.0.1 00:26:5a:cb:1f:0b vmk0 1189 sec 192.168.0.3 00:11:32:21:9b:09 vmk0 740 sec fe80::8e89:a5ff:fed2:b40f 8c:89:a5:d2:b4:0f vmk0 0 sec Reachable |
Managing Network Interface Card (NIC)
~ # esxcli network nic list
Name PCI Device Driver Link Speed Duplex MAC Address MTU Description
------ ------------- ------ ---- ----- ------ ----------------- ---- -------------------------------------
vmnic0 0000:004:00.0 r8168 Up 1000 Full 8c:89:a5:d2:b4:0f 1500 Realtek Realtek 8168 Gigabit Ethernet
~ # esxcli network nic set --help
Usage: esxcli network nic set [cmd options]
Description:
set Set the general options for the specified ethernet device.
Cmd options:
-a|--auto Set the speed and duplexity settings to autonegotiate.
-D|--duplex= The duplex to set this NIC to. Acceptable values are : [full, half]
-l|--message-level=
Sets the driver message level. Meaning differ per driver.
-n|--nic-name= The name of the NIC to configured. This must be one of the cards listed in the nic
list command. (required)
-P|--phy-address=
Set the PHY address of the device
-p|--port= Selects device port. Available device ports are aui: Select aui as the device
port bnc: Select bnc as the device port fibre: Select mii as the device port
mii: Select mii as the device port tp: Select tp as the device port
-S|--speed= The speed to set this NIC to. Acceptable values are : [10, 100, 1000, 10000]
-t|--transceiver-type=
Selects transeiver type. Currently only internal and external can be specified, in the
future future types might be added. Available transeiver types are external: Set
the transceiver type to external internal: Set the transceiver type to internal
-w|--wake-on-lan=
Sets Wake-on-LAN options. Not all devices support this. The argument to this option is
a string of characters specifying which options to enable. p Wake on phy activity u
wake on unicast messages m Wake on multicast messages b wake on broadcast messages a
Wake on ARP g Wake on MagicPacket(tm) s Enable SecureOn(tm) password for
MagicPacket(tm)
|
To turn on NIC VLAN stats, we can use set command as follows, and then we can check the VLAN stats.
~ # esxcli network nic vlan stats set --nic-name=vmnic0 --enabled true ~ # esxcli network nic vlan stats get --nic-name=vmnic0 VLAN 0 Packets received: 111 Packets sent: 221 |
For each NIC, you can get its stats with the stats namespace.
~ # esxcli network nic stats get --nic-name=vmnic0 NIC statistics for vmnic0 Packets received: 76577956 Packets sent: 166128469 Bytes received: 26876727438 Bytes sent: 217556196739 Receive packets dropped: 0 Transmit packets dropped: 0 Total receive errors: 0 Receive length errors: 0 Receive over errors: 0 Receive CRC errors: 0 Receive frame errors: 0 Receive FIFO errors: 0 Receive missed errors: 0 Total transmit errors: 0 Transmit aborted errors: 0 Transmit carrier errors: 0 Transmit FIFO errors: 0 Transmit heartbeat errors: 0 Transmit window errors: 0 |
To get the current configuration of a network interface, you can use the get command with the name of the interface.
~ # esxcli network nic get --nic-name=vmnic0
Advertised Auto Negotiation: true
Advertised Link Modes: 10baseT/Half, 10baseT/Full, 100baseT/Half, 100baseT/Full, 1000baseT/Full
Auto Negotiation: true
Cable Type: Twisted Pair
Current Message Level: 51
Driver Info:
Bus Info: 0000:04:00.0
Driver: r8168
Firmware Version:
Version: 8.013.00-NAPI
Link Detected: true
Link Status: Up
Name: vmnic0
PHYAddress: 0
Pause Autonegotiate: false
Pause RX: false
Pause TX: false
Supported Ports: TP
Supports Auto Negotiation: true
Supports Pause: false
Supports Wakeon: true
Transceiver: internal
Wakeon: MagicPacket(tm)
|
You can set the NIC with different parameters like speed, duplex mode. For easy life, you can simply use the –auto option which let the ESXi automatically negoatiate these with other system. When you have –auto option, you must not specify the speed and duplex mode. NOTE: if you use SSH to your ESXi server, be careful not to mess up the NIC underlying.
~ # esxcli network nic set --nic-name=vmnic0 --auto --wake-on-lan=p |
For a particular NIC adapter, you can also turn it on and off. Be careful not to turn off the NIC underlying your SSH session, or you have to have physical access or IPMI.
~ # esxcli network nic up --nic-name=vmnic0 ~ # esxcli network nic down --nic-name=vmnic0 |
Virtual Machine Related Networking
To list all the virtual machines and their ports and networks they connect to, use the list command as follows.
~ # esxcli network vm list World ID Name Num Ports Networks -------- ----------------------- --------- ---------- 42898 vCenter_VA 1 VM Network 44126 ESXi60 1 VM Network 879855 CentOS64Web 1 VM Network |
Further down the port namespace, we can get more details of ports used by a specific virtual machine which is identified by the world id. Please note that you can also find the uplink port ID, which can used as normal VM port ID for its stats and filters.
~ # esxcli network vm port list --world-id=42898 Port ID: 33554439 vSwitch: vSwitch0 Portgroup: VM Network DVPort ID: MAC Address: 00:0c:29:7b:a1:f4 IP Address: 0.0.0.0 Team Uplink: vmnic0 Uplink Port ID: 33554434 Active Filters: |
Getting Port Related Stats and Filters
For each port, you can get the stats based its port number. The following command shows what are included in the stats.
~ # esxcli network port stats get --portid=33554439 Packet statistics for port 33554439 Packets received: 2692640 Packets sent: 3076405 Bytes received: 2131115950 Bytes sent: 522406213 Broadcast packets received: 115193 Broadcast packets sent: 213179 Multicast packets received: 25794 Multicast packets sent: 10 Unicast packets received: 2551653 Unicast packets sent: 2863216 Receive packets dropped: 0 Transmit packets dropped: 0 |
To get port filter related stats, run the following command. Somehow I don’t have filter therefore nothing is shown in output.
~ # esxcli network port filter stats get --portid=33554434 |
Managing SR-IOV
SR-IOV stands for Single Root I/O Virtualization. It allow one PCI device appears as multiple NIC cards to the hypervisor. Scott Lowe has a nice blog post on this topic.
To list the NICs that support SR-IOV, and list the virtual functions (VF) on a nic, run the following commands.
~ # esxcli network sriovnic list ~ # esxcli network sriovnic vf list --nic-name=vmnic0 |
There is no SRIOV Nic with name vmnic0
Managing Virtual Switches
The standard and distributed virtual switch are in two parallel namespaces. They allow lots of control over virtual switches.
To list all the virtual switches, use the list command as follows:
~ # esxcli network vswitch standard list vSwitch0 Name: vSwitch0 Class: etherswitch Num Ports: 128 Used Ports: 11 Configured Ports: 128 MTU: 1500 CDP Status: listen Beacon Enabled: false Beacon Interval: 1 Beacon Threshold: 3 Beacon Required By: Uplinks: vmnic0 Portgroups: VM Network, Management Network |
To create a new virtual switch, use the add command with port number and name.
~ # esxcli network vswitch standard add --vswitch-name="LabOnly" --ports=1024 |
The newly created virtual switch takes default for mtu, and cdp, but you can change them using the set command with the options below.
Cmd options:
-c|--cdp-status= The CDP status of the given virtual switch. It can be 'down', 'listen', 'advertise' or
'both'
-m|--mtu= The MTU size of the given virtual switch.
-v|--vswitch-name=
The name of virtual switch to apply the configurations. (required)
|
You can delete a virtual switch by the remove command
~ # esxcli network vswitch standard remove --vswitch-name=LabOnly |
There are many policies you can change with esxcli command, namely failover, security, shaping. You can set these policies using the set command under the corresponding namespace. The name for the virtual switch is case sensitive.
~ # esxcli network vswitch standard policy failover get --vswitch-name=vSwitch1 Load Balancing: srcport Network Failure Detection: link Notify Switches: true Failback: true Active Adapters: Standby Adapters: Unused Adapters: ~ # esxcli network vswitch standard policy security get --vswitch-name=vSwitch1 Allow Promiscuous: false Allow MAC Address Change: true Allow Forged Transmits: true ~ # esxcli network vswitch standard policy shaping get --vswitch-name=vSwitch1 Enabled: false Average Bandwidth: -1 Kbps Peak Bandwidth: -1 Kbps Burst Size: -1 Kib |
To add a new uplink to a virtual switch, you can run the following command. The uplink name must be a valid pnic name.
# esxcli network vswitch standard uplink add --vswitch-name=vSwitch1 --uplink-name=vmnic0 |
To remove an uplink, just use the remove commmand
# esxcli network vswitch standard uplink remove --vswitch-name=vSwitch1 --uplink-name=vmnic0 |
Managing Port Groups
Port group is a “virtual” concept. It defines a common behavior for a group of ports.
~ # esxcli network vswitch standard portgroup list Name Virtual Switch Active Clients VLAN ID ------------------ -------------- -------------- ------- Management Network vSwitch0 1 0 Private VM Network vSwitch1 0 0 VM Network vSwitch0 7 0 |
To add a new port group, use the add command
~ # esxcli network vswitch standard portgroup add --vswitch-name=vSwitch1 --portgroup-name="SysTest" |
To remove a port group, use the remove command:
~ # esxcli network vswitch standard portgroup remove --portgroup-name=SysTest --vswitch-name=vSwitch1 |
You can change the VLAN ID with set command. Note that this may affect the network connectivity.
~ # esxcli network vswitch standard portgroup set --portgroup-name="VM Network" --vlan-id=100 |
There are similar policies that are associated with port groups as with the virtual switch. The following shows 3 commands and you can see what are included in the policy.
~ # esxcli network vswitch standard portgroup policy failover get --portgroup-name="VM Network" Load Balancing: srcport Network Failure Detection: link Notify Switches: true Failback: true Active Adapters: vmnic0 Standby Adapters: Unused Adapters: Override Vswitch Load Balancing: false Override Vswitch Network Failure Detection: false Override Vswitch Notify Switches: false Override Vswitch Failback: false Override Vswitch Uplinks: false ~ # esxcli network vswitch standard portgroup policy security get --portgroup-name="VM Network" Allow Promiscuous: true Allow MAC Address Change: true Allow Forged Transmits: true Override Vswitch Allow Promiscuous: true Override Vswitch Allow MAC Address Change: false Override Vswitch Allow Forged Transmits: false ~ # esxcli network vswitch standard portgroup policy shaping get --portgroup-name="VM Network" Enabled: false Average Bandwidth: -1 Kbps Peak Bandwidth: -1 Kbps Burst Size: -1 Kib Override Vswitch Enabled: false Override Vswitch Average Bandwidth: false Override Vswitch Peak Bandwidth: false Override Vswitch Burst Size: false |
Distributed Virtual Switch
Distributed virtual switch is similar to standard virtual switch but the control is centralized in vCenter server. The esxcli command allows control of the vmware virtual switch. For the Cisco Nexus 1000v, you can use their own command line that I introduced before.
~ # esxcli network vswitch dvs vmware
Usage: esxcli network vswitch dvs vmware {cmd} [cmd options]
Available Namespaces:
lacp A set of commands for LACP related operations
vxlan A set of commands for VXLAN related operations
Available Commands:
list List the VMware vSphere Distributed Switch currently configured on the ESXi host.
Diagnosing Network Connection with Ping
The ping command is very useful for testing network connection. The esxcli command comes with a handy one as well with additional controls. I found it’s extremely helpful when I tested the jumbo frame configuration for my ESXi to a NAS server.
~ # esxcli network diag ping --ipv4 --host=192.168.11.3 --size=9000
Summary:
Duplicated: 0
Host Addr: 192.168.11.3
Packet Lost: 100
Recieved: 0
Roundtrip Avg MS: -2147483648
Roundtrip Max MS: 0
Roundtrip Min MS: 999999000
Transmitted: 3
Trace:
|
There are more options as shown in the following.
Cmd options:
-c|--count= Specify the number of packets to send.
-D|--debug VMKPing debug mode.
-d|--df Set DF bit on IPv4 packets.
-H|--host= Specify the host to send packets to. (required)
-I|--interface= Specify the outgoing interface.
-i|--interval= Set the interval for sending packets in seconds.
-4|--ipv4 Ping with ICMPv4 echo requests.
-6|--ipv6 Ping with ICMPv6 echo requests.
-N|--nexthop= Override the system's default route selection, in dotted quad notation. (IPv4 only.
Requires interface option)
-s|--size= Set the payload size of the packets to send.
-t|--ttl= Set IPv4 Time To Live or IPv6 Hop Limit
-W|--wait= Set the timeout to wait if no responses are received in seconds.
|
Managing Storage
The storage is another heavy aspect of ESXi management. It includes 6 different sub namespaces, each of which is a big topic by itself.
~ # esxcli storage
Usage: esxcli storage {cmd} [cmd options]
Available Namespaces:
core VMware core storage commands.
nmp VMware Native Multipath Plugin (NMP). This is the VMware default implementation of the
Pluggable Storage Architecture.
san IO device management operations to the SAN devices on the system.
vmfs VMFS operations.
filesystem Operations pertaining to filesystems, also known as datastores, on the ESX host.
nfs Operations to create, manage and remove Network Attached Storage filesystems.
|
Managing NFS
To list all the NFS volumes that are already mounted on the host, just run the list command.
~ # esxcli storage nfs list Volume Name Host Share Accessible Mounted Read-Only Hardware Acceleration ----------- ----------- ------------ ---------- ------- --------- --------------------- vms 192.168.0.3 /volume1/vms true true false Not Supported |
To add a new NFS volume, you want to use the add command:
~ # esxcli storage nfs add --host=192.168.0.3 --share="/volume1/vms" --volume-name=vms |
To remove an existing volume, then the remove command is handy.
~ # esxcli storage nfs remove --volume-name=vms2 |
Managing File System
To list all the mount points, you can run the following command. You can check out the volume names, types, size, free space.
~ # esxcli storage filesystem list Mount Point Volume Name UUID Mounted Type Size Free ------------------------------------------------- ----------- ----------------------------------- ------- ------ ------------- ------------- /vmfs/volumes/f3956571-cbbda790 vms f3956571-cbbda790 true NFS 2948716871680 2898078482432 /vmfs/volumes/50cdcb68-6fc8e606-bb76-8c89a5d2b40f datastore1 50cdcb68-6fc8e606-bb76-8c89a5d2b40f true VMFS-5 1995012308992 1672298364928 /vmfs/volumes/50cdcb6a-6cac08ca-6b16-8c89a5d2b40f 50cdcb6a-6cac08ca-6b16-8c89a5d2b40f true vfat 4293591040 4255121408 /vmfs/volumes/ce5db771-45edfd5c-a23e-edcce43edff3 ce5db771-45edfd5c-a23e-edcce43edff3 true vfat 261853184 125370368 /vmfs/volumes/7431f671-c7c192c1-91ce-5255b286bbb3 7431f671-c7c192c1-91ce-5255b286bbb3 true vfat 261853184 261844992 /vmfs/volumes/50cdcb4f-7e8fc89e-7ed1-8c89a5d2b40f 50cdcb4f-7e8fc89e-7ed1-8c89a5d2b40f true vfat 299712512 87957504 |
With changes on the file system, you can also run the following command to rescan and automatically mount those unmounted.
~ # esxcli storage filesystem rescan ~ # esxcli storage filesystem automount |
To unmount a volume, use the unmount command with label or UUID.
~ # esxcli storage filesystem unmount --help
Usage: esxcli storage filesystem unmount [cmd options]
Description:
unmount Disconnect and unmount and existing VMFS or NAS volume. This will not delete the configuration for the volume, but will
remove the volume from the list of mounted volumes.
Cmd options:
-n|--no-persist Unmount the volume non-peristently; the volume will be automounted after a restart.
-l|--volume-label=
The label of the volume to unmount.
-p|--volume-path=
The path of the volume to unmount.
-u|--volume-uuid=
The uuid of the volume to unmount.
|
Managing VMFS System
~ # esxcli storage vmfs upgrade --volume-label=datastore1 In-place upgrade of VMFS5is not supported on this platform ~ # esxcli storage vmfs extent list Volume Name VMFS UUID Extent Number Device Name Partition ----------- ----------------------------------- ------------- ------------------------------------------------------------------------ --------- datastore1 50cdcb68-6fc8e606-bb76-8c89a5d2b40f 0 t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 3 |
There are also snapshot feature that can be managed by a few commands.
~ # esxcli storage vmfs snapshot
Usage: esxcli storage vmfs snapshot {cmd} [cmd options]
Available Namespaces:
extent Manage VMFS snapshot extents.
Available Commands:
list List unresolved snapshots/replicas of VMFS volume.
mount Mount a snapshot/replica of a VMFS volume.
resignature Resignature a snapshot/replica of a VMFS volume.
|
Managing SAN Storage
As I don’t have SAN storage in my lab, I won’t go deeper on this, but show the help of the command. You can drill down and give it try by yourself.
~ # esxcli storage san
Usage: esxcli storage san {cmd} [cmd options]
Available Namespaces:
fc IO Device Management operations to the FC adapters on the system.
fcoe IO Device Management operations to the FCoE adapters on the system.
iscsi IO Device Management operations to the Software iSCSI adapters on the system.
sas IO Device Management operations to the SAS adapters on the system.
|
Managing Native Multi-Path
~ # esxcli storage nmp path list
sata.vmhba35-sata.0:0-mpx.vmhba35:C0:T0:L0
Runtime Name: vmhba35:C0:T0:L0
Device: mpx.vmhba35:C0:T0:L0
Device Display Name: Local PLDS CD-ROM (mpx.vmhba35:C0:T0:L0)
Group State: active
Array Priority: 0
Storage Array Type Path Config: SATP VMW_SATP_LOCAL does not support path configuration.
Path Selection Policy Path Config: {current: yes; preferred: yes}
sata.vmhba0-sata.0:0-t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D
Runtime Name: vmhba0:C0:T0:L0
Device: t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D
Device Display Name: Local ATA Disk (t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D)
Group State: active
Array Priority: 0
Storage Array Type Path Config: SATP VMW_SATP_LOCAL does not support path configuration.
Path Selection Policy Path Config: {current: yes; preferred: yes}
|
We can also list the devices involved in Native Multipath:
~ # esxcli storage nmp device list
t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D
Device Display Name: Local ATA Disk (t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D)
Storage Array Type: VMW_SATP_LOCAL
Storage Array Type Device Config: SATP VMW_SATP_LOCAL does not support device configuration.
Path Selection Policy: VMW_PSP_FIXED
Path Selection Policy Device Config: {preferred=vmhba0:C0:T0:L0;current=vmhba0:C0:T0:L0}
Path Selection Policy Device Custom Config:
Working Paths: vmhba0:C0:T0:L0
Is Local SAS Device: false
Is Boot USB Device: false
mpx.vmhba35:C0:T0:L0
Device Display Name: Local PLDS CD-ROM (mpx.vmhba35:C0:T0:L0)
Storage Array Type: VMW_SATP_LOCAL
Storage Array Type Device Config: SATP VMW_SATP_LOCAL does not support device configuration.
Path Selection Policy: VMW_PSP_FIXED
Path Selection Policy Device Config: {preferred=vmhba35:C0:T0:L0;current=vmhba35:C0:T0:L0}
Path Selection Policy Device Custom Config:
Working Paths: vmhba35:C0:T0:L0
Is Local SAS Device: false
Is Boot USB Device: false
|
Multipath policy can also be configured using different plugins, which are listed as follows:
~ # esxcli storage nmp psp list Name Description ------------- --------------------------------- VMW_PSP_MRU Most Recently Used Path Selection VMW_PSP_RR Round Robin Path Selection VMW_PSP_FIXED Fixed Path Selection |
To list the configuration of a particular policy, we can use the following command (The device value is a little bit long but you can copy and paste it from the list command)
~ # esxcli storage nmp psp fixed deviceconfig get --device=mpx.vmhba35:C0:T0:L0
Configured Preferred Path:
Device: mpx.vmhba35:C0:T0:L0
Preferred Path: vmhba35:C0:T0:L0
~ # esxcli storage nmp psp generic deviceconfig get --device=mpx.vmhba35:C0:T0:L0
{preferred=vmhba35:C0:T0:L0;current=vmhba35:C0:T0:L0}
~ # esxcli storage nmp psp roundrobin deviceconfig get --device=mpx.vmhba35:C0:T0:L0
Device mpx.vmhba35:C0:T0:L0 Does not use the Round Robin path selection policy.
|
To list all the storage array plugin (SATP), the following command is handy.
~ # esxcli storage nmp satp list Name Default PSP Description ------------------- ------------- ------------------------------------------ VMW_SATP_MSA VMW_PSP_MRU Placeholder (plugin not loaded) VMW_SATP_ALUA VMW_PSP_MRU Placeholder (plugin not loaded) VMW_SATP_DEFAULT_AP VMW_PSP_MRU Placeholder (plugin not loaded) VMW_SATP_SVC VMW_PSP_FIXED Placeholder (plugin not loaded) VMW_SATP_EQL VMW_PSP_FIXED Placeholder (plugin not loaded) VMW_SATP_INV VMW_PSP_FIXED Placeholder (plugin not loaded) VMW_SATP_EVA VMW_PSP_FIXED Placeholder (plugin not loaded) VMW_SATP_ALUA_CX VMW_PSP_RR Placeholder (plugin not loaded) VMW_SATP_SYMM VMW_PSP_RR Placeholder (plugin not loaded) VMW_SATP_CX VMW_PSP_MRU Placeholder (plugin not loaded) VMW_SATP_LSI VMW_PSP_MRU Placeholder (plugin not loaded) VMW_SATP_DEFAULT_AA VMW_PSP_FIXED Supports non-specific active/active arrays VMW_SATP_LOCAL VMW_PSP_FIXED Supports direct attached devices |
To change the SATP, the following options are needed.
~ # esxcli storage nmp satp set --help
Usage: esxcli storage nmp satp set [cmd options]
Description:
set Set the default Path Selection Policy for a given Storage Array Type Plugin (SATP).
Cmd options:
-b|--boot This is a system default rule added at boot time. Do not modify esx.conf or add to host profile.
-P|--default-psp=
The default path selection policy to set for a given --satp (required)
-s|--satp= The SATP name for the Storage Array Type Plugin on which this command will operate. (required)
|
Core Storage
The following command lists all the storage adapters on the host,
~ # esxcli storage core adapter list HBA Name Driver Link State UID Description -------- ------ ---------- ------------ ---------------------------------------------------------- vmhba0 ahci link-n/a sata.vmhba0 (0:0:31.2) Intel Corporation Panther Point AHCI Controller vmhba33 ahci link-n/a sata.vmhba33 (0:0:31.2) Intel Corporation Panther Point AHCI Controller vmhba34 ahci link-n/a sata.vmhba34 (0:0:31.2) Intel Corporation Panther Point AHCI Controller vmhba35 ahci link-n/a sata.vmhba35 (0:0:31.2) Intel Corporation Panther Point AHCI Controller vmhba36 ahci link-n/a sata.vmhba36 (0:0:31.2) Intel Corporation Panther Point AHCI Controller vmhba37 ahci link-n/a sata.vmhba37 (0:0:31.2) Intel Corporation Panther Point AHCI Controller |
To make sure the adapters are found, run the rescan all command.
~ # esxcli storage core adapter rescan --all |
IO statistics are also available with the following command. More lines are actually there, but skipped here to save space.
~ # esxcli storage core adapter stats get vmhba0 Successful Commands: 22831456 Blocks Read: 582070835 Blocks Written: 401568853 Read Operations: 12365270 Write Operations: 10407137 Reserve Operations: 710 Reservation Conflicts: 0 Failed Commands: 25975 Failed Blocks Read: 132581 Failed Blocks Written: 283880 Failed Read Operations: 4255 Failed Write Operations: 20791 Failed Reserve Operations: 0 Total Splits: 0 PAE Commands: 0 |
To list storage adapters, the following command works.
~ # esxcli storage core device list t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D Display Name: Local ATA Disk (t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D) Has Settable Display Name: true Size: 1907729 Device Type: Direct-Access Multipath Plugin: NMP Devfs Path: /vmfs/devices/disks/t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D Vendor: ATA Model: Hitachi HDS72302 Revision: MN6O SCSI Level: 5 Is Pseudo: false Status: on Is RDM Capable: false Is Local: true Is Removable: false Is SSD: false Is Offline: false Is Perennially Reserved: false Queue Full Sample Size: 0 Queue Full Threshold: 0 Thin Provisioning Status: unknown Attached Filters: VAAI Status: unknown Other UIDs: vml.01000000002020202020204d4e313234304641303944553544486974616368 Is Local SAS Device: false Is Boot USB Device: false ~ # esxcli storage core device smart get --device-name=t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D Parameter Value Threshold Worst ---------------------------- ----- --------- ----- Health Status OK N/A N/A Media Wearout Indicator N/A N/A N/A Write Error Count N/A N/A N/A Read Error Count 100 16 100 Power-on Hours 98 0 98 Power Cycle Count 100 0 100 Reallocated Sector Count 100 5 100 Raw Read Error Rate 100 16 100 Drive Temperature 181 0 181 Driver Rated Max Temperature N/A N/A N/A Write Sectors TOT Count 200 0 200 Read Sectors TOT Count N/A N/A N/A Initial Bad Block Count N/A N/A N/A |
Get device statistics
~ # esxcli storage core device stats get t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D Device: t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D Successful Commands: 24676085 Blocks Read: 624508799 Blocks Written: 434893836 Read Operations: 13214112 Write Operations: 11411077 Reserve Operations: 710 Reservation Conflicts: 0 Failed Commands: 27910 Failed Blocks Read: 39323 Failed Blocks Written: 311962 Failed Read Operations: 4481 Failed Write Operations: 23000 Failed Reserve Operations: 0 mpx.vmhba35:C0:T0:L0 Device: mpx.vmhba35:C0:T0:L0 Successful Commands: 0 Blocks Read: 0 Blocks Written: 0 Read Operations: 0 Write Operations: 0 Reserve Operations: 0 Reservation Conflicts: 0 Failed Commands: 17197 Failed Blocks Read: 0 Failed Blocks Written: 0 Failed Read Operations: 16 Failed Write Operations: 0 Failed Reserve Operations: 0 |
To get a list of the worlds that are currently using devices on the ESX host, the following command is used:
~ # esxcli storage core device world list Device World ID Open Count World Name ------------------------------------------------------------------------ -------- ---------- ---------- t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 0 1 t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 2056 2 idle0 ~ # esxcli storage core device partition list Device Partition Start Sector End Sector Type Size ------------------------------------------------------------------------ --------- ------------ ---------- ---- ------------- t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 0 0 3907029168 0 2000398934016 t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 1 64 8192 0 4161536 t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 2 1843200 10229760 6 4293918720 t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 3 10229760 3907029135 fb 1995161280000 t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 5 8224 520192 6 262127616 t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 6 520224 1032192 6 262127616 t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 7 1032224 1257472 fc 115326976 t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 8 1257504 1843200 6 299876352 |
Optionally, we can list the partitions with their GUID as follows:
~ # esxcli storage core device partition showguid Device Partition Layout GUID ------------------------------------------------------------------------ --------- ------ -------------------------------- t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 0 GPT 00000000000000000000000000000000 t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 1 GPT c12a7328f81f11d2ba4b00a0c93ec93b t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 2 GPT ebd0a0a2b9e5443387c068b6b72699c7 t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 3 GPT aa31e02a400f11db9590000c2911d1b8 t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 5 GPT ebd0a0a2b9e5443387c068b6b72699c7 t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 6 GPT ebd0a0a2b9e5443387c068b6b72699c7 t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 7 GPT 9d27538040ad11dbbf97000c2911d1b8 t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D 8 GPT ebd0a0a2b9e5443387c068b6b72699c7 |
To list all devices that were detached manually by changing their state on the system, run the following command. This is related to the ESXi feature of pluggable storage architectures (PSA).
~ # esxcli storage core device detached list |
For the VAAI feature, we can get their status. In my case, it’s not used at all therefore no much to show.
~ # esxcli storage core device vaai status get t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D VAAI Plugin Name: ATS Status: unsupported Clone Status: unsupported Zero Status: supported Delete Status: unsupported mpx.vmhba35:C0:T0:L0 VAAI Plugin Name: ATS Status: unsupported Clone Status: unsupported Zero Status: unsupported Delete Status: unsupported |
To list all the SCSI paths on the system, use the following command:
~ # esxcli storage core path list sata.vmhba35-sata.0:0-mpx.vmhba35:C0:T0:L0 UID: sata.vmhba35-sata.0:0-mpx.vmhba35:C0:T0:L0 Runtime Name: vmhba35:C0:T0:L0 Device: mpx.vmhba35:C0:T0:L0 Device Display Name: Local PLDS CD-ROM (mpx.vmhba35:C0:T0:L0) Adapter: vmhba35 Channel: 0 Target: 0 LUN: 0 Plugin: NMP State: active Transport: sata Adapter Identifier: sata.vmhba35 Target Identifier: sata.0:0 Adapter Transport Details: Unavailable or path is unclaimed Target Transport Details: Unavailable or path is unclaimed Maximum IO Size: 131072 |
For each path, it can be set active, or off using the set command.
~ # esxcli storage core path set --help
Usage: esxcli storage core path set [cmd options]
Description:
set Provide control to allow a user to modify a single path's state. This efffectively allows a user to
enable or disable SCSI paths. The user is not able to change the full range of path states, but can
toggle between 'active' and 'off'. Please NOTE changing the Path state on any path that is the only path
to a given device is likely to fail. The VMkernel will not change the path's state if changing the state
would cause an 'All paths down' state or the device is currently in use.
Cmd options:
-p|--path= Select the path to set path state on. This can be a Runtime Name or Path UID (required)
--state= Set the SCSI path state for a the specific path given. Valid values are : active: Set the path's
state to active. This may be immediately changed by the system to another state if the active state is
not appropriate. off: Administratively disable this path. (required)
|
For path level stats, the following command can be used:
~ # esxcli storage core path stats get sata.vmhba35-sata.0:0-mpx.vmhba35:C0:T0:L0 UID: sata.vmhba35-sata.0:0-mpx.vmhba35:C0:T0:L0 Runtime Name: vmhba35:C0:T0:L0 Successful Commands: 4 Blocks Read: 0 Blocks Written: 0 Read Operations: 0 Write Operations: 0 Reserve Operations: 0 Reservation Conflicts: 0 Failed Commands: 29658 Failed Blocks Read: 0 Failed Blocks Written: 0 Failed Read Operations: 17 Failed Write Operations: 0 Failed Reserve Operations: 0 Total Splits: 17247 PAE Commands: 0 |
To list plugins in the system, the following command is used:
~ # esxcli storage core plugin list Plugin name Plugin class ----------- ------------ NMP MP |
To allow automatic claiming process of PSA, the autoclaim can be used. By default, it’s enabled and should not be turned off.
~ # esxcli storage core claiming autoclaim --enabled true For the automatic claiming, rules can be used. The following command lists all the rules: ~ # esxcli storage core claimrule list Rule Class Rule Class Type Plugin Matches ---------- ----- ------- --------- --------- --------------------------------- MP 0 runtime transport NMP transport=usb MP 1 runtime transport NMP transport=sata MP 2 runtime transport NMP transport=ide MP 3 runtime transport NMP transport=block MP 4 runtime transport NMP transport=unknown MP 101 runtime vendor MASK_PATH vendor=DELL model=Universal Xport MP 101 file vendor MASK_PATH vendor=DELL model=Universal Xport MP 65535 runtime vendor NMP vendor=* model=* |
New rules can also be added into the rule set. The command expects a few parameters, but the help is probably the best – it comes with a few examples.
~ # esxcli storage core claimrule add --help
Usage: esxcli storage core claimrule add [cmd options]
Description:
add Add a claimrule to the set of claimrules on the system.
Cmd options:
-A|--adapter= Indicate the adapter of the paths to use in this operation.
-u|--autoassign The system will auto assign a rule id.
-C|--channel= Indicate the channel of the paths to use in this operation.
-c|--claimrule-class=
Indicate the claim rule class to use in this operation [MP, Filter, VAAI].
-d|--device= Indicate the Device Uid to use for this operation.
-D|--driver= Indicate the driver of the paths to use in this operation.
-f|--force Force claim rules to ignore validity checks and install the rule anyway.
--if-unset= Execute this command if this advanced user variable is not set to 1
-i|--iqn= Indicate the iSCSI Qualified Name for the target to use in this operation.
-L|--lun= Indicate the LUN of the paths to use in this operation.
-M|--model= Indicate the model of the paths to use in this operation.
-P|--plugin= Indicate which PSA plugin to use for this operation. (required)
-r|--rule= Indicate the rule ID to use for this operation.
-T|--target= Indicate the target of the paths to use in this operation.
-R|--transport= Indicate the transport of the paths to use in this operation. Valid Values are: [block, fc, iscsi,
iscsivendor, ide, sas, sata, usb, parallel, unknown]
-t|--type= Indicate which type of matching used for claim/unclaim or claimrule. Valid values are: [vendor,
location, driver, transport, device, target] (required)
-V|--vendor= Indicate the vendor of the paths to user in this operation.
--wwnn= Indicate the World-Wide Node Number for the target to use in this operation.
--wwpn= Indicate the World-Wide Port Number for the target to use in this operation.
Examples:
Add rule #321 for the Filter plugin type that will claim the given device for the VAAI Filter plugin
# esxcli storage core claimrule add -r 321 -t device -P VAAI_FILTER --claimrule-class=Filter --device=mpx.vmhba0
Add rule #321 for the VAAI plugin type that will claim the given device for the VMW_VAAIP_SYMM plugin
# esxcli storage core claimrule add -r 321 -t device -P VMW_VAAIP_SYMM --claimrule-class=VAAI --device=naa.1234
Add rule #321 that will claim the path on adapter vmhba0, channel 0, target 0, LUN 0 for the NMP plugin
# esxcli storage core claimrule add -r 321 -t location -A vmhba0 -C 0 -T 0 -L 0 -P NMP
Add rule #429 for the MP claim rule type that will claim all paths provided by an adapter with the mptscsi driver for the MASK_PATH plugin.
# esxcli storage core claimrule add -r 429 -t driver -D mptscsi -P MASK_PATH --claimrule-class=MP
Add rule #914 to claim all paths with a vendor string matching "VMWARE" and a model string "Virtual" for the NMP plugin
# esxcli storage core claimrule add -r 914 -t vendor -V VMWARE -M Virtual -P NMP
Add rule #1015 to claim all paths provided by Fibre Channel type adapters for the NMP plugin.
# esxcli storage core claimrule add -r 1015 -t transport -R fc -P NMP
Add rule #429 to claim all paths provided by Fibre Channel Target on given WWNN and WWPN.
# esxcli storage core claimrule add -r 429 -P NMP -t target -R fc --wwnn 50:06:01:60:ba:60:11:53 --wwpn 50:06:01:60:3a:60:11:53
Add rule #429 to claim paths to LUN 5 provided by iSCSI Target on given IQN.
# esxcli storage core claimrule add -r 429 -P NMP -t target -R iscsi --iqn iqn.2001-04.com.example:storage.disk2.sys1.xyz --lun 5
Add a rule with a system assigned rule id to claim all paths provided by Fibre Channel type adapters for the NMP plugin.
# esxcli storage core claimrule add --autoassign -t transport -R fc -P NMP
|
Managing System Wide Settings
This section involves global setting for the ESXi management.
Get ESXi Boot Device
~ # esxcli system boot device get Boot Filesystem UUID: ce5db771-45edfd5c-a23e-edcce43edff3 Boot NIC: Stateless Boot NIC: |
Managing Core Dump
The ESXi core can be dumped to a network server if you configure it as follows:
~ # esxcli system coredump network set --interface-name=vmk0 --server-ipv4=192.168.0.3 ~ # esxcli system coredump network set --enable true ~ # esxcli system coredump network get Enabled: true Host VNic: vmk0 Network Server IP: 192.168.0.3 Network Server Port: 6500 |
Core can aso be dumped into local partition and that involves another sub namespace – partition.
To get the configuration, use the get command.
~ # esxcli system coredump partition get Active: t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D:7 Configured: t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D:7 |
To set the configuration, the set command is handy.
~ # esxcli system coredump partition list Name Path Active Configured -------------------------------------------------------------------------- ---------------------------------------------------------------------------------------------- ------ ---------- t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D:7 /vmfs/devices/disks/t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D:7 true true |
You can also change the configuration with the set command.
~ # esxcli system coredump partition set --help
Usage: esxcli system coredump partition set [cmd options]
Description:
set Set the specific VMkernel dump partition for this system. This will configure the dump
partition for the next boot. This command will change the active dump partition to the
partition specified.
Cmd options:
-e|--enable Enable or disable the VMkernel dump partition. This option cannot be specified when
setting or unconfiguring the dump partition.
-p|--partition= The name of the partition to use. This should be a device name with a partition number
at the end. Example: naa.xxxxx:1
-s|--smart This flag can be used only with --enable=true. It will cause the best available
partition to be selected using the smart selection algorithm.
-u|--unconfigure Set the dump partition into an unconfigured state. This will remove the current
configured dump partition for the next boot. This will result in the smart activate
algorithm being used at the next boot.
|
Module Management
To list the modules in ESXi server, you can use the module sub namespace with list command. There are many lines of output not listed here.
~ # esxcli system module list Name Is Loaded Is Enabled ----------------------------- --------- ---------- vmkernel true true chardevs true true user true true vprobe true true vmkapi_socket true true ... |
To get details about a module, you can use the get command
~ # esxcli system module get --module=nmp Module: nmp Module File: /usr/lib/vmware/vmkmod/nmp License: VMware Version: Version 1.0.0-0, Built on: Aug 1 2012 Signed Status: VMware Signed Signature Issuer: VMware, Inc. Signature Digest: c99a 0c21 a220 c1b4 c0e7 202b c7f8 e916 6220 391f fe76 9612 bf38 d755 779c 5640 Signature FingerPrint: cb44 247a 1614 cea1 2079 362d ec86 9d0e Provided Namespaces: com.vmware.vmkapi@v2_1_0_0 Required Namespaces: com.vmware.vmkapi@v2_1_0_0, vmkernel@nover ~ # esxcli system module set --module=nmp --enabled true |
To load a module, run the following command:
~ # esxcli system module load --module=nmp --force |
You can also list parameters of a module as follows. There are actually more lines but omitted. It’s also highly possible that there is no line at all because there is no parameter to change for that module.
~ # esxcli system module parameters list --module=dvfilter Name Type Value Description ---------------------------------- ----- ----- ------------------------------------------------------------------------------- DVFILTERCOMM_HEAP_MAX_SIZE int Default DVFilterComm max heap size DVFILTERCOMM_HEAP_MIN_SIZE int Default DVFilterComm min heap size DVFILTERCOMM_MAXWRITEQUEUE_LEN_CTL int Default DVFilterComm max control message enqueued length (bytes) DVFILTERCOMM_MAXWRITEQUEUE_LEN_PKT int Default DVFilterComm max packet message enqueued length (bytes) |
Userworld Process
To list these processes, you can use the following command. Again, it’s not fully list due to space limit.
~ # esxcli system process list
Id Cartel Id Name Security Domain Command Line
------- --------- ------------------------------------- ------------------ --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
2049 0 idle1 superDom
2050 0 idle2 superDom
|
To find how many userworld processes running, try the following command:
~ # esxcli system process stats running get Running Processes: 350 |
To get the system workload, run the following command and get the load in 1, 5, and 15 minute period. You will get more from esxtop command anyway.
~ # esxcli system process stats load get Load1Minute: 0.04 Load15Minutes: 0.04 Load5Minutes: 0.04 |
Security Policy
As usual, you can list all the security policies using the list command. With each policy, you can see its enforcement level.
~ # esxcli system secpolicy domain list Domain Name Enforcement Level ------------------ ----------------- appDom enforcing pluginDom enforcing pluginFrameworkDom enforcing regularVMDom enforcing superDom enforcing swMgmtDom enforcing |
To change the level of enforcement, use the set command. Other than the enforcing level, I haven’t seen other level and I even tried none and a few others with no luck. The help doesn’t help neither – something for VMware to improve.
~ # esxcli system secpolicy domain set --name=appDom --level=enforcing
~ # esxcli system secpolicy domain set --help
Usage: esxcli system secpolicy domain set [cmd options]
Description:
set Set the enforcement level for a domain in the system. Any option specified here is not
persistent and will not survive a reboot of the system.
Cmd options:
-a|--all-domains All domains.
-l|--level= The enforcement level. (required)
-n|--name= The domain name.
|
Kernel Settings
There are many parameters with which you can tune the ESXi. For a complete list of these parameters, you can use the list command as follows. As you expect, there are so many of them, I just show first two. The name of the setting is self explanatory with the description field.
~ # esxcli system settings kernel list Name Type Description Configured Runtime Default ------------------------------- ------ ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- ---------- ------- ------- acpiDbgLevel uint32 ACPI debug level 0 0 0 allowNonNX Bool Allow booting with NX feature disabled or non present. FALSE FALSE FALSE ~ # esxcli system settings kernel set --setting=acpiDbgLevel --value=0 |
ESXi Advanced Settings
There are many parameters you can fine tune the ESXi. The following shows the commands you can list them, change them.
~ # esxcli system settings advanced list
Path: /Irq/BestVcpuRouting
Type: integer
Int Value: 0
Default Int Value: 0
Min Value: 0
Max Value: 1
String Value:
Default String Value:
Valid Characters:
Description: 1: try to route the virtual interrupt to the best vcpu; 0 to disable
Path: /Irq/IRQRebalancePeriod
Type: integer
Int Value: 50
Default Int Value: 50
Min Value: 10
Max Value: 20000
String Value:
Default String Value:
Valid Characters:
Description: time in ms between attempts to rebalance interrupts
...
~ # esxcli system settings advanced set --help
Usage: esxcli system settings advanced set [cmd options]
Description:
set Set the value of an advanced option.
Cmd options:
-d|--default Reset the option to its default value.
-i|--int-value= If the option is an integer value use this option.
-o|--option= The name of the option to set the value of. Example: "/Misc/HostName" (required)
-s|--string-value=
If the option is a string use this option.
|
Setting Keyboard Configurations
ESXi is like an operating system which can interactive with users. One way of interaction is via keyboard. The esxcli command allows changing the keyboard configuration.
~ # esxcli system settings keyboard layout list Layout --------------- Belgian Brazilian Croatian Czechoslovakian Danish Estonian Finnish French German Greek Icelandic Italian Japanese Latin American Norwegian Polish Portuguese Russian Slovenian Spanish Swedish Swiss French Swiss German Turkish US Default US Dvorak Ukrainian United Kingdom ~ # esxcli system settings keyboard layout get US Default |
To change the keyboard layout, the following command can be used. It’s not persisted across reboot with the no-persist option.
~ # esxcli system settings keyboard layout set --layout="United Kingdom" --no-persist |
Getting Uptime of the ESXi server
The first command is not that readable because the unit is microseconds. You can try the second one for days of up time.
~ # esxcli system stats uptime get 3118666003442 ~ # echo $(($(esxcli system stats uptime get)/86400000000)) 36 |
Syslog management
You can mark the syslog by adding a unique message in the log. Why is it needed? You can use it to mark start of new period for testing something, so that you can later easily locate the start point.
~ # esxcli system syslog mark --message="DoubleCloud Inc." ~ # tail /var/log/syslog.log 2015-04-21T09:05:01Z syslog[2342114]: starting hostd probing. 2015-04-21T09:05:16Z syslog[2342114]: hostd probing is done. 2015-04-21T09:09:56Z smartd: [warn] t10.ATA_____Hitachi_HDS723020BLA642___________LENOVO______MN1240FA09DU5D: above TEMPERATURE threshold (187 > 0) 2015-04-21T09:10:01Z crond[2488]: crond: USER root pid 2342297 cmd /sbin/hostd-probe 2015-04-21T09:10:01Z syslog[2340250]: starting hostd probing. 2015-04-21T09:10:16Z syslog[2340250]: hostd probing is done. 2015-04-21T09:15:01Z crond[2488]: crond: USER root pid 2342557 cmd /sbin/hostd-probe 2015-04-21T09:15:01Z syslog[2342558]: starting hostd probing. 2015-04-21T09:15:16Z syslog[2342558]: hostd probing is done. 2016-04-21T09:16:49Z mark: DoubleCloud Inc. |
You can reload the log daemon to apply any new configuration options as follows:
~ # esxcli system syslog reload |
To retrieve syslog configuration, get command can be used:
~ # esxcli system syslog config get Local Log Output: Local Logging Default Rotation Size: 1024 Local Logging Default Rotations: 8 Log To Unique Subdirectory: false Remote Host: |
If you want to export the syslog to a remote syslog server, you can use the set command as follows. You want to make sure the FQDN is resolvable, which may involve the configuration of DNS as described earlier.
~ # esxcli system syslog config set --loghost=syslog.doublecloud.net Failed to resolve remote host: syslog.doublecloud.net ~ # esxcli system syslog config set --loghost=192.168.0.1 |
To list all the loggers, run the following command. There are many other loggers not listed due to limit of space.
~ # esxcli system syslog config logger list Description: Default syslog catch-all Destination: syslog.log ID: syslog Rotation Size: 1024 Rotations: 8 Description: VMware AMQP daemon log Destination: vmamqpd.log ID: vmamqpd Rotation Size: 1024 Rotations: 8 Description: Host Agent Probe Destination: hostd-probe.log ID: hostd-probe Rotation Size: 1024 Rotations: 8 |
To change a specific logger configuration like the rotation size and how many rotations to keep, you can run the following command. The id must be one in the above list output. The unit for the size is KiB.
~ # esxcli system syslog config logger set --id=vmamqpd --size=2048 |
To reset a specific value for a logger, run the following command:
~ # esxcli system syslog config logger set --id=vmamqpd --reset=size |
Hypervisor File System
The following command shows a quick summary of the file system. You can also drill down to the ramdisk and tardisk with the next two commands.
~ # esxcli system visorfs get Total Inodes: 524288 Used Inodes: 2865 Unlinked Inodes: 0 Reserved Inodes: 0 Peak Used Inodes: 2933 Peak Unlinked Inodes: 1 Peak Reserved Inodes: 1 Free Inode Percent: 99 Lowest Free Inode Percent: 99 ~ # esxcli system visorfs ramdisk list Ramdisk Name System Reserved Maximum Used Peak Used Free Reserved Free Maximum Inodes Allocated Inodes Used Inodes Mount Point ------------ ------ --------- ---------- -------- --------- ---- ------------- -------------- ---------------- ----------- --------------------------- root true 32768 KiB 32768 KiB 460 KiB 480 KiB 98 % 98 % 8192 4096 2434 / etc true 28672 KiB 28672 KiB 224 KiB 252 KiB 99 % 99 % 4096 1024 422 /etc tmp false 2048 KiB 196608 KiB 300 KiB 4236 KiB 99 % 85 % 8192 256 5 /tmp hostdstats false 0 KiB 180224 KiB 3072 KiB 3072 KiB 98 % 0 % 8192 32 4 /var/lib/vmware/hostd/stats ~ # esxcli system visorfs tardisk list Tardisk Name System Size ------------ ------ ----------- s.v00 true 364138000 B ata_pata.v00 true 43996 B ata_pata.v01 true 28828 B ata_pata.v02 true 31544 B ata_pata.v03 true 32651 B ata_pata.v04 true 36912 B |
Retrieving and Setting Hostname and Domains
You can change the default hostname for esxi from the default localhost to more meaningful domain and host name.
~ # esxcli system hostname set --fqdn esxi01.doublecloud.net ~ # esxcli system hostname get Domain Name: doublecloud.net Fully Qualified Domain Name: esxi01.doublecloud.net Host Name: esxi01 |
When you set the hostname, you can use fqdn option or domain plus host. They are mutually exclusive. I find fqdn is easy and straightforward.
Managing Maintenance Mode
You can place the ESXi into maintenance mode assuming you have evacuated all the virutal machines.
~ # esxcli system maintenanceMode get Disabled ~ # esxcli system maintenanceMode set --enable true --timeout=60 |
The default timeout for the set command is 60 seconds so the timeout can be omitted in above command.
Power Management
You can either power off or reboot ESXi from the esxcli command. But wait, why isn’t there a power on command? You will need a IPMI interface for that.
Both reboot and power off operation requires the same parameters.
~ # esxcli system shutdown reboot --delay 10 --reason="Installing a new VIB" ~ # esxcli system shutdown poweroff --delay 10 --reason="Scheduled maintenance" ~ # esxcli system shutdown poweroff --help Usage: esxcli system shutdown poweroff [cmd options] Description: poweroff Power off the system. The host must be in maintenance mode. Cmd options: -d|--delay= Delay interval in seconds -r|--reason= Reason for performing the operation (required) |
Configuring SNMP
There are a few parameters you can configure on ESXi. The following help shows these parameters with some descriptions.
~ # esxcli system snmp set --help
Usage: esxcli system snmp set [cmd options]
Description:
set This command allows the user to set up ESX SNMP agent.
Cmd options:
-a|--authentication=
Set default authentication protocol. Values: none, MD5, SHA1
-c|--communities=
Set up to ten communities each no more than 64 characters. Format is:
community1[,community2,...] (this overwrites previous settings)
-e|--enable Start or stop SNMP service. Values: [yes|no, true|false, 0|1]
-E|--engineid= Set SNMPv3 engine id. Must be at least 5 to 32 hexadecimal characters. 0x is stripped
if found as well as colons (:)
-y|--hwsrc= Where to source hardware events from IPMI sensors or CIM Indications. One of:
indications|sensors
-l|--loglevel= System Agent syslog logging level: debug|info|warning|error
-n|--notraps= Comma separated list of trap oids for traps not to be sent by agent. Use value 'reset'
to clear setting
-p|--port= Set UDP port to poll snmp agent on. The default is udp/161
-x|--privacy= Set default privacy protocol. Values: none, AES128
-R|--remote-users=
Set up to five inform user ids. Format is: user/auth-proto/-|auth-hash/priv-proto
/-|priv-hash/engine-id[,...] Where user is 32 chars max. auth-proto is none|MD5|SHA1,
priv-proto is none|AES. '-' indicates no hash. engine-id is hex string '0x0-9a-f' up
to 32 chars max.
-r|--reset Return agent configuration to factory defaults
-C|--syscontact= System contact string as presented in sysContact.0. Up to 255 characters
-L|--syslocation=
System location string as presented in sysLocation.0. Up to 255 characters.
-t|--targets= Set up to three targets to send SNMPv1 traps to. Format is: ip-or-
hostname[@port]/community[,...] The default port is udp/162. (this overwrites previous
settings)
-u|--users= Set up to five local users. Format is: user/-|auth-hash/-|priv-hash/model[,...] Where
user is 32 chars max. '-' indicates no hash. Model is one of (none|auth|priv).
-i|--v3targets= Set up to three SNMPv3 notification targets. Format is: ip-or-hostname[@port]/remote-
user/security-level/trap|inform[,...].
~ # esxcli system snmp set --communities=system-monitor
~ # esxcli system snmp get
Authentication:
Communities: system-monitor
Enable: false
Engineid:
Hwsrc: indications
Loglevel: info
Notraps:
Port: 161
Privacy:
Remoteusers:
Syscontact:
Syslocation:
Targets:
Users:
V3targets:
|
Retrieving UUID
The following command retrieves the UUID for the host.
~ # esxcli system uuid get
50cdca40-8c57-2ee2-af75-8c89a5d2b40f
Reading and Setting System Time
ESXi keeps its own system clock. To read the time and set the time, you can use the following commands:
~ # esxcli system time get 2015-04-21T07:22:21Z ~ # esxcli system time set --year 2016 ~ # esxcli system time set --help Usage: esxcli system time set [cmd options] Description: set Set the system clock time. Any missing parameters will default to the current time Cmd options: -d|--day= Day -H|--hour= Hour -m|--min= Minute -M|--month= Month -s|--sec= Second -y|--year= Year |
Getting ESXi Version and Build Number
The following simple command shows the version and build number of the ESXi product.
~ # esxcli system version get Product: VMware ESXi Version: 5.1.0 Build: Releasebuild-799733 Update: 0 |
Change the ESXi welcome message
The following command changes the welcome message users see upon login. It’s not necessary to change it, but if your IT has important policy to information users upon login it’s a good way to do it.
~ # esxcli system welcomemsg set --message="DoubleCloud Welcomes You!" ~ # esxcli system welcomemsg get DoubleCloud Welcomes You! |
Managing Virtual Machines
Most virtual machine related operations can be done with vim-cmd command. The esxcli command touches lower part of the virtual machine. For the hypervisor, each running virtual machine acts like a process.
You can use the following command to list all the running virtual machine. Instead of process id, each VM is identified by its world ID.
~ # esxcli vm process list CentOS64Web World ID: 879855 Process ID: 0 VMX Cartel ID: 924902 UUID: 42 0a d4 99 f0 17 25 bf-c4 35 e3 fd d1 19 0b 7f Display Name: CentOS64Web Config File: /vmfs/volumes/50cdcb68-6fc8e606-bb76-8c89a5d2b40f/CentOS64Web/CentOS64Web.vmx |
You can kill a virtual machine by its world ID as follows:
~ #esxcli vm process kill -t force -w 879855 |
There are other options as listed below, for example, soft type, hard type, and the ultimate force type. With the force option, you can almost stop any virtual machine.
~ # esxcli vm process kill --help Usage: esxcli vm process kill [cmd options] Description: kill Used to forcibly kill Virtual Machines that are stuck and not responding to normal stop operations. Cmd options: -t|--type= The type of kill operation to attempt. There are three types of VM kills that can be attempted: [soft, hard, force]. Users should always attempt 'soft' kills first, which will give the VMX process a chance to shutdown cleanly (like kill or kill -SIGTERM). If that does not work move to 'hard' kills which will shutdown the process immediately (like kill -9 or kill -SIGKILL). 'force' should be used as a last resort attempt to kill the VM. If all three fail then a reboot is required. (required) -w|--world-id= The World ID of the Virtual Machine to kill. This can be obtained from the 'vm process list' command (required) |
