vSphere67 OUT Free Sample .pdf

Sa
m

pl
e

C
ou

rs

e

M

at

er

ia
l

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

For Evaluation Only. Please distribute freely

ia
l

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

er

VMware vSphere 6.7 Optimize, Upgrade, Troubleshoot – Study Guide
Copyright © 2009 – 2019 by ESXLab.com – All rights reserved. No reproduction by any means,
mechanical, electronic or otherwise, without prior written permission from the authors.

Phone:
Toll Free:
Facsimile:
LinkedIn
E-mail:
Web:
Twitter:

(905) 451-9488 x100
(888) 451-3131
(905) 451-7823
ca.linkedin.com/larrykarnis
Larry.Karnis@esxlab.com
www.esxlab.com
@ESXLab

M

Larry Karnis, ESXLab.com
20 Regan Road, Unit 1
Brampton, Ontario Canada
L7A 1C3

at

Researched, written, published by:

C
ou

rs

e

First edition published October 2009
…
Seventh edition updated for vSphere 5.5, December 2014
Tenth edition updated for vSphere 6.0, November 2016
Eleventh edition updated for vSphere 6.5, April 2017
Fourteenth edition updated for vSphere 6.7, August 2018
Latest vSphere 6.7 April 2019

To find out more about our products and services including consulting services, renting our
remote lab facilities, running your own VMware class or custom training and content solutions,
please visit our website www.esxlab.com or e-mail the author: larry.karnis@esxlab.com.

pl
e

This document was prepared using the open source LibreOffice 5.4.x office suite. LibreOffice
can be freely downloaded for free from www.LibreOffice.org. Microsoft Visio™ 2007 was used
to create some of the slide graphics. Final PDF assembly was performed with PDFFactory Pro™
available at www.FinePrint.com. Screen grabs were captured with Snagit from TechSmith.com.
This document, the images, screen grabs, etc. are original works. This document is copyright 2009-2015 by
ESXLab.com. All rights reserved. No reproduction by any means including photo-copying or electronic imaging is
permitted without prior written authorization from the copyright holder.

Sa
m

This training material is provided 'as is', without any warranty either expressed or implied. ESXLab.com prepared this
material with due care for accuracy and completeness, but does not warrant that the content is either error free or
suitable for any specific use. By using this courseware, the user agrees to accept responsibility for all results – desirable
or otherwise. Customer agrees that all lab exercises are for illustration purposes only, and assumes all risks including
but not limited of data damage or loss, resulting from such use. Customer agrees to indemnify ESXLab.com and its
employees/contractors from all claims arising out of the use or misuse of the material in our courseware.
Microsoft, Microsoft Windows, Windows NT, Windows Server 2000/2003/2008/2012, etc. are registered trademarks of
Microsoft Corporation. Linux is a registered trademark of Linus Torvalds. GroupWise and NetMail are trademarks of
Novell Inc. Lotus Domino is a trademark of IBM Corporation. RedHat Enterprise Linux, and Fedora are trademarks of
RedHat Inc. VMware, VMware Workstation, VMware Server, VMware Player, VMware ESX, VMotion, vSphere, etc. are
registered trademarks of VMware Corporation. All other marks and names mentioned herein may be trademarks of their
respective owners.
ESXLab.com is an independent training and content development company that is in no way affiliated with or in any
way related to VMware Inc. In no case is any such relationship either implied or intended.

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Time Line & Table of Contents
Day 1 Topics

er

ia
l

Course Overview
Install and Configure Standalone ESXi
Virtual & Physical Networking

M

Advanced Virtual Networking
Connecting to and Using NAS Shared Storage
Virtual Hardware and Virtual Machines

at

Day 2 Topics

Day 3 Topics

rs

e

Upgrading and Configuring vCenter Server Appliance
Virtual Machine Rapid Deployment, Advanced Topics
Using Fibre and iSCSI Shared Storage
Day 4 Topics

C
ou

Raw Device Maps
VMware's Cluster File System
Profile Driven Storage
Datastore Clusters
Day 5 Topics

pl
e

VM Migration and Availability
VMware Fault Tolerance
Distributed Virtual Switches

Sa
m

Appendix

Appendix 1 – Definitions & Acronyms

For Evaluation Only. Please distribute freely

ia
l

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

er

Author's Note

M

at

Twenty five years ago, I started my IT career as a UNIX/C programmer. By 1992, I was working
as a very busy UNIX administrator so I gave up the safety of full time work for consulting. As a
hedge against down time, I contacted a major training company and offered my services. Soon,
I was teaching their UNIX and C programming classes (very popular at the time). Over time, my
love of UNIX morphed into a love of Linux so by 2002 I was teaching Linux for RedHat.

e

In 2004, I had the very good fortune to be contacted by VMware. Would I like a job working as a
trainer? I said “no” and asked if they wanted a contractor. They said no. I had this conversation
with VMware three times in 2004 until they finally agreed to hire me as a contractor. I sat the
ESX I & II classes and earned my VMware Certified Professional on ESX 2.0 (VCP# 993).

C
ou

rs

I worked as a contract resource for VMware for about 4 years. I got to watch ESX grow from a
niche product used primarily for testing into a full blown production platform. VMware was a
young, company creating technical magic (VMotion was absolutely unbelievable in 2003). IMHO,
their software magicians were, and still are without equal. They have since delivered Storage
VMotion, High Availability, DRS clusters, Fault Tolerant VMs and much, much more.
In 2008, I left VMware to work again as an independent. I enjoy training and was still a huge
advocate of VMware's technology, so I decided to start a company to provide vendor
independent VMware training courses that anyone could run. The result is this book set.

pl
e

This Study Guide fully explains how each vSphere feature works. The accompanying Lab Guide
takes you through the mechanics. Each lab starts at the very beginning and takes you through
all the steps needed to complete the job. There is no magic in this course because nothing is
done for you. In most cases, you can perform the labs at work exactly the same way and get
the same result (just be careful and don't break anything!).

Sa
m

Developing courseware is much like developing software (my first job). You write, re-write,
review, edit update, test until you truly believe that it is bug free. The reality is that bugs
exist – and no doubt, some are still lurking in this book set. If you find one, please let me
know. I'll fix the issue and the next version of the courseware will be better for your input. As a
bonus, I will provide a free ESXLab Certified Virtualization Specialist exam voucher to the first
person who reports each unique bug
VMware vSphere has rekindled my love of IT, and I've seen it do the same for others. Demand
for VMware vSphere advanced skills is growing – and so will your career once you master the
content in this course. My hope is that this class will help you get there much faster.

Larry Karnis
E-mail: larry.karnis@esxlab.com Phone: 1 (905) 451-9488 x100

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

ia
l

Self Paced VMware
Video On Demand
Training

Training on the VMware licenses you actually own
Practical, real world training that offers tips, best practices and actionable advice
Training by topic or on a learning paths tailored to help you reach your training objectives

at

✔
✔
✔

er

ESXLab offers Video On Demand training for all of its training classes.

M

Free Video Lectures of Your Course

e

If you have attended an ESXLab based VMware training class that uses both ESXLab course books and ESXLab
remote lab rentals, you are entitled to FREE access to the Video On Demand version of the course you
attended. This is an excellent opportunity to review content, refresh your knowledge and get insights offered
by the course author. Please email sales@esxlab.com to get your free course access coupon.

rs

VMware Video On Demand Training

C
ou

ESXLab offers video on demand vSphere training on the features and functions you
need to know. We have training packages that are ideal for new or experienced
VMware vSphere administrators
Each class teaches specific set of vSphere features and capabilities. ESXLab offers
Video On Demand training that covers all of the major capabilities of the vSphere
license you own. The benefit is you get training on the features and functions you own without wasting your
time (and money) getting training on features that are not included in your license.

pl
e

Benefits of Video On Demand Training

Video on Demand training provides you with the following benefits:
Save money. Video on demand training is much less expensive than instructor led live training
Get training only on the topics you need
Train on your own schedule including evenings and weekends
Get training now rather than waiting for a training class
Train from work or home as time permits
Review topics as often as you like
Ask questions on any topic

Sa
m

1.
2.
3.
4.
5.
6.
7.

For course outlines, pricing and lab rental details, please visit
contact ESXLab.

Toll Free: 1 (888) 451-3131
Web: www.esxlab.com

https://vmware-training.esxlab.com or

Phone: 1 (905) 451-9488

E-mail: sales@esxlab.com

Video on Demand: http://vmware-training.esxlab.com

(c) Copyright 2018 by ESXLab.

Revised: April 2018

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

er

ia
l

vSphere 5.5, 6.0, 6.5, 6.7
Self Study
Virtual Lab Rentals

•
•
•

M

e

•

rs

•

Purchased our course books from one of
our publishing partners, and need
servers to run through the labs
Would like to run through the labs a 2nd
time to improve your familiarity and
skill with vSphere
Would like to prepare for VMware or
Certified Virtualization Professional
(CVP) certification
Run your own training events
To experiment with vSphere features
To practice migrations, upgrades, etc.
before trying them on your own
production machines

C
ou

•

at

ESXLab.com has over 150 servers available
for rent... Rent our servers if you:

What's Included in my Server Pod Rental
Servers with Quad Core pCPU, 12GB RAM, 150GB of disk, etc.
4 NICs for NFS, iSCSI SAN, management, VMotion, Fault Tolerant logging and VM use
All needed infrastructure services such as DHCP, DNS, Active Directory, etc.
An NFS service with all media images needed to complete our labs
An iSCSI SAN service for shared access storage
Access from any device through any HTML 5 compliant web browser
Live support to help run through our labs

pl
e

•
•
•
•
•
•
•

Sa
m

Get a Quote

We offer low cost lab rentals cost for 7 day, 14 day or for 30 day intervals. To get a kit
rental quote, please contact us or visit http://esxlab-com.3dcartstores.com.
Toll Free: 1 (888) 451-3131
Web: www.esxlab.com

Phone: 1 (905) 451-9488

E-mail: sales@esxlab.com

Video on Demand: http://vmware-training.esxlab.com

(c) Copyright 2018 by ESXLab.

Revised: April 2018

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

M

at

er

VMware vSphere 6.7
Optimize, Upgrade,
Troubleshoot

ia
l

Class Overview

Overview-1

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

Sa
m

pl
e

C
ou

rs

Notes

Class Introduction / Overview

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

VMware vSphere 6.7 Update 1
VMware ESXi
Networking
●

Management, Performance, Monitoring
●

➲
➲

CPU / Memory Resource management
Upgrading to vSphere 6.7
●

➲

vCenter, ESXi hosts, VMs and VMware Tools

Storage Resource Balancing
●

➲

vCenter Server, vCenter Server Appliance

er

➲

Scalability, security, performance, redundancy

at

➲

Enterprise class server virtualization platform

Storage VMotion, Storage DRS, Storage Profiles

Virtual Machine High Availability
●

HA Clusters, Fault Tolerant VMs

Overview-2

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

C
ou

VMware provides a complete suite of products both for virtualization as well as for
management, back up, disaster recovery, testing, replication and much more. These
products make migrating to virtualization deployments very beneficial.
The primary risk of virtualization is too many eggs in one basket... That is, you create risk if you consolidate workloads into virtual machines but lack the ability to:

pl
e

- Load balance your VMs across physical servers
- Load balance storage capacity and performance across storage volumes
- Rapidly recover VMs that fail when a physical host fails
- Easily manage and monitor VMs
- Deploy VMs from known good images
If you cannot load balance, then you run the risk of poor VM performance (due to
host resource over-commit).
If you cannot automatically place and restart VMs due to a physical server failure,
then you may have critical production VMs down for hours if a host fails. Furthermore, if a physical host that supports a large VM population fails catastrophically,
then your VMs might be down for days (until the hardware can be repaired).

Sa
m

ia
l

●

M

➲

VMware Virtual Infrastructure provides solutions for all of the above. Other products
are maturing but do not yet offer the same breadth or depth of functionality as
VMware.

Class Introduction / Overview

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Approach for this Course

We want to go further with vSphere
●
●
●
●
●
●

Best practices
Design tips and trade offs
Scalability and performance tips
Maximize VM availability, performance
Monitoring and troubleshooting
Build command line skills

at

➲

vSphere 4.x, 5.x or 6.x
Major features, common operations
You are familiar with VMs, vCenter, storage,
networking

er

●
●
●

Overview-3

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

pl
e

C
ou

The above items are key topics in this class but not a complete list of topics. For a
complete list of topics, please consult the Table of Contents.

Sa
m

ia
l

This course assumes you have working
knowledge and experience with vSphere

M

➲

Class Introduction / Overview

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Virtualization – Before & After
App
O/S

App
O/S

ia
l

App
O/S

er

VMware vSphere

➲

A software abstraction that creates virtual
hardware & maps it to physical hardware
Is completely transparent to guest OS
and applications

M

➲

at

Before Virtualization

Overview-4

Notes
Traditional PC Server Deployments

●

C
ou

One O/S and Application per server
Captive local disk
●
Workloads locked to server
●

rs

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

Sa
m

pl
e

Virtual Deployment
●
Require fewer physical servers
●
Can run many workloads as Virtual Machines
●
Workloads not locked to server (cold migration, VMotion, Storage VMotion)
●
Load balancing and high availability options depend on shared disk
●
Higher hardware utilization rates
●
Lower marginal cost to deploy new workloads (just make a new VM)
●
Better reliability and performance due to more capable hardware
●
New options for Disaster Recovery, Back Up

Class Introduction / Overview

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Public Class Daily Timetable
Informal
●

Ask questions anytime

Attending remotely?

●

at

➲

er

Start
➲ Classrooms attendees
Break
● Cell phones on
Lunch
vibrate please
Resume
● Please take calls
Break
outside class
End of Day

Please mute your mic
when not speaking
●

So local conversations
stay private

M

09:00 a.m.
10:30 a.m.
12:00 p.m.
01:00 p.m.
03:00 p.m.
05:00 p.m.

➲

Overview-5

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

pl
e

C
ou

The above schedule is for public classes based on our standard timetable. Your training
company/partner may set a different schedule.

Sa
m

ia
l

Public Schedule

Class Introduction / Overview

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Problems & Opportunities
Identify common
pain points. E.g.
●
●
●
●
●
●

Provisioning
Deployment
Management
Imaging
Back Up & DR
Etc.

Explain how Virtual
Infrastructure
addresses the
problem
●
●
●
●
●
●
●

New methods
Streamlined
procedures
Less risk
Faster results
Reduced costs
Simplify
Etc.

Overview-6

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

pl
e

C
ou

Virtualization addresses most of the common pain points experienced by modern PC
server deployments. As we go through this class you will learn how virtualization delivers the above benefits – and much more.

Sa
m

ia
l

●

er

●

Virtual Solution

➲

at

Business or IT
problem we face

M

➲

Class Introduction / Overview

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Introductions
Who
●

Prior experience with
●
●
●
●
●

➲

Official reason, then the honest reason!
Personal goals for this class

er

➲

ia
l

Why are you here?
●
●

Windows
Linux/UNIX
VMware hosted products (Player, Server, etc.)
vSphere 6.x, 5.x, 4.x, etc.
3rd party Virtualization (XenServer or Hyper-V)

at

➲

Name and current job

M

➲

Favorite vacation destination?

Overview-7

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

Sa
m

pl
e

C
ou

Experience with virtualization is not a prerequisite for this class... If you do have
prior virtualization experience either with VMware products or other products –
please feel free to share them with the class.

Class Introduction / Overview

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

e

M

at

er

ia
l

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Sa
m

pl
e

C
ou

rs

Notes

Class Introduction / Overview

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

M

at

er

How to Install, Configure
VMware ESXi 6.7

ia
l

VMware ESXi 6.7

ESXi-1

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

Sa
m

pl
e

C
ou

rs

Notes

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

ESXi 6.7 Server Hardware
➲

CPUs

Networking

768 pCPU cores / host ● 24 - 1Gb pNICs
● 16 - 10+Gb pNICs
Up to 16 NUMA nodes
➲ Storage
Intel Core pCPUs
● 2-56+ cores / pCPU
● SAS, SATA HDDs,
● Hyperthreading
SSDs, NVMe SSDs
● AMD Epyc pCPUs
● iSCSI, Fibre,
● 8-64+ cores / pCPU
Infiniband storage
● Symmetric multithreading
networks
➲ Memory
● Hyperconverged
● Minimum 4GB to boot
storage
● Maximum 16TB
●

●

●

.5% RAM for VMkernel

Max 384MB for VMkernel

vSAN, Nutanix,
NetApp

M

●

at

er

●
●
●

ia
l

➲

1TB max NVDIMM pRAM ● NFS File Shares
ESXi-2

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

C
ou

ESXi is capable of using the largest PC server hardware platforms. Apart from what is
stated above, ESXi is limited to:
No more than 768 CPU cores (includes Hyperthreaded / Symmetric logical processors) for CPU scheduling purposes
●
A maximum of up to 16TB. This increases to 12TB for specialized high end servers.
●

Furthermore the following implementation limitations need to be considered:
●
●

ESXi supports 10/20Gb Ethernet and 40Gb Inifiniband controllers
Jumbo Frames supported, which may improve software iSCSI I/O performance.

Sa
m

pl
e

Notes about Local Storage
●
ESXi requires enterprise class storage controllers. This means that it usually
doesn't work with embedded SATA controllers found on desktop motherboards
●
ESXi has support for controllers from LSI Logic, Adaptec and many others. Most
vendor branded controllers (Dell PERC, HP Smart Array, IBM ServeRAID, etc.) are
made by (i.e.: rebranded from) either LSI Logic or Adaptec
Intel's latest server cpu family is the Cascade Lake Xeon processor. This CPU family
will offer dual processor configurations with up to 48 pCores per pCPU.

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

●

at

Installer displays available storage volumes
Categorized into Local or Remote volumes
●
●

Local - RAID, JBOD volumes on ESXi host
Remote - Fibre or iSCSI SAN volumes accessible
via installed SAN controllers

M

➲

er

ia
l

Select the Target Volume

ESXi-3

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

Sa
m

pl
e

C
ou

In the above screen shot, the ESXi 6.7 installer detected a local SATA based Intel SSD
and a 18 TB local RAID array on an HP SmartArray hardware RAID controller.

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

●
●
●

at

You can upgrade ESXi 5.x, 6.x hosts to
ESXi 6.7 by doing an in-place upgrade
Preserves local VMFS contents
Preserves ESXi host configuration
Preserves VMs, storage settings, etc.

M

➲

er

ia
l

Performing an In-Place Upgrade

ESXi-4

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

Sa
m

pl
e

C
ou

rs

Notes

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

er

Next, you specify:

Keyboard layout being used
Password for ESXi root (local admin) account
●

ESXi 6.7 password strength rules:

●
●

●

at

●
●

During install, passwords can be 7+ chars, 2+ char classes
After install, passwords must be 8+ chars, 3+ char classes

Only VMware supported way to reset the root
password is to reinstall ESXi!

M

➲

ia
l

Keyboard, root Password

ESXi-5

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

C
ou

VMware has no supported password reset tool for ESXi. Officially, the only
way to reset the root password is to re-install the entire operating system.
However, there are community developed procedures that appear to work.
If you need to recover the root password for ESXi and have some Linux administrator and command line skill, please visit
https://www.thomas-krenn.com/en/wiki/Reset_VMware_ESXi_root_password

Sa
m

pl
e

The procedures in this blog have been tested on ESXi 5.x and ESXi 6.0. It
should work for ESXi 6.7 but no guarantees. If you decide to follow these
steps, you do so at your own risk.

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Password Strength Default Rule
ESXi rules based on 4 character classes
●

7+ character passwords from 2 classes
●

After install time, ESXi requires
●
●

Passwords must be 7+ characters long
Must contain characters from 3 or 4 classes
●
●

➲

E.g.: esxlab.com - 10 chars, 2 classes:

er

➲

3 character classes – esxlab.c0m
4 character classes – esxLab.c0m

(0=zero)

ESXi uses the Linux pam_passwdqc module
●

Setting: Security.PasswordQualityControl
ESXi-6

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

pl
e

C
ou

rs

Notes

Sa
m

ia
l

At install time, ESXi allows
●

at

➲

Digits, lower case, upper case, other chars

M

➲

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Security.AccountLockFailures

●

●

Security.AccountUnlockTime
●

●

Lock an account after this many failed login attempts

at

●

er

Navigation: Host Client → Manage → System
→ Advanced Settings
● Search for the keyword security

Unlock locked accounts due to failed login attempts after the
specified delay (in seconds)

M

●

Security.PasswordQualityControl
●
●

Sets password change attempt policy
Sets minimum password strength policy

ESXi-7

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

For ESXi 6.5 password strength documentation, see:

C
ou

https://pubs.vmware.com/vsphere-65/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-DC96FFDB-F5F2-43EC-8C73-05ACDAE6BE43.html
For more documentation on the Linux pam_passwdqc module, please see:

pl
e

https://linux.die.net/man/8/pam_passwdqc

Sa
m

ia
l

Password Policies Explained

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Default Setting

retry= min=disabled,disabled,disabled,7,7

retry=

- number of retries before password change fails

min=

(Set minimum password strength based on parameters)
- Passwords with 1 character class are not allowed

disabled,

- Passwords with 2 character classes are not allowed

disabled,

- Passwords composed of just words are not allowed

7,

- Passwords of 3 char classes must be 7+ chars long

7

- Passwords of 4 char classes must be 7+ chars long

1.
2.
3.
4.

Lower case letters
Upper case letters
Digits
All other characters / symbols

at

Password strength policy based on character
classes. Four character classes include:

M

➲

er

disabled,

ESXi-8

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

For ESXi 6.5 password strength documentation, see:

C
ou

https://pubs.vmware.com/vsphere-65/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-DC96FFDB-F5F2-43EC-8C73-05ACDAE6BE43.html
For more documentation on the Linux pam_passwdqc module, please see:

pl
e

https://linux.die.net/man/8/pam_passwdqc

Sa
m

ia
l

Password Policy Explained

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Hardware Assisted Virtualization
VMware requires pCPUs running ESXi
6.7 to provide hardware virtualization
1. Hardware Assisted CPU Virtualization

Trap Guest OS supervisor instructions related to
task scheduling and CPU management

●

●

Guest OS cannot take exclusive control of a vCPU

Intel VT and AMD-V

2. Hardware Assisted MMU Virtualization
2-tier virtualized Memory Management

●

Physical MMU used by the ESXi VMkernel
Maps VM virtual pages to host physical pages
Virtual MMU for use by the VM’s guest OS
● Virtualizes Guest OS Task, Service memory

at

●

●
●

Intel Extended Page Tables (EPT)
AMD Rapid Virtualization Indexing (RVI)

M

●
●

ESXi-9

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

pl
e

C
ou

rs

Notes

Sa
m

er

●

ia
l

➲

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

ESXi Host Management - DCUI
●

ESXi configuration

●

●

Default – FQDN and
IP properties acquired
via DHCP
Use F2 at the boot
screen to set up your
ESXi 6.7 host
Use F12 to shutdown
or reboot your host

er

●

at

➲

Simple BIOS like
interface

ESXi-10

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

pl
e

C
ou

ESXi has a simple, BIOS-like interface called the Direct Console User Interface
(DCUI). The DCUI makes it very easy to configure. To configure your ESX host...
simply hit F2 at the greeter screen and update your host configuration.

Sa
m

ia
l

ESXi Direct Console
User Interface (DCUI)

M

➲

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

ESXi now exposes underlying network
adapter card details
●
●

M

➲

at

er

ia
l

Network Adapter Details

Highlight the desired adapter and hit D
Embedded pNICs are the first 4 (or 2) devices
ESXi-11

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

C
ou

ESXi 6.7 makes it easier to identify onboard NICs from add-on NICs. In previous versions of ESXi, all NICs were reported in the order they were discovered during a boot
up PCI bus scan. Normally, onboard NICs were discovered first – but this was not
guaranteed. This could lead to problems trying to identify how vmnic# (alias for
physical nic #) mapped to physical NICs.
With ESXi 6.7, VMware now identifies NICs as follows:
- If the Hardware Label values starts with N/A, then the NIC is on the motherboard
- If the Hardware label value starts Chassis slot... then the NIC is an add on NIC

pl
e

For NICs on the motherboard, the NIC labeled NIC 1 will show up first, then NIC 2 and
so on.

Sa
m

For add-on NICs, port 1 will show up first and then ports 2-4 (if the card is a dual/
quad NIC)

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

When setting up a new server, identifying
the desired pNICs and connecting to the
correct pSwitches can be a challenge

●

●

Next, plug in pNICs used for production
●

●

Install ESXi and use only Connected pNICS

Add vSwitches, assign pNIC uplinks for production

Finally, connect remaining pNICs to storage,
backup networks, etc.
●

Create/update vSwitches and add pNIC uplinks for
these networks
ESXi-12

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

pl
e

C
ou

rs

Notes

Sa
m

er

Before installing ESXi, unplug patch cables
for all pNICs except those connected to the
Management network

at

●

M

➲

ia
l

pNIC Connectivity Tip

Installing and Configuring ESXi 6 Hypervisor
Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

●
●

at

If your management network is a virtual
LAN segment (vLAN)

vLAN – virtual network superimposed onto a
common Layer 2 physical network
Use this step to supply the vLAN tag number
for your Management vLAN

M

➲

er

ia
l

Management Network vLAN Tag

ESXi-13

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

Sa
m

pl
e

C
ou

rs

Notes

Installing and Configuring ESXi 6 Hypervisor
Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Best Practice - use Static IP properties
●
●

No chance your server could lose its assigned
lease and therefore it's IP address
Static IPs required for vCenter Management

M

➲

at

er

ia
l

IPv4 Configuration

ESXi-14

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

Complete this form to set your ESXi host management NIC IP properties.

C
ou

vCenter cannot manage an ESXi host whose IP address changes. For this reason it is
best to give all of your ESXi, ESXi hosts fixed IP properties.

Sa
m

pl
e

You must select Set static IP addresses... and complete all three fields to complete
your static IP address properties assignment.

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

➲

ESXi 6.7 supports IPv6
●

M

at

er

ia
l

IPv6 Configuration

Multiple IP address policies supported

ESXi-15

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

ESXi 6.7 supports IPv6. You can assign IP V6 addresses:

C
ou

- Via DHCP
- Self generated via ICMP stateless configuration

Sa
m

pl
e

You can assign up to 3 static IPv6 addresses to your ESXi host.

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

You must set DNS server and host name
●
●
●

Enter the IP of your DNS server(s)
Enter the host name of your ESXi host
The domain name is set in DNS Suffixes

M

➲

at

er

ia
l

DNS Configuration

ESXi-16

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

C
ou

ESXi and vCenter require DNS services to function properly. So it is critical that you
have DNS name servers set up and accessible from your local LAN segment.

Sa
m

pl
e

It is a best practice to have both primary and secondary DNS servers available... but
ESXi will function with just primary DNS.

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

●
●

➲

Pings gateway,
DNS server
Tries to resolve the
server's FQDN

Each test reports
OK or Fail
●
●

at

Basic connectivity
test with Ping, DNS

Do not proceed
until all tests pass!
Verify your DNS
server is ping-able

M

➲

er

ia
l

Test Management Network

ESXi-17

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

Sa
m

pl
e

C
ou

rs

Notes

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

●
●

ESXi Shell – Command line access from the
physical ESXi host console
SSH – Secure Shell access to your server
Default is Disabled for both services

at

●

er

Troubleshooting Options - enables command
line access to your ESXi host

●

M

➲

You may need to turn on to allow VMware or partner
access (e.g.: during a support call)
ESXi-18

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

C
ou

Troubleshooting Options enables functions used by support providers who are comfortable working on the ESXi command line. By default, all local and remote command line access to your ESXi host is disabled – so you can only access your ESXi host
through:
- Host Client (web interface built into ESXi 6.7 hosts)
- vCenter if vCenter has management control over your ESXi host
- The VMware Management Assistant service (vMA), if installed

pl
e

Enabling ESXi Shell allows direct physical console command line access. Support personnel who have access to the physical console directly or via remote console services such as Dell DRAC (Dell Remote Access Controller), HP ILO (Integrated Lights
Out) would be able to log in to your server.
Enabling SSH activates the Secure Shell Daemon (sshd) and supports network based
administrator access to your box without the need for remote console services.
Warning
Enabling SSH enables direct root access to your ESXi host through a TCP/IP connection. This is a potential security threat. Turn on this feature only if needed. If this
feature is turned on, set a strong root password.

Sa
m

ia
l

Troubleshooting Options

Never expose your machine to an untrusted network like the Internet - especially if
SSH is turned on!

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

●
●
●

at

ESXi uses agents (services) to communicate
with vCenter Web Client
If agents fail, your server is unmanageable
Use this feature to reset management agents
Does not interfere with running VMs

M

➲

er

ia
l

Restart Management Agents

ESXi-19

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

C
ou

It may happen that the management agents (services) on your ESXi host become unstable or crash. If this occurs, your ESXi host may not respond to vCenter or vSphere
client. In vCenter your host will grey out and report as disconnected.
You could reboot the ESXi host but that would bring down all running VMs. A more
acceptable option is to simply restart the management agents on your ESXi host.

Sa
m

pl
e

This function can be done at any time. Any connected vSphere Client sessions will be
closed. Once this function completes, your host should become active in vCenter and
should accept direct vSphere Client and Host Client login requests.

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

ESXi Ready for Service
Additional hot keys
are active
●

●
●

Use Host Client to
manage your ESXi
host

M

●

Alt-F1 – command
line access to your
machine (if enabled)
Alt-F2 – this screen
Alt-F12 – VMkernel
log records

er

●

ESXi-20

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

C
ou

Once ESXi has rebooted, it is managed via VMware's Host Client or vSphere Client (no
longer supported). You can download the vSphere Client from www.vmware.com/
download.
There are additional hot keys active on the ESXi console:

pl
e

Alt-F1 – first command line log in screen
Alt-F2 – the ESXi greeter screen (screen shot above)
Alt-F3 to Alt-F10 – no function
Alt-F11 – Grey status screen/greeter screen with no F-key prompts
Alt-F12 – VMkernel log dump

Sa
m

ia
l

ESXi server is ready
for use

at

➲

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

●
●

at

Hit Alt-F1 to view the ESXi host command
line login screen (if console login enabled)
Log in to ESXi with any local account
Only account present by default is root
●

ESXi allows direct root logins!

M

➲

er

ia
l

Alt-F1 ESXi Command Line Login

ESXi-21

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

C
ou

ESXi supports both local and remote command line access (must be enabled using the
DCUI → Troubleshooting). These services are off by default.
Allowing direct console or network Secure Shell (SSH) command line logins enables
direct ESXi host administration without the need for Host Client or Web Client. The
environment is similar to a Linux style machine.
One thing to note is that ESXi will allow direct root logins both on the console and
via SSH. This is a security concern because it means that anyone in possession of (or
who can guess) the root password can take control of your machine.

pl
e

It is best to leave these services disabled – so they cannot be abused. You can turn
these services on (as needed) through the DCUI.

Sa
m

Please note that ESXi will do exactly what you tell it (via the command line) without
the normal 'are you sure?' prompts. This tool is suitable for those who are comfortable administering Linux servers from the command line and who also have knowledge and experience with ESXi added tools and commands.

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Managing ESXi Shell, SSH
●

●

M

at

●

Enable or disable the ESXi Shell service
# vim-cmd hostsvc/enable_esx_shell
# vim-cmd hostsvc/disable_esx_shell
Start or stop the ESXi Shell service
# vim-cmd hostsvc/start_esx_shell
# vim-cmd hostsvc/stop_esx_shell
For the SSH service replace _esx_shell with:
● start_ssh
– start the SSH service
● stop_ssh
– stop the SSH service
● enable_ssh – enable the SSH service
● disable_ssh – disable the SSH service

ia
l

Manage ESXi Shell from command line

er

➲

ESXi-22

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

Sa
m

pl
e

C
ou

rs

Notes

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Tip:
●

Works even if DCUI service is disabled
Use DCUI to fix host configuration issues

M

●
●

at

●

Launch DCUI
with the dcui
command
Works on host
console or via
SSH / putty

er

➲

ESXi-23

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

C
ou

The VMkernel records detailed log entries into a file called /var/log/vmkernel.log.
You can view this file by logging into the local console or SSH (as root) and issuing
the command:
# less /var/log/vmkernel.log

You can also see the host management agent logs or vCenter logs by typing the following commands (respectively)

pl
e

# less /var/log/hostd.log
# less /var/log/vpxa.log

You can see the most recent entries by hitting the Alt-F12 keys on your machine's
console. This display shows one screen full of the most current additions to the VMkernel log file. You should check this file if you are troubleshooting problems and
need more information than is available in Host client.
Hit Alt-F2 to go back to the ESXi greeter screen when done.

Sa
m

ia
l

DCUI Disabled? Run DCUI Manually

Note
All command line commands entered using any command line tools are logged to /
var/log messages. In this way, it is possible to reproduce the activities of prior command line sessions.

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Displays the most recent VMkernel log contents
●

●

at

Hit Alt-F12 to view the VMkernel log file
●

Look here to see detailed error messages

M

➲

er

ia
l

Alt-F12 VMkernel Log Entries

File - /var/log/vmkernel.log on the
command line

ESXi-24

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

C
ou

The VMkernel records detailed log entries into a file called /var/log/vmkernel.log.
You can view this file by logging into the local console or SSH (as root) and issuing
the command:
# less /var/log/vmkernel.log

You can also see the host management agent logs or vCenter logs by typing the following commands (respectively)

pl
e

# less /var/log/hostd.log
# less /var/log/vpxa.log

You can see the most recent entries by hitting the Alt-F12 keys on your machine's
console. This display shows one screen full of the most current additions to the VMkernel log file. You should check this file if you are troubleshooting problems and
need more information than is available in Host client.

Sa
m

Hit Alt-F2 to go back to the ESXi greeter screen when done.

Note
All command line commands entered using any command line tools are logged to /
var/log messages. In this way, it is possible to reproduce the activities of prior command line sessions.

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

●
●

https://..FQDN../host or
https://..Host-IP../host
Log in as root
●

●

er

➲

Use a web browser to
view ESXi host log files,
configuration files, etc.
Browse to:

Provide root’s password

Click any file to view
current contents
Files are read-only

M

●

at

➲

ESXi-25

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

C
ou

VMware makes log files and configuration files available for review in a
number of different ways. The approach (above) is to use a web browser to
log in to and view ESXi host configuration/web files.

pl
e

VMware has a good knowledge base article on the files available using this
approach here - http://kb.vmware.com/kb/2004201

Sa
m

ia
l

Browse Host Log/Config Files

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

vSphere Client is End of Life
Officially, the legacy C# based vSphere
Client hit end of life as of vSphere 6.0
Supported for vSphere 6.0 and older
No new vSphere Client releases for 6.5, 6.7
vSphere Client 6.0 not officially supported
for use vSphere 6.5, 6.7:

er

●
●
●

ia
l

➲

✓

×

×

M

vSphere Client → vCenter

at

vSphere Client → ESXi Host

vSphere vSphere vSphere
6.0
6.5
6.7
✓
✓
×

ESXi-26

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

Sa
m

pl
e

C
ou

rs

Notes

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

ia
l

ESXi Host Client Home View

ESXi Host Summary
ESXi Management

er

ESXi Monitoring
Virtual Machines

at

ESXi Networking
ESXi Storage

Web interface for stand alone ESXi 6.7
host management
●

M

➲

Exposes most ESXi 6.7 features / functions

ESXi-27

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

Sa
m

pl
e

C
ou

Host Client is a modern, HTML 5 compliant web interface that provides you
with most of the administrative features and functions of vSphere Client. Unlike vSphere Client (that depends on Microsoft specific technologies such as
Visual C# and Visual J# to function), Host Client will work on any platform
(desktops / notebooks, tablets, cell phones, etc.) with a standards compliant
web browser including Microsoft Edge, Internet Explorer, FireFox, Chrome,
Safari, Opera and many others.

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

●
●

at

Navigation

Manage → Security & users → Users → Add
Manage locally defined ESXi host users
●
●

M

➲

er

ia
l

Creating Local ESXi Users

Scope is the host on which the user/group is defined
Set user login, description (full name), password

ESXi-28

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

C
ou

You can create local ESXi user accounts with passwords to allow for local authentication (for both the Host client and Local/Remote Troubleshooting – if enabled).
Best Practice
You would create local accounts only if you do not have an Active Directory service
available. Otherwise, it is a best practice to join an AD domain and use domain accounts.

Sa
m

pl
e

Tip – Use SSH to Log In via ESXi Command Line
To command line log into ESXi over the network (from Windows, ESXi Remote Troubleshooting Mode must be enabled) download the putty Secure Shell terminal emulator at http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

●
●
●

at

Roles determine privileges by user, group

Default role: No access – no rights on ESXi host
Read-only: can look but cannot modify
Administrator: full control of local ESXi host
●

M

➲

er

ia
l

ESXi Default Local Users

root for ESXi, DCUI (local configuration) and vpxuser
(for vCenter) hold the Administrator role
ESXi-29

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

Sa
m

pl
e

C
ou

rs

Notes

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Managing Users with esxcli
➲

List local user accounts on an ESXi host
# esxcli system account list

●
●

●

➲

You are prompted for a password -p or -c is missing,

Create a user, delete that user
●

er

●

-d=”value for the user description field”
-i=”new user account name”
-p=”user password”
-c=”confirm user password”

at

●

# esxcli system account add -d=”Admin acct” \
-i=admin -p=”password” -c=”password”
# esxcli system account remove -i=”admin”

➲

ESXi-30

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

pl
e

C
ou

rs

Notes

Sa
m

ia
l

Options for working with user accounts

M

➲

Installing and Configuring ESXi 6 Hypervisor
Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Managing Permissions with esxcli
➲

ESXi permissions are based on roles
Users assigned to a role at the ESXi host
Assignable roles include:
● Admin – Provides full control of the host
● ReadOnly – Can see but not change host
● NoAccess – No visibility to the host
● If a user has no role, NoAccess is the default

List all users and their assigned roles
# esxcli system permission list

Assign, remove a role to a user
●

# esxcli system permission set -i=”admin” \
-r ReadOnly
# esxcli system permission remove -i=”admin”

M

➲

er

➲

at

➲

ESXi-31

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

Sa
m

pl
e

C
ou

rs

Notes

ia
l

●

Installing and Configuring ESXi 6 Hypervisor
Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Navigation:

Manage → Security & users →
Authentication

●
●

at

●

Specify Windows AD domain
Windows domain account user name
and password

●

M

➲

er

ia
l

Join ESXi 6.7 to an AD Domain

Account must have Add Host rights

ESXi-32

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

C
ou

ESXi 6.7 can join an Active Directory domain. AD authentication allows you to set up
access rules for ESXi login without having to create local user accounts on ESXi. To
join an ESXi host to an AD domain, you must have a domain account with Add Host to
Domain privileges set.

Sa
m

pl
e

FYI
Joining an AD domain is the first step to allowing AD defined users to access ESXi directly. The second step is to select inventory items (your ESXi host, folders, VMs, Resource Pools) and assign these users rights on these items. Without specific permission assignments, AD based users will not be able to interact with ESXi – as the default permission for all AD users is No Access.

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

●
●

at

Navigation

Manage → System → Time & date
ESXi clock provides clock services to VMs
●

Network Time Protocol ensures accurate host time

●

●

M

➲

er

ia
l

Set ESXi Time Configuration

Within a few milliseconds of real time

Use Actions to enable/configure/start NTP

ESXi-33

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

C
ou

ESXi uses Network Time Protocol to ensure that it's clock remains accurate. This is
important because the ESXi host provides clock services to all VMs it runs. So, any
clock drift in the ESXi host will result in clock drift in VMs. If VM clocks drift by more
than 5 minutes they may not be able to join or remain members of Active Directory
domains.
Click the Properties... link to review and configure NTP.
Best Practice
Always set your server's BIOS clock to UTC. That way, VMs will get a UTC clock and
can then set their local time zone to any region they like.

Sa
m

pl
e

If you set the hardware clock to your local time, then VMs must all operate in your
local time zone only (because they cannot calculate time zone offsets from any time
zone other than UTC).

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

Navigator: Host → Hardware box
●
●

Review pCPU, multithreading status
Look for missing hardware (need drivers)

M

➲

at

er

ia
l

Physical Server Properties

ESXi-34

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

ESXi reports on the properties of the CPUs found in your server, including:

C
ou

- The make/model of the machine
- Make/model and speed of the CPUs
- Number of populated sockets
- Number of cores in the CPU
- Number of Logical Processors (sockets * cores * HT logical processors)
- Presence/Absence of Hyperthreading (Intel CPUs only)
- Presence/Absence of power management capabilities (newer CPUs only)

pl
e

If you have Intel CPUs and Hyperthreading is reporting N/A you should check to see if
Hyperthreading is active. To do this, click:
Properties > Hyperthreading > Enabled

Sa
m

This will turn on Hyperthreading support even if the machine's BIOS is set to disable
it. You will need to reboot ESXi for this change to take effect.

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

●

Monitor → Hardware → Sensors
●

●

at

Navigation:
Review host hardware health

Uses CIM to poll hardware
●
●

M

➲

er

ia
l

System Health Status

Reports configuration, properties, issues
Issues propagate up to the ESXi host

ESXi-35

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

rs

Notes

C
ou

Web Client can report on most aspects of your system's hardware health
including:
- CPU sockets, cores and cache size
- Power supply, motherboard, CPU and add-on card temperatures
- Fan location, health and speed
- Hardware firmware and driver health including chipset, NIC, storage controller,
BIOS functionality
- Power supply count and health (connected, disconnected, missing, etc.) and
- System boards.

pl
e

Use this view to get a quick assessment of your server's physical health.

Sa
m

The roster of items in the screen grab above is empty because the screen grab was
taken on a Virtual ESXi host.

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely

Sample Course Material (Stand Alone ESXi Chapter / Lab Only)

ESXi services enable features, access
●
●

M

➲

at

er

ia
l

ESXi Services and Status

Unneeded services are off by default
Enabled services → Start / Stop with ESXi
ESXi-36

e

Copyright © 2019 by ESXLab.com. All rights reserved.
No reproduction without prior written authorization.

Sa
m

pl
e

C
ou

rs

Notes

Installing and Configuring ESXi

Photocopying this book in whole or in part is not permitted

For Evaluation Only. Please distribute freely