Book Image

VMware vSphere 6.7 Cookbook - Fourth Edition

By : Abhilash G B
Book Image

VMware vSphere 6.7 Cookbook - Fourth Edition

By: Abhilash G B

Overview of this book

VMware vSphere is the most comprehensive core suite of SDDC solutions on the market. It helps transform data centers into simplified on-premises private cloud infrastructures. This edition of the book focuses on the latest version, vSphere 6.7. The books starts with chapters covering the greenfield deployment of vSphere 6.7 components and the upgrade of existing vSphere components to 6.7. You will then learn how to configure storage and network access for a vSphere environment. Get to grips with optimizing your vSphere environment for resource distribution and utilization using features such as DRS and DPM, along with enabling high availability for vSphere components using vSphere HA, VMware FT, and VCHA. Then, you will learn how to facilitate large-scale deployment of stateless/stateful ESXi hosts using Auto Deploy. Finally, you will explore how to upgrade/patch a vSphere environment using vSphere Update Manager, secure it using SSL certificates, and then monitor its performance with tools such as vSphere Performance Charts and esxtop. By the end of this book, you'll be well versed in the core functionalities of vSphere 6.7 and be able to effectively deploy, manage, secure, and monitor your environment.

Related Content you might be interested in

Current Title:

Small book image
VMware vSphere 6.7 Cookbook - Fourth Edition
Abhilash G B
Aug, 2019 | 570 pages
Small book image
Data Center Virtualization Certification: VCP6.5-DCV Exam Guide
Andrea Mauro | Paolo Valsecchi
Aug, 2018 | 598 pages
Small book image
vSphere High Performance Cookbook
Christopher Kusek | Prasenjit Sarkar | Kevin Elder
Jun, 2017 | 338 pages
Small book image
Mastering VMware vSphere 6.7,
Martin Gavanda | Andrea Mauro | Paolo Valsecchi | Karel Novak
Mar, 2019 | 756 pages
Table of Contents (18 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Sections
Get in touch
Free Chapter
1
Deploying a New vSphere 6.7 Infrastructure
Deploying a New vSphere 6.7 Infrastructure
Installing ESXi – the interactive method
Configuring the ESXi Management Network
Scripted deployment of ESXi
Deploying the vCenter Server Appliance (VCSA)
Deploying vCenters in a Linked Mode configuration
Configuring Single Sign-On (SSO) identity sources
Configuring vCenter Roles and Permissions
Joining ESXi to an Active Directory domain
2
Planning and Executing the Upgrade of vSphere
Planning and Executing the Upgrade of vSphere
Planning the upgrade of your vSphere infrastructure
Running VMware Migration Assistant
Upgrading Platform Services Controllers (PSCs)
Upgrading vCenter Servers
Using the vCenter Convergence Tool
Upgrading ESXi using the interactive installer
Upgrading ESXi using the command-line interface
3
Configuring Network Access Using vSphere Standard Switches
Configuring Network Access Using vSphere Standard Switches
Creating vSphere Standard Switches
Creating Virtual Machine Port Groups on vSphere Standard Switches
Creating additional VMkernel interfaces on vSphere Standard Switches
Creating additional VMkernel TCP/IP stacks
Managing the Physical Uplinks of a vSphere Standard Switch
Configuring Security, Traffic Shaping, Teaming and Failover
4
Configuring Network Access Using vSphere Distributed Switches
Configuring Network Access Using vSphere Distributed Switches
Creating a vSphere Distributed Switch (vDS)
Connecting ESXi hosts to a vDS
Creating Distributed Port Groups (dvPortGroup)
Configuring Security, Traffic Shaping, Teaming, and Failover
Configuring VLANs on vDS
Configuring Private VLANs on a vDS
Configuring a Link Aggregation Group (LAG) on a vDS
Configuring user-defined network pools—NIOC
Migrating Virtual Machine Network from vSS to vDS
Migrating VMkernel interfaces from vSS to vDS
Configuring port mirroring on vDS
Configuring NetFlow on vDS
Upgrading a vDS
Backing up and restoring a vDS
5
Configuring Storage Access for Your vSphere Environment
Configuring Storage Access for Your vSphere Environment
Connecting ESXi hosts to a Fabric Storage
Connecting ESXi to iSCSI Storage
iSCSI multipathing using Port Binding
Connecting ESXi hosts to NFS Storage
Viewing storage devices and datastores on ESXi hosts
Masking paths to a storage device
Unmasking paths to a storage device
6
Creating and Managing VMFS Datastores
Creating and Managing VMFS Datastores
Creating VMFS datastores
Upgrading VMFS datastores
Managing Storage Multipathing
Expanding or growing a VMFS datastore
Extending a VMFS datastore
Unmounting VMFS datastores and detaching storage devices
Attaching storage devices and remounting VMFS datastores
Managing VMFS snapshots
7
SIOC, Storage DRS, and Profile-Driven Storage
SIOC, Storage DRS, and Profile-Driven Storage
Configuring Disk Shares on VM storage
Enabling SIOC
Balancing storage utilization using Storage DRS (SDRS)
Defining storage capabilities using vCenter Tags
Creating VM Storage Policies
8
Configuring vSphere DRS, DPM, and VMware EVC
Configuring vSphere DRS, DPM, and VMware EVC
Enabling vSphere DRS on a cluster
Changing the default DRS behavior
Configuring VM Automation
Creating DRS Groups
Creating DRS VMs to Host Affinity Rules
Creating DRS Inter-VM Affinity Rules
Configuring Predictive DRS
Configuring DPM
Using VMware Enhanced vMotion Compatibility (EVC)
9
Achieving High Availability in a vSphere Environment
Achieving High Availability in a vSphere Environment
Enabling vSphere High Availability
Configuring vCenter Admission Control
Configuring Heartbeat Datastores
Overriding Restart Priority for Virtual Machines
Creating VM to VM Dependency Rules
Disabling Host Monitoring
Enabling Virtual Machine Monitoring
Enabling Virtual Machine Component Protection (VMCP)
Configuring vSphere Fault Tolerance (FT)
Configuring vCenter Native High Availability (VCHA)
10
Achieving Configuration Compliance Using vSphere Host Profiles
Achieving Configuration Compliance Using vSphere Host Profiles
Creating Host Profiles
Associating Host Profiles with ESXi hosts or clusters
Checking Host Profile Compliance
Scheduling Host Profile Compliance Checks
Performing Host Customizations
Remediating non-compliant Hosts
Using Host Profiles to push a configuration change
Copying settings between Host Profiles
Exporting Host Profiles
Importing Host Profiles
Duplicating Host Profiles
11
Building Custom ESXi Images Using Image Builder
Building Custom ESXi Images Using Image Builder
Enabling ESXi Image Builder
Importing a Software Depot
Creating an Online Software Depot
Creating a Custom Software Depot
Cloning Image Profiles
Creating Image Profiles using Software Packages
Comparing Image Profiles
Moving Image Profiles between Software Depots
Exporting Image Profiles
12
Auto-Deploying Stateless and Stateful ESXi Hosts
Auto-Deploying Stateless and Stateful ESXi Hosts
Enabling vSphere Auto Deploy
Configuring the Trivial File Transfer Protocol (TFTP) server for an ESXi PXE boot environment
Configuring the DHCP server for a PXE boot
Creating vSphere Auto Deploy rules
Configuring Stateless Caching
Deploying Stateful ESXi hosts
13
Creating and Managing Virtual Machines
Creating and Managing Virtual Machines
Creating a Virtual Machine
Creating Virtual Machine Snapshots
Deleting Virtual Machine Snapshots
Reverting to the current Virtual Machine Snapshot
Switching to an Arbitrary Virtual Machine Snapshot
Consolidating Snapshots
Exporting a Virtual Machine
14
Upgrading and Patching Using vSphere Update Manager
Upgrading and Patching Using vSphere Update Manager
Downloading Patch Definitions
Creating Patch Baselines
Creating Host Upgrade Baselines
Creating Baseline Groups
Configuring Update Manager's Remediation Settings
Patching/upgrading ESXi hosts using Update Manager
Upgrading VMware Tools and virtual hardware using Update Manager
Installing the Update Manager Download Service on Linux
Configuring UMDS to download patches
Configuring a Web Server on UMDS (Linux)
15
Securing vSphere Using SSL Certificates
Securing vSphere Using SSL Certificates
Using VMCA as a Subordinate or Intermediary CA
Certificate management using the Hybrid approach
Renewing ESXi certificates
Trusting root certificates to stop browser security warnings
16
Monitoring the vSphere Infrastructure
Monitoring the vSphere Infrastructure
Using esxtop to monitor performance
Exporting/importing esxtop configurations
Running esxtop in batch mode
Gathering VM I/O statistics using vscsiStats
Using vCenter Performance Charts
17
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Joining ESXi to an Active Directory domain

As an administrator managing a vSphere environment, the last thing that you would want to do is share the root password. Remember, a forgotten root password cannot be recovered/reset and will require a reinstallation of ESXi.

Joining an ESXi host to an Active Directory domain will allows users from a particular domain user group to log in to the ESXi host without needing to know the root password. This not only eliminates the need to periodically change the root password, but also enables better auditing.

Getting ready

Here is what you will need before you join the ESXi host to the domain and configure access to it:

  • The name of the domain
  • The username and password of a domain user that has permissions to join the machine to the domain
  • The name of the domain user group that selected users will be a part of

How to do it...

The following procedure will guide you through the steps that are required to join the ESXi host to the domain and allow a domain user group access to it:

  1. Connect to the vCenter Server's HTML 5 interface, that is, https://FQDN of vCenter/ui.
  2. Select the ESXi host from the Inventory and navigate to Configure | System | Authentication Services. From here, click on Join Domain.
  3. On the Join Domain screen, specify a domain name and domain credentials and click OK:
  1. You should see a Join Windows Domain task complete successfully message in the Recent Tasks pane.

Now that the host is joined to the domain, we can configure it to allow access for a domain user group.

  1. With the host selected, navigate to Configure | System | Advanced System Settings and click Edit.
  2. On the Edit Advanced System Settings screen, type esxadmin into the search box to filter the settings.
  3. Click on the Value field corresponding to the Config.HostAgent.plugins.hostsvc.esxAdminsGroup setting and enter the name of the domain user group:

You should now be able to log in as a domain user to the console (direct/SSH) and DCUI using the following formats:

  • user@domain: For example, abhilashgb@vdescribed
  • domain\user: For example, vdescribed\abhilashgb

How it works...

Once the ESXi host has been joined to the Active Directory domain, a domain user group can be allowed to log in to the ESXi host. This access is enabled by specifying the name of the user group using the advanced system setting, that is, Config.HostAgent.plugins.hostsvc.esxAdminsGroup.

By default, this user group is granted administrator privileges. This behavior can, however, be changed by using the advanced system setting, that is, Config.HostAgent.plugins.hostsvc.esxAdminsGroupAutoAdd.

Previous Section
End of Chapter 1
Next Chapter