6.0
Table Of Contents
- vSphere Command-Line Interface Concepts and Examples
- Contents
- About This Book
- vSphere CLI Command Overviews
- Introduction
- List of Available Host Management Commands
- Targets and Protocols for vCLI Host Management Commands
- Supported Platforms for vCLI Commands
- Commands with an esxcfg Prefix
- ESXCLI Overview
- Connection Options for vCLI Host Management Commands
- Connection Options for DCLI Commands
- vCLI Host Management Commands and Lockdown Mode
- Managing Hosts
- Managing Files
- Managing Storage
- Introduction to Storage
- Examining LUNs
- Detaching Devices and Removing a LUN
- Working with Permanent Device Loss
- Managing Paths
- Managing Path Policies
- Scheduling Queues for Virtual Machine I/O
- Managing NFS/NAS Datastores
- Monitoring and Managing SAN Storage
- Monitoring and Managing Virtual SAN Storage
- Monitoring vSphere Flash Read Cache
- Monitoring and Managing Virtual Volumes
- Migrating Virtual Machines with svmotion
- Configuring FCoE Adapters
- Scanning Storage Adapters
- Retrieving SMART Information
- Managing iSCSI Storage
- iSCSI Storage Overview
- Protecting an iSCSI SAN
- Command Syntax for esxcli iscsi and vicfg-iscsi
- iSCSI Storage Setup with ESXCLI
- iSCSI Storage Setup with vicfg-iscsi
- Listing and Setting iSCSI Options
- Listing and Setting iSCSI Parameters
- Enabling iSCSI Authentication
- Setting Up Ports for iSCSI Multipathing
- Managing iSCSI Sessions
- Managing Third-Party Storage Arrays
- Managing NMP with esxcli storage nmp
- Path Claiming with esxcli storage core claiming
- Managing Claim Rules
- Managing Users
- Managing Virtual Machines
- vmware-cmd Overview
- Listing and Registering Virtual Machines
- Retrieving Virtual Machine Attributes
- Managing Virtual Machine Snapshots with vmware-cmd
- Powering Virtual Machines On and Off
- Connecting and Disconnecting Virtual Devices
- Working with the AnswerVM API
- Forcibly Stopping Virtual Machines with EXCLI
- Managing vSphere Networking
- Introduction to vSphere Networking
- Retrieving Basic Networking Information
- Network Troubleshooting
- Setting Up vSphere Networking with vSphere Standard Switches
- Setting Up Virtual Switches and Associating a Switch with a Network Interface
- Retrieving Information About Virtual Switches
- Adding and Deleting Virtual Switches
- Checking, Adding, and Removing Port Groups
- Managing Uplinks and Port Groups
- Setting the Port Group VLAN ID
- Managing Uplink Adapters
- Adding and Modifying VMkernel Network Interfaces
- Setting Up vSphere Networking with vSphere Distributed Switch
- Managing Standard Networking Services in the vSphere Environment
- Setting the DNS Configuration
- Adding and Starting an NTP Server
- Managing the IP Gateway
- Setting Up IPsec
- Managing the ESXi Firewall
- Monitoring VXLAN
- Monitoring ESXi Hosts
- Index
VMware, Inc. 17
Chapter 1 vSphere CLI Command Overviews
Trust Relationship Requirement for ESXCLI Commands
StartingwithvSphere6.0,ESXCLIcheckswhetheratrustrelationshipexistsbetweenthemachinewhereyou
runtheESXCLIcommandandtheESXihost.Anerrorresultsifthetrustrelationshipdoesnotexist.
Toestablishthetrustrelationship,youhavetheseoptions.
Downloading and Installing the vCenter Server Certificate
YoucandownloadthevCenterServerrootcertificateusingaWebbrowserandaddittothetrustedcertificates
onthemachinewhereyouplanonrunningESXCLIcommands.
To download the certificate
1TypetheURLofthevCenterServersystemorvCenterServerVirtualApplianceintoaWebBrowser.
2ClicktheDownloadtrusted
rootcertificateslink.
3 Changetheextensionofthedownloadedfileto.zip.(ThefileisaZIPfileofallcertificatesinthe
TRUSTED_ROOTSstore).
4ExtracttheZIPfile.
Theresultisacertsfolder.Thefolderincludesfileswiththeextension.0..1,andsoon,whichare
certificates,and
fileswiththeextension.r0,r1,andsoonwhichareCRLfilesassociatedwiththe
certificates.
5Addthetrustedrootcertificatestothelistoftrustedroots.Theprocessdiffersdependingontheplatform
youareon.
YoucannowrunESXCLIcommandsagainstanyhostthatismanagedby
thetrustedvCenterServerwithout
supplyingadditionalinformationifyouspecifythevCenterServerinthe--serveroptionandtheESXihost
inthe--vihostoption.
Using the --cacertsfile Option
Usingacertificatetoestablishthetrustrelationshipisthemostsecureoption.Youcanspecifythecertificate
withthe--cacertsfileparameterortheVI_CACERTFILEvariable.
Using the --thumbprint Option
Youcansupplythethumbprintforthetargetserver(ESXihostorvCenterServersystem)inthe--thumbprint
parameter(VI_THUMBPRINTvariable).
Whenyourunacommand,ESXCLIchecksfirstwhetheracertificatefileisavailable.Ifnot,ESXCLIchecks
whetherathumbprintofthetargetserverisavailable.Ifnot,an
errorlikethefollowingresults:
Connect to sof-40583-srv failed. Server SHA-1 thumbprint:
5D:01:06:63:55:9D:DF:FE:38:81:6E:2C:FA:71:BC:Usin63:82:C5:16:51 (not trusted).
Youcanrunthecommandwiththethumbprinttoestablishthetrustrelationship,oraddthethumbprintto
theVI_THUMBPRINTvariable.Forexample,usingthethumbprintoftheESXihostabove,youcanrunthe
followingcommand:
esxcli --server myESXi --username user1 --password 'my_password' --thumbprint
5D:01:06:63:55:9D:DF:FE:38:81:6E:2C:FA:71:BC:63:82:C5:16:51 storage nfs list
Using the Credential Store
YourvCLIinstallationincludesacredentialstore.Youcanmanagethecredentialstorewiththe
credstore-adminutilityapplication,whichislocatedinthe/Perl/apps/generaldirectoryinsidethe
VMwarevSphereCLIdirectory.
I
MPORTANTUpdatingthecredentialstoreisatwo‐stepprocess.Firstyouaddtheuserandpasswordforthe
server,andthenyouaddthethumbprintfortheserver.