6.0.1
Table Of Contents
- vSphere Virtual Machine Administration
- Contents
- About vSphere Virtual Machine Administration
- Updated Information
- Introduction to VMware vSphere Virtual Machines
- Deploying Virtual Machines
- About Provisioning Virtual Machines
- Create a Virtual Machine Without a Template or Clone
- Deploy a Virtual Machine from a Template
- Start the Deploy a Virtual Machine from a Template Task
- Select a Template
- Select the Virtual Machine Name and Folder
- Select a Resource
- Select a Datastore
- Select Clone Options
- Customize the Guest Operating System
- Enter Additional Customization Parameters for the Guest Operating System
- Customize Virtual Machine Hardware
- Finish Virtual Machine Creation
- Clone a Virtual Machine
- Start the Clone an Existing Virtual Machine Task
- Select a Virtual Machine to Clone
- Select the Virtual Machine Name and Folder
- Select a Resource
- Select a Datastore
- Select Clone Options
- Customize the Guest Operating System
- Enter Additional Customization Parameters for the Guest Operating System
- Customize Virtual Machine Hardware
- Finish Virtual Machine Creation
- Clone a Virtual Machine to a Template in the vSphere Web Client
- Clone a Template to a Template in the vSphere Web Client
- Convert a Template to a Virtual Machine
- Customizing Guest Operating Systems
- Guest Operating System Customization Requirements
- Create a vCenter Server Application to Generate Computer Names and IP Addresses
- Customize Windows During Cloning or Deployment
- Customize Linux During Cloning or Deployment
- Apply a Customization Specification to a Virtual Machine
- Creating and Managing Customization Specifications
- Create a Customization Specification for Linux
- Create a Customization Specification for Windows
- Create a Customization Specification for Windows Using a Custom Sysprep Answer File in the vSphere Web Client
- Edit a Customization Specification
- Remove a Customization Specification in the vSphere Web Client
- Copy a Customization Specification in the vSphere Web Client
- Export a Customization Specification in the vSphere Web Client
- Import a Customization Specification
- Deploying OVF Templates
- OVF File Format and OVF Templates
- Deploy an OVF Template in the vSphere Web Client
- Select the OVF Source Location
- Review the OVF Details
- Accept the OVF License Agreements
- Select OVF Name and Location
- Select OVF Deployment Configuration
- Select a Resource for the OVF Template
- Select Storage for OVF Template
- Configure Networks for OVF Template
- Customize the OVF Template
- Configure vService Dependency
- Browse VMware Virtual Appliance Marketplace
- Export an OVF Template
- Using Content Libraries
- Create a Library
- Synchronize a Subscribed Library
- Edit the Settings of a Local Library
- Edit the Settings of a Subscribed Library
- Delete a Content Library
- Hierarchical Inheritance of Permissions for Content Libraries
- Sample User Role for Working with Content Libraries
- Populating Libraries with Content
- Working with Items in a Library
- Creating Virtual Machines and vApps from Templates in a Content Library
- Installing the Microsoft Sysprep Tool
- Configuring Virtual Machine Hardware
- Virtual Machine Compatibility
- Virtual CPU Configuration
- Virtual CPU Limitations
- Configuring Multicore Virtual CPUs
- Change CPU Hot Plug Settings
- Change the Number of Virtual CPUs
- Allocate CPU Resources
- Configure Processor Scheduling Affinity
- Change CPU Identification Mask Settings in the vSphere Web Client
- Expose VMware Hardware Assisted Virtualization
- Enable Virtual CPU Performance Counters
- Change CPU/MMU Virtualization Settings
- Virtual Memory Configuration
- Network Virtual Machine Configuration
- Parallel and Serial Port Configuration
- Using Serial Ports with vSphere Virtual Machines
- Adding a Firewall Rule Set for Serial Port Network Connections
- Configure Virtual Machine Communication Interface Firewall
- Change the Serial Port Configuration
- Authentication Parameters for Virtual Serial Port Network Connections
- Add a Serial Port to a Virtual Machine
- Change the Parallel Port Configuration
- Add a Parallel Port to a Virtual Machine
- Virtual Disk Configuration
- About Virtual Disk Provisioning Policies
- Large Capacity Virtual Disk Conditions and Limitations
- Change the Virtual Disk Configuration
- Add a Hard Disk to a Virtual Machine
- Use Disk Shares to Prioritize Virtual Machines
- Configure Flash Read Cache for a Virtual Machine
- Converting Virtual Disks from Thin to Thick
- SCSI and SATA Storage Controller Conditions, Limitations, and Compatibility
- Other Virtual Machine Device Configuration
- Change the CD/DVD Drive Configuration in the vSphere Web Client
- Add a CD or DVD Drive to a Virtual Machine in the vSphere Web Client
- Change the Floppy Drive Configuration in the vSphere Web Client
- Add a Floppy Drive to a Virtual Machine in the vSphere Web Client
- Change the SCSI Device Configuration in the vSphere Web Client
- Add a SCSI Device to a Virtual Machine in the vSphere Web Client
- Add a PCI Device in the vSphere Web Client
- Configuring 3D Graphics
- Reduce Memory Overhead for Virtual machines with 3D graphics Option
- USB Configuration from an ESXi Host to a Virtual Machine
- USB Autoconnect Feature
- vSphere Features Available with USB Passthrough
- Configuring USB Devices for vMotion
- Avoiding Data Loss with USB Devices
- Connecting USB Devices to an ESXi Host
- Add USB Devices to an ESXi Host
- Add a USB Controller to a Virtual Machine
- Add USB Devices from an ESXi Host to a Virtual Machine
- Remove USB Devices That Are Connected Through an ESXi Host
- Remove USB Devices from an ESXi Host
- USB Configuration from a Client Computer to a Virtual Machine
- Connecting USB Devices to a Client Computer
- Connect USB Devices to a Client Computer
- Add a USB Controller to a Virtual Machine
- Add USB Devices from a Client Computer to a Virtual Machine in the vSphere Web Client
- Remove USB Devices That Are Connected Through a Client Computer in the vSphere Web Client
- Remove a USB Controller from a Virtual Machine in the vSphere Web Client
- Remove USB Devices from a Client Computer
- Add a Shared Smart Card Reader to Virtual Machines
- Configuring Virtual Machine Options
- Virtual Machine Option Overview
- Change the Virtual Machine Name
- View the Virtual Machine Configuration and Working File Location
- Change the Configured Guest Operating System
- Configuring User Mappings on Guest Operating Systems
- Change the Virtual Machine Console Options for Remote Users
- Configure the Virtual Machine Power States
- Configure Virtual Machines to Automatically Upgrade VMware Tools
- Manage Power Management Settings for a Virtual Machine
- Delay the Boot Sequence
- Disable Virtual Machine Acceleration
- Enable Virtual Machine Logging
- Configure Virtual Machine Debugging and Statistics
- Change the Swap File Location
- Edit Configuration File Parameters
- Configure Fibre Channel NPIV Settings
- Managing Multi-Tiered Applications with vSphere vApp
- Create a vApp
- Create a Virtual Machine, Resource Pool, or Child vApp Inside a vApp
- Add Virtual Machine or Child vApp to a vApp
- Edit vApp Settings
- Clone a vApp
- Perform vApp Power Operations
- Edit vApp Notes
- Add a Network Protocol Profile
- Select the Network Protocol Profile Name and Network
- Specify Network Protocol Profile IPv4 Configuration
- Specify Network Protocol Profile IPv6 Configuration
- Specify Network Protocol Profile DNS and Other Configuration
- Complete the Network Protocol Profile Creation
- Associate a Port Group with a Network Protocol Profile
- Configure a Virtual Machine or vApp to Use a Network Protocol Profile
- Virtual Machine vApp Options
- Monitoring Solutions with the vCenter Solutions Manager
- Managing Virtual Machines
- Edit Virtual Machine Startup and Shutdown Settings
- Install the Client Integration Plug-In
- Using a Virtual Machine Remote Console
- Open the HTML 5 Remote Console
- Install the VMware Remote Console Application
- Using the VMware Remote Console Application
- Adding and Removing Virtual Machines
- Change the Template Name
- Deleting Templates
- Using Snapshots To Manage Virtual Machines
- VMware Tools Components, Configuration Options, and Security Requirements
- Components of VMware Tools
- Repairing, Changing, and Uninstalling VMware Tools Components
- Security Considerations for Configuring VMware Tools
- Using vmwtool to Configure VMware Tools in a NetWare Virtual Machine
- Using the VMware Tools Configuration Utility
- Upgrading Virtual Machines
- Upgrading VMware Tools
- Installing VMware Tools
- Planning Downtime for Virtual Machines
- Downtime for Upgrading Virtual Machines
- Manually Install or Upgrade VMware Tools in a Windows Virtual Machine
- Automate VMware Tools Installation for Multiple Windows Virtual Machines
- Manually Install or Upgrade VMware Tools in a Linux Virtual Machine
- Operating System Specific Packages for Linux Guest Operating Systems
- Manually Install or Upgrade VMware Tools in a Mac OS X Virtual Machine
- Manually Install or Upgrade VMware Tools in a Solaris Virtual Machine
- Manually Install or Upgrade VMware Tools in a NetWare Virtual Machine
- Manually Install or Upgrade VMware Tools in a FreeBSD Virtual Machine
- Upgrade VMware Tools
- Perform an Automatic Upgrade of VMware Tools
- Upgrade the Compatibility for Virtual Machines
- Schedule a Compatibility Upgrade for Virtual Machines
- Required Privileges for Common Tasks
- Index
Threats Associated with Unprivileged User Accounts
Disk shrinking feature
Shrinking a virtual disk reclaims unused disk space. Users and processes
without root or administrator privileges can invoke this procedure. Because
the disk-shrinking process can take considerable time to complete, invoking
the disk-shrinking procedure repeatedly can cause a denial of service. The
virtual disk is unavailable during the shrinking process. Use the
following .vmx settings to disable disk shrinking:
isolation.tools.diskWiper.disable = "TRUE"
isolation.tools.diskShrink.disable = "TRUE"
Copy and paste feature
By default, the ability to copy and paste text, graphics, and files is disabled,
as is the ability to drag and drop files. When this feature is enabled, you can
copy and paste rich text and, depending on the VMware product, graphics
and files from your clipboard to the guest operating system in a virtual
machine. That is, as soon as the console window of a virtual machine gains
focus, nonprivileged users and processes running in the virtual machine can
access the clipboard on the computer where the console window is running.
To avoid risks associated with this feature, retain the following .vmx settings,
which disable copying and pasting:
isolation.tools.copy.disable = "TRUE"
isolation.tools.paste.disable = "TRUE"
Threats Associated with Virtual Devices
Connecting and
modifying devices
By default, the ability to connect and disconnect devices is disabled. When
this feature is enabled, users and processes without root or administrator
privileges can connect devices such as network adapters and CD-ROM
drives, and they can modify device settings. That is, a user can connect a
disconnected CD-ROM drive and access sensitive information on the media
left in the drive. A user can also disconnect a network adapter to isolate the
virtual machine from its network, which is a denial of service. To avoid risks
associated with this feature, retain the following .vmx settings, which disable
the ability to connect and disconnect devices or to modify device settings:
isolation.device.connectable.disable = "TRUE"
isolation.device.edit.disable = "TRUE"
Threats Associated with Virtual Machine Information Flow
Configuring virtual
machine log number
Depending on your log settings, new log files might be created each time the
old file is larger than 100KB. Uncontrolled logging can lead to denial of
service if the datastore runs out of disk space. VMware recommends saving
10 log files. By default, the maximum size for log files is 100KB, and you
cannot change that value at the virtual machine level. Use the following .vmx
setting to set number of log files:
vmx.log.keepOld = "10"
vSphere Virtual Machine Administration
210 VMware, Inc.