6.5
Table Of Contents
- vSphere Command-Line Interface Concepts and Examples
- Contents
- About This Book
- vSphere CLI Command Overviews
- Introduction
- List of Available Host Management Commands
- Targets and Protocols for vCLI Host Management Commands
- Supported Platforms for vCLI Commands
- Commands with an esxcfg Prefix
- ESXCLI Commands Available on Different ESXi Hosts
- Trust Relationship Requirement for ESXCLI Commands
- Using ESXCLI Output
- Connection Options for vCLI Host Management Commands
- Connection Options for DCLI Commands
- vCLI Host Management Commands and Lockdown Mode
- Managing Hosts
- Managing Files
- Managing Storage
- Introduction to Storage
- Examining LUNs
- Detach a Device and Remove a LUN
- Reattach a Device
- Working with Permanent Device Loss
- Managing Paths
- Managing Path Policies
- Scheduling Queues for Virtual Machine I/O
- Managing NFS/NAS Datastores
- Monitor and Manage FibreChannel SAN Storage
- Monitoring and Managing Virtual SAN Storage
- Monitoring vSphere Flash Read Cache
- Monitoring and Managing Virtual Volumes
- Migrating Virtual Machines with svmotion
- Configuring FCoE Adapters
- Scanning Storage Adapters
- Retrieving SMART Information
- Managing iSCSI Storage
- iSCSI Storage Overview
- Protecting an iSCSI SAN
- Command Syntax for esxcli iscsi and vicfg-iscsi
- iSCSI Storage Setup with ESXCLI
- iSCSI Storage Setup with vicfg-iscsi
- Listing and Setting iSCSI Options
- Listing and Setting iSCSI Parameters
- Enabling iSCSI Authentication
- Set Up Ports for iSCSI Multipathing
- Managing iSCSI Sessions
- Managing Third-Party Storage Arrays
- Managing Users
- Managing Virtual Machines
- Managing vSphere Networking
- Introduction to vSphere Networking
- Retrieving Basic Networking Information
- Troubleshoot a Networking Setup
- Setting Up vSphere Networking with vSphere Standard Switches
- Setting Up Virtual Switches and Associating a Switch with a Network Interface
- Retrieving Information About Virtual Switches
- Adding and Deleting Virtual Switches
- Checking, Adding, and Removing Port Groups
- Managing Uplinks and Port Groups
- Setting the Port Group VLAN ID
- Managing Uplink Adapters
- Adding and Modifying VMkernel Network Interfaces
- Managing VMkernel Network Interfaces with ESXCLI
- Add and Configure an IPv4 VMkernel Network Interface with ESXCLI
- Add and Configure an IPv6 VMkernel Network Interface with ESXCLI
- Managing VMkernel Network Interfaces with vicfg-vmknic
- Add and Configure an IPv4 VMkernel Network Interface with vicfg-vmknic
- Add and Configure an IPv6 VMkernel Network Interface with vicfg-vmknic
- Setting Up vSphere Networking with vSphere Distributed Switch
- Managing Standard Networking Services in the vSphere Environment
- Setting the DNS Configuration
- Manage an NTP Server
- Manage the IP Gateway
- Setting Up IPsec
- Manage the ESXi Firewall
- Monitor VXLAN
- Monitoring ESXi Hosts
- Index
5 Add the trusted root certicates to the list of trusted roots.
The process diers depending on the platform that you are on.
What to do next
You can now run ESXCLI commands against any host that is managed by the trusted vCenter Server system
without supplying additional information if you specify the vCenter Server system in the --server option
and the ESXi host in the --vihost option.
Using the --cacertsfile Option
Using a certicate to establish the trust relationship is the most secure option.
You can specify the certicate with the --cacertsfile parameter or the VI_CACERTFILE variable.
Using the --thumbprint Option
You can supply the thumbprint for the target ESXi host or vCenter Server system in the --thumbprint
parameter or the VI_THUMBPRINT variable.
When you run a command, ESXCLI rst checks whether a certicate le is available. If not, ESXCLI checks
whether a thumbprint of the target server is available. If not, you receive an error of the following type.
Connect to sof-40583-srv failed. Server SHA-1 thumbprint: 5D:01:06:63:55:9D:DF:FE:38:81:6E:2C:FA:
71:BC:Usin63:82:C5:16:51 (not trusted).
You can run the command with the thumbprint to establish the trust relationship, or add the thumbprint to
the VI_THUMBPRINT variable. For example, using the thumbprint of the ESXi host above, you can run the
following command.
esxcli --server myESXi --username user1 --password 'my_password' --thumbprint 5D:
01:06:63:55:9D:DF:FE:38:81:6E:2C:FA:71:BC:63:82:C5:16:51 storage nfs list
Use the Credential Store
Your vCLI installation includes a credential store. You can establish trust for a user with the credential store.
You can manage the credential store with the credstore-admin utility application, which is located in
the /Perl/apps/general directory inside the VMware vSphere CLI directory.
I Updating the credential store is a two-step process. First you add the user and password for
the server, and then you add the thumbprint for the server.
Procedure
1 Add the user and password for the target ESXi host to the local credential store.
credstore_admin.pl add --server <esxi_HOSTNAME_OR_IP> --username <user> --password <pwd>
2 Add the thumbprint for the target ESXi host. This thumbprint was returned in the error when you
aempted to connect to the host.
credstore_admin.pl add --server <esxi_HOSTNAME_OR_IP> --thumbprint <thumbprint>
3
If you are using a non-default credential store le, you must pass it in with the --credstore option.
If you do not use the --credstore option, the host becomes accessible without authentication.
vSphere Command-Line Interface Concepts and Examples
18 VMware, Inc.