6.7
Table Of Contents
- vSphere Virtual Machine Administration
- Contents
- About vSphere Virtual Machine Administration
- Introduction to VMware vSphere Virtual Machines
- Deploying Virtual Machines
- Create a Virtual Machine with the New Virtual Machine Wizard
- Clone a Virtual Machine to a Template
- Clone a Virtual Machine to a Template in the vSphere Web Client
- Deploy a Virtual Machine from a Template
- Deploy a Virtual Machine from a Template in the vSphere Web Client
- Clone an Existing Virtual Machine
- Clone an Existing Virtual Machine in the vSphere Web Client
- Cloning a Virtual Machine with Instant Clone
- Clone a Template to a Template
- Clone a Template to a Template in the vSphere Web Client
- Convert a Template to a Virtual Machine
- Deploying OVF and OVA Templates
- Using Content Libraries
- Create a Library
- Synchronize a Subscribed Content Library
- Edit a Content Library
- Hierarchical Inheritance of Permissions for Content Libraries
- Content Library Administrator Role
- Populating Libraries with Content
- Creating Virtual Machines and vApps from Templates in a Content Library
- Working with Items in a Library
- Configuring Virtual Machine Hardware
- Virtual Machine Compatibility
- Virtual CPU Configuration
- Virtual CPU Limitations
- Configuring Multicore Virtual CPUs
- Change CPU Hot Plug Settings
- Change the Number of Virtual CPUs
- Allocate CPU Resources
- Change CPU Identification Mask Settings
- Expose VMware Hardware Assisted Virtualization
- Enable Virtual CPU Performance Counters
- Configure Processor Scheduling Affinity
- Change CPU/MMU Virtualization Settings
- Virtual Memory Configuration
- Virtual Disk Configuration
- About Virtual Disk Provisioning Policies
- Large Capacity Virtual Disk Conditions and Limitations
- Change the Virtual Disk Configuration
- Use Disk Shares to Prioritize Virtual Machines
- Configure Flash Read Cache for a Virtual Machine
- Determine the Virtual Disk Format and Convert a Virtual Disk from the Thin Provision Format to a Thick Provision Format
- Add a Hard Disk to a Virtual Machine
- SCSI and SATA Storage Controller Conditions, Limitations, and Compatibility
- Virtual Machine Network Configuration
- Network Adapter Basics
- Network Adapters and Legacy Virtual Machines
- Change the Virtual Machine Network Adapter Configuration
- Add a Network Adapter to a Virtual Machine
- Parallel and Serial Port Configuration
- Using Serial Ports with vSphere Virtual Machines
- Adding a Firewall Rule Set for Serial Port Network Connections
- Configure Virtual Machine Communication Interface Firewall
- Change the Serial Port Configuration in the vSphere Web Client
- Authentication Parameters for Virtual Serial Port Network Connections
- Add a Serial Port to a Virtual Machine in the vSphere Web Client
- Change the Parallel Port Configuration
- Add a Parallel Port to a Virtual Machine vSphere Web Client
- Other Virtual Machine Device Configuration
- Change the CD/DVD Drive Configuration in the vSphere Web Client
- Add or Modify a Virtual Machine CD or DVD Drive
- Change the Floppy Drive Configuration in the vSphere Web Client
- Add a Floppy Drive to a Virtual Machine in the vSphere Web Client
- Add and Configure a SCSI Device
- Add a PCI Device
- Configuring 3D Graphics
- Add an NVIDIA GRID vGPU to a Virtual Machine
- USB Configuration from an ESXi Host to a Virtual Machine
- USB Autoconnect Feature
- vSphere Features Available with USB Passthrough
- Configuring USB Devices for vMotion
- Avoiding Data Loss with USB Devices
- Connecting USB Devices to an ESXi Host
- Add USB Devices to an ESXi Host
- Add a USB Controller to a Virtual Machine
- Add USB Devices from an ESXi Host to a Virtual Machine
- Remove USB Devices That Are Connected Through an ESXi Host
- Remove USB Devices from an ESXi Host
- USB Configuration from a Client Computer to a Virtual Machine
- Add a Shared Smart Card Reader to Virtual Machines
- Securing Virtual Machines with Virtual Trusted Platform Module
- Configuring Virtual Machine Options
- Virtual Machine Options Overview
- General Virtual Machine Options
- Configuring User Mappings on Guest Operating Systems
- VMware Remote Console Options
- Virtual Machine Encryption
- Virtual Machine Power Management Options
- Configuring VMware Tools Options
- Virtualization Based Security
- Configuring Virtual Machine Boot Options
- Configuring Virtual Machine Advanced Options
- Configure Fibre Channel NPIV Settings
- Managing Multi-Tiered Applications with vSphere vApp
- Create a vApp
- Create or Add an Object to a vApp
- Edit vApp Settings
- Clone a vApp
- Perform vApp Power Operations
- Edit vApp Notes
- Add a Network Protocol Profile in the vSphere Web Client
- Virtual Machine vApp Options
- Monitoring Solutions with the vCenter Solutions Manager
- Managing Virtual Machines
- Installing a Guest Operating System
- Customizing Guest Operating Systems
- Guest Operating System Customization Requirements
- Create a vCenter Server Application to Generate Computer Names and IP Addresses
- Customize Windows During Cloning or Deployment in the vSphere Web Client
- Customize Linux During Cloning or Deployment in the vSphere Web Client
- Apply a Customization Specification to a Virtual Machine
- Creating and Managing Customization Specifications
- Edit Virtual Machine Startup and Shutdown Settings in the vSphere Web Client
- Edit Virtual Machine Startup and Shutdown Settings
- Install the VMware Enhanced Authentication Plug-in
- Using a Virtual Machine Console
- Answer Virtual Machine Questions
- Removing and Reregistering VMs and VM Templates
- Managing Virtual Machine Templates
- Using Snapshots To Manage Virtual Machines
- Enhanced vMotion Compatibility as a Virtual Machine Attribute
- Migrating Virtual Machines
- Migrate a Powered Off or Suspended Virtual Machine
- Migrate a Powered-Off or Suspended Virtual Machine in the vSphere Web Client
- Migrate a Virtual Machine to a New Compute Resource
- Migrate a Virtual Machine to New Storage
- Migrate a Virtual Machine to New Storage in the vSphere Web Client
- Migrate a Virtual Machine to a New Compute Resource and Storage
- Migrate a Virtual Machine to a New Compute Resource and Storage in the vSphere Web Client
- Upgrading Virtual Machines
- Required Privileges for Common Tasks
- Troubleshooting Overview
- Troubleshooting Virtual Machines
n
Virtual machine encryption (to encrypt the virtual machine home files).
n
Key Management Server (KMS) configured for vCenter Server (virtual machine encryption
depends on KMS). For more details, see the vSphere Security documentation.
n
Guest OS support:
n
Windows Server 2016 (64 bit)
n
Windows 10 (64 bit)
Dierences Between a Hardware TPM and a Virtual TPM
You use a hardware Trusted Platform Module (TPM) as a cryptographic coprocessor to provide secure
storage of credentials or keys. A vTPM performs the same functions as a TPM, but it performs
cryptographic coprocessor capabilities in software. A vTPM uses the .nvram file, which is encrypted
using virtual machine encryption, as its secure storage.
A hardware TPM includes a preloaded key called the Endorsement Key (EK). The EK has a private and
public key. The EK provides the TPM with a unique identity. For a vTPM, this key is provided either by the
VMware Certificate Authority (VMCA) or by a third-party Certificate Authority (CA). Once the vTPM uses a
key, it is typically not changed because doing so invalidates sensitive information stored in the vTPM. The
vTPM does not contact the CA at any time.
Enable Virtual Trusted Platform Module for an Existing Virtual
Machine
You can add a Virtual Trusted Platform Module (vTPM) to an existing virtual machine to provide enhanced
security to the guest operating system. You must set up the KMS before you can add a vTPM.
You can enable a vTPM for virtual machines running on vSphere 6.7 and later. The VMware virtual TPM
is compatible with TPM 2.0, and creates a TPM-enabled virtual chip for use by the virtual machine and
the guest OS it hosts.
Prerequisites
n
Ensure your vSphere environment is configured for virtual machine encryption. See the vSphere
Security documentation.
n
The guest OS you use must be either Windows Server 2016 (64 bit) or Windows 10 (64 bit).
n
Verify that the virtual machine is turned off.
n
The ESXi hosts running in your environment must be ESXi 6.7 or later.
n
The virtual machine must use EFI firmware.
Procedure
1 Connect to vCenter Server by using the vSphere Client.
2 Right-click the virtual machine in the inventory that you want to modify and select Edit Settings.
3 In the Edit Settings dialog box, click Add New Device and select Trusted Platform Module.
vSphere Virtual Machine Administration
VMware, Inc. 165