vSphere: Unattended ESX4 installation Tips & Tricks

In this post I will share some tips / tricks and scripts, which I used to create an unattended ESX4 installation.

 

One of the important lessons I have learned with creating a ks.cfg file for vSphere is how to use proper escaping.

for each $ in your script use a \ to escape it properly. See the example below:

VMHBA=\$(/usr/sbin/esxcfg-scsidevs -a |grep "Software iSCSI" |awk ‘{print \$1}’)

This form of escaping was necessary to get my script working. My script started with the following lines:

%post

cat > /root/esx01.sh <<EOF1

#!/bin/sh

and these are the last lines of the script:

##########################
# Finish
##########################
echo "Making sure the script runs only once"

EOF1

###Make esxcfg.sh eXcutable
chmod +x /root/esx01.sh

###Backup original rc.local file
cp /etc/rc.d/rc.local /etc/rc.d/rc.local.bak

###Make esx01.sh run from rc.local and make rc.local reset itself
cat >> /etc/rc.d/rc.local <<EOF
cd /tmp
/root/esx01.sh
mv -f /etc/rc.d/rc.local.bak /etc/rc.d/rc.local
shutdown -r now
EOF

The rest of this post, I will show you some tips about configuring Syslog, iSCSI, User creation, Change service console memory, Install Dell Open Manage agent, Set the host into maintenance mode.

But before I start with the tips mentioned above, I want to share a little trick a learned from  a comment from David on an excellent blog post by Robert Patton. In stead of using a long sleep at the beginning of your script, you can use the following tip:

hostd-vmdb

Before you start the post script, you have to wait until the hostd-vmdb service is ready. This is necessary  if you want to use the /usr/bin/vmware-vim-cmd command. With the following while loop, you can check the status of the hostd-vmdb service. When the service is ready, the script continues to configure your ESX server.

####################################################
#Wait until host service is ready
####################################################
while ! vmware-vim-cmd /hostsvc/runtimeinfo; do
sleep 20
done

 

I configured the Syslog settings at the beginning of my script, so I can monitor al the steps via the Syslog service:

Syslog

This is just an easy one. The only thing you have to do is echo the following lines:

####################################################
# Configure Syslog
####################################################
echo "# remote syslog server Splunk" >> /etc/syslog.conf
echo "*.* @192.168.123.219" >> /etc/syslog.conf
service syslog restart

The next tips is about the configuration of iSCSI.

Configure iSCSI

The following script part will add a new vSwitch1 called iSCSI and set the IP settings.

####################################################
# Add Storage Networking
####################################################
/usr/sbin/esxcfg-vswitch –add-pg="iSCSI" vSwitch1
/usr/sbin/esxcfg-vswitch –pg="iSCSI" -v 36 vSwitch1
/usr/sbin/esxcfg-vmknic -a -i 172.1.1.202 -n 255.255.255.0 "iSCSI"

/usr/sbin/esxcfg-route 192.168.123.254

# Refresh network settings
/usr/bin/vmware-vim-cmd internalsvc/refresh_network

The next step is to enable the iSCSI initiator and add a rule to the Firewall. After the 10 seconds sleep, the correct VMHBA will be selected for the rest of the steps. The VMHBA is saved in a variable which will be used to set the CHAP password, add the iSCSI Send Targets and perform a VMHBA rescan.

####################################################
# Configure iSCSI
####################################################
/usr/bin/vmware-vim-cmd hostsvc/firewall_enable_ruleset swISCSIClient
/usr/bin/vmware-vim-cmd hostsvc/storage/software_iscsi_enabled true

sleep 10

VMHBA=\$(/usr/sbin/esxcfg-scsidevs -a |grep "Software iSCSI" |awk ‘{print \$1}’)

# Set CHAP password
/usr/bin/vmware-vim-cmd hostsvc/storage/iscsi_enable_chap \$VMHBA iscsi_cluster_01 <chap_password>

# Add iSCSI Send Targets
/usr/bin/vmware-vim-cmd hostsvc/storage/iscsi_add_send_target \$VMHBA 172.1.1.10
/usr/bin/vmware-vim-cmd hostsvc/storage/iscsi_add_send_target \$VMHBA 172.1.1.11

sleep 15

/usr/sbin/esxcfg-rescan \$VMHBA

The rest of the vSwitches / Portgroups are left out of this post.

 

Add Users

If you want to add users with encrypted passwords, You can use the openssl passwd –1 command on
an existing ESX Server to generate a MD5 encrypted password.

This little trick can be used to generate the root password for ESX and to generate passwords for other users.

You can use the following line to set the root password during the installation:

# root Password
rootpw –iscrypted $1$EpQvSrYkznF6yCLKPQqZPUYr6z

and if you want to add more users to the Service console, you can use the following lines:

####################################################
# Add users
####################################################
/usr/sbin/useradd -p ‘\$1\$L4fGhr0F\$ImLwX47v3xZkAH4HrmBjr0′ -c "Arne Fokkema" afokkema

Instead of generating passwords, you can also use the string from the /etc/shadow file. You can open de file with cat and copy the string:

 

Change the vSwitch portnumber value to 120

To change the vSwitch portnumber to 120, you can use the following command:

####################################################
# Change the vSwitch portnumber to 120
####################################################
/usr/bin/vmware-vim-cmd  hostsvc/net/vswitch_setnumports vSwitch0 128

This will change the default setting to 120:

 

Change the Service Console Memory to 800MB

To change the Service Console memory to 800MB, you can use the following commands. These settings are applied after a reboot.

####################################################
# Configure Service Console Memory to 800MB
####################################################
/usr/bin/vmware-vim-cmd /hostsvc/memoryinfo 838860800
/usr/sbin/esxcfg-boot -b
/usr/sbin/esxcfg-boot -t

This is how it looks like in the vSphere client:

 

Dell Open Manage Agent

The script below is a based on a script by Scot Hanson (aka @DellServerGeek) which you can find here.

This script will download the OM agent from an internal Webserver and opens the firewall for the Open Manage agent.

####################################################
# Dell OM Agent        
####################################################

mkdir -p /root/OM

#Download OM.tar.gz
esxcfg-firewall –allowOutgoing
lwp-download http://webserver/OM/OM.tar.gz /root/OM/.
esxcfg-firewall –blockOutgoing

cd /root/OM
tar -zxf OM.tar.gz
chmod a+x *.*

./linux/supportscripts/srvadmin-install.sh -x
#./linux/supportscripts/srvadmin-services.sh start

/usr/sbin/esxcfg-firewall -o 1311,tcp,in,OpenManageRequest

Enable vMotion

To enable vMotion, We use another variable to capture the right vmkernel portgroup:

####################################################
# Enable vMotion on the vMotion PG
####################################################

service mgmt-vmware restart
sleep 1m

VMK=\$(esxcfg-vmknic -l |grep vMotion |awk ‘{print \$1}’)
/usr/bin/vmware-vim-cmd hostsvc/vmotion/vnic_set \$VMK

# Refresh network settings
/usr/bin/vmware-vim-cmd internalsvc/refresh_network

Enter Maintenance mode

When the installation is ready, the ESX host will enter maintenance mode before it restarts to finalize the installation.

####################################################
# Enter Maintenance mode
####################################################
/usr/bin/vmware-vim-cmd /hostsvc/maintenance_mode_enter

 

It can cost you a lot of time to create a ks.cfg to match your vSphere environment. But when it’s ready, it will save you a lot of time deploying new hosts or redeploy other hosts.

If you have any additional scripts or tips please leave a comment or contact me on twitter: @afokkema

 

Sources:

• http://xtravirt.com/xd10083
• http://virtualfoundry.blogspot.com/2009/04/ultimate-kickstart-file-part-two.html
• http://www.delltechcenter.com/page/Install+and+Configure+OMSA+on+ESX