ESX Engineer Configuration Commands Cheat Sheet

I periodically set up ESX servers for customers. Over time I have developed a document that helps me when I am performing configurations on-site. This is by no means an inclusive list of commands, this is more a brain dump for me so I have access to this in case my laptop isn’t handy. If anybody has any additions, I would love to hear them!!

• Edit an ESX server to allow root SSH and SFTP access
  
  
  
  • vi /etc/ssh/sshd_config
  • Change PermitRootLogin no to yes
  • Restart ssh service using the command: service sshd restart
  
  

• Edit an ESX Server for NTP access (Internet in this case, could be a customer NTP server)
  
  
  
  • vi /etc/ntp.conf
  • Change OUR TIMESERVERS section, enter the server names – For the Internet use the following:
    
    
    
    • server 0.us.pool.ntp.org
    • server 1.us.pool.ntp.org
    • server 2.us.pool.ntp.org
    
    
  • Pipe the NTP Servers into step-tickers so NTP will update at NTP start using the following the commands:
    
    
    
    • Echo 0.us.pool.ntp.org >> /etc/ntp/step-tickers
    • Echo 1.us.pool.ntp.org >> /etc/ntp/step-tickers
    • Echo 2.us.pool.ntp.org >> /etc/ntp/step-tickers
    
    
  • Set NTP to start: chkconfig ntpd on
  • Set ESX Firewall to allow NTP Traffic: esxcfg-firewall –e ntpClient
  • Run an manual update: ntpdate 0.us.pool.ntp.org
  
  

• Patch the ESX Server with the latest patches (Update Manager is MUCH easier!)
• NOTE: The patches must be installed in “groups” based on their date starting with the oldest to the newest (i.e. apply the Septmber 9th patches, then the September 21st patches, etc)

• 
  
  
  
  • SFTP the Patches into a directory on the server
  • Change into the folder and run the following as root
  • For ESX 3.0.X: tar –xvzf (name of patch).tgz
  • For ESX 3.5.X: unzip *.zip
  • change into the directory it creates
  • esxupdate –(2 dashes)noreboot update
  • change back to the root patch folder, rinse, repeat
  • When complete enter the following command to check the patch status: esxupdate query
  
  

• Commands to change the server ip, name, dns, gatewat, etc.
  
  
  
  • To check the config of the server from the command line: esxcfg-info
  • To check the vSwitch settings from the command line: esxcfg-nics -l
  • To change the hostname of the server or the default gateway
    
    
    
    • vi /etc/sysconfig/network
    • vi /etc/hosts with the new name
    
    
  • To change the DNS entries of the ESX server: vi /etc/resolv.conf
  • To change the IP Address and the Subnet Mask of the ESX Server:
    
    
    
    • esxcfg-vswif –i (IP Address) –n (Subnet Mask) (vswitch-name -> vswif0 for the Service Console by default)
    
    
  • To change the VLAN tag of the service console port:
    
    
    
    • esxcfg-vswitch vSwitch0 –p “Service Console” –v (VLAN NUMBER)
    
    
  • NOTE: If you modify the above settings, make sure you also modify the network section of the /root/anaconda-ks.cfg file as well (ESX 3.5 only)
  • To see what services the ESX firewall will allow: esxcfg-firewall –s
  • To change the root password from the command line: passwd
  • If you have changed the ip address or name and HA is acting up:
    
    
    
    • /opt/vmware/aam/bin/ft_gethostbyname
    • rename and/or delete FT_HOSTS file under /etc/opt/vmware/aam/
    
    
    
    
    Scott has more information at this link for network configuration.