VMware ESXi Installation and Setup

VMware ESXi Installation

and Setup

Update 3

VMware vSphere 7.0

VMware ESXi 7.0

You can find the most up-to-date technical documentation on the VMware by Broadcom website at:

https://docs.vmware.com/

VMware by Broadcom

3401 Hillview Ave.

Palo Alto, CA 94304

www.vmware.com

and/or its subsidiaries. For more information, go to https://www.broadcom.com. All trademarks, trade

names, service marks, and logos referenced herein belong to their respective companies.

VMware ESXi Installation and Setup

VMware by Broadcom 2

Contents

1 About VMware ESXi Installation and Setup 5

2 Introduction to vSphere Installation and Setup 6

Overview of the vSphere Installation and Setup Process 7

About

ESXi Evaluation and Licensed Modes 10

5 Installing and Setting Up ESXi 11

ESXi Requirements 11

ESXi System Storage Overview 11

ESXi Hardware Requirements 14

Supported Remote Management Server Models and Firmware Versions 17

Recommendations for Enhanced ESXi Performance 18

Incoming and Outgoing Firewall Ports for ESXi Hosts 19

Required Free Space for System Logging 19

VMware Host Client System Requirements 20

ESXi Passwords and Account Lockout 21

Preparing for Installing ESXi 23

Download the ESXi Installer 23

Options for Installing ESXi 23

Media Options for Booting the ESXi Installer 25

Using Remote Management Applications 30

Customizing Installations with vSphere ESXi Image Builder 30

Required Information for ESXi Installation 74

Installing ESXi 75

Installing ESXi Interactively 75

Installing or Upgrading Hosts by Using a Script 79

Overview of the Network Boot Installation Process 96

Installing ESXi Using vSphere Auto Deploy 110

Troubleshooting vSphere Auto Deploy 205

Setting Up ESXi 212

ESXi Autoconfiguration 212

About the Direct Console ESXi Interface 212

Enable ESXi Shell and SSH Access with the Direct Console User Interface 216

Managing ESXi Remotely 217

Set the Password for the Administrator Account 217

Configuring the BIOS Boot Settings 218

VMware by Broadcom

Configuring Network Settings 219

Storage Behavior 225

Configuring System Logging 227

Set the Host Image Profile Acceptance Level 242

Remove All Custom Packages on ESXi 243

Modify ESXi Configuration Files 243

Deactivate Support for Non-ASCII Characters on ESXi 244

Reset the System Configuration 244

After You Install and Set Up ESXi 245

Licensing ESXi Hosts 245

View System Logs 247

6 Troubleshooting ESXi Booting 248

Host Stops Unexpectedly at Bootup When Sharing a Boot Disk with Another Host 248

Host Fails to Boot After You Install ESXi in UEFI Mode 249

Decommission an ESXi Host 250

VMware ESXi Installation and Setup

VMware by Broadcom 4

About VMware ESXi Installation

and Setup

VMware ESXi Installation and Setup describes how to install and configure VMware ESXi™.

At VMware, we value inclusion. To foster this principle within our customer, partner, and internal

community, we have updated this guide to remove instances of non-inclusive language.

Intended Audience

VMware ESXi Installation and Setup

is intended for experienced administrators who want to

install and configure

ESXi.

This information is written for experienced Windows or Linux system administrators who are

familiar with virtual machine technology and data center operations. The information about using

the Image Builder and VMware vSphere

Auto Deploy

™

is written for administrators who have

experience with Microsoft PowerShell and VMware vSphere

PowerCLI

™

VMware by Broadcom

Introduction to vSphere

Installation and Setup

vSphere 7.0 provides various options for installation and setup. To ensure a successful vSphere

deployment, you should understand the installation and setup options, and the sequence of

tasks.

The two core components of vSphere are ESXi and vCenter Server. ESXi is the virtualization

platform on which you can create and run virtual machines and virtual appliances. vCenter Server

is a service that acts as a central administrator for ESXi hosts connected in a network. vCenter

Server lets you pool and manage the resources of multiple hosts.

You deploy the vCenter Server appliance, a preconfigured virtual machine optimized for running

vCenter Server and the vCenter Server components. You can deploy the vCenter Server

appliance on ESXi hosts or on vCenter Server instances.

For detailed information about the vCenter Server installation process, see

vCenter Server

Installation and Setup

VMware by Broadcom

Overview of the vSphere

Installation and Setup Process

vSphere is a sophisticated product with multiple components to install and set up. To ensure a

successful vSphere deployment, understand the sequence of tasks required.

Installing vSphere includes the following tasks:

VMware by Broadcom 7

Figure 3-1. vSphere Installation and Setup Workflow

Start the vSphere

installation and setup

End of the vSphere

installation and setup

Install ESXi

on at least one host

Set up ESXi

Deploy vCenter Server Appliance

Client to create and organize

your vCenter Server inventory

1 Read the vSphere release notes.

2 Install ESXi.

a Verify that your system meets the minimum hardware requirements. See ESXi

Requirements.

b Determine the ESXi installation option to use. See Options for Installing ESXi .

c Determine where you want to locate and boot the ESXi installer. See Media Options for

Booting the ESXi Installer. If you are using PXE to boot the installer, verify that your

network PXE infrastructure is properly set up. See Network Booting the ESXi Installer.

d Create a worksheet with the information you will need when you install ESXi. See

Required Information for ESXi Installation.

VMware ESXi Installation and Setup

VMware by Broadcom 8

e Install ESXi.

n Installing ESXi Interactively

n Installing or Upgrading Hosts by Using a Script

Note You can also provision ESXi hosts by using vSphere Auto Deploy, but vSphere

Auto Deploy is installed together with vCenter Server. To provision ESXi hosts by using

Auto Deploy, you must install vCenter Server.

3 Configure the ESXi boot and network settings, the direct console, and other settings. See

Setting Up ESXi and After You Install and Set Up ESXi.

4 Consider setting up a syslog server for remote logging, to ensure sufficient disk storage for

log files. Setting up logging on a remote host is especially important for hosts with limited

local storage. See Required Free Space for System Logging and Configure Syslog on ESXi

Hosts.

5 Install vCenter Server.

For detailed information, see the

vCenter Server Installation and Setup

guide.

VMware ESXi Installation and Setup

VMware by Broadcom 9

About ESXi Evaluation and

Licensed Modes

You can use evaluation mode to explore a set of features equal to the vSphere Enterprise Plus

license.

You can use evaluation mode to explore the entire set of features for ESXi hosts. The evaluation

mode provides the set of features equal to a vSphere Enterprise Plus license. Before the

evaluation mode expires, you must assign to your hosts a license that supports all the features

in use. For example, in evaluation mode, you can use vSphere vMotion technology, the vSphere

HA feature, the vSphere DRS feature, and other features. If you want to continue using these

features, you must assign a license that supports them.

The installable version of ESXi hosts is always installed in evaluation mode. ESXi Embedded is

preinstalled on an internal storage device by your hardware vendor. It might be in evaluation

mode or prelicensed.

The evaluation period is 60 days and begins when you turn on the ESXi host. At any time during

the 60-day evaluation period, you can convert from licensed mode to evaluation mode. The time

available in the evaluation period is decreased by the time already used.

For example, suppose that you use an ESXi host in evaluation mode for 20 days and then assign

a vSphere Standard Edition license key to the host. If you set the host back in evaluation mode,

you can explore the entire set of features for the host for the remaining evaluation period of 40

days.

For ESXi hosts, license or evaluation period expiry leads to disconnection from vCenter Server.

All powered on virtual machines continue to work, but you cannot power on virtual machines

after they are powered off. You cannot change the current configuration of the features that are

in use. You cannot use the features that remained unused before the license expiration.

For information about managing licensing for ESXi hosts, see the

vCenter Server and Host

Management

documentation.

VMware by Broadcom

Installing and Setting Up ESXi

You can install and set up ESXi on your physical hardware so that it acts as a platform for virtual

machines.

Read the following topics next:

n ESXi Requirements

n Preparing for Installing ESXi

n Installing ESXi

n Setting Up ESXi

n After You Install and Set Up ESXi

ESXi Requirements

To install or upgrade ESXi, your system must meet specific hardware and software requirements.

ESXi System Storage Overview

ESXi 7.0 introduces a system storage layout that allows flexible partition management and

support for large modules, and third-party components, while facilitating debugging.

ESXi 7.0 System Storage Changes

Before ESXi 7.0 , partition sizes were fixed, except for the /scratch partition and the optional

VMFS datastore, and the partition numbers were static, limiting partition management. With ESXi

7.0, partitions are consolidated into fewer, larger partitions that are expandable, depending on

the used boot media and its capacity.

The ESXi 7.0 system storage layout consists of four partitions:

Table 5-1. ESXi 7.0 system storage partitions:

Partition Use Type

System Boot Stores boot loader and EFI modules. FAT16

Boot-bank 0 System space to store ESXi boot modules. FAT16

VMware by Broadcom 11

Table 5-1. ESXi 7.0 system storage partitions: (continued)

Partition Use Type

Boot-bank 1 System space to store ESXi boot modules. FAT16

ESX-OSData Acts as the unified location to store additional modules.

Not used for booting and virtual machines.

Consolidates the legacy /scratch partition, locker partition for VMware Tools, and

core dump destinations.

Caution Always create ESX-OSData partitions on persistent storage device that is

not shared between ESXi hosts. Use USB, SD and non-USB flash media devices only

for boot bank partitions.

VMFS-L

The ESX-OSData volume is divided into two high-level categories of data, persistent and non-

persistent data. Persistent data contains of data written infrequently, for example, VMware Tools

ISOs, configurations, and core dumps.

Non-persistent data contains of frequently written data, for example, logs, VMFS global traces,

vSAN Entry Persistence Daemon (EPD) data, vSAN traces, and real-time databases.

Figure 5-1. Consolidated system storage in ESXi 7.0 and later

boot-bank 0

system boot

boot-bank 1

small core-dump

scratch

VMFS datastore

boot-bank 0

system boot

boot-bank 1

VMFS datastore

ESX-OS Data

ROM data RAM data

4 MB

250 MB

110 MB

286 MB

2.5 GB

4 GB

(created if media > 8.5 GB

not created on USB flash drive)

locker

large core-dump

(created if media > 3.4 GB)

ESXi 6.x

system storage layout

ESXi 7.0

system storage layout

100 MB

500 MB to 4 GB,

(depending on the

size of the used

boot media)

500 MB to 4 GB,

(depending on the

size of the used

boot media)

remaining space,

up to 128 GB

remaining space,

(for media size > 142 GB)

ESXi 7.0 System Storage Sizes

Partition sizes, except for the system boot partition, can vary depending on the size of the boot

media used. If the boot media is a high-endurance one with capacity larger than 142 GB, a VMFS

datastore is created automatically to store virtual machine data.

VMware ESXi Installation and Setup

VMware by Broadcom 12

You can review the boot media capacity and the automatic sizing as configured by the ESXi

installer by using the vSphere Client and navigating to the Partition Details view. Alternatively,

you can use ESXCLI, for example the esxcli storage filesystem list command.

Table 5-2. ESXi 7.0 System Storage Sizes, Depending on the Used Boot Media and Its Capacity.

Boot Media Size 8-10 GB 10-32 GB 32-128 GB >128 GB

System Boot 100 MB 100 MB 100 MB 100 MB

Boot-bank 0 500 MB 1 GB 4 GB 4 GB

Boot-bank 1 500 MB 1 GB 4 GB 4 GB

ESX-OSData remaining space remaining space remaining space up to 128 GB

VMFS datastore remaining space for

media size > 142 GB

Starting with vSphere 7.0 Update 1c, you can use the ESXi installer boot option systemMediaSize

to limit the size of system storage partitions on the boot media. If your system has a small

footprint that does not require the maximum of 128 GB of system storage size, you can limit it to

the minimum of 32 GB. The systemMediaSize parameter accepts the following values:

n min (32 GB, for single disk or embedded servers)

n small (64 GB, for servers with at least 512 GB of RAM)

n default (128 GB)

n max (consume all available space, for multi-terabyte servers)

The selected value must fit the purpose of your system. For example, a system with 1 TB of

memory must use the minimum of 64 GB for system storage. To set the boot option at install

time, for example systemMediaSize=small, refer to Enter Boot Options to Start an Installation or

Upgrade Script. For more information, see Knowledge Base article 81166.

ESXi 7.0 System Storage Links

The sub-systems that require access to the ESXi partitions, access these partitions by using the

following symbolic links:

Table 5-3.

ESXi 7.0 system storage symbolic links.

System Storage Volume Symbolic Link

Boot-bank 0

/bootbank

Boot-bank 1

/altbootbank

VMware ESXi Installation and Setup

VMware by Broadcom 13

Table 5-3. ESXi 7.0 system storage symbolic links. (continued)

System Storage Volume Symbolic Link

Persistent data

/productLocker

/locker

/var/core

/usr/lib/vmware/isoimages

/usr/lib/vmware/floppies

Non-persistent data

/var/run

/var/log

/var/vmware

/var/tmp

/scratch

ESXi Hardware Requirements

Make sure that the host meets the minimum hardware configurations supported by ESXi 7.0.

Hardware and System Resources

To install or upgrade ESXi, your hardware and system resources must meet the following

requirements:

n Supported server platform. For a list of supported platforms, see the VMware Compatibility

Guide.

n ESXi 7.0 requires a host with at least two CPU cores.

n ESXi 7.0 supports a broad range of multi-core of 64-bit x86 processors. For a complete list of

supported processors, see the VMware Compatibility Guide.

n ESXi 7.0 requires the NX/XD bit to be enabled for the CPU in the BIOS.

n ESXi 7.0 requires a minimum of 8 GB of physical RAM. Provide at least 8 GB of RAM to run

virtual machines in typical production environments.

n To support 64-bit virtual machines, support for hardware virtualization (Intel VT-x or AMD

RVI) must be enabled on x64 CPUs.

n One or more Gigabit or faster Ethernet controllers. For a list of supported network adapter

models, see the VMware Compatibility Guide.

n ESXi 7.0 requires a boot disk of at least 32 GB of persistent storage such as HDD, SSD, or

NVMe. Use USB, SD and non-USB flash media devices only for ESXi boot bank partitions. A

boot device must not be shared between ESXi hosts.

n SCSI disk or a local, non-network, RAID LUN with unpartitioned space for the virtual machines.

VMware ESXi Installation and Setup

VMware by Broadcom 14

n For Serial ATA (SATA), a disk connected through supported SAS controllers or supported

on-board SATA controllers. SATA disks are considered remote, not local. These disks are not

used as a scratch partition by default because they are seen as remote.

Note You cannot connect a SATA CD-ROM device to a virtual machine on an ESXi host. To

use the SATA CD-ROM device, you must use IDE emulation mode.

Storage Systems

For a list of supported storage systems, see the VMware Compatibility Guide. For Software Fibre

Channel over Ethernet (FCoE), see Installing and Booting ESXi with Software FCoE.

ESXi Booting Requirements

vSphere 7.0 supports booting ESXi hosts from the Unified Extensible Firmware Interface (UEFI).

With UEFI, you can boot systems from hard drives, CD-ROM drives, or USB media.

vSphere Auto Deploy supports network booting and provisioning of ESXi hosts with UEFI.

ESXi can boot from a disk larger than 2 TB if the system firmware and the firmware on any add-in

card that you are using support it. See the vendor documentation.

Storage Requirements for ESXi 7.0 Installation or Upgrade

For best performance of an ESXi 7.0 installation, use a persistent storage device that is a

minimum of 32 GB for boot devices. Upgrading to ESXi 7.0 requires a boot device that is a

minimum of 8 GB. When booting from a local disk, SAN or iSCSI LUN, at least a 32 GB disk is

required to allow for the creation of system storage volumes, which include a boot partition, boot

banks, and a VMFS-L based ESX-OSData volume. The ESX-OSData volume takes on the role of

the legacy /scratch partition, locker partition for VMware Tools, and core dump destination.

Other options for best performance of an ESXi 7.0 installation are the following:

n A local disk of 128 GB or larger for optimal support of ESX-OSData. The disk contains the

boot partition, ESX-OSData volume and a VMFS datastore.

n A device that supports the minimum of 128 terabytes written (TBW).

n A device that delivers at least 100 MB/s of sequential write speed.

n To provide resiliency in case of device failure, a RAID 1 mirrored device is recommended.

Legacy SD and USB devices are supported with the following limitations:

n SD and USB devices are supported for boot bank partitions. For best performance, also

provide a separate persistent local device with a minimum of 32 GB to store the /scratch

and VMware Tools partitions of the ESX-OSData volume. The optimal capacity for persistent

local devices is 128 GB. The use of SD and USB devices for storing ESX-OSData partitions is

being deprecated.

VMware ESXi Installation and Setup

VMware by Broadcom 15

n Starting with ESXi 7.0 Update 3, if the boot device is a USB or SD card with no local

persistent storage, such as HDD, SSD, or a NVMe device, the VMware Tools partition

is automatically created on the RAM disk. For more information, see Connection to the /

bootbank partition intermittently breaks when you use USB or SD devices.

n If you assign the /scratch partition to a USB or SD card with no local persistent storage,

you see warnings to prevent you from creating or configuring partitions other than the boot

bank partitions on flash media devices. For best performance, set the /scratch partition on

the RAM disk. You can also configure and move the

/scratch partition to a SAN or NFS. For

more information, see Creating a persistent scratch location for ESXi 8.x/7.x/6.x.

n You must use an SD flash device that is approved by the server vendor for the particular

server model on which you want to install ESXi on an SD flash storage device. You can find a

list of validated devices on partnerweb.vmware.com.

n See SD card/USB boot device revised guidance on updated guidance for SD card or USB-

based environments.

n To chose a proper SD or USB boot device, see Boot device guidance for low endurance

media (vSphere and vSAN).

Caution If a local disk cannot be found, or the boot media is a USB or SD device without an

additional durable storage for persistent data, then the /scratch partition is on the RAM disk,

linked to /tmp, and ESXi 7.0 operates in degraded mode.

When in degraded mode, you see a System Alert such as: ALERT: No persistent storage

available for system logs and data. ESX is operating with limited system

storage space, logs and system data will be lost on reboot.

When ESXi 7.0 operates in degraded mode, the consumption of RAM for logs might result in

nonpersistent logs, possible failure to log or out of memory condition for temporary data. A

possible side effect is slow booting due to the time spent for rebuilding of the disk state.

Use persistent storage of sufficient size to prevent degraded mode. You can reconfigure /

scratch to use a separate disk or LUN.

The upgrade process to ESXi 7.0 repartitions the boot device and consolidates the original core

dump, locker, and scratch partitions into the ESX-OSData volume.

The following events occur during the repartitioning process:

n If a custom core dump destination is not configured, then the default core dump location is a

file in the ESX-OSData volume.

n If the syslog service is configured to store log files on the 4 GB VFAT scratch partition, the

log files in var/run/log are migrated to the ESX-OSData volume.

n VMware Tools are migrated from the locker partition and the partition is wiped.

VMware ESXi Installation and Setup

VMware by Broadcom 16

n The core dump partition is wiped. The application core dump files that are stored on the

scratch partition are deleted.

Note Rollback to an earlier version of ESXi is not possible due to the repartitioning process of

the boot device. To use an earlier version of ESXi after upgrading to version 7.0, you must create

a backup of the boot device before the upgrade, and restore the ESXi boot device from the

backup.

If you use USB or SD devices to perform an upgrade, the installer attempts to allocate an

ESX-OSData region on an available local disk. A datastore is used for /scratch, if no space

is available. If no local disk or datastore is found, /scratch is placed on the RAM disk. After

the upgrade, reconfigure

/scratch to use a persistent datastore or add a new disk for system

storage volumes.

To reconfigure /scratch, see Set the Scratch Partition from the vSphere Client.

After upgrading to ESXi 7.0, you can add a new local disk and enable the setting

autoPartition=TRUE. After a reboot, the boot disk is partitioned. For more information on the

boot options to configure the size of ESXi system partitions, see Boot option to configure the

size of ESXi system partitions.

In Auto Deploy installations, the installer attempts to allocate a scratch region on an available

local disk or datastore. If no local disk or datastore is found, the /scratch partition is placed on

the RAM disk. Reconfigure /scratch to use a persistent datastore after the installation.

For environments that boot from a SAN or use Auto Deploy, the ESX-OSData volume for each

ESXi host must be set up on a separate SAN LUN. However, if /scratch is configured not to

use ESX-OSData, you do not need to allocate a separate LUN for /scratch for each host. You

can co-locate the scratch regions for multiple ESXi hosts onto a single LUN. The number of hosts

assigned to any single LUN should be weighed against the LUN size and the I/O behavior of the

virtual machines.

Supported Remote Management Server Models and Firmware

Versions

You can use remote management applications to install or upgrade ESXi, or to manage hosts

remotely.

Table 5-4. Supported Remote Management Server Models and Minimum Firmware Versions

Remote Management Server

Model Firmware Version Java

Dell DRAC 7 1.30.30 (Build 43) 1.7.0_60-b19

Dell DRAC 6 1.54 (Build 15), 1.70 (Build 21) 1.6.0_24

Dell DRAC 5 1.0, 1.45, 1.51 1.6.0_20,1.6.0_203

Dell DRAC 4 1.75 1.6.0_23

VMware ESXi Installation and Setup

VMware by Broadcom 17

Table 5-4. Supported Remote Management Server Models and Minimum Firmware Versions

(continued)

Remote Management Server

Model Firmware Version Java

HP ILO 1.81, 1.92 1.6.0_22, 1.6.0_23

HP ILO 2 1.8, 1.81 1.6.0_20, 1.6.0_23

HP ILO 3 1.28 1.7.0_60-b19

HP ILO 4 1.13 1.7.0_60-b19

HP ILO 5 2.15 N/A

IBM RSA 2 1.03, 1.2 1.6.0_22

Recommendations for Enhanced ESXi Performance

To enhance performance, install or upgrade ESXi on a robust system with more RAM than the

minimum required and with multiple physical disks.

For ESXi system requirements, see ESXi Hardware Requirements.

Table 5-5. Recommendations for Enhanced Performance

System Element Recommendation

RAM ESXi hosts require more RAM than typical servers. Provide

at least 8 GB of RAM to take full advantage of ESXi

features and run virtual machines in typical production

environments. An ESXi host must have sufficient RAM to

run concurrent virtual machines. The following examples

are provided to help you calculate the RAM required by

the virtual machines running on the ESXi host.

Operating four virtual machines with

Red Hat Enterprise Linux or Windows XP requires at

least 3 GB of RAM for baseline performance. This figure

includes 1024 MB for the virtual machines, 256 MB

minimum for each operating system as recommended by

vendors.

Running these four virtual machines with 512 MB RAM

requires that the ESXi host have 4 GB RAM, which

includes 2048 MB for the virtual machines.

These calculations do not include possible memory

savings from using variable overhead memory for each

virtual machine. See

vSphere Resource Management

Dedicated Fast Ethernet adapters for virtual machines Place the management network and virtual machine

networks on different physical network cards. Dedicated

Gigabit Ethernet cards for virtual machines, such as

Intel PRO 1000 adapters, improve throughput to virtual

machines with high network traffic.

VMware ESXi Installation and Setup

VMware by Broadcom 18

Table 5-5. Recommendations for Enhanced Performance (continued)

System Element Recommendation

Disk location Place all data that your virtual machines use on

physical disks allocated specifically to virtual machines.

Performance is better when you do not place your virtual

machines on the disk containing the ESXi boot image. Use

physical disks that are large enough to hold disk images

that all the virtual machines use.

VMFS6 partitioning The ESXi installer creates the initial VMFS volumes on

the first blank local disk found. To add disks or modify

the original configuration, use the vSphere Client. This

practice ensures that the starting sectors of partitions are

64K-aligned, which improves storage performance.

Note For SAS-only environments, the installer might not

format the disks. For some SAS disks, it is not possible

to identify whether the disks are local or remote. After

the installation, you can use the vSphere Client to set up

VMFS.

Processors Faster processors improve ESXi performance. For certain

workloads, larger caches improve ESXi performance.

Hardware compatibility Use devices in your server that are supported by ESXi 7.0

drivers. See the

Hardware

Compatibility

Guide

at http://

www.vmware.com/resources/compatibility.

Incoming and Outgoing Firewall Ports for ESXi Hosts

Open and close firewall ports for each service by using either the vSphere Client or the VMware

Host Client.

ESXi includes a firewall that is enabled by default. At installation time, the ESXi firewall is

configured to block incoming and outgoing traffic, except traffic for services that are enabled

in the host's security profile. For the list of supported ports and protocols in the ESXi firewall, see

the VMware Ports and Protocols Tool

™

at https://ports.vmware.com/.

The VMware Ports and Protocols Tool lists port information for services that are installed by

default. If you install other VIBs on your host, additional services and firewall ports might become

available. The information is primarily for services that are visible in the vSphere Client but the

VMware Ports and Protocols Tool includes some other ports as well.

Required Free Space for System Logging

If you used Auto Deploy to install your ESXi 7.0 host, or if you set up a log directory separate

from the default location in a scratch directory on the VMFS volume, you might need to change

your current log size and rotation settings to ensure that enough space is available for system

logging .

VMware ESXi Installation and Setup

VMware by Broadcom 19

All vSphere components use this infrastructure. The default values for log capacity in this

infrastructure vary, depending on the amount of storage available and on how you have

configured system logging. Hosts that are deployed with Auto Deploy store logs on a RAM disk,

which means that the amount of space available for logs is small.

If your host is deployed with Auto Deploy, reconfigure your log storage in one of the following

ways:

n Redirect logs over the network to a remote collector.

n Redirect logs to a NAS or NFS store.

If you redirect logs to non-default storage, such as a NAS or NFS store, you might also want to

reconfigure log sizing and rotations for hosts that are installed to disk.

You do not need to reconfigure log storage for ESXi hosts that use the default configuration,

which stores logs in a scratch directory on the VMFS volume. For these hosts, ESXi 7.0

configures logs to best suit your installation, and provides enough space to accommodate log

messages.

Table 5-6. Recommended Minimum Size and Rotation Configuration for hostd, vpxa, and fdm

Logs

Log Maximum Log File Size

Number of Rotations to

Preserve Minimum Disk Space Required

Management Agent

(hostd)

10 MB 10 100 MB

VirtualCenter Agent

(vpxa)

5 MB 10 50 MB

vSphere HA agent (Fault

Domain Manager, fdm)

5 MB 10 50 MB

For information about setting up a remote log server, see Configure Syslog on ESXi Hosts.

VMware Host Client System Requirements

Make sure that your browser supports the VMware Host Client.

The following guest operating systems and Web browser versions are supported for the VMware

Host Client.

Supported Browsers

Mac OS Windows 32-bit and 64-bit Linux

Google Chrome 89+ 89+ 75+

Mozilla Firefox 80+ 80+ 60+

Microsoft Edge 90+ 90+ N/A

Safari 9.0+ N/A N/A

VMware ESXi Installation and Setup

VMware by Broadcom 20

ESXi Passwords and Account Lockout

For ESXi hosts, you must use a password with predefined requirements. You can change

the required length and character class requirement or allow pass phrases using the

Security.PasswordQualityControl advanced option. You can also set the number of passwords

to remember for each user using the Security.PasswordHistory advanced option.

Note The default requirements for ESXi passwords can change from one release to

the next. You can check and change the default password restrictions by using the

Security.PasswordQualityControl advanced option.

ESXi Passwords

ESXi enforces password requirements for access from the Direct Console User Interface, the ESXi

Shell, SSH, or the VMware Host Client.

n By default, you must include a mix of at least three from the following four character classes:

lowercase letters, uppercase letters, numbers, and special characters such as underscore or

dash when you create a password.

n By default, password length is at least 7 characters and less than 40.

n Passwords must not contain a dictionary word or part of a dictionary word.

n Passwords must not contain the user name or parts of the user name.

Note An uppercase character that begins a password does not count toward the number of

character classes used. A number that ends a password does not count toward the number of

character classes used. A dictionary word used inside a password reduces the overall password

strength.

Example ESXi Passwords

The following password candidates illustrate potential passwords if the option is set as follows.

retry=3 min=disabled,disabled,disabled,7,7

With this setting, a user is prompted up to three times (retry=3) for a new password that is

not sufficiently strong or if the password was not entered correctly twice. Passwords with one

or two character classes and pass phrases are not allowed, because the first three items are

disabled. Passwords from three- and four-character classes require seven characters. See the

pam_passwdqc man page for details on other options, such as max, passphrase, and so on.

With these settings, the following passwords are allowed.

n xQaTEhb!: Contains eight characters from three character classes.

n xQaT3#A: Contains seven characters from four character classes.

VMware ESXi Installation and Setup

VMware by Broadcom 21

The following password candidates do not meet requirements.

n Xqat3hi: Begins with an uppercase character, reducing the effective number of character

classes to two. The minimum number of required character classes is three.

n xQaTEh2: Ends with a number, reducing the effective number of character classes to two.

The minimum number of required character classes is three.

ESXi Pass Phrase

Instead of a password, you can also use a pass phrase. However, pass phrases are

disabled by default. You can change the default setting and other settings by using the

Security.PasswordQualityControl advanced option from the vSphere Client.

For example, you can change the option to the following.

retry=3 min=disabled,disabled,16,7,7

This example allows pass phrases of at least 16 characters and at least three words.

For legacy hosts, changing the /etc/pam.d/passwd file is still supported, but changing the file

is deprecated for future releases. Use the Security.PasswordQualityControl advanced option

instead.

Changing Default Password Restrictions

You can change the default restriction on passwords or pass phrases by using the

Security.PasswordQualityControl advanced option for your ESXi host. See

vCenter Server and

Host Management

documentation for information on setting ESXi advanced options.

You can change the default, for example, to require a minimum of 15 characters and a minimum

number of four words (passphrase=4), as follows:

retry=3 min=disabled,disabled,15,7,7 passphrase=4

See the man page for pam_passwdqc for details.

Note Not all possible combinations of password options have been tested. Perform testing after

you change the default password settings.

This example sets the password complexity requirement to require eight characters from four

character classes that enforce a significant password difference, a remembered history of five

passwords, and a 90 day rotation policy:

min=disabled,disabled,disabled,disabled,8 similar=deny

Set the Security.PasswordHistory option to 5 and the Security.PasswordMaxDays option to 90.

VMware ESXi Installation and Setup

VMware by Broadcom 22

ESXi Account Lockout Behavior

Account locking is supported for access through SSH and through the vSphere Web Services

SDK. The Direct Console Interface (DCUI) and the ESXi Shell do not support account lockout. By

default, a maximum of five failed attempts is allowed before the account is locked. The account is

unlocked after 15 minutes by default.

Configuring Login Behavior

You can configure the login behavior for your ESXi host with the following advanced options:

n Security.AccountLockFailures. Maximum number of failed login attempts before a user's

account is locked. Zero deactivates account locking.

n Security.AccountUnlockTime. Number of seconds that a user is locked out.

n Security.PasswordHistory. Number of passwords to remember for each user. Zero

deactivates password history.

See the

vCenter Server and Host Management

documentation for information on setting ESXi

advanced options.

Preparing for Installing ESXi

Before you install ESXi, determine the installation option that is suitable for your environment and

prepare for the installation process.

Download the ESXi Installer

You can obtain the ESXi installer software either from an OEM or from the Broadcom Support

Portal.

the Broadcom Support Portal and Communities.

For product download instructions, see Download Broadcom products and software.

For download of offline bundle ZIP files for ESXi patches and updates, see Downloading

Broadcom PTF files and solutions.

For more information, see VMware to Broadcom Support Frequently Asked Questions.

Options for Installing ESXi

ESXi can be installed in several ways. To ensure the best vSphere deployment, understand the

options thoroughly before beginning the installation.

ESXi installations are designed to accommodate a range of deployment sizes.

Depending on the installation method you choose, different options are available for accessing

the installation media and booting the installer.

VMware ESXi Installation and Setup

VMware by Broadcom 23

Interactive ESXi Installation

Interactive installations are recommended for small deployments of fewer than five hosts.

You boot the installer from a CD or DVD, from a bootable USB device, or by PXE booting the

installer from a location on the network. You follow the prompts in the installation wizard to install

ESXi to disk. See Installing ESXi Interactively.

Scripted ESXi Installation

Running a script is an efficient way to deploy multiple ESXi hosts with an unattended installation.

The installation script contains the host configuration settings. You can use the script to configure

multiple hosts with the same settings. See Installing or Upgrading Hosts by Using a Script.

The installation script must be stored in a location that the host can access by HTTP, HTTPS, FTP,

NFS, CDROM, or USB. You can PXE boot the ESXi installer or boot it from a CD/DVD or USB

drive.

Figure 5-2. Scripted Installation

Scripted

HTTP

HTTPS

FTP

NFS

CDROM

USB

Create installation script (kickstart file)

and copy to appropriate location.

PXE boot

Boot from USB

Issues command to specify

location of installation script

and start installation.

Start installation

Boot from CD

vSphere Auto Deploy ESXi Installation

vSphere 5.x and later provide several ways to install ESXi with vSphere Auto Deploy.

vSphere Auto Deploy can provision hundreds of physical hosts with ESXi software. You can

specify the image to deploy and the hosts to provision with the image. Optionally, you can

specify host profiles to apply to the hosts, a vCenter Server location (datacenter, folder, or

cluster), and script bundle for each host.

vCenter Server makes ESXi updates and patches available for download in the form of an image

profile. The host configuration is provided in the form of a host profile. You can create host

profiles by using the vSphere Client. You can create custom image profiles by using vSphere ESXi

Image Builder. See Customizing Installations with vSphere ESXi Image Builder and

vSphere Host

Profiles

VMware ESXi Installation and Setup

VMware by Broadcom 24

When you provision hosts by using vSphere Auto Deploy, vCenter Server loads the ESXi image

directly into the host memory. vSphere Auto Deploy does not store the ESXi state on the host

disk. The vSphere Auto Deploy server continues to provision this host every time the host boots.

You can also use vSphere Auto Deploy to install an ESXi host, and set up a host profile that

causes the host to store the ESXi image and configuration on the local disk, a remote disk, or

a USB drive. Subsequently, the ESXi host boots from this local image and vSphere Auto Deploy

no longer provisions the host. This process is similar to performing a scripted installation. With a

scripted installation, the script provisions a host and the host then boots from disk. For this case,

vSphere Auto Deploy provisions a host and the host then boots from disk. For more information,

see Use vSphere Auto Deploy for Stateless Caching and Stateful Installs.

Media Options for Booting the ESXi Installer

The ESXi installer must be accessible to the system on which you are installing ESXi.

The following boot media are supported for the ESXi installer:

n Boot from a CD/DVD. See Download and Burn the ESXi Installer ISO Image to a CD or DVD.

n Boot from a USB flash drive. See Format a USB Flash Drive to Boot the ESXi Installation or

Upgrade.

n Boot from a network. See Network Booting the ESXi Installer.

n Boot from a remote location using a remote management application. See Using Remote

Management Applications.

Download and Burn the ESXi Installer ISO Image to a CD or DVD

If you do not have an ESXi installation CD/DVD, you can create one.

You can also create an installer ISO image that includes a custom installation script. See Create an

Installer ISO Image with a Custom Installation or Upgrade Script.

Procedure

1 Follow the procedure Download the ESXi Installer.

2 Burn the ISO image to a CD or DVD.

Format a USB Flash Drive to Boot the ESXi Installation or Upgrade

You can format a USB flash drive to boot the ESXi installation or upgrade.

The instructions in this procedure assume that the USB flash drive is detected as /dev/sdb.

Note The ks.cfg file that contains the installation script cannot be located on the same USB

flash drive that you are using to boot the installation or upgrade. The kickstart file does not have

any dependency on BIOS or UEFI boot.

VMware ESXi Installation and Setup

VMware by Broadcom 25

Prerequisites

n Linux machine with superuser access to it

n USB flash drive that can be detected by the Linux machine

n The ESXi ISO image, VMware-VMvisor-Installer-version_number-

build_number.x86_64.iso, which includes the isolinux.cfg file

Procedure

1 Boot Linux, log in, and enter superuser mode by using a su or sudo root command.

2 If your USB flash drive is not detected as /dev/sdb, or you are not sure how your USB flash

drive is detected, determine how it is detected.

a Plug in your USB flash drive.

b At the command line, run the command for displaying the current log messages.

tail -f /var/log/messages

You see several messages that identify the USB flash drive in a format similar to the

following message.

Oct 25 13:25:23 ubuntu kernel: [ 712.447080] sd 3:0:0:0: [sdb] Attached SCSI

removable disk

In this example, sdb identifies the USB device. If your device is identified differently, use

that identification in place of

sdb

3 Overwrite the entire USB drive with the ISO image. This overwrites the partition table and any

previous content on the USB drive.

dd bs=10M if=VMware-VMvisor-Installer-version_number-build_number.x86_64.iso

of=/dev/sdb

4 Eject the USB drive.

eject /dev/sdb

Results

You can use the USB flash drive to boot the ESXi installer.

Create a USB Flash Drive to Store the ESXi Installation Script or Upgrade Script

You can use a USB flash drive to store the ESXi installation script or upgrade script that is used

during scripted installation or upgrade of ESXi.

When multiple USB flash drives are present on the installation machine, the installation software

searches for the installation or upgrade script on all attached USB flash drives.

VMware ESXi Installation and Setup

VMware by Broadcom 26

The instructions in this procedure assume that the USB flash drive is detected as /dev/sdb.

Note Do not store the ks file containing the installation or upgrade script on the same USB flash

drive that you are using to boot the installation or upgrade.

Prerequisites

n Linux machine

ESXi installation or upgrade script, the ks.cfg kickstart file

n USB flash drive

Procedure

1 Attach the USB flash drive to a Linux machine that has access to the installation or upgrade

script.

2 Create a partition table.

/sbin/fdisk /dev/sdb

a Type d to delete partitions until they are all deleted.

b Type n to create primary partition 1 that extends over the entire disk.

c Type t to set the type to an appropriate setting for the FAT32 file system, such as c.

d Type p to print the partition table.

The result should be similar to the following text:

Disk /dev/sdb: 2004 MB, 2004877312 bytes

255 heads, 63 sectors/track, 243 cylinders

Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System

/dev/sdb1 1 243 1951866 c W95 FAT32 (LBA)

e Type w to write the partition table and quit.

3 Format the USB flash drive with the FAT32 file system.

/sbin/mkfs.vfat -F 32 -n USB /dev/sdb1

4 Create a destination directory and mount the USB flash drive to it.

mkdir -p /usbdisk

mount /dev/sdb1 /usbdisk

5 Copy the ESXi installation script to the USB flash drive.

cp ks.cfg /usbdisk

6 Unmount the USB flash drive.

umount /usbdisk

VMware ESXi Installation and Setup

VMware by Broadcom 27

Results

The USB flash drive contains the installation or upgrade script for ESXi.

What to do next

When you boot the ESXi installer, point to the location of the USB flash drive for the installation

or upgrade script. See Enter Boot Options to Run an Installation or Upgrade Script and PXELINUX

Configuration Files.

Create an Installer ISO Image with a Custom Installation or Upgrade Script

You can customize the standard ESXi installer ISO image with your own installation or upgrade

script. This customization enables you to perform a scripted, unattended installation or upgrade

when you boot the resulting installer ISO image.

See also About Installation and Upgrade Scripts and About the boot.cfg File .

Prerequisites

n Linux machine

n The ESXi ISO image VMware-VMvisor-Installer-x.x.x-XXXXXX.x86_64.iso,where

x.x.x is the version of ESXi you are installing, and XXXXXX is the build number of the installer

ISO image

n Your custom installation or upgrade script, the KS_CUST.CFG kickstart file

Procedure

1 Download the ESXi ISO image from the Broadcom Support Portal.

2 Mount the ISO image in a folder:

mount -o loop VMware-VMvisor-Installer-x.x.x-XXXXXX.x86_64.iso /

esxi_cdrom_mount

XXXXXX is the ESXi build number for the version that you are installing or upgrading to.

3 Copy the contents of esxi_cdrom to another folder:

cp -r /esxi_cdrom_mount/* /esxi_cdrom

4 Copy the kickstart file to /esxi_cdrom.

cp KS_CUST.CFG /esxi_cdrom

5 Modify the boot.cfg file in both /esxi_cdrom/efi/boot/boot.cfg (for UEFI boot) and /

esxi_cdrom/boot.cfg (for legacy BIOS boot) to specify the location of the installation or

upgrade script by using the kernelopt option.

You must use uppercase characters to provide the path of the script, for example,

kernelopt=runweasel ks=cdrom:/KS_CUST.CFG

VMware ESXi Installation and Setup

VMware by Broadcom 28

The installation or upgrade becomes completely automatic, without the need to specify the

kickstart file during the installation or upgrade.

6 Recreate the ISO image using the mkisofs or the genisoimage command.

Command Syntax

mkisofs mkisofs -relaxed-filenames -J -R -o custom_esxi.iso -b

ISOLINUX.BIN -c BOOT.CAT -no-emul-boot -boot-load-size 4

-boot-info-table -eltorito-alt-boot -eltorito-platform efi -b

EFIBOOT.IMG -no-emul-boot /esxi_cdrom

genisoimage genisoimage -relaxed-filenames -J -R -o custom_esxi.iso -b

ISOLINUX.BIN -c BOOT.CAT -no-emul-boot -boot-load-size 4

-boot-info-table -eltorito-alt-boot -e EFIBOOT.IMG -no-emul-

boot /esxi_cdrom

You can use this ISO installer image for regular boot or UEFI secure boot. However, the

vSphere Lifecycle Manager cannot verify the checksum of such an ISO image and you cannot

use it for upgrades by using vSphere Lifecycle Manager workflows.

Results

The ISO image includes your custom installation or upgrade script.

What to do next

Install ESXi from the ISO image.

Network Booting the ESXi Installer

You can use preboot execution environment (PXE) to boot an ESXi host from a network device, if

your host uses legacy BIOS or UEFI.

Alternatively, if your ESXi host supports native UEFI HTTP, you can use hypertext transfer

protocol (HTTP) to boot the host from a network device. ESXi is distributed in an ISO format

that is used to install to flash memory or to a local hard drive. You can extract the files and boot

them over a network interface.

PXE uses Dynamic Host Configuration Protocol (DHCP) and Trivial File Transfer Protocol (TFTP)

to boot an operating system over a network.

PXE booting requires some network infrastructure and a machine with a PXE-capable network

adapter. Most machines that can run ESXi have network adapters that can PXE boot.

Native UEFI HTTP uses DHCP and HTTP to boot over a network. UEFI HTTP boot requires a

network infrastructure, UEFI firmware version on the ESXi host that includes HTTP boot feature,

and a network adapter that supports UEFI networking.

VMware ESXi Installation and Setup

VMware by Broadcom 29

Booting by using HTTP is faster and more reliable than using TFTP. This is due to the capabilities

of the TCP protocol that underlies the HTTP, such as built-in streaming and lost packet recovery.

If your ESXi hosts do not support native UEFI HTTP, you can use iPXE HTTP for the boot process.

Note Network booting with legacy BIOS firmware is possible only over IPv4. Network booting

with UEFI BIOS firmware is possible over IPv4 or IPv6.

Installing and Booting ESXi with Software FCoE

You can install and boot ESXi from an FCoE LUN using VMware software FCoE adapters and

network adapters with FCoE offload capabilities. Your host does not require a dedicated FCoE

HBA.

Note Starting from vSphere 7.0, VMware deprecates software FCoE adapters in production

environments.

The boot LUN must not be shared between hosts and must have a size of minimum of 32 GB.

See the

vSphere Storage

documentation for information about installing and booting ESXi with

software FCoE.

Using Remote Management Applications

Remote management applications allow you to install ESXi on servers that are in remote

locations.

Remote management applications supported for installation include HP Integrated Lights-Out

(iLO), Dell Remote Access Card (DRAC), IBM management module (MM), and Remote Supervisor

Adapter II (RSA II). For a list of currently supported server models and remote management

firmware versions, see Supported Remote Management Server Models and Firmware Versions.

For support on remote management applications, contact the vendor.

You can use remote management applications to do both interactive and scripted installations of

ESXi remotely.

If you use remote management applications to install ESXi, the virtual CD might encounter

corruption problems with systems or networks operating at peak capacity. If a remote installation

from an ISO image fails, complete the installation from the physical CD media.

Customizing Installations with vSphere ESXi Image Builder

You can use VMware vSphere

ESXi

™

Image Builder CLI to create ESXi installation images with a

customized set of updates, patches, and drivers.

You can use vSphere ESXi Image Builder with the vSphere Client or with PowerCLI to create an

ESXi installation image with a customized set of ESXi updates and patches. You can also include

third-party network or storage drivers that are released between vSphere releases.

VMware ESXi Installation and Setup

VMware by Broadcom 30

You can deploy an ESXi image created with vSphere ESXi Image Builder in either of the following

ways:

n By burning it to an installation DVD.

n Through vCenter Server, using the Auto Deploy feature.

Understanding vSphere ESXi Image Builder

You can use the VMware vSphere

ESXi

™

Image Builder CLI to manage software depots, image

profiles, and software packages (VIBs). Image profiles and VIBs specify the software you want to

use during installation or upgrade of an ESXi host.

vSphere ESXi Image Builder Overview

With vSphere ESXi Image Builder you can create ESXi image profiles for use by vSphere Auto

Deploy, add custom third-party drivers to existing image profiles and export to ISO or bundle,

and perform upgrades.

For basic concepts related to the way VMware vSphere software is created, packaged, and

distributed, see Bulletins, Components, Add-Ons, and ESXi Base Images.

Figure 5-3. Image Builder Architecture

Depot

Image

Profile 1

Image

Profile 2

VIB

Windows Client

Image Builder

PowerCLI

ISO

ZIP

esxcli

vSphere

Lifecycle Manager

User-Created

Image Profile

vSphere

Auto Deploy

You use vSphere ESXi Image Builder cmdlets for managing the software to deploy to your ESXi

hosts in several different situations.

VMware ESXi Installation and Setup

VMware by Broadcom 31

Table 5-7. Cases Where You Can Use vSphere ESXi Image Builder

Use Case for vSphere ESXi Image Builder Description

Create image profiles for use by vSphere Auto Deploy Use vSphere ESXi Image Builder to create an image

profile that defines the VIBs that vSphere Auto Deploy

uses to provision hosts.

Add custom third-party drivers to existing image profile

and export to ISO or bundle

When you add a third-party driver or extension custom

VIBs to your ESXi hosts, use vSphere ESXi Image Builder

to clone the base image provided by VMware, add the

custom VIBs, and export to ISO or to offline bundle ZIP

file.

Perform upgrades If you upgrade а system that includes custom extensions

or drivers, you can use vSphere ESXi Image Builder to

create a custom image profile that includes vSphere 6.7

compatible VIBs for the custom extensions. Export the

custom image profile to an ISO or to a ZIP to upgrade

your system by using Update Manager baselines.

Create custom images with reduced footprint If you require a minimal footprint image, you can clone the

ESXi base image profile and remove VIBs using vSphere

ESXi Image Builder.

The vSphere ESXi Image Builder cmdlets take image profiles and VIBs as input and produce

various outputs.

Table 5-8. Input and Output to the vSphere ESXi Image Builder Cmdlets

Parameter Description

Input Image profiles and VIBs that are located in a software

depot are used as input to PowerCLI cmdlets running on a

Windows client.

Output PowerCLI cmdlets create custom image profiles that can

be exported to an ISO image or an offline depot ZIP file.

ISO images are used for installation. The ZIP depot can

be used by Update Manager or by esxcli software

commands to update or install images. Image profiles are

also used in vSphere Auto Deploy rules to customize the

software to provision ESXi hosts with.

Watch the video "Using Image Builder CLI" for information about vSphere ESXi Image Builder:

(

Using Image Builder CLI )

VMware.ImageBuilder Cmdlets Overview

The VMware.Image Builder component of VMware PowerCLI provides cmdlets for managing

VIBs, image profiles, and other content in software depots.

VMware ESXi Installation and Setup

VMware by Broadcom 32

vSphere 7.0 introduced new ways of packaging VIBs along with legacy bulletins and patches,

and software depots contain base images, vendor addons and components, along with VIBs and

image profiles. VMware PowerCLI 12.0 and later provide cmdlets that work with the new content

in software depots.

VMware.ImageBuilder includes the following cmdlets.

Note When you run VMware.ImageBuilder cmdlets, provide all parameters on the command line

when you invoke the cmdlet. Supplying parameters in interactive mode is not recommended.

Run Get-Help

cmdlet_name

at the PowerCLI prompt for detailed reference information.

Table 5-9. VMware.ImageBuilder Cmdlets Used with Legacy Content in Software Depots

Cmdlet Description

Add-EsxSoftwareDepot

Adds the software depot or ZIP file at the specified location to your current environment.

Downloads metadata from the depot and analyzes VIBs for dependencies.

Remove-

EsxSoftwareDepot

Disconnects from the specified software depot.

Get-EsxSoftwareDepot

Returns a list of software depots that are in the current environment. If you want to

examine and manage image profiles and VIBs, you must first add the corresponding

software depot to your environment.

Get-

EsxSoftwarePackage

Returns a list of software package objects (VIBs). Use this cmdlet's options to filter the

results.

Get-EsxImageProfile

Returns an array of ImageProfile objects from all currently added depots.

New-EsxImageProfile

Creates a new image profile. In most cases, creating a new profile by cloning an existing

profile is recommended. See Clone an Image Profile with PowerCLI Cmdlets.

Set-EsxImageProfile

Modifies a local ImageProfile object and performs validation tests on the modified

profile. The cmdlet returns the modified object but does not persist it.

Export-

EsxImageProfile

Exports an image profile as either an ESXi ISO image for ESXi installation, or as a ZIP file.

Compare-

EsxImageProfile

Returns an ImageProfileDiff structure that shows whether the two profiles have the

same VIB list and acceptance level. See

Acceptance Levels.

Remove-

EsxImageProfile

Removes the image profile from the software depot.

Add-

EsxSoftwarePackage

Adds one or more new packages (VIBs) to an existing image profile.

Remove-

EsxSoftwarePackage

Removes one or more packages (VIBs) from an image profile.

Set-

ESXImageProfileAssoc

iation

Associates the specified image profile with the specified ESXi system.

VMware ESXi Installation and Setup

VMware by Broadcom 33

Table 5-10. VMware.ImageBuilder Cmdlets Used with New Content in Software Depots

Cmdlet Description

Get-DepotAddons

Retrieves an array of objects that provide basic information about addons in a software

depot.

Get-DepotBaseImages

Retrieves an array of objects that provide basic information about base images in a

software depot.

Get-DepotComponents

Retrieves an array of objects that provide basic information about components in a

software depot.

Get-DepotInfo

Retrieves basic information about the software depot located at the specified file path

or URL address.

Get-DepotVibs

Retrieves an array of objects that provide basic information about VIBs in a software

depot.

New-IsoImage

Generates an ISO image by using the specified software depot and software

specification at the specified file path.

New-PxeImage

Generates a PXE image by using the specified software depot and software

specification at the specified file path.

Image Profiles

Image profiles define the set of VIBs that an ESXi installation or update process uses. Image

profiles apply to ESXi hosts provisioned with vSphere Auto Deploy. You define and manipulate

image profiles with vSphere ESXi Image Builder.

Image Profile Requirements

You can create a custom image profile from scratch or clone an existing profile and add or

remove VIBs. A profile must meet the following requirements to be valid.

n Each image profile must have a unique name and vendor combination.

n Each image profile has an acceptance level. When you add a VIB to an image profile with

an vSphere ESXi Image Builder cmdlet, Image Builder checks that the VIB matches the

acceptance level defined for the profile.

n You cannot remove VIBs that are required by other VIBs.

n You cannot include two versions of the same VIB in an image profile. When you add a new

version of a VIB, the new version replaces the existing version of the VIB.

Image Profile Validation

An image profile and its VIBs must meet several criteria to be valid.

n Image profiles must contain at least one base VIB and one bootable kernel module.

n If any VIB in the image profile depends on another VIB, that other VIB must also be included

in the image profile. VIB creators store that information in the SoftwarePackage object's

Depends property.

n VIBs must not conflict with each other. VIB creators store conflict information in the

SoftwarePackage object's Conflicts property.

VMware ESXi Installation and Setup

VMware by Broadcom 34

n Two VIBs with the same name, but two different versions, cannot coexist. When you add a

new version of a VIB, the new version replaces the existing version of the VIB.

n No acceptance level validation issues exist.

When you make a change to an image profile, vSphere ESXi Image Builder checks that the

change does not invalidate the profile.

Dependency Validation

When you add or remove a VIB, vSphere ESXi Image Builder checks that package

dependencies are met. Each SoftwarePackage object includes a Depends property that

specifies a list of other VIBs that VIB depends on. See Structure of ImageProfile,

SoftwarePackage, and ImageProfileDiff Objects

Acceptance Level Validation

vSphere ESXi Image Builder performs acceptance level validation each time an image profile

is created or changed. vSphere ESXi Image Builder checks the acceptance level of VIBs in the

image profile against the minimum allowed acceptance level of the profile. The acceptance

level of the VIB is also validated each time the signature of a VIB is validated.

VIB Validation During Export

When you export an image profile to an ISO, vSphere ESXi Image Builder validates each VIB by

performing the following actions.

n Checks that no conflicts exist by checking the Conflicts property of each SoftwarePackage

object.

n Performs VIB signature validation. Signature validation prevents unauthorized modification of

VIB packages. The signature is a cryptographic checksum that guarantees that a VIB was

produced by its author. Signature validation also happens during installation of VIBs on an

ESXi host and when the vSphere Auto Deploy server uses VIBs.

n Checks that VIBs follow file path usage rules. VMware tests VMwareCertified and

VMwareAccepted VIBs to guarantee those VIBs always follow file path usage rules.

Acceptance Levels

Each VIB is released with an acceptance level that cannot be changed. The host acceptance level

determines which VIBs can be installed to a host. You can change the host acceptance levels

with esxcli commands.

VMware supports the following acceptance levels.

VMwareCertified

The VMwareCertified acceptance level has the most stringent requirements. VIBs with this

level go through thorough testing fully equivalent to VMware in-house Quality Assurance

VMware ESXi Installation and Setup

VMware by Broadcom 35

testing for the same technology. Today, only I/O Vendor Program (IOVP) program drivers are

published at this level. VMware takes support calls for VIBs with this acceptance level.

VMwareAccepted

VIBs with this acceptance level go through verification testing, but the tests do not fully test

every function of the software. The partner runs the tests and VMware verifies the result.

Today, CIM providers and PSA plug-ins are among the VIBs published at this level. VMware

directs support calls for VIBs with this acceptance level to the partner's support organization.

PartnerSupported

VIBs with the PartnerSupported acceptance level are published by a partner that VMware

trusts. The partner performs all testing. VMware does not verify the results. This level is used

for a new or nonmainstream technology that partners want to enable for VMware systems.

Today, driver VIB technologies such as Infiniband, ATAoE, and SSD are at this level with

nonstandard hardware drivers. VMware directs support calls for VIBs with this acceptance

level to the partner's support organization.

CommunitySupported

The CommunitySupported acceptance level is for VIBs created by individuals or companies

outside of VMware partner programs. VIBs at this level have not gone through any VMware-

approved testing program and are not supported by VMware Technical Support or by a

VMware partner.

Structure of ImageProfile, SoftwarePackage, and ImageProfileDiff Objects

Knowing the structure of ImageProfile, SoftwarePackage, and ImageProfileDiff objects helps

you manage deployment and upgrade processes.

ImageProfile Object Properties

The ImageProfile object, which is accessible with the Get-EsxImageProfile PowerCLI cmdlet,

has the following properties.

Name

Type Description

AcceptanceLevel AcceptanceLevel Determines which VIBs you

can add to the profile.

Levels are VMwareCertified,

VMwareAccepted, PartnerSupported,

and CommunitySupported. See

Working with Acceptance Levels.

Author System.String The person who created the profile. 60

characters or fewer.

CreationTime System.DateTime The timestamp of creation time.

Description System.String The full text description of profile. No

length limit.

GUID System.String Globally unique ID of the image profile.

VMware ESXi Installation and Setup

VMware by Broadcom 36

Name Type Description

ModifiedTime System.DateTime The timestamp of last modification

time.

Name System.String The name of the image profile. 80

characters or fewer.

ReadOnly System.Boolean When set to true, the profile cannot

be edited. Use Set-EsxImageProfile

-Readonly to make your custom

image profiles read-only.

Rules ImageProfileRule[] Any OEM hardware requirements and

restrictions that the image profile

might have. vSphere Auto Deploy

verifies the value of this property

when deploying an image profile

and deploys the profile if matching

hardware is available.

Vendor System.String The organization that publishes the

profile. 40 characters or fewer.

VibList SoftwarePackage[] The list of VIB IDs the image contains.

SoftwarePackage Object Properties

When preparing an image profile, you can examine software packages to decide which packages

are suitable for inclusion. The SoftwarePackage object has the following properties.

Name

Type Description

AcceptanceLevel AcceptanceLevel The acceptance level of this VIB.

Conflicts SoftwareConstraint[] A list of VIBs that cannot be installed

at the same time as this VIB. Each

constraint uses the following format:

package-name[<<|<=|=|>=|<<

version]

Depends SoftwareConstraint[] A list of VIBs that must be installed

at the same time as this VIB.

Same constraint format as Conflicts

property.

Description System.String The long description of the VIB.

Guid System.String The unique ID for the VIB.

LiveInstallOk System.Boolean True if live installs of this VIB are

supported.

LiveRemoveOk System.Boolean True if live removals of this VIB are

supported.

MaintenanceMode System.Boolean True if hosts must be in maintenance

mode for installation of this VIB.

VMware ESXi Installation and Setup

VMware by Broadcom 37

Name Type Description

Name System.String The name of the VIB. Usually uniquely

describes the package on a running

ESXi system.

Provides SoftwareProvides The list of virtual packages or

interfaces this VIB provides. See

SoftwareProvide Object Properties.

ReferenceURLs SupportReference[] The list of SupportReference objects

with in-depth support information.

The SupportReference object has two

properties, Title and URL, both of type

System.String

Replaces SoftwareConstraint[] The list of SoftwareConstraint objects

that identify VIBs that replace this VIB

or make it obsolete. VIBs automatically

replace VIBs with the same name but

lower versions.

ReleaseDate System.DateTime Date and time of VIB publication or

release.

SourceUrls System.String[] The list of source URLs from which this

VIB can be downloaded.

StatelessReady System.Boolean True if the package supports host

profiles or other technologies that

make it suitable for use in conjunction

with vSphere Auto Deploy.

Summary System.String A one-line summary of the VIB.

Tags System.String[] An array of string tags for this

package defined by the vendor or

publisher. Tags can be used to identify

characteristics of a package.

Vendor System.String The VIB vendor or publisher.

Version System.String The VIB version.

VersionObject Software.Version The VersionObject property is of type

SoftwareVersion. The SoftwareVersion

class implements a static Compare

method to compare two versions of

strings. See SoftwareVersion Object

Properties

ImageProfileDiff Object Properties

When you run the Compare-EsxImageProfile cmdlet, you pass in two parameters, first the

reference profile, and then the comparison profile. The cmdlet returns an ImageProfileDiff

object, which has the following properties.

VMware ESXi Installation and Setup

VMware by Broadcom 38

Name Type Description

CompAcceptanceLevel System.String The acceptance level for the second

profile that you passed to Compare-

EsxImageProfile.

DowngradeFromRef System.String[] The list of VIBs in the second profile

that are downgrades from VIBs in the

first profile.

Equal System.Boolean True if the two image profiles have

identical packages and acceptance

levels.

OnlyInComp System.String The list of VIBs found only in the

second profile that you passed to

Compare-EsxImageProfile.

OnlyInRef System.String[] The list of VIBs found only in the first

profile that you passed to Compare-

EsxImageProfile.

PackagesEqual System.Boolean True if the image profiles have identical

sets of VIB packages.

RefAcceptanceLevel System.String The acceptance level for the first

profile that you passed to Compare-

EsxImageProfile.

UpgradeFromRef System.String[] The list of VIBs in the second profile

that are upgrades from VIBs in the first

profile.

SoftwareVersion Object Properties

The SoftwareVersion object lets you compare two version strings. The object includes a

Comparestatic method that accepts two strings as input and returns 1 if the first version string

is a higher number than the second version string. Compare returns 0 if two versions strings are

equal. Compare returns -1 if the second version string is a higher number than the first string. The

object has the following properties.

Name

Type Description

Version System.String The part of the version before the

hyphen. This part indicates the primary

version.

Release System.String The part of the version after the

hyphen. This part indicates the release

version.

SoftwareConstraint Object Properties

The SoftwareConstraint object implements a MatchesProvide method. The method accepts a

SoftwareProvides or SoftwarePackage object as input and returns True if the constraint matches

the SoftwareProvide or the SoftwarePackage, or returns False otherwise.

VMware ESXi Installation and Setup

VMware by Broadcom 39

The SoftwareConstraint object includes the following properties.

Name Type Description

Name System.String The name of the constraint. This

name should match a corresponding

SoftwareProvide Name property.

Relation System.String An enum, or one of the following

comparison indicators: <<, <=, = >=,

>>. This property can be $null if the

constraint does not have a Relation

and

Version

property.

Version System.String The version to match the constraint

against. This property can be $null

if the constraint does not have a

Relation and Version property.

VersionObject SoftwareVersion The version represented by a

SoftwareVersion object.

SoftwareProvide Object Properties

The SoftwareProvide object includes the following properties.

Name

Type Description

Name System.String The name of the provide.

Version System.String The version of the provide. Can be

$null if the provide does not specify a

version.

Release System.String The version of the provide as

represented by a SoftwareVersion

object. See SoftwareVersion Object

Properties.

vSphere ESXi Image Builder Installation and Usage

vSphere ESXi Image Builder consists of the vSphere ESXi Image Builder server and the vSphere

ESXi Image Builder PowerShell cmdlets. The vSphere ESXi Image Builder server starts when your

run the first vSphere ESXi Image Builder cmdlet.

Install vSphere ESXi Image Builder and Prerequisite Software

Before you can run vSphere ESXi Image Builder cmdlets, you must install PowerCLI and all

prerequisite software. The vSphere ESXi Image Builder snap-in is included with the PowerCLI

installation.

VMware ESXi Installation and Setup

VMware by Broadcom 40

Prerequisites

If you want to manage vSphere ESXi Image Builder with PowerCLI cmdlets, verify that

Microsoft .NET Framework 4.5 or 4.5.x and Windows PowerShell 3.0 or 4.0 are installed on a

Microsoft Windows system. See thePowerCLI User's Guide.

Procedure

1 Open PowerShell on your workstation.

2 Download a version of PowerCLI later than PowerCLI 6.5R1 from the PowerCLI home page.

3 To install all PowerCLI modules, run the command: Install-Module VMware.PowerCLI -Scope

CurrentUser. Alternatively, you can install individual PowerCLI modules by running the Install-

Module cmdlet with the module name.If you see a warning that you are installing modules

from an untrusted repository, press y and then press Enter to confirm the installation.

You can verify that the PowerCLI module is available by using the command

Get-Module -Name VMware.PowerCLI -ListAvailable.

What to do next

Review Using VMware.Image Builder Cmdlets . If you are new to PowerCLI, read the

PowerCLIUser's Guide

Use vSphere ESXi Image Builder cmdlets and other PowerCLI cmdlets and PowerShell cmdlets

to manage image profiles and VIBs. Use Get-Help

cmdlet_name

at any time for command-line

help.

Configure the vSphere ESXi Image Builder

Before you can use vSphere ESXi Image Builder with the vSphere Client, you must verify that the

service is enabled and running.

Prerequisites

n Verify that you have enough storage for the vSphere Auto Deploy repository. The vSphere

Auto Deploy server uses the repository to store data it needs, including the rules and rule

sets you create and the VIBs and image profiles that you specify in your rules.

Best practice is to allocate 2 GB to have enough room for four image profiles and some extra

space. Each image profile requires approximately 400 MB. Determine how much space to

reserve for the vSphere Auto Deploy repository by considering how many image profiles you

expect to use.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere Auto Deploy service.

2 On the Auto Deploy page, select your vCenter Server from the drop-down menu at the top.

VMware ESXi Installation and Setup

VMware by Broadcom 41

3 Click Enable Image Builder to activate the service.

The Software Depot page appears.

What to do next

n Add a Software Depot.

n Import a Software Depot.

n Clone an Image Profile.

n Create an Image Profile.

n Prepare Your System for vSphere Auto Deploy.

n You can change the default configuration properties of the Image Builder Service. For more

information, see "Configuring vCenter Server" in the

vCenter Server and Host Management

documentation.

Using VMware.Image Builder Cmdlets

With VMware.Image Builder cmdlets, you can take advantage of all PowerCLI features.

VMware.Image Builder cmdlets are implemented as Microsoft PowerShell cmdlets and included

in PowerCLI. You can take advantage of all PowerCLI features by using VMware.Image Builder

cmdlets. Experienced PowerShell users can use VMware.Image Builder cmdlets just like other

PowerShell cmdlets. If you are new to PowerShell and PowerCLI, follow these tips.

You can type cmdlets, parameters, and parameter values in the PowerCLI shell.

n Get help for any cmdlet by running Get-Help cmdlet_name.

n Remember that PowerShell is not case sensitive.

n Use tab completion for cmdlet names and parameter names.

n Format any variable and cmdlet output by using Format-List or Format-Table or their short

forms fl or ft. See Get-Help Format-List.

n Use wildcards for searching and filtering VIBs and image profiles. All wildcard expressions are

supported.

Passing Parameters by Name

You can pass in parameters by name in most cases and surround parameter values that contain

spaces or special characters with double quotes.

Add-EsxSoftwarePackage -ImageProfile profile42 -SoftwarePackage "partner package 35"

VMware ESXi Installation and Setup

VMware by Broadcom 42

Passing Parameters as Objects

You can pass parameters as objects if you want to do scripting and automation. You can use the

technique with cmdlets that return multiple objects or with cmdlets that return a single object.

1 Bind the output of a cmdlet that returns multiple objects to a variable.

$profs = Get-EsxImageProfile

2 When you run the cmdlet that needs the object as input, access the object by position, with

the list starting with 0.

Add-EsxSoftwarePackage -ImageProfile $profs[4] -SoftwarePackage partner-pkg

The example adds the specified software package to the fifth image profile in the list returned by

Get-EsxImageProfile.

Most of the examples in the

vCenter Server Installation and Setup

documentation pass in

parameters by name. vSphere ESXi Image Builder Workflows with PowerCLI Cmdlets includes

examples that pass parameters as objects.

Using vSphere ESXi Image Builder with the vSphere Client

You can manage software packages (VIBs), image profiles, and software depots by using the

vSphere ESXi Image Builder service in the vSphere Client.

n Add a Software Depot

Before you can work with software depots and customize image profiles, you must add

one or more software depots to the vSphere ESXi Image Builder inventory. You can add a

software depot by using the vSphere Client.

n Import a Software Depot

If an offline depot is located on your local file system, import the ZIP file to the vSphere ESXi

Image Builder inventory.

n Clone an Image Profile

Use the vSphere Client to clone image profiles.

n Create an Image Profile

You can create a new image profile by using the vSphere Client instead of cloning an

existing one.

n Edit an Image Profile

You can edit image profiles by using the vSphere Client. You can change the name, details

and VIB list of an image profile.

n Compare Image Profiles

You can compare two image profiles by using the vSphere Client to check if they have the

same VIB list, version, or acceptance level.

VMware ESXi Installation and Setup

VMware by Broadcom 43

n Move an Image Profile to a Different Software Depot

You can move image profiles between custom depots by using the vSphere Client and

modify it without affecting the source depot's configuration.

n Export an Image Profile to ISO or Offline Bundle ZIP

You can export an image profile to an ISO image or a ZIP file by using the vSphere Client.

n Regenerate an Image Profile

If you use Auto Deploy to add stateful ESXi hosts to a cluster that you manage by using an

image, all hosts must have the same software specification.

Add a Software Depot

Before you can work with software depots and customize image profiles, you must add one or

more software depots to the vSphere ESXi Image Builder inventory. You can add a software

depot by using the vSphere Client.

Prerequisites

Verify that the vSphere ESXi Image Builder service is enabled and running. See Configure the

vSphere ESXi Image Builder.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere ESXi Image Builder

service.

2 On the Software Depots tab, click New.

The Add Software Depot window appears.

3 Select the type of depot that you want to create.

Option

Action

Online Depot a Enter a name of the depot in the inventory.

b Enter the URL of the online depot.

Custom Depot Enter the name of the depot in the inventory.

The VMware online software depot is located at https://hostupdate.vmware.com/

software/VUM/PRODUCTION/main/vmw-depot-index.xml

4 Click Add.

5 (Optional) Click the Software Packages tab to view the contents of the selected depot and

additional information about the packages.

6 (Optional) If you added an Online depot, you can also:

u Check for Updates to get the latest depot packages.

u Click More info to get additional depot details.

VMware ESXi Installation and Setup

VMware by Broadcom 44

Results

The software depot is added to the list.

What to do next

n You can associate an image profile with a new vSphere Auto Deploy rule to provision ESXi

hosts. See Create a Deploy Rule or Clone a Deploy Rule.

n You can associate an image profile with an ESXi host. See Add a Host to the vSphere Auto

Deploy Inventory.

n Edit the Image Profile Association of a Host.

n Remove a custom software depot.

Import a Software Depot

If an offline depot is located on your local file system, import the ZIP file to the vSphere ESXi

Image Builder inventory.

Prerequisites

If an offline depot is located on your local file system, you can import the ZIP file to the vSphere

ESXi Image Builder inventory by using the vSphere Client.

Verify that the vSphere ESXi Image Builder service is enabled and running. See Configure the

vSphere ESXi Image Builder.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere ESXi Image Builder

service.

2 On the Software Depots tab, click Import .

3 Enter the name of the software depot in the inventory.

4 Click Browse and select a ZIP file from the local system, that contains the software depot you

want to import.

5 Click Upload.

What to do next

n You can associate an image profile with a new vSphere Auto Deploy rule to provision ESXi

hosts. See Create a Deploy Rule or Clone a Deploy Rule.

n You can associate an image profile with an ESXi host. See Add a Host to the vSphere Auto

Deploy Inventory.

n Edit the Image Profile Association of a Host.

VMware ESXi Installation and Setup

VMware by Broadcom 45

Clone an Image Profile

Use the vSphere Client to clone image profiles.

Prerequisites

You can use the vSphere Client to clone image profiles. You can clone an image profile when you

want to make small changes to the VIB list in a profile, or if you want to use hosts from different

vendors and want to use the same basic profile, but want to add vendor-specific VIBs.

n Verify that the vSphere ESXi Image Builder service is enabled and running. See Configure the

vSphere ESXi Image Builder.

n Add or import a software depot to the vSphere ESXi Image Builder inventory. See Add a

Software Depot and Import a Software Depot.

n Verify that there is at least one custom depot in the vSphere ESXi Image Builder inventory.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere ESXi Image Builder

service.

2 On the Software Depots tab, use the drop-down menu to select the software depot that

contains the image profile that you want to work with.

3 From the list of image profiles in the depot, select the image profile that you want to clone

and click Clone.

4 Enter an image profile name, vendor, and description.

You must enter a unique image profile name.

5 From the Software depot drop-down menu, select in which custom depot to add the new

image profile.

6 Click Next.

The Select software packages page appears.

7 From the drop-down menu, select an acceptance level for the image profile.

The acceptance level of the VIBs you add to the base image must be at least as high as the

level of the base image. If you add a VIB with a lower acceptance level to the image profile,

you must lower the image profile acceptance level. For more information, see Working with

Acceptance Levels.

8 Select the VIBs that you want to add to the image profile and deselect the ones that you

want to remove, and click Next.

Note The image profile must contain a bootable ESXi image to be valid.

VMware ESXi Installation and Setup

VMware by Broadcom 46

vSphere ESXi Image Builder verifies that the change does not invalidate the profile. Some

VIBs depend on other VIBs and become invalid if you include them in an image profile

separately. When you add or remove a VIB, vSphere ESXi Image Builder checks whether the

package dependencies are met.

9 On the Ready to complete page, review the summary information for the new image profile

and click Finish.

What to do next

n You can associate an image profile with a new vSphere Auto Deploy rule to provision ESXi

hosts. See Create a Deploy Rule or Clone a Deploy Rule.

n You can associate an image profile with an ESXi host. See Add a Host to the vSphere Auto

Deploy Inventory.

n Edit the Image Profile Association of a Host.

Create an Image Profile

You can create a new image profile by using the vSphere Client instead of cloning an existing

one.

Prerequisites

You might consider creating a new image profile if it differs significantly from the image profiles

in your inventory.

n Verify that the vSphere ESXi Image Builder service is enabled and running. See Configure the

vSphere ESXi Image Builder.

n Add or import a software depot to the vSphere ESXi Image Builder inventory. See Add a

Software Depot and Import a Software Depot.

n Verify that there is at least one custom depot in the vSphere ESXi Image Builder inventory.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere ESXi Image Builder

service.

2 From the Software depot drop-down menu, select in which custom depot to add the new

image profile.

3 On the Image Profiles tab, click New Image Profile.

4 Enter an image profile name, vendor, and description.

You must enter a unique image profile name.

5 Click Next.

The Select software packages page appears.

VMware ESXi Installation and Setup

VMware by Broadcom 47

6 From the drop-down menu, select an acceptance level for the image profile.

The acceptance level of the VIBs you add to the base image must be at least as high as the

level of the base image. If you add a VIB with a lower acceptance level to the image profile,

you must lower the image profile acceptance level. For more information, see Working with

Acceptance Levels.

7 Select the VIBs that you want to add to the image profile and deselect the ones that you

want to remove, and click Next.

Note The image profile must contain a bootable ESXi image to be valid.

vSphere ESXi Image Builder verifies that the change does not invalidate the profile. Some

VIBs depend on other VIBs and become invalid if you include them in an image profile

separately. When you add or remove a VIB, vSphere ESXi Image Builder checks whether the

package dependencies are met.

8 On the Ready to complete page, review the summary information for the new image profile

and click Finish.

What to do next

n You can associate an image profile with a new vSphere Auto Deploy rule to provision ESXi

hosts. See Create a Deploy Rule or Clone a Deploy Rule.

n You can associate an image profile with an ESXi host. See Add a Host to the vSphere Auto

Deploy Inventory.

n Edit the Image Profile Association of a Host.

n Select and Delete an Image profile.

n View Software Packages for the selected image profile.

Edit an Image Profile

You can edit image profiles by using the vSphere Client. You can change the name, details and

VIB list of an image profile.

Prerequisites

n Verify that the vSphere ESXi Image Builder service is enabled and running. See Configure the

vSphere ESXi Image Builder.

n Add or import a software depot to the vSphere ESXi Image Builder inventory. See Add a

Software Depot and Import a Software Depot.

n Verify that there is at least one custom depot in the vSphere ESXi Image Builder inventory.

VMware ESXi Installation and Setup

VMware by Broadcom 48

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere ESXi Image Builder

service.

2 On the Software Depots tab, use the drop-down menu to select the software depot that

contains the image profile that you want to work with.

3 On the Image Profiles tab, select the image profile that you want to edit and click Edit.

The Edit Image Profile wizard appears.

4 (Optional) Change the name, vendor and description information of the image profile.

5 Click Next.

The Select software packages page appears.

6 From the drop-down menu, select an acceptance level for the image profile.

The acceptance level of the VIBs you add to the base image must be at least as high as the

level of the base image. If you add a VIB with a lower acceptance level to the image profile,

you must lower the image profile acceptance level. For more information, see

Working with

Acceptance Levels.

7 Select the VIBs that you want to add to the image profile and deselect the ones that you

want to remove, and click Next.

Note The image profile must contain a bootable ESXi image to be valid.

vSphere ESXi Image Builder verifies that the change does not invalidate the profile. Some

VIBs depend on other VIBs and become invalid if you include them in an image profile

separately. When you add or remove a VIB, vSphere ESXi Image Builder checks whether the

package dependencies are met.

8 On the Ready to complete page, review the summary information for the edited image profile

and click Finish.

What to do next

n You can associate an image profile with a new vSphere Auto Deploy rule to provision ESXi

hosts. See Create a Deploy Rule or Clone a Deploy Rule.

n You can associate an image profile with an ESXi host. See Add a Host to the vSphere Auto

Deploy Inventory.

n Edit the Image Profile Association of a Host.

Compare Image Profiles

You can compare two image profiles by using the vSphere Client to check if they have the same

VIB list, version, or acceptance level.

VMware ESXi Installation and Setup

VMware by Broadcom 49

Prerequisites

n Verify that the vSphere ESXi Image Builder service is enabled and running. See Configure the

vSphere ESXi Image Builder.

n Add or import a software depot to the vSphere ESXi Image Builder inventory. See Add a

Software Depot and Import a Software Depot.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere ESXi Image Builder

service.

2 On the Software Depots tab, use the drop-down menu to select the software depot that

contains the image profile that you want to work with.

3 On the Image Profiles tab, select an image profile and click Compare To.

The Compare Image Profile wizard appears.

4 Click Change to select a second image profile.

The Select Image Profile page appears.

5 Select a software depot from the drop-down menu and click on the second image profile.

6 In the Compare Image Profile page, select a comparison option from the Software packages

drop-down menu.

The left side of the list displays details of the VIBs that the first chosen image profile contains.

The right part of the list provides information about the second image profile. The VIBs

marked as Same are identical in both profiles. VIBs that are present in one of the image

profiles are marked as Missing next to the image profile that they are not present in.

Move an Image Profile to a Different Software Depot

You can move image profiles between custom depots by using the vSphere Client and modify it

without affecting the source depot's configuration.

Prerequisites

n Verify that the vSphere ESXi Image Builder service is enabled and running. See Configure the

vSphere ESXi Image Builder.

n Add or import a software depot to the vSphere ESXi Image Builder inventory. See Add a

Software Depot and Import a Software Depot.

n Verify that there is at least one custom depot in the vSphere ESXi Image Builder inventory.

VMware ESXi Installation and Setup

VMware by Broadcom 50

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere ESXi Image Builder

service.

2 On the Software Depots tab, use the drop-down menu to select the software depot that

contains the image profile that you want to work with.

3 On the Image Profiles tab, select an image profile and click Move to.

4 From the drop-down menu, select the custom depot in which you want to move the image

profile.

5 Click OK.

Results

The image profile is in the new software depot.

Export an Image Profile to ISO or Offline Bundle ZIP

You can export an image profile to an ISO image or a ZIP file by using the vSphere Client.

Prerequisites

You can export an image profile to an ISO image or a ZIP file by using the vSphere Client.

You can use the ISO image as an ESXi installer or to upgrade hosts with vSphere Lifecycle

Manager. The ZIP file contains metadata and the VIBs of the image profile. You can use it for ESXi

upgrades or as an offline depot.

n Verify that the vSphere ESXi Image Builder service is enabled and running. See Configure the

vSphere ESXi Image Builder.

n Add or import a software depot to the vSphere ESXi Image Builder inventory. See Add a

Software Depot and Import a Software Depot.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere ESXi Image Builder

service.

2 On the Software Depots tab, use the drop-down menu to select the software depot that

contains the image profile that you want to work with.

3 On the Image Profiles tab, select the image profile that you want to export and click Export.

The Export Image Profile window appears.

VMware ESXi Installation and Setup

VMware by Broadcom 51

4 Select the type of the exported file.

Option Description

ISO Exports the image profile to a bootable ISO image. If you want to create an

ISO image that you can burn to a CD or DVD and use to start a stateless

ESXi instance, select the Do not include an installer on the ISO check box.

ZIP Exports the image profile to a ZIP file.

5 (Optional) If you want to bypass the acceptance level verification of the image profile, select

Skip acceptance level checking.

6 Click Ok.

The Download link starts generating in the "Download Image Profiles" column of the selected

image profile.

7 When the image generates successfully, click Download to save the exported file.

What to do next

n You can associate an image profile with a new vSphere Auto Deploy rule to provision ESXi

hosts. See Create a Deploy Rule or Clone a Deploy Rule.

n You can associate an image profile with an ESXi host. See Add a Host to the vSphere Auto

Deploy Inventory.

n Edit the Image Profile Association of a Host.

Regenerate an Image Profile

If you use Auto Deploy to add stateful ESXi hosts to a cluster that you manage by using an

image, all hosts must have the same software specification.

When an Auto Deploy rule is created and the target cluster is managed by an image, a Preboot

Execution Environment (PXE) image is created based on the image specification of the cluster.

The generated PXE image is cached and is not automatically updated. As a result, if you modify

the image specification in the vSphere Lifecycle Manager, you must update the PXE image

manually.

For information how to create a rule to add hosts to a cluster managed by an image, see

Use

Auto Deploy to Add a Host to a Cluster Managed by an Image

from the

vSphere Lifecycle

Manager

documentation.

Prerequisites

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere Auto Deploy service.

VMware ESXi Installation and Setup

VMware by Broadcom 52

2 On the Deploy Rules tab, select the desired rule.

You must select a rule, which matches ESXi hosts to a cluster that you manage by an image.

3 If the rule is active, first you must deactivate the rule.

a Click the Activate/Deactive Rules tab

b In the dialog box, select the rule.

c In the dialog box, select Deactivate and click OK.

4 Select Reacreate Image Profile and in the confirmation dialog box, click Recreate.

5 (Optional) Activate the rule again.

a Click the Activate/Deactive Rules tab

b In the dialog box, select the rule.

c In the dialog box, select Activate and click OK.

Results

The PXE image is running the latest image specification.

Using vSphere ESXi Image Builder with PowerCLI Cmdlets

The VMware.Image Builder component of VMware PowerCLI provides cmdlets that allow you to

manipulate software depots, image profiles, and VIBs.

Clone an Image Profile with PowerCLI Cmdlets

Cloning a published profile is the easiest way to create a custom image profile. Cloning a profile is

especially useful if you want to remove a few VIBs from a profile, or if you want to use hosts from

different vendors and want to use the same basic profile, but want to add vendor-specific VIBs.

VMware partners or large installations might consider creating a new profile.

Prerequisites

n Install the PowerCLI and all prerequisite software. See vSphere ESXi Image Builder Installation

and Usage.

n Verify that you have access to the software depot that contains the image profile you want

to clone.

VMware ESXi Installation and Setup

VMware by Broadcom 53

Procedure

1 In a PowerCLI session, run the Add-EsxSoftwareDepot cmdlet for each depot you want to

work with.

Option Action

Remote depot Run Add-EsxSoftwareDepot -DepotUrl <depot_url>.

ZIP file a Download the ZIP file to a local file system.

b Run Add-EsxSoftwareDepot -DepotUrl C:\<file_path>\<offline-

bundle>.zip

The cmdlet returns one or more SoftwareDepot objects.

2 (Optional) Run the Get-EsxImageProfile cmdlet to find the name of the profile that you

want to clone.

You can use filtering options with Get-EsxImageProfile.

3 Run the New-EsxImageProfile cmdlet to create the new profile and use the

-CloneProfile parameter to specify the profile you want to clone.

New-EsxImageProfile -CloneProfile My_Profile -Name "Test Profile 42"

This example clones the profile named

My_Profile

and assigns it the name Test Profile 42.

You must specify a unique combination of name and vendor for the cloned profile.

What to do next

See Examine Depot Contents for some examples of filtering.

Customize the image profile by adding or removing VIBs. See Add VIBs to an Image Profile with

PowerCLI Cmdlets.

Add VIBs to an Image Profile with PowerCLI Cmdlets

You can add one or more VIBs to an image profile if that image profile is not set to read only.

If the new VIB depends on other VIBs or conflicts with other VIBs in the profile, a message is

displayed at the PowerShell prompt and the VIB is not added.

You can add VIBs from VMware or from VMware partners to an image profile. If you add VMware

VIBs, vSphere ESXi Image Builder performs validation. If you add VIBs from two or more OEM

partners simultaneously, no errors are reported but the resulting image profile might not work.

Install VIBs from only one OEM vendor at a time.

If an error about acceptance level problems appears, change the acceptance level of the image

profile and the acceptance level of the host. Consider carefully whether changing the host

acceptance level is appropriate. VIB acceptance levels are set during VIB creation and cannot

be changed.

VMware ESXi Installation and Setup

VMware by Broadcom 54

You can add VIBs even if the resulting image profile is invalid.

Note VMware can support only environments and configurations that are proven to be

stable and fully functional through rigorous and extensive testing. Use only those supported

configurations. You can use custom VIBs if you lower your host acceptance level, and as a result,

supportability. In that case, track the changes you made, so you can revert them if you want to

remove custom VIBs and restore the host acceptance level to the default (Partner Supporter)

later. See Working with Acceptance Levels.

Prerequisites

Install the PowerCLI and all prerequisite software. See Install vSphere ESXi Image Builder and

Prerequisite Software

Procedure

1 In a PowerCLI session, run the Add-EsxSoftwareDepot cmdlet for each depot you want to

work with.

Option Action

Remote depot Run Add-EsxSoftwareDepot -DepotUrl <depot_url>.

ZIP file a Download the ZIP file to a local file system.

b Run Add-EsxSoftwareDepot -DepotUrl C:\<file_path>\<offline-

bundle>.zip

The cmdlet returns one or more SoftwareDepot objects.

2 Run the Get-EsxImageProfile cmdlet to list all image profiles in all currently visible depots.

The cmdlet returns all available profiles. You can narrow your search by using the optional

arguments to filter the output.

3 Clone the profile.

New-EsxImageProfile -CloneProfile My_Profile -Name "Test Profile 42" -Vendor "My Vendor"

Image profiles published by VMware and its partners are read only. To make changes, you

must clone the image profile. The vendor parameter is required.

4 Run the Add-EsxSoftwarePackage cmdlet to add a new package to one of the image

profiles.

Add-EsxSoftwarePackage -ImageProfile My_Profile -SoftwarePackage partner-package

The cmdlet runs the standard validation tests on the image profile. If validation succeeds, the

cmdlet returns a modified, validated image profile. If the VIB that you want to add depends

on a different VIB, the cmdlet displays that information and includes the VIB that can resolve

the dependency. If the acceptance level of the VIB that you want to add is lower than the

image profile acceptance level, an error occurs.

VMware ESXi Installation and Setup

VMware by Broadcom 55

Export an Image Profile to an ISO or Offline Bundle ZIP with PowerCLI Cmdlets

You can export an image profile to an ISO image or a ZIP file of component files and folders. You

cannot create both by running the cmdlet once. You can use the ISO image as an ESXi installer or

upload the ISO into vSphere Lifecycle Manager for upgrades.

Prerequisites

Install the PowerCLI and all prerequisite software. See Install vSphere ESXi Image Builder and

Prerequisite Software.

Procedure

1 In a PowerCLI session, run the Add-EsxSoftwareDepot cmdlet for each depot you want to

work with.

Option Action

Remote depot Run Add-EsxSoftwareDepot -DepotUrl <depot_url>.

ZIP file a Download the ZIP file to a local file system.

b Run Add-EsxSoftwareDepot -DepotUrl C:\<file_path>\<offline-

bundle>.zip

The cmdlet returns one or more SoftwareDepot objects.

2 Run Export-EsxImageProfile to export the image profile.

Export Format

Cmdlet

ISO images Export-EsxImageProfile with the -ExportToIso parameter

Offline depot ZIP files Export-EsxImageProfile with the -ExportToBundle parameter

Results

For the ISO image, vSphere ESXi Image Builder validates VIB signatures, adds VIB binaries to the

image, and downloads the image to the specified location. For the ZIP file, vSphere ESXi Image

Builder validates VIB signatures and downloads the VIB binaries to the specified location.

Example: Exporting an Image Profile

Follow these steps to export an image profile to an ISO image.

1 Add the software depot.

Add-EsxSoftwareDepot -DepotUrl url_or_file

2 View all available image profiles to find the name of the image profile to export.

Get-EsxImageProfile

3 Export the image profile.

Export-EsxImageProfile -ImageProfile "myprofile" -ExportToIso -FilePath iso_name

VMware ESXi Installation and Setup

VMware by Broadcom 56

Follow these steps to export an image profile to a ZIP file of component files and folders.

1 Add the software depot.

Add-EsxSoftwareDepot -DepotUrl url_or_file

2 View all available image profiles to find the name of the image profile to export.

Get-EsxImageProfile

3 Export the image profile.

Export-EsxImageProfile -ImageProfile "myprofile" -ExportToBundle -FilePath C:\my_bundle.zip

What to do next

Use the ISO image in an ESXi installation or upload the ISO image into vSphere Lifecycle Manager

to perform upgrades.

Use the ZIP file to upgrade an ESXi installation.

n Import the ZIP file into vSphere Lifecycle Manager for use with patch baselines.

n Download the ZIP file to an ESXi host or a datastore and run esxcli software vib

commands to import the VIBs in the ZIP file.

See the

vSphere Upgrade

documentation.

Create a Custom ESXi ISO Image with PowerCLI Cmdlets

With ESXi Image Builder, you can customize an ESXi image profile, but not combine content

from different depots to generate an ISO image. Starting with VMware PowerCLI 12.0, you can

customize ISO images by using content from multiple software depots and a custom software

specification.

For upgrades to ESXi 7.0 and later, the New-IsoImage cmdlet preserves additional metadata

for ESXi 7.0.x required by the vSphere Lifecycle Manager, such as base image, addon and

component. This additional metadata is not part of ISO images that you can export by using the

legacy ESXi Image Builder cmdlets.

Prerequisites

Install VMware PowerCLI 12.0 or later.

Verify that you have access to the software depot that contains the software specification that

you want to use.

VMware ESXi Installation and Setup

VMware by Broadcom 57

Procedure

1 Gather the required information for the software specification that you use to create a

custom ISO image.

a Get the base image version for the required patch or upgrade by running the Get-

DepotBaseImages cmdlet:

PS C:\> Get-DepotBaseImages -Depot C:\VMware-ESXi-7.0U2a-17867351-depot.zip

The command output is:

Version Vendor

Release date

------- ------

------------

7.0.2-0.0.17867351 VMware, Inc.

04/29/2021 00:00:00

b Get other packages, such as OEM addons, with cmdlets used with new metadata in

software depots. For example:

PS C:\> Get-DepotAddons -Depot C:\addon-depot.zip

The command output is:

Name Version ID

Vendor Release date

---- ------- --

------ ------------

testaddonv1 1.0.0-1 testaddonv1:1.0.0-1 ESXLifecycle

QE 02/20/2019 18:28:23

You can also list all components in a sofware depot with the Get-DepotComponents cmdlet:

PS C:\> Get-DepotComponents -Depot C:\Intel-

i40en_1.12.3.0-1OEM.700.1.0.15843807_18058526.zip

The command output is:

Name Version

ID Vendor

---- -------

-- ------

Intel-i40en 1.12.3.0-1OEM.700.1.0.15843807 Intel-

i40en:1.12.3.0-1OEM.700.1.0.15843807 Intel

You can use any number and combination of online and offline software depots.

2 Create a software specification. For example:

{

"base_image": {

VMware ESXi Installation and Setup

VMware by Broadcom 58

"version": "7.0.2-0.0.17867351"

"add_on": {

"name": "testaddonv1",

"version": "1.0.0-1"

"components": {

"Intel-i40en": "1.12.3.0-1OEM.700.1.0.15843807"

}

The software specification is a JSON file that contains information about the ESXi base image

and additional packages, such as a vendor add-on.

3 Generate a custom ISO image by running the New-IsoImage cmdlet with the parameters

Depots,SoftwareSpec and Destination. For example:

New-IsoImage -Depots “c:\temp\VMware-ESXi-7.0U1d-17551050-depot.zip” ,

“c:\temp\HPE-701.0.0.10.6.5.12-Jan2021-Synergy-Addon-depot.zip” -SoftwareSpec

“c:\temp\HPE-70U1d-custom.JSON” -Destination “c:\temp\HPE-70U1d-custom.iso”

The depot(s) include the path to the zip files for the supported ESXi version and vendor

add-on. The destination include the path and file name for the custom ISO file.

You can pass additional kernel options, create a live image, overwrite existing files, or

check acceptance levels for individual VIBs used during the creation of the image. For

more information about the New-IsoImage cmdlet, see https://code.vmware.com/docs/11794/

cmdletreference/doc/New-IsoImage.html.

What to do next

You can import the new ISO image to the vSphere Lifecycle Manager depot, so that you can

create upgrade baselines, which you use for host upgrade operations.

Create a Custom PXE Image with PowerCLI Cmdlets

Starting with VMware PowerCLI 12.0, you can create a custom PXE image by using any software

depot and a custom software specification.

Prerequisites

Install VMware PowerCLI 12.0 or later.

Verify that you have access to the software depot that contains the software specification you

want to use.

VMware ESXi Installation and Setup

VMware by Broadcom 59

Procedure

1 Gather the required information for the software specification that you use to create a

custom PXE image.

a Get the base image version for the required patch or upgrade by running the Get-

DepotBaseImages cmdlet:

PS C:\> Get-DepotBaseImages -Depot C:\VMware-ESXi-7.0U2a-17867351-depot.zip

The command output is:

Version Vendor

Release date

------- ------

------------

7.0.2-0.0.17867351 VMware, Inc.

04/29/2021 00:00:00

b Get other packages, such as OEM addons, with cmdlets used with new metadata in

software depots. For example:

PS C:\> Get-DepotAddons -Depot C:\addon-depot.zip

The command output is:

Name Version ID

Vendor Release date

---- ------- --

------ ------------

testaddonv1 1.0.0-1 testaddonv1:1.0.0-1 ESXLifecycle

QE 02/20/2019 18:28:23

You can also list all components in a sofware depot with the Get-DepotComponents cmdlet:

PS C:\> Get-DepotComponents -Depot C:\Intel-

i40en_1.12.3.0-1OEM.700.1.0.15843807_18058526.zip

The command output is:

Name Version

ID Vendor

---- -------

-- ------

Intel-i40en 1.12.3.0-1OEM.700.1.0.15843807 Intel-

i40en:1.12.3.0-1OEM.700.1.0.15843807 Intel

You can use any number and combination of online and offline software depots.

2 Create a software specification. For example:

{

"base_image": {

VMware ESXi Installation and Setup

VMware by Broadcom 60

"version": "7.0.2-0.0.17867351"

"add_on": {

"name": "testaddonv1",

"version": "1.0.0-1"

"components": {

"Intel-i40en": "1.12.3.0-1OEM.700.1.0.15843807"

}

The software specification is a JSON file that contains information about the ESXi base image

and additional packages, such as a vendor add-on.

3 Generate a custom PXE image by running the New-PxeImage cmdlet with the parameters

Depots,SoftwareSpec and Destination. For example:

New-PxeImage -Depots “c:\temp\VMware-ESXi-7.0U1d-17551050-depot.zip” ,

“c:\temp\HPE-701.0.0.10.6.5.12-Jan2021-Synergy-Addon-depot.zip” -SoftwareSpec

“c:\temp\HPE-70U1d-custom.JSON” –Destination “C:\pxe-image”

The depot(s) include the path to the zip files for the supported ESXi version and vendor

add-on. The destination include the path and file name for the custom PXE file.

You can pass additional kernel options, create a live image, overwrite existing files, or

check acceptance levels for individual VIBs used during the creation of the image. For

more information about the New-PxeImage cmdlet, see https://code.vmware.com/docs/11794/

cmdletreference/doc/New-PxeImage.html.

What to do next

You can use the PXE image in remediation workflows of PXE booted ESXi hosts.

Preserve Image Profiles Across Sessions with PowerCLI

You can export the image profile to a ZIP file software depot and add that depot in the next

session.

Prerequisites

When you create an image profile and exit the PowerCLI session, the image profile is no longer

available when you start a new session. You can export the image profile to a ZIP file software

depot, and add that depot in the next session.

Install the PowerCLI and all prerequisite software. See Install vSphere ESXi Image Builder and

Prerequisite Software.

Procedure

1 In a PowerCLI session, create an image profile, for example by cloning an existing image

profile and adding a VIB.

VMware ESXi Installation and Setup

VMware by Broadcom 61

2 Export the image profile to a ZIP file by calling Export-EsxImageProfile with the

ExportToBundle parameter.

Export-EsxImageProfile -ImageProfile "my_profile" -ExportToBundle -FilePath

"C:\isos\temp-base-plus-vib25.zip"

3 Exit the PowerCLI session.

4 When you start a new PowerCLI session, add the depot that contains your image profile to

access it.

Add-EsxSoftwareDepot "C:\isos\temp-base-plus-vib25.zip"

Compare Image Profiles with PowerCLI Cmdlets

You can compare two image profiles by using the Compare-EsxImageProfile cmdlet, for

example, to see if they have the same VIB list or acceptance level . Comparing image profiles

or their properties is also possible by using the PowerShell comparison operators.

Prerequisites

Install the PowerCLI and all prerequisite software. See Install vSphere ESXi Image Builder and

Prerequisite Software.

Procedure

1 In a PowerCLI session, run the Add-EsxSoftwareDepot cmdlet for each depot you want to

work with.

Option

Action

Remote depot Run Add-EsxSoftwareDepot -DepotUrl <depot_url>.

ZIP file a Download the ZIP file to a local file system.

b Run Add-EsxSoftwareDepot -DepotUrl C:\<file_path>\<offline-

bundle>.zip

The cmdlet returns one or more SoftwareDepot objects.

2 (Optional) Run the Get-EsxImageProfile cmdlet to view a list of all image profiles in all

available depots.

In the list, you can locate the names of the image profiles you want to compare.

3 Before comparing the image profiles, assign them to variables.

For example, you can create variables $imageProfile1 and $imageProfile2 to hold the

names of the compared images profiles.

$imageProfile1

= Get-EsxImageProfile -Name "ImageProfile1"

$imageProfile2

= Get-EsxImageProfile -Name "ImageProfile2"

VMware ESXi Installation and Setup

VMware by Broadcom 62

4 Compare the two image profiles by using the Compare-EsxImageProfile cmdlet or the -eq

comparison operator, which returns a Boolean value.

n Compare the two image profiles to get a full description of the differences by using the

Compare-EsxImageProfile cmdlet.

Compare-EsxImageProfile -ReferenceProfile

$imageProfile1 -ComparisonProfile $imageProfile2

n Compare the two image profiles by VIB list and acceptance level using the -eq

comparison operator.

if ($imageProfile1 -eq $imageProfile2) {

Write-host "Successfully verified that both image profiles are equal."

} else {

Write-host "Failed to verify that the image profiles are equal."

}

n Compare the two image profiles by a specific property using the -eq comparison

operator.

if ($imageProfile1.vendor -eq $imageProfile2.vendor) {

Write-host "Successfully verified that both image profiles are equal."

} else {

Write-host "Failed to verify that the image profiles are equal."

}

Compare VIBs with PowerCLI Cmdlets

You can compare two VIBs or their properties by using the PowerShell comparison operators.

Prerequisites

Install the PowerCLI and all prerequisite software. See Install vSphere ESXi Image Builder and

Prerequisite Software.

Procedure

1 In a PowerCLI session, run the Add-EsxSoftwareDepot cmdlet for each depot you want to

work with.

Option

Action

Remote depot Run Add-EsxSoftwareDepot -DepotUrl <depot_url>.

ZIP file a Download the ZIP file to a local file system.

b Run Add-EsxSoftwareDepot -DepotUrl C:\<file_path>\<offline-

bundle>.zip

The cmdlet returns one or more SoftwareDepot objects.

2 (Optional) Run the Get-EsxSoftwarePackage cmdlet to view all available VIBs.

In the list, you can locate the names of the VIBs you want to compare.

VMware ESXi Installation and Setup

VMware by Broadcom 63

3 Before comparing the VIBs, assign them to variables.

For example, you can create variables $vib1 and $vib2 to hold the names of the compared

VIBs.

$vib1 = Get-EsxSoftwarePackage -Name "ReferenceVIB"

$vib2 = Get-EsxSoftwarePackage -Name "ComparisonVIB"

4 Use a comparison operator to compare the VIBs by contents and acceptance level or by a

specific property.

n Compare the two VIBs by their contents and acceptance level.

if ($vib1 -eq $vib2) {

Write-host "Successfully verified that both VIBs are equal."

} else {

Write-host "Failed to verify that the VIBs are equal."

}

n Compare a specific property of the VIBs by using a comparison operator such as -eq, -lt,

-le, -gt, or -ge.

if ($vib1.VersionObject -lt $vib2.VersionObject) {

Write-host "Successfully verified that both the VIBs are equal."

} else {

Write-host "Failed to verify that the VIBs are equal."

}

Working with Acceptance Levels

Hosts, image profiles, and individual VIBs have acceptance levels. VIB acceptance levels show

how the VIB was tested. Understanding what each acceptance level implies, how to change

levels, and what a change implies is an important part of installation and update procedures.

Acceptance levels are set for hosts, image profiles, and individual VIBs. The default acceptance

level for an ESXi image or image profile is PartnerSupported.

Host acceptance levels

The host acceptance level determines which VIBs you can install on a host. You can change

a host's acceptance level with ESXCLI commands. By default, ESXi hosts have an acceptance

level of PartnerSupported to allow for easy updates with PartnerSupported VIBs.

Note VMware supports hosts at the PartnerSupported acceptance level. For problems

with individual VIBs with PartnerSupported acceptance level, contact your partner's support

organization.

Image profile acceptance levels

The image profile acceptance level is set to the lowest VIB acceptance level in the image

profile. If you want to add a VIB with a low acceptance level to an image profile, you can

VMware ESXi Installation and Setup

VMware by Broadcom 64

change the image profile acceptance level with the Set-EsxImageProfile cmdlet. See Set

the Image Profile Acceptance Level.

The vSphere Lifecycle Manager does not display the actual acceptance level. Use vSphere

ESXi Image Builder cmdlets to retrieve the acceptance level information for VIBs and image

profiles.

VIB acceptance levels

A VIB's acceptance level is set when the VIB is created. Only the VIB creator can set the

acceptance level.

If you attempt to provision a host with an image profile or VIB that has a lower acceptance

level than the host, an error occurs. Change the acceptance level of the host to install the image

profile or VIB. See Change the Host Acceptance Level. Changing the acceptance level of the host

changes the support level for that host.

The acceptance level of a host, image profile, or VIB lets you determine who tested the VIB and

who supports the VIB. VMware supports the following acceptance levels .

VMwareCertified

The VMwareCertified acceptance level has the most stringent requirements. VIBs with this

level go through thorough testing fully equivalent to VMware in-house Quality Assurance

testing for the same technology. Today, only I/O Vendor Program (IOVP) program drivers are

published at this level. VMware takes support calls for VIBs with this acceptance level.

VMwareAccepted

VIBs with this acceptance level go through verification testing, but the tests do not fully test

every function of the software. The partner runs the tests and VMware verifies the result.

Today, CIM providers and PSA plug-ins are among the VIBs published at this level. VMware

directs support calls for VIBs with this acceptance level to the partner's support organization.

PartnerSupported

VIBs with the PartnerSupported acceptance level are published by a partner that VMware

trusts. The partner performs all testing. VMware does not verify the results. This level is used

for a new or nonmainstream technology that partners want to enable for VMware systems.

Today, driver VIB technologies such as Infiniband, ATAoE, and SSD are at this level with

nonstandard hardware drivers. VMware directs support calls for VIBs with this acceptance

level to the partner's support organization.

CommunitySupported

The CommunitySupported acceptance level is for VIBs created by individuals or companies

outside of VMware partner programs. VIBs at this level have not gone through any VMware-

approved testing program and are not supported by VMware Technical Support or by a

VMware partner.

VMware ESXi Installation and Setup

VMware by Broadcom 65

Change the Host Acceptance Level

You can lower the host acceptance level to match the acceptance level for a VIB or image profile

you want to install.

The acceptance level of each VIB on a host must be at least as high as the acceptance level of

the host. For example, you cannot install a VIB with PartnerSupported acceptance level on a host

with VMwareAccepted acceptance level. You must first lower the acceptance level of the host.

For more information on acceptance levels, see Acceptance Levels.

Warning Changing the host acceptance level to CommunitySupported affects the supportability

of your host and might affect the security of your host.

Prerequisites

Install ESXCLI. See

Getting Started with ESXCLI

. For troubleshooting, run esxcli commands in

the ESXi Shell.

Procedure

1 Retrieve the acceptance level for the VIB or image profile.

Option Description

View information for all VIBs esxcli --server=server_name software

sources vib list --depot=depot_URL

View information for a specified VIB esxcli --server=server_name software

sources vib list --viburl=vib_URL

View information for all image

profiles

esxcli --server=server_name software

sources profile list --

depot=depot_URL

View information for a specified

image profile

esxcli --server=server_name software

sources profile get --depot=depot_URL

--profile=profile_name

2 View the host acceptance level.

esxcli --server=server_name software acceptance get

3 Change the acceptance level of the host.

esxcli

--server=server_name software acceptance set --level=acceptance_level

VMware ESXi Installation and Setup

VMware by Broadcom 66

The value for

acceptance_level

can be VMwareCertified, VMwareAccepted, PartnerSupported,

or CommunitySupported. The values for

acceptance_level

are case-sensitive.

Note If the host has a higher acceptance level than the VIB or image profile you want

to add, you can run commands in the

esxcli software vib or esxcli software profile

namespace with the --force option. When you use the --force option, a warning appears

because you enforce a VIB or image profile with lower acceptance level than the acceptance

level of the host and your setup is no longer consistent. The warning is repeated when

you install VIBs, remove VIBs, or perform certain other operations on the host that has

inconsistent acceptance levels.

Set the Image Profile Acceptance Level

If you want to add a VIB to an image profile, and the acceptance level of the VIB is lower

than that of the image profile, you can clone the image profile with a lower acceptance level or

change the image profile's acceptance level.

You can specify VMwareCertified, VMwareAccepted, PartnerSupported, or

CommunitySupported as an acceptance level of an image profile. If you lower the acceptance

level, the level of support for the image profile and hosts that you provision with it changes. For

more information, see Acceptance Levels.

Prerequisites

Install PowerCLI and all prerequisite software. See Install vSphere ESXi Image Builder and

Prerequisite Software.

Procedure

1 In a PowerCLI session, run the Add-EsxSoftwareDepot cmdlet for each depot you want to

work with.

Option

Action

Remote depot Run Add-EsxSoftwareDepot -DepotUrl <depot_url>.

ZIP file a Download the ZIP file to a local file system.

b Run Add-EsxSoftwareDepot -DepotUrl C:\<file_path>\<offline-

bundle>.zip

The cmdlet returns one or more SoftwareDepot objects.

2 Get the acceptance level for the image profile.

Get-EsxImageProfile -Name string

3 Set the acceptance level of the image profile.

Set-EsxImageProfile -Name string -AcceptanceLevel level

VMware ESXi Installation and Setup

VMware by Broadcom 67

vSphere ESXi Image Builder Workflows with PowerCLI Cmdlets

vSphere ESXi Image Builder workflows are examples for cmdlet use and do not represent actual

tasks.

vSphere ESXi Image Builder workflows are examples for cmdlet use. Workflows do not

represent actual tasks, but illustrate how you might explore different ways of using a cmdlet.

Administrators trying out the workflows benefit from some experience with PowerCLI, Microsoft

PowerShell, or both.

Examine Depot Contents

You can examine software depots and VIBs with vSphere ESXi Image Builder cmdlets. You can

use wildcards to examine depot contents. All wildcard expressions are supported.

The workflow itself passes parameters by name. However, you can pass parameters as objects

by accessing variables.

You can use filtering options and wildcard expressions to examine depot contents.

Prerequisites

Verify that PowerCLI and prerequisite software is installed. See Install vSphere ESXi Image Builder

and Prerequisite Software.

Procedure

1 In a PowerCLI session, run the Add-EsxSoftwareDepot cmdlet for each depot you want to

work with.

Option

Action

Remote depot Run Add-EsxSoftwareDepot -DepotUrl <depot_url>.

ZIP file a Download the ZIP file to a local file system.

b Run Add-EsxSoftwareDepot -DepotUrl C:\<file_path>\<offline-

bundle>.zip

The cmdlet returns one or more SoftwareDepot objects.

2 Retrieve image profiles.

You can filter by vendor, name, and acceptance level.

n Get-EsxImageProfiles

Returns an array of ImageProfile objects from all depots you added to the session.

n Get-EsxImageProfile -Vendor "C*"

Returns all image profiles created by a vendor with a name that starts with the letter C.

VMware ESXi Installation and Setup

VMware by Broadcom 68

3 Retrieve software packages by using the Get-EsxSoftwarePackage cmdlet.

You can filter, for example by vendor or version, and you can use the standard PowerShell

wildcard characters.

n Get-EsxSoftwarePackage -Vendor "V*"

Returns all software packages from a vendor with a name that starts with the letter V.

n Get-EsxSoftwarePackage -Vendor "V*" -Name "*scsi*"

Returns all software packages with a name that contains the string scsi in it from a

vendor with a name that starts with the letter V.

n Get-EsxSoftwarePackage -Version "2.0*"

Returns all software packages with a version string that starts with 2.0.

4 Use -Newest to find the latest package.

Get-EsxSoftwarePackage -Vendor "V*" -Newest

Returns the newest package for the vendors with a name that starts with the letter V, and

displays the information as a table.

n Get-EsxSoftwarePackage -Vendor "V*" -Newest | format-list

Returns detailed information about each software package by using a pipeline to link the

output of the request for software packages to the PowerShell format-list cmdlet.

5 View the list of VIBs in the image profile.

(Get-EsxImageProfile -Name "Robin's Profile").VibList

VibList is a property of the ImageProfile object.

6 Retrieve software packages released before or after a certain date by using the

CreatedBefore or CreatedAfter parameter.

Get-EsxSoftwarePackage -CreatedAfter 7/1/2010

Example: Depot Content Examination Using Variables

This workflow example examines depot contents by passing in parameters as objects accessed

by position in a variable, instead of passing in parameters by name. You can run the following

commands in sequence from the PowerCLI prompt. Replace names with names that are

appropriate in your installation.

Get-EsxSoftwarePackage -Vendor "V*"

Get-EsxSoftwarePackage -Vendor "V*" -Name "r*"

Get-EsxSoftwarePackage -Version "2.0*"

VMware ESXi Installation and Setup

VMware by Broadcom 69

$ip1 = Get-EsxImageProfile -name ESX-5.0.0-123456-full

$ip1.VibList

Get-EsxSoftwarePackage -CreatedAfter 7/1/2010

Create Image Profiles by Cloning Workflow

You can use vSphere ESXi Image Builder cmdlets to check which depots are available, to add a

depot, to view image profile information, and to create a new image profile by cloning one of the

available image profiles.

Published profiles are usually read-only and cannot be modified. Even if a published profile is

not read-only, cloning instead of modifying the profile is a best practice, because modifying the

original profile erases the original. You cannot revert to the original, unmodified profile except by

reconnecting to a depot.

A profile cloning workflow might include checking the current state of the system, adding a

software depot, and cloning the profile.

Prerequisites

Verify that PowerCLI and prerequisite software is installed. See Install vSphere ESXi Image Builder

and Prerequisite Software.

Procedure

1 In a PowerShell window, check whether any software depots are defined for the current

session.

$DefaultSoftwareDepots

PowerShell returns the currently defined depots, or nothing if you just started PowerShell.

2 If the depot containing the profile that you want to clone does not appear in the results, add

it to the current session.

Option

Action

Remote depot Run Add-EsxSoftwareDepot -DepotUrl depot_url.

ZIP file a Download the ZIP file to a local file path.

b Run Add-EsxSoftwareDepot -DepotUrl C:\file_path\offline-

bundle.zip

PowerShell adds the specified depot to your current session and lists all current depots.

3 (Optional) Check the $DefaultSoftwareDepots variable, which now returns the newly added

depot.

4 View all available image profiles.

Get-EsxImageProfile

VMware ESXi Installation and Setup

VMware by Broadcom 70

5 To clone an image profile, enter its name, a new name for the new profile, and a name of the

vendor.

$ip = New-EsxImageProfile -CloneProfile base-tbd-v1 -Name "Test Profile 42" -Vendor

"Vendor20"

6 (Optional) View the newly created image profile, $ip.

PowerShell returns the information about the image profile in tabular format.

Name Vendor Last Modified Acceptance Level

---- ------ ------------- ----------------

Test Profile 42 Vendor20 9/15/2010 5:45:43... PartnerSupported

Example: Creating Image Profile by Cloning Using Variables

This workflow example repeats the steps of this workflow by passing in parameters as objects

accessed by position in a variable, instead of passing in parameters by name. You can run the

following cmdlets in sequence from the PowerCLI prompt.

$DefaultSoftwareDepots

Add-EsxSoftwareDepot -DepotUrl depot_url

$DefaultSoftwareDepots

$profs = Get-EsxImageProfile

$profs

$ip = New-EsxImageProfile -CloneProfile $profs[2] -Name "new_profile_name" -Vendor "my_vendor"

$ip

Create New Image Profiles Workflow

In most situations, you create an image profile by cloning an existing profile. Some VMware

customers or partners might need to create a new image profile. Pay careful attention to

dependencies and acceptance levels if you create an image profile from scratch.

The system expects that the acceptance level of the VIBs you add to the base image is at least

as high as the level of the base image. If you have to add a VIB with a lower acceptance level to

the image profile, you must lower the image profile acceptance level. For more information, see

Set the Image Profile Acceptance Level.

As an alternative to specifying the parameters on the command line, you can use the

PowerShell prompting mechanism to specify string parameters. Prompting does not work for

other parameters such as objects.

Prerequisites

n PowerCLI and prerequisite software is installed. See Install vSphere ESXi Image Builder and

Prerequisite Software.

n You have access to a depot that includes a base image and one or more VIBs. VMware and

VMware partners have public depots, accessible by a URL. VMware or VMware partners can

create a ZIP file that you can unzip to your local environment and access by using a file path.

VMware ESXi Installation and Setup

VMware by Broadcom 71

Procedure

1 In a PowerCLI session, run the Add-EsxSoftwareDepot cmdlet for each depot you want to

work with.

Option Action

Remote depot Run Add-EsxSoftwareDepot -DepotUrl <depot_url>.

ZIP file a Download the ZIP file to a local file system.

b Run Add-EsxSoftwareDepot -DepotUrl C:\<file_path>\<offline-

bundle>.zip

The cmdlet returns one or more SoftwareDepot objects.

2 Run the Get-EsxImageProfile cmdlet to list all image profiles in all currently visible depots.

You can narrow your search by using the optional arguments to filter the output.

Get-EsxSoftwarePackage -CreatedAfter 7/1/2010

3 Create a new profile, assign it a name and vendor, and add a base package.

New-EsxImageProfile -NewProfile -Name "Test #2" -vendor "Vendor42" -SoftwarePackage esx-

base[0],esx-xlibs[0]

The example uses the esx-base package. In most cases, you include the esx-base package

when you create a new image profile. Names that contain spaces are surrounded by quotes.

4 Use a pipeline to pass the new image profile to format-list for detailed information about

the new package.

(Get-EsxImageProfile -Name "Test #2").VibList | format-list

Example: Creating Image Profiles from Scratch Using Variables

This command sequence repeats the steps of the workflow, but passes parameters as objects,

accessed by position in a variable, instead of passing parameters by name. You can run the

following commands in sequence at thePowerCLI prompt.

Add-EsxSoftwareDepot depoturl

$pkgs = Get-EsxSoftwarePackage -CreatedAfter 7/1/2010

$ip2 = New-EsxImageProfile -NewProfile -Name "Test #2" -vendor "Vendor42" -SoftwarePackage

$pkgs[0]

$ip2.VibList | format-list

Edit Image Profiles Workflow

You can create a custom image by cloning and editing an image profile by using PowerCLI. You

can add or remove one or more VIBs in the existing profile. If adding or removing VIBs prevents

the image profile from working correctly, an error occurs.

VMware ESXi Installation and Setup

VMware by Broadcom 72

Prerequisites

n PowerCLI and prerequisite software is installed. See Install vSphere ESXi Image Builder and

Prerequisite Software.

n You have access to a depot that includes a base image and one or more VIBs. VMware and

VMware partners make public depots, accessible by a URL, available. VMware or VMware

partners can create a ZIP file that you can download to your local environment and access by

using a file path.

Procedure

1 In a PowerCLI session, run the Add-EsxSoftwareDepot cmdlet for each depot you want to

work with.

Option Action

Remote depot Run Add-EsxSoftwareDepot -DepotUrl <depot_url>.

ZIP file a Download the ZIP file to a local file system.

b Run Add-EsxSoftwareDepot -DepotUrl C:\<file_path>\<offline-

bundle>.zip

The cmdlet returns one or more SoftwareDepot objects.

2 Use a pipeline to pass the image profile you intend to edit to format-list to see detailed

information.

In this example, the image profile created in Create New Image Profiles Workflow contains

only the base image. A newly created image profile is not included in the depot. Instead, you

access the image profile by name or by binding it to a variable.

Get-EsxImageProfile "Test #2" | format-list

PowerShell returns the information.

Name : Test #2

Vendor : Vendor42

...

VibList : {esx-base 5.0.0.-...,}

3 (Optional) If you are adding a VIB with a lower acceptance level than that of the image

profile, change the acceptance level of the image profile.

Set-EsxImageProfile -ImageProfile "Test #2" -AcceptanceLevel VMwareAccepted

VMware ESXi Installation and Setup

VMware by Broadcom 73

PowerShell returns the information about the changed profile in tabular format.

Name Vendor Last Modified Acceptance Level

---- ------ ------------- ----------------

Test #2 Vendor42 9/22/2010 12:05:... VMwareAccepted

4 Add a software package (VIB) to the image profile. You can add the package by name.

Add-EsxSoftwarePackage -ImageProfile "Test #2"

-SoftwarePackage NewPack3

PowerShell returns the information about the image profile in tabular format.

Name Vendor Last Modified Acceptance Level

---- ------ ------------- ----------------

Test #2 Vendor42 9/22/2010 12:05:... VMwareAccepted

Note If an error occurs when you add the software package, you might have a problem with

acceptance levels, see

Working with Acceptance Levels

5 View the image profile again.

Get-EsxImageProfile "Test #2" | format-list

The VIB list is updated to include the new software package and the information is displayed.

Name : Test #2

Vendor : Vendor42

...

VibList : {esx-base 5.0.0.-..., NewPack3}

Example: Editing Image Profiles by Using Variables

This cmdlet sequence repeats the steps of the workflow but passes parameters as objects,

accessed by position in a variable, instead of passing parameters by name. You can run the

following cmdlets in sequence from the PowerCLI prompt.

Add-EsxSoftwareDepot -DepotUrl depot_url

$ip2 = Get-EsxImageProfile -name "Test #2"

$ip2 | format-list

Set-EsxImageProfile -ImageProfile $ip2 -AcceptanceLevel VMwareAccepted

Add-EsxImageSoftwarePackage -ImageProfile $ip2 -SoftwarePackage NewPack3

$ip2 | format-list

Required Information for ESXi Installation

Interactive installation prompts you for the required system information, but you must supply this

information in the installation script.

VMware ESXi Installation and Setup

VMware by Broadcom 74

In an interactive installation, the system prompts you for the required system information. In a

scripted installation, you must supply this information in the installation script. For future use,

note the values you use during the installation. These notes are useful if you must reinstall ESXi

and reenter the values that you originally selected.

Table 5-11. Required Information for ESXi Installation

Information

Required or

Optional Default Comments

Keyboard layout Required U.S. English

VLAN ID Optional None Range: 0 through 4094

IP address Optional DHCP You can allow DHCP to configure the network

during installation. After installation, you can

change the network settings.

Subnet mask Optional Calculated based on the IP

address

Gateway Optional Based on the configured IP

address and subnet mask

Primary DNS Optional Based on the configured IP

address and subnet mask

Secondary DNS Optional None

Host name Required for

static IP

settings

None The vSphere Client can use either the host

name or the IP address to access the ESXi

host.

Install location Required None Must be at least 5 GB if you install the

components on a single disk.

Migrate existing

ESXi settings.

Preserve existing

VMFS datastore.

Required if

you are

installing ESXi

on a drive

with an

existing ESXi

installation.

None If you have an existing ESXi 5.x installation,

the ESXi installer offers a choice between

preserving or overwriting the VMFS datastore

during installation

Root password Required None The root password must contain between

8 and 40 characters. For information

about passwords see the

vSphere Security

documentation.

Installing ESXi

You can install ESXi interactively, with a scripted installation, or with vSphere Auto Deploy.

Installing ESXi Interactively

Use the interactive installation option for small deployments of fewer than five hosts.

VMware ESXi Installation and Setup

VMware by Broadcom 75

In a typical interactive installation, you boot the ESXi installer and respond to the installer

prompts to install ESXi to the local host disk. The installer reformats and partitions the target disk

and installs the ESXi boot image. If you have not installed ESXi on the target disk before, all data

on the drive is overwritten, including hardware vendor partitions, operating system partitions,

and associated data.

Note To ensure that you do not lose any data, migrate the data to another machine before you

install ESXi.

If you are installing ESXi on a disk that contains a previous installation of ESXi or ESX, or a

VMFS datastore, the installer provides you with options for upgrading. See the

vSphere Upgrade

documentation.

Install ESXi Interactively

You use the ESXi CD/DVD or a USB flash drive to install the ESXi software onto a SAS, SATA,

SCSI hard drive, or USB drive.

Prerequisites

n You must have the ESXi installer ISO in one of the following locations:

n On CD or DVD. If you do not have the installation CD/DVD, you can create one. See

Download and Burn the ESXi Installer ISO Image to a CD or DVD

n On a USB flash drive. See Format a USB Flash Drive to Boot the ESXi Installation or

Upgrade.

Note You can also PXE boot the ESXi installer to run an interactive installation or a scripted

installation. See Network Booting the ESXi Installer.

n Verify that the server hardware clock is set to UTC. This setting is in the system BIOS.

n Verify that a keyboard and monitor are attached to the machine on which the ESXi

software is installed. Alternatively, use a remote management application. See Using Remote

Management Applications.

n Consider disconnecting your network storage. This action decreases the time it takes the

installer to search for available disk drives. When you disconnect network storage, any files

on the disconnected disks are unavailable at installation.

Do not disconnect a LUN that contains an existing ESX or ESXi installation. Do not disconnect

a VMFS datastore that contains the Service Console of an existing ESX installation. These

actions can affect the outcome of the installation.

n Gather the information required by the ESXi installation wizard. See Required Information for

ESXi Installation.

n Verify that ESXi Embedded is not present on the host machine. ESXi Installable and

ESXi Embedded cannot exist on the same host.

VMware ESXi Installation and Setup

VMware by Broadcom 76

Procedure

1 Insert the ESXi installer CD/DVD into the CD/DVD-ROM drive, or attach the Installer USB flash

drive and restart the machine.

2 Set the BIOS to boot from the CD-ROM device or the USB flash drive.

See your hardware vendor documentation for information on changing boot order.

3 On the Select a Disk page, select the drive on which to install ESXi, and press Enter.

Press F1 for information about the selected disk.

Note Do not rely on the disk order in the list to select a disk. The disk order is determined

by the BIOS and might be out of order. This might occur on systems where drives are

continuously being added and removed.

If you select a disk that contains data, the Confirm Disk Selection page appears.

If you are installing on a disc with a previous ESXi or ESX installation or VMFS datastore, the

installer provides several choices.

Important If you are upgrading or migrating an existing ESXi installation, see the

VMware

ESXi Upgrade

documentation.

If you select a disk that is in vSAN disk group, the resulting installation depends on the type

of disk and the group size:

n If you select an SSD, the SSD and all underlying HDDs in the same disk group are wiped.

n If you select an HDD, and the disk group size is greater than two, only the selected HDD is

wiped.

n If you select an HDD disk, and the disk group size is two or less, the SSD and the selected

HDD is wiped.

For more information about managing vSAN disk groups, see the

vSphere Storage

documentation.

4 Select the keyboard type for the host.

You can change the keyboard type after installation in the direct console.

5 Enter the root password for the host.

You can change the password after installation in the direct console.

6 Press Enter to start the installation.

7 When the installation is complete, remove the installation CD, DVD, or USB flash drive.

8 Press Enter to reboot the host.

VMware ESXi Installation and Setup

VMware by Broadcom 77

9 Set the first boot device to be the drive on which you installed ESXi in Step 3.

For information about changing boot order, see your hardware vendor documentation.

Note UEFI systems might require additional steps to set the boot device. See Host Fails to

Boot After You Install ESXi in UEFI Mode

Results

After the installation is complete, you can migrate existing VMFS data to the ESXi host.

You can boot a single machine from each ESXi image. Booting multiple devices from a single

shared ESXi image is not supported.

What to do next

Set up basic administration and network configuration for ESXi. See After You Install and Set Up

ESXi.

Install ESXi on a Software iSCSI Disk

When you install ESXi to a software iSCSI disk, you must configure the target iSCSI qualified

name (IQN).

During system boot, the system performs a Power-On Self Test (POST), and begins booting the

adapters in the order specified in the system BIOS. When the boot order comes to the iSCSI Boot

Firmware Table (iBFT) adapter, the adapter attempts to connect to the target, but does not boot

from it. See Prerequisites.

If the connection to the iSCSI target is successful, the iSCSI boot firmware saves the iSCSI boot

configuration in the iBFT. The next adapter to boot must be the ESXi installation media, either a

mounted ISO image or a physical CD-ROM.

Prerequisites

n Verify that the target IQN is configured in the iBFT BIOS target parameter setting. This setting

is in the option ROM of the network interface card (NIC) to be used for the iSCSI LUN. See the

vendor documentation for your system.

n Deactivate the iBFT adapter option to boot to the iSCSI target. This action is necessary to

make sure that the ESXi installer boots, rather than the iSCSI target. When you start your

system, follow the prompt to log in to your iBFT adapter and deactivate the option to boot to

the iSCSI target. See the vendor documentation for your system and iBFT adapter. After you

finish the ESXi installation, you can reenable the option to boot from the LUN you install ESXi

on.

Procedure

1 Start an interactive installation from the ESXi installation CD/DVD or mounted ISO image.

VMware ESXi Installation and Setup

VMware by Broadcom 78

2 On the Select a Disk screen, select the iSCSI target you specified in the iBFT BIOS target

parameter setting.

If the target does not appear in this menu, make sure that the TCP/IP and initiator iSCSI

IQN settings are correct. Check the network Access Control List (ACL) and confirm that the

adapter has adequate permissions to access the target.

3 Follow the prompts to complete the installation.

4 Reboot the host.

5 In the host BIOS settings, enter the iBFT adapter BIOS configuration, and change the adapter

parameter to boot from the iSCSI target.

See the vendor documentation for your system.

What to do next

On your iBFT adapter, reenable the option to boot to the iSCSI target, so the system will boot

from the LUN you installed ESXi on.

Installing or Upgrading Hosts by Using a Script

You can quickly deploy ESXi hosts by using scripted, unattended installations or upgrades.

Scripted installations or upgrades provide an efficient way to deploy multiple hosts. The

installation or upgrade script contains the installation settings for ESXi. You can apply the script

to all hosts that you want to have a similar configuration.

For a scripted installation or upgrade, you must use the supported commands to create a script.

You can edit the script to change settings that are unique for each host.

The installation or upgrade script can reside in one of the following locations:

n FTP server

n HTTP/HTTPS server

n NFS server

n USB flash drive

n CD-ROM drive

Approaches for Scripted Installation

You can install ESXi on multiple machines using a single script for all of them or a separate script

for each machine.

For example, because disk names vary from machine to machine, one of the settings that you

might want to configure in a script is the selection for the disk to install ESXi on.

VMware ESXi Installation and Setup

VMware by Broadcom 79

Table 5-12. Scripted Installation Choices

Option Action

Always install on the first disk on multiple machines. Create one script.

Install ESXi on a different disk for each machine. Create multiple scripts.

For information about the commands required to specify the disk to install on, see Installation

and Upgrade Script Commands.

Enter Boot Options to Run an Installation or Upgrade Script

You can start an installation or upgrade script by typing boot options at the ESXi installer boot

command line.

At boot time you might need to specify options to access the kickstart file. You can enter boot

options by pressing Shift+O in the boot loader. For a PXE boot installation, you can pass options

through the kernelopts line of the boot.cfg file. See About the boot.cfg File and Network

Booting the ESXi Installer.

To specify the location of the installation script, set the ks=filepath option, where

filepath

indicates the location of your kickstart file. Otherwise, a scripted installation or upgrade cannot

start. If ks=filepath is omitted, the text installer is run.

Supported boot options are listed in Boot Options .

Procedure

1 Start the host.

2 When the ESXi installer window appears, press Shift+O to edit boot options.

3 At the runweasel command prompt, type ks=location of installation script plus

boot command-line options.

VMware ESXi Installation and Setup

VMware by Broadcom 80

Example: Boot Option

You type the following boot options:

ks=http://00.00.00.00/kickstart/ks-osdc-pdp101.cfg nameserver=00.00.0.0 ip=00.00.00.000

netmask=255.255.255.0 gateway=00.00.00.000

Boot Options

When you perform a scripted installation, you might need to specify options at boot time to

access the kickstart file.

Supported Boot Options

Table 5-13. Boot Options for ESXi Installation

Boot Option Description

BOOTIF=hwtype-MAC address Similar to the netdevice option, except in the PXELINUX

format as described in the IPAPPEND option under

SYSLINUX at the

syslinux.org site.

gateway=ip address Sets this network gateway as the default gateway to be

used for downloading the installation script and installation

media.

ip=ip address Sets up a static IP address to be used for downloading

the installation script and the installation media. Note: the

PXELINUX format for this option is also supported. See the

IPAPPEND option under SYSLINUX at the syslinux.org

site.

ks=cdrom:/path Performs a scripted installation with the script at

path

which resides on the CD in the CD-ROM drive. Each

CDROM is mounted and checked until the file that matches

the path is found.

Important If you have created an installer ISO image

with a custom installation or upgrade script, you must use

uppercase characters to provide the path of the script, for

example, ks=cdrom:/KS_CUST.CFG.

ks=file://path Performs a scripted installation with the script at

path

ks=protocol://serverpath Performs a scripted installation with a script located on the

network at the given URL.

protocol

can be http, https,

ftp, or nfs. An example using NFS protocol is ks=nfs://

host/porturl-path. The format of an NFS URL is specified

in RFC 2224.

ks=usb Performs a scripted installation, accessing the script from

an attached USB drive. Searches for a file named ks.cfg.

The file must be located in the root directory of the drive.

If multiple USB flash drives are attached, they are searched

until the

ks.cfg file is found. Only FAT16 and FAT32 file

systems are supported.

ks=usb:/path Performs a scripted installation with the script file at the

specified path, which resides on USB.

VMware ESXi Installation and Setup

VMware by Broadcom 81

Table 5-13. Boot Options for ESXi Installation (continued)

Boot Option Description

ksdevice=device Tries to use a network adapter

device

when looking for an

installation script and installation media. Specify as a MAC

address, for example, 00:50:56:C0:00:01. This location can

also be a vmnicNN name. If not specified and files need to

be retrieved over the network, the installer defaults to the

first discovered network adapter that is plugged in.

nameserver=ip address Specifies a domain name server to be used for

downloading the installation script and installation media.

netdevice=device Tries to use a network adapter

device

when looking for an

installation script and installation media. Specify as a MAC

address, for example, 00:50:56:C0:00:01. This location can

also be a vmnicNN name. If not specified and files need to

be retrieved over the network, the installer defaults to the

first discovered network adapter that is plugged in.

netmask=subnet mask Specifies subnet mask for the network interface that

downloads the installation script and the installation media.

vlanid=vlanid Configure the network card to be on the specified VLAN.

systemMediaSize=small Limits the size of system storage partitions on the boot

media. The selected value must fit the purpose of your

system. You can select from the following values:

min

(32 GB, for single disk or embedded servers)

small

(64 GB, for servers with at least 512 GB RAM)

default

(128 GB)

max

(consume all available space, for multi-terabyte

servers)

For more information on ESXi booting options post installation, see VMware knowledge base

article 77009.

About Installation and Upgrade Scripts

The installation/upgrade script is a text file, for example ks.cfg, that contains supported

commands.

The command section of the script contains the ESXi installation options. This section is required

and must appear first in the script.

About the Default ks.cfg Installation Script

The ESXi installer includes a default installation script that performs a standard installation to the

first detected disk.

The default ks.cfg installation script is located in the initial RAM disk at /etc/vmware/weasel/

ks.cfg. You can specify the location of the default ks.cfg file with the ks=file://etc/vmware/

weasel/ks.cfg boot option. See Enter Boot Options to Run an Installation or Upgrade Script.

When you install ESXi using the ks.cfg script, the default root password is myp@ssw0rd.

VMware ESXi Installation and Setup

VMware by Broadcom 82

You cannot modify the default script on the installation media. After the installation, you can use

the vSphere Client to log in to the vCenter Server that manages the ESXi host and modify the

default settings.

The default script contains the following commands:

# Sample scripted installation file

# Accept the VMware End User License Agreement

vmaccepteula

# Set the root password for the DCUI and Tech Support Mode

rootpw myp@ssw0rd

# Install on the first local disk available on machine

install --firstdisk --overwritevmfs

# Set the network to DHCP on the first network adapter

network --bootproto=dhcp --device=vmnic0

# A sample post-install script

%post --interpreter=python --ignorefailure=true

import time

stampFile = open('/finished.stamp', mode='w')

stampFile.write( time.asctime() )

Locations Supported for Installation or Upgrade Scripts

In scripted installations and upgrades, the ESXi installer can access the installation or upgrade

script, also called the kickstart file, from several locations.

The following locations are supported for the installation or upgrade script:

n CD/DVD. See Create an Installer ISO Image with a Custom Installation or Upgrade Script.

n USB Flash drive. See Create a USB Flash Drive to Store the ESXi Installation Script or Upgrade

Script.

n A network location accessible through the following protocols: NFS, HTTP, HTTPS, FTP

Path to the Installation or Upgrade Script

You can specify the path to an installation or upgrade script.

ks=http://XXX.XXX.XXX.XXX/kickstart/KS.CFG is the path to the ESXi installation script,

where XXX.XXX.XXX.XXX is the IP address of the machine where the script resides. See About

Installation and Upgrade Scripts.

To start an installation script from an interactive installation, you enter the ks= option manually.

See Enter Boot Options to Run an Installation or Upgrade Script.

VMware ESXi Installation and Setup

VMware by Broadcom 83

Installation and Upgrade Script Commands

To modify the default installation or upgrade script or to create your own script, use supported

commands. Use supported commands in the installation script, which you specify with a boot

command when you boot the installer.

To determine which disk to install or upgrade ESXi on, the installation script requires one of the

following commands: install, upgrade, or installorupgrade. The install command creates

the default partitions, including a VMFS datastore that occupies all available space after the other

partitions are created.

accepteula or vmaccepteula (Required)

Accepts the ESXi license agreement.

clearpart (Optional)

Clears any existing partitions on the disk. Requires the install command to be specified.

Carefully edit the

clearpart command in your existing scripts.

--drives=

Remove partitions on the specified drives.

--alldrives

Ignores the --drives= requirement and allows clearing of partitions

on every drive.

--ignoredrives=

Removes partitions on all drives except those specified. Required

unless the --drives= or --alldrives flag is specified.

--overwritevmfs

Allows overwriting of VMFS partitions on the specified drives. By

default, overwriting VMFS partitions is not allowed.

--firstdisk=

disk-type1

[disk-type2,...]

Partitions the first eligible disk found. By default, the eligible disks are

set to the following order:

1 Locally attached storage (local)

2 Network storage (remote)

3 USB disks (usb)

You can change the order of the disks by using a comma-

separated list appended to the argument. If you provide a filter

list, the default settings are overridden. You can combine filters

to specify a particular disk, including esx for the first disk with

ESXi installed on it, model and vendor information, or the name

of the VMkernel device driver. For example, to prefer a disk

with the model name ST3120814A and any disk that uses the

mptsas driver rather than a normal local disk, the argument is

--firstdisk=ST3120814A,mptsas,local. You can use localesx for

local storage that contains

ESXi image or remoteesx for remote

storage that contains ESXi image.

VMware ESXi Installation and Setup

VMware by Broadcom 84

dryrun (Optional)

Parses and checks the installation script. Does not perform the installation.

install

Specifies that this is a fresh installation. Either the install, upgrade, or installorupgrade

command is required to determine which disk to install or upgrade ESXi on.

--disk= or --drive=

Specifies the disk to partition. In the command --disk=diskname, the

diskname

can be a disk name or a full disk filesystem path in ESXi, for

example:

n Disk name: --disk=naa.6d09466044143600247aee55ca2a6405 or

Device path: --disk=/vmfs/devices/disks/mpx.vmhba1:C0:T0:L0

For accepted disk name formats, see Disk Device Names.

--firstdisk=

disk-type1,

[disk-type2,...]

Partitions the first eligible disk found. By default, the eligible disks are

set to the following order:

1 Locally attached storage (local)

2 Network storage (remote)

3 USB disks (usb)

You can change the order of the disks by using a comma-

separated list appended to the argument. If you provide a filter

list, the default settings are overridden. You can combine filters

to specify a particular disk, including esx for the first disk with

ESX installed on it, model and vendor information, or the name

of the VMkernel device driver. For example, to prefer a disk

with the model name ST3120814A and any disk that uses the

mptsas driver rather than a normal local disk, the argument is

--firstdisk=ST3120814A,mptsas,local. You can use localesx for

local storage that contains

ESXi image or remoteesx for remote

storage that contains ESXi image.

--ignoressd

Excludes solid-state disks from eligibility for partitioning. This option

can be used with the install command and the --firstdisk

option. This option takes precedence over the --firstdisk option.

This option is invalid with the --drive or --disk options and with

the

upgrade and installorupgrade commands. See the

vSphere

Storage

documentation for more information about preventing SSD

formatting during auto-partitioning.

--overwritevsan

You must use the --overwritevsan option when you install ESXi on

a disk, either SSD or HDD (magnetic), that is in a vSAN disk group. If

you use this option and no vSAN partition is on the selected disk, the

VMware ESXi Installation and Setup

VMware by Broadcom 85

installation fails. When you install ESXi on a disk that is in vSAN disk

group, the result depends on the disk that you select:

n If you select an SSD, the SSD and all underlying HDDs in the same

disk group is wiped.

n If you select an HDD, and the disk group size is greater than two,

only the selected HDD is wiped.

n If you select an HDD disk, and the disk group size is two or less,

the SSD and the selected HDD is wiped.

For more information about managing vSAN disk groups, see the

vSphere Storage

documentation.

--overwritevmfs

Required to overwrite an existing VMFS datastore on the disk before

installation.

--preservevmfs

Preserves an existing VMFS datastore on the disk during installation.

--novmfsondisk

Prevents a VMFS partition from being created on this disk. Must be

used with --overwritevmfs if a VMFS partition exists on the disk.

installorupgrade

Either the install, upgrade, or installorupgrade command is required to determine which

disk to install or upgrade ESXi on.

--disk= or --drive=

Specifies the disk to partition. In the command --disk=diskname, the

diskname

can be a disk name or a full disk filesystem path in ESXi, for

example:

n Disk name: --disk=naa.6d09466044143600247aee55ca2a6405 or

Device path: --disk=/vmfs/devices/disks/mpx.vmhba1:C0:T0:L0

For accepted disk name formats, see Disk Device Names.

--firstdisk=

disk-type1,

[disk-type2,...]

Partitions the first eligible disk found. By default, the eligible disks are

set to the following order:

1 Locally attached storage (local)

2 Network storage (remote)

3 USB disks (usb)

You can change the order of the disks by using a comma-

separated list appended to the argument. If you provide a filter

list, the default settings are overridden. You can combine filters

to specify a particular disk, including esx for the first disk with

ESX installed on it, model and vendor information, or the name

of the VMkernel device driver. For example, to prefer a disk

VMware ESXi Installation and Setup

VMware by Broadcom 86

with the model name ST3120814A and any disk that uses the

mptsas driver rather than a normal local disk, the argument is

--firstdisk=ST3120814A,mptsas,local. You can use localesx for

local storage that contains ESXi image or remoteesx for remote

storage that contains ESXi image.

--overwritevsan

You must use the --overwritevsan option when you install ESXi on

a disk, either SSD or HDD (magnetic), that is in a vSAN disk group. If

you use this option and no vSAN partition is on the selected disk, the

installation fails. When you install ESXi on a disk that is in a vSAN disk

group, the result depends on the disk that you select:

n If you select an SSD, the SSD and all underlying HDDs in the same

disk group is wiped.

n If you select an HDD, and the disk group size is greater than two,

only the selected HDD is wiped.

n If you select an HDD disk, and the disk group size is two or less,

the SSD and the selected HDD is wiped.

For more information about managing vSAN disk groups, see the

vSphere Storage

documentation.

--overwritevmfs

Install ESXi if a VMFS partition exists on the disk, but no ESX or ESXi

installation exists. Unless this option is present, the installer fails if a

VMFS partition exists on the disk, but an ESX or ESXi installation is

missing.

keyboard (Optional)

Sets the keyboard type for the system.

keyboardType

Specifies the keyboard map for the selected keyboard type.

keyboardType

must be one of the following types.

n Belgian

n Brazilian

n Croatian

n Czechoslovakian

n Danish

n Estonian

n Finnish

n French

n German

VMware ESXi Installation and Setup

VMware by Broadcom 87

n Greek

n Icelandic

n Italian

n Japanese

n Latin American

n Norwegian

n Polish

n Portuguese

n Russian

n Slovenian

n Spanish

n Swedish

n Swiss French

n Swiss German

n Turkish

n Ukrainian

n United Kingdom

n US Default

n US Dvorak

serialnum or vmserialnum (Optional)

The command is supported in ESXi version 5.1 and later. Configures licensing. If not included, ESXi

installs in evaluation mode.

--esx=<license-key>

Specifies the vSphere license key to use. The format is 5 five-

character groups (XXXXX-XXXXX-XXXXX-XXXXX-XXXXX).

network (Optional)

Specifies a network address for the system.

--bootproto=[dhcp|

static]

Specifies whether to obtain the network settings from DHCP or set

them manually.

--device=

Specifies either the MAC address of the network card or the device

name, in the form vmnicNN, as in vmnic0. This option refers to the

uplink device for the virtual switch.

VMware ESXi Installation and Setup

VMware by Broadcom 88

--ip=

Sets an IP address for the machine to be installed, in the form

xxx.xxx.xxx.xxx. Required with the --bootproto=static option and

ignored otherwise.

--gateway=

Designates the default gateway as an IP address, in the form

xxx.xxx.xxx.xxx. Used with the --bootproto=static option.

--nameserver=

Designates the primary name server as an IP address. Used with the

--bootproto=static option. Omit this option if you do not intend to

use DNS.

The --nameserver option can accept two IP addresses. For example:

--nameserver="10.126.87.104[,10.126.87.120]"

--netmask=

Specifies the subnet mask for the installed system, in the form

255.xxx.xxx.xxx. Used with the --bootproto=static option.

--hostname=

Specifies the host name for the installed system.

--vlanid= vlanid

Specifies which VLAN the system is on. Used with either the

--bootproto=dhcp or --bootproto=static option. Set to an integer

from 1 to 4096.

--addvmportgroup=(0|1)

Specifies whether to add the VM Network port group, which is used

by virtual machines. The default value is 1.

paranoid (Optional)

Causes warning messages to interrupt the installation. If you omit this command, warning

messages are logged.

part or partition (Optional)

Creates an extra VMFS datastore on the system. Only one datastore per disk can be created.

Cannot be used on the same disk as the install command. Only one partition can be specified

per disk and it can only be a VMFS partition.

datastore name

Specifies where the partition is to be mounted.

--ondisk= or --ondrive=

Specifies the disk or drive where the partition is created.

--onfirstdisk=

disk-type1,

[disk-type2,...]

Partitions the first eligible disk found. By default, the eligible disks are

set to the following order:

1 Locally attached storage (local)

2 Network storage (remote)

3 USB disks (usb)

VMware ESXi Installation and Setup

VMware by Broadcom 89

You can change the order of the disks by using a comma-

separated list appended to the argument. If you provide a filter

list, the default settings are overridden. You can combine filters

to specify a particular disk, including esx for the first disk with

ESX installed on it, model and vendor information, or the name

of the VMkernel device driver. For example, to prefer a disk

with the model name ST3120814A and any disk that uses the

mptsas driver rather than a normal local disk, the argument is

--onfirstdisk=ST3120814A,mptsas,local. You can use localesx for

local storage that contains ESXi image or remoteesx for remote

storage that contains

ESXi image.

reboot (Optional)

Reboots the machine after the scripted installation is complete.

<--noeject>

The CD is not ejected after the installation.

rootpw (Required)

Sets the root password for the system.

--iscrypted

Specifies that the password is encrypted.

password

Specifies the password value.

upgrade

Either the install, upgrade, or installorupgrade command is required to determine which

disk to install or upgrade ESXi on.

--disk= or --drive=

Specifies the disk to partition. In the command --disk=diskname, the

diskname

can be a disk name or a full disk filesystem path in ESXi, for

example:

n Disk name: --disk=naa.6d09466044143600247aee55ca2a6405 or

Device path: --disk=/vmfs/devices/disks/mpx.vmhba1:C0:T0:L0

For accepted disk name formats, see Disk Device Names.

--firstdisk=

disk-type1,

[disk-type2,...]

Partitions the first eligible disk found. By default, the eligible disks are

set to the following order:

1 Locally attached storage (local)

2 Network storage (remote)

3 USB disks (usb)

VMware ESXi Installation and Setup

VMware by Broadcom 90

You can change the order of the disks by using a comma-

separated list appended to the argument. If you provide a filter

list, the default settings are overridden. You can combine filters

to specify a particular disk, including esx for the first disk with

ESX installed on it, model and vendor information, or the name

of the VMkernel device driver. For example, to prefer a disk

with the model name ST3120814A and any disk that uses the

mptsas driver rather than a normal local disk, the argument is

--firstdisk=ST3120814A,mptsas,local. You can use localesx for

local storage that contains ESXi image or remoteesx for remote

storage that contains

ESXi image.

%include or include (Optional)

Specifies another installation script to parse. This command is treated similarly to a multiline

command, but takes only one argument.

filename

For example: %include part.cfg

%pre (Optional)

Specifies a script to run before the kickstart configuration is evaluated. For example, you can use

it to generate files for the kickstart file to include.

--interpreter

=[python|busybox]

Specifies an interpreter to use. The default is busybox.

%post (Optional)

Runs the specified script after package installation is complete. If you specify multiple %post

sections, they run in the order that they appear in the installation script.

--interpreter

=[python|busybox]

Specifies an interpreter to use. The default is busybox.

--timeout=secs

Specifies a timeout for running the script. If the script is not finished

when the timeout expires, the script is forcefully stopped.

--ignorefailure

=[true|false]

If true, the installation is considered a success even if the %post script

stops with an error.

VMware ESXi Installation and Setup

VMware by Broadcom 91

%firstboot

Creates an init script that runs only during the first boot. The script has no effect on

subsequent boots. If multiple %firstboot sections are specified, they run in the order that they

appear in the kickstart file.

Note You cannot check the semantics of %firstboot scripts until the system is booting for the

first time. A

%firstboot script might contain potentially catastrophic errors that are not exposed

until after the installation is complete.

Important The %firstboot script does not run, if secure boot is enabled on the ESXi host.

--interpreter

=[python|busybox]

Specifies an interpreter to use. The default is busybox.

Note You cannot check the semantics of the %firstboot script until the system boots for the

first time. If the script contains errors, they are not exposed until after the installation is complete.

Disk Device Names

The install, upgrade, and installorupgrade installation script commands require the use of

disk device names.

Table 5-14. Disk Device Names

Format Example Description

NAA naa.6d09466044143600247aee55ca2a6405 SCSI INQUIRY identifier

EUI eui.3966623838646463 SCSI INQUIRY identifier

T10 t10.SanDisk00Cruzer_Blade000000004C5300

01171118101244

SCSI INQUIRY identifier

VML vml.00025261 Legacy VMkernel identifier

MPX mpx.vmhba0:C0:T0:L0 Path-based identifier

For more information on storage device names, see

Storage Device Names and Identifiers

in the

vSphere Storage

documentation.

About the boot.cfg File

The boot loader configuration file boot.cfg specifies the kernel, the kernel options, and the boot

modules that the mboot.c32 or mboot.efi boot loader uses in an ESXi installation.

The boot.cfg file is provided in the ESXi installer. You can modify the kernelopt line of the

boot.cfg file to specify the location of an installation script or to pass other boot options.

VMware ESXi Installation and Setup

VMware by Broadcom 92

The boot.cfg file has the following syntax:

# boot.cfg -- mboot configuration file

# Any line preceded with '#' is a comment.

title=STRING

prefix=DIRPATH

kernel=FILEPATH

kernelopt=STRING

modules=FILEPATH1 --- FILEPATH2... --- FILEPATHn

# Any other line must remain unchanged.

The commands in boot.cfg configure the boot loader.

Table 5-15. Commands in boot.cfg.

Command Description

title=STRING Sets the boot loader title to STRING.

prefix=STRING (Optional) AddsDIRPATH/ in front of every FILEPATH in

the kernel= and modules= commands that do not already

start with / or with http://.

kernel=FILEPATH Sets the kernel path to FILEPATH.

kernelopt=STRING Appends STRING to the kernel boot options.

modules=FILEPATH1 --- FILEPATH2... --- FILEPATHn Lists the modules to be loaded, separated by three

hyphens (---).

See Create an Installer ISO Image with a Custom Installation or Upgrade Script and Network

Booting the ESXi Installer.

Install or Upgrade ESXi from a CD or DVD by Using a Script

You can install or upgrade ESXi from a CD-ROM or DVD-ROM drive by using a script that

specifies the installation or upgrade options.

You can start the installation or upgrade script by entering a boot option when you start the host.

You can also create an installer ISO image that includes the installation script. With an installer

ISO image, you can perform a scripted, unattended installation when you boot the resulting

installer ISO image. See Create an Installer ISO Image with a Custom Installation or Upgrade

Script.

Prerequisites

Before you run the scripted installation or upgrade, verify that the following prerequisites are

met:

n The system on which you are installing or upgrading meets the hardware requirements. See

ESXi Hardware Requirements.

VMware ESXi Installation and Setup

VMware by Broadcom 93

n You have the ESXi installer ISO on an installation CD or DVD . See Download and Burn the

ESXi Installer ISO Image to a CD or DVD.

n The default installation or upgrade script (ks.cfg) or a custom installation or upgrade script

is accessible to the system. See About Installation and Upgrade Scripts.

n You have selected a boot command to run the scripted installation or upgrade. See Enter

Boot Options to Run an Installation or Upgrade Script. For a complete list of boot commands,

see Boot Options .

Procedure

1 Boot the ESXi installer from the local CD-ROM or DVD-ROM drive.

2 When the ESXi installer window appears, press Shift+O to edit boot options.

3 Type a boot option that calls the default installation or upgrade script or an installation or

upgrade script file that you created.

The boot option has the form ks=.

4 Press Enter.

Results

The installation, upgrade, or migration runs, using the options that you specified.

Install or Upgrade ESXi from a USB Stick by Using a Script

You can install or upgrade ESXi from a USB flash drive by using a script that specifies the

installation or upgrade options.

Supported boot options are listed in Boot Options .

Prerequisites

Before running the scripted installation or upgrade, verify that the following prerequisites are

met:

n The system that you are installing or upgrading to ESXi meets the hardware requirements for

the installation or upgrade. See ESXi Hardware Requirements.

VMware ESXi Installation and Setup

VMware by Broadcom 94

n You have the ESXi installer ISO on a bootable USB flash drive. See Format a USB Flash Drive

to Boot the ESXi Installation or Upgrade.

n The default installation or upgrade script (ks.cfg) or a custom installation or upgrade script

is accessible to the system. See About Installation and Upgrade Scripts.

n You have selected a boot option to run the scripted installation, upgrade, or migration. See

Enter Boot Options to Run an Installation or Upgrade Script.

Procedure

1 Boot the ESXi installer from the USB flash drive.

2 When the ESXi installer window appears, press Shift+O to edit boot options.

3 Type a boot option that calls the default installation or upgrade script or an installation or

upgrade script file that you created.

The boot option has the form ks=.

4 Press Enter.

Results

The installation, upgrade, or migration runs, using the options that you specified.

Network Boot the ESXi Installer for a Scripted Installation or Upgrade

ESXi 7.0 provides many options for booting the installer over a network and using an installation

or upgrade script.

n For information about setting up a network infrastructure, see Network Booting the ESXi

Installer.

n For information about creating and locating an installation script, see About Installation and

Upgrade Scripts.

n For specific procedures to network boot the ESXi installer and use an installation script, see

one of the following topics:

n Boot the ESXi Installer by Using Native UEFI HTTP

n Boot the ESXi Installer by Using iPXE and HTTP

VMware ESXi Installation and Setup

VMware by Broadcom 95

n Boot the ESXi Installer by Using PXE and TFTP

n For information about using vSphere Auto Deploy to perform a scripted installation by using

PXE to boot, see Installing ESXi Using vSphere Auto Deploy .

Overview of the Network Boot Installation Process

You can boot an ESXi host from a network interface. The network boot process varies depending

on whether the target host is using legacy BIOS or UEFI firmware, and whether the boot process

uses PXE TFTP, iPXE HTTP, or UEFI HTTP.

When you boot a target host, it interacts with the different servers in the environment to get a

network adapter, boot loader, kernel, IP address for the kernel, and finally an installation script.

When all components are in place, installation starts, as shown in the following illustration.

Figure 5-4. Overview of PXE Boot Installation Process

Installer

starts

UDP

IP & TFTP server

Give me an IP

for the network adapter

TCP or UDP

mboot and supporting files

Give me the network boot loader

TCP or UDP

kernel

Give me the kernel

UDP

Give me the IP for the kernel

TCP

ks.cfg

Give me an installation script

ESXi host

ESXi target host

DHCP server

TFTP or HTTP

server

TFTP or HTTP

server

DHCP server

script depot

The interaction between the ESXi host and other servers proceeds as follows:

1 The user boots the target ESXi host.

2 The target ESXi host makes a DHCP request.

VMware ESXi Installation and Setup

VMware by Broadcom 96

3 The DHCP server responds with the IP information, the location of the TFTP or HTTP server,

and the filename or URL of the initial network boot loader.

4 The ESXi host contacts the TFTP or HTTP server and requests the filename or URL that the

DHCP server specified.

5 The TFTP or HTTP server sends the network boot loader, and the ESXi host runs it. The initial

boot loader might load additional boot loader components from the server.

6 The boot loader searches for a configuration file on the TFTP or HTTP server, downloads the

kernel and other ESXi components as specified in the configuration file, and boots the kernel

on the ESXi host.

7 The installer runs interactively or using a kickstart script, as specified in the configuration file.

Boot the ESXi Installer by Using PXE and TFTP

You can use a TFTP server to PXE boot the ESXi installer. The process differs slightly depending

on whether you use UEFI or boot from a legacy BIOS. Because most environments include ESXi

hosts that support UEFI boot and hosts that support only legacy BIOS, this topic discusses

prerequisites and steps for both types of hosts.

n For legacy BIOS machines, the procedure supports booting multiple different versions of the

ESXi installer by using the same pxelinux.0 initial boot loader for all target machines, but

potentially different PXELINUX configuration files depending on the target machine's MAC

address.

n For UEFI machines, the procedure supports booting multiple different versions of the ESXi

installer by using the same mboot.efi initial boot loader for all target machines, but

potentially different boot.cfg files depending on the target machine's MAC address.

Prerequisites

Verify that your environment meets the following prerequisites.

n ESXi installer ISO image, downloaded from the VMware Web site.

n Target host with a hardware configuration that is supported for your version of ESXi. See the

VMware Compatibility Guide

n Network adapter with PXE support on the target ESXi host.

n DHCP server that you can configure for PXE booting. See Sample DHCP Configurations.

n TFTP server.

n Network security policies to allow TFTP traffic (UDP port 69).

n For legacy BIOS, you can use only IPv4 networking. For UEFI PXE boot, you can use IPv4 or

IPv6 networking.

n (Optional) Installation script (kickstart file).

n Use a native VLAN in most cases. If you want to specify the VLAN ID to be used with PXE

booting, check that your NIC supports VLAN ID specification.

VMware ESXi Installation and Setup

VMware by Broadcom 97

For legacy BIOS systems, obtain version 3.86 of the SYSLINUX package. For more information,

see Network Boot Background Information.

Procedure

1 If your ESXi host runs legacy BIOS firmware only, obtain and configure PXELINUX.

a Obtain SYSLINUX version 3.86, unpack it, and copy the pxelinux.0 file to the top-level /

tftpboot directory on your TFTP server.

b Create a PXELINUX configuration file using the following code model.

ESXi-7.x.x-XXXXXX is the name of the TFTP subdirectory that contains the ESXi installer

files.

DEFAULT install

NOHALT 1

LABEL install

KERNEL ESXi-7.x.x-XXXXXX/mboot.c32

APPEND -c ESXi-7.x.x-XXXXXX/boot.cfg

IPAPPEND 2

c Save the PXELINUX file in the /tftpboot/pxelinux.cfg directory on your TFTP server

with a filename that will determine whether all hosts boot this installer by default:

Option

Description

Same installer Name the file default if you want all host to boot this ESXi installer by

default.

Different installers Name the file with the MAC address of the target host machine (01-

mac_address_of_target_ESXi_host

) if you want only a specific host to

boot with this file, for example, 01-23-45-67-89-0a-bc.

2 If your ESXi host runs UEFI firmware, copy the efi/boot/bootx64.efi file from the ESXi

installer ISO image to the /tftpboot folder on your TFTP server, and rename the file to

mboot.efi. For 7.0 Update 3 and later, also copy the efi/boot/crypto64.efi file to the /

tftpboot folder.

Note Newer versions of mboot.efi can generally boot older versions of ESXi, but older

versions of mboot.efi might be unable to boot newer versions of ESXi. If you plan to

configure different hosts to boot different versions of the ESXi installer, use the mboot.efi

from the newest version.

3 Configure the DHCP server.

4 Create a subdirectory of your TFTP server's top-level /tftpboot directory and name it after

the version of ESXi it will hold, for example, /tftpboot/ESXi-7.x.x-xxxxx.

5 Copy the contents of the ESXi installer image to the newly created directory.

VMware ESXi Installation and Setup

VMware by Broadcom 98

6 Modify the boot.cfg file

a Add the following line:

prefix=ESXi-7.x.x-xxxxxx

Here, ESXi-7.x.x-xxxxxx is the pathname of the installer files relative to the TFTP server's

root directory.

b If the filenames in the kernel= and modules= lines begin with a forward slash (/) character,

delete that character.

c If the kernelopt= line contains the string cdromBoot, remove the string only.

7 (Optional) For a scripted installation, in the boot.cfg file, add the kernelopt option to the line

after the kernel command, to specify the location of the installation script.

Use the following code as a model, where XXX.XXX.XXX.XXX is the IP address of the server

where the installation script resides, and esxi_ksFiles is the directory that contains the

ks.cfg file.

kernelopt=ks=http://XXX.XXX.XXX.XXX/esxi_ksFiles/ks.cfg

8 If your ESXi host runs UEFI firmware, specify whether you want all UEFI hosts to boot the

same installer.

Option

Description

Same installer Copy or link the boot.cfg file to /tftpboot/boot.cfg

Different installers a Create a subdirectory of /tftpboot named after the MAC address

of the target host machine (01-

mac_address_of_target_ESXi_host

), for

example, 01-23-45-67-89-0a-bc.

b Place a copy of (or a link to) the host's boot.cfg file in that directory, for

example,

/tftpboot/01-23-45-67-89-0a-bc/boot.cfg.

Boot the ESXi Installer by Using iPXE and HTTP

You can use iPXE to boot the ESXi installer from an HTTP server. The following topic discusses

prerequisites and steps for ESXi hosts that support UEFI boot and hosts that support legacy BIOS

only.

n For legacy BIOS machines, the procedure supports booting multiple different versions of the

ESXi installer by using the same pxelinux.0 initial boot loader for all target machines, but

potentially different PXELINUX configuration files depending on the target machine's MAC

address.

n For UEFI machines, the procedure supports booting multiple different versions of the ESXi

installer by using the same mboot.efi initial boot loader for all target machines, but

potentially different boot.cfg files depending on the target machine's MAC address.

VMware ESXi Installation and Setup

VMware by Broadcom 99

Prerequisites

Verify that your environment has the following components:

n ESXi installer ISO image, downloaded from the VMware Web site.

n Target host with a hardware configuration that is supported for your version of ESXi. See the

VMware Compatibility Guide

n Network adapter with PXE support on the target ESXi host.

n DHCP server that you can configure for PXE booting. See Sample DHCP Configurations.

n TFTP server.

n Network security policies to allow TFTP traffic (UDP port 69).

n For legacy BIOS, you can use only IPv4 networking. For UEFI PXE boot, you can use IPv4 or

IPv6 networking.

n (Optional) Installation script (kickstart file).

n Use a native VLAN in most cases. If you want to specify the VLAN ID to be used with PXE

booting, check that your NIC supports VLAN ID specification.

Verify that your environment also meets the following prerequisites required for PXE boot using

an HTTP Server:

n Verify that the HTTP server is accessible by your target ESXi hosts.

n If your ESXi host runs legacy BIOS firmware only, obtain version 3.86 of the SYSLINUX

package. For more information, see Network Boot Background Information.

Procedure

1 Obtain and configure iPXE.

a Obtain the iPXE source code.

b On the iPXE download page, follow the build instructions, but run one of the following

commands.

n For ESXi hosts that run legacy BIOS firmware only, run make bin/undionly.kpxe.

n For ESXi hosts that run UEFI firmware, run make bin-x86_64-efi/snponly.efi.

c Copy the undionly.kpxe or snponly.efi file to the /tftpboot directory on your TFTP

server.

VMware ESXi Installation and Setup

VMware by Broadcom 100

2 If your ESXi host runs legacy BIOS firmware only, obtain and configure PXELINUX.

a Obtain SYSLINUX version 3.86, unpack it, and copy the pxelinux.0 file to the /tftpboot

directory on your TFTP server.

b Create a PXELINUX configuration file using the following code model.

ESXi-7.x.x-XXXXXX is the name of the TFTP subdirectory that contains the ESXi installer

files.

DEFAULT install

NOHALT 1

LABEL install

KERNEL ESXi-7.x.x-XXXXXX/mboot.c32

APPEND -c ESXi-7.x.x-XXXXXX/boot.cfg

IPAPPEND 2

c Save the PXELINUX file in the /tftpboot/pxelinux.cfg directory on your TFTP server.

The filename determines whether all hosts boot this installer by default.

Option Description

Same installer Name the file default if you want all host to boot this ESXi installer by

default.

Different installers Name the file with the MAC address of the target host machine (01-

mac_address_of_target_ESXi_host

), if only a specific host must boot this

file. For example, 01-23-45-67-89-0a-bc.

3 If your ESXi host runs UEFI firmware, copy the efi/boot/bootx64.efi file from the ESXi

installer ISO image to the /tftpboot folder on your TFTP server, and rename the file to

mboot.efi.

Note Newer versions of mboot.efi can generally boot older versions of ESXi, but older

versions of mboot.efi might be unable to boot newer versions of ESXi. If you plan to

configure different hosts to boot different versions of the ESXi installer, use the mboot.efi

from the newest version.

4 Configure the DHCP server.

5 Create a directory on your HTTP server with the same name as the version of ESXi it will hold.

For example, /var/www/html/ESXi-7.x.x-XXXXXX.

6 Copy the contents of the ESXi installer image to the newly created directory.

VMware ESXi Installation and Setup

VMware by Broadcom 101

7 Modify the boot.cfg file

a Add the following line:

prefix=http://XXX.XXX.XXX.XXX/ESXi-7.x.x-XXXXXX

where http://XXX.XXX.XXX.XXX/ESXi-7.x.x-XXXXXX is the location of the installer files on

the HTTP server.

b If the filenames in the kernel= and modules= lines begin with a forward slash (/) character,

delete that character.

c If the kernelopt= line contains the string cdromBoot, remove the string only.

8 (Optional) For a scripted installation, in the boot.cfg file, add the kernelopt option to the line

after the kernel command, to specify the location of the installation script.

Use the following code as a model, where XXX.XXX.XXX.XXX is the IP address of the server

where the installation script resides, and esxi_ksFiles is the directory that contains the

ks.cfg file.

kernelopt=ks=http://XXX.XXX.XXX.XXX/esxi_ksFiles/ks.cfg

9 If your ESXi host runs UEFI firmware, specify whether you want all UEFI hosts to boot the

same installer.

Option

Description

Same installer Copy or link the boot.cfg file to /tftpboot/boot.cfg

Different installers a Create a subdirectory of /tftpboot named after the MAC address

of the target host machine (01-

mac_address_of_target_ESXi_host

), for

example, 01-23-45-67-89-0a-bc.

b Place a copy of (or a link to) the host's boot.cfg file in that directory, for

example,

/tftpboot/01-23-45-67-89-0a-bc/boot.cfg.

Boot the ESXi Installer by Using Native UEFI HTTP

You can boot the ESXi installer directly from an HTTP server, without additional software to

support the process.

UEFI HTTP supports booting multiple versions of the ESXi installer. You use the same mboot.efi

initial boot loader for all target machines, but potentially different boot.cfg files depending on

the target machine's MAC address.

Note Do not mix IPv4 or IPv6 networking during the boot process. Use either IPv4 or IPv6

networking.

VMware ESXi Installation and Setup

VMware by Broadcom 102

Prerequisites

Verify that your environment has the following components:

n ESXi host with UEFI firmware that supports the HTTP boot feature.

n ESXi installer ISO image, downloaded from the VMware Web site.

n Target host with a hardware configuration that is supported for your version of ESXi. See the

VMware Compatibility Guide

n Network adapter with UEFI networking support on the target ESXi host.

n DHCP server that you can configure for UEFI HTTP booting. See Sample DHCP Configurations

n (Optional) Installation script (kickstart file).

n Use a native VLAN in most cases. If you want to specify the VLAN ID to be used with PXE

booting, check that your NIC supports VLAN ID specification.

Procedure

1 Copy the efi/boot/bootx64.efi file from the ESXi installer ISO image to a directory

on your HTTP server and rename the file to

mboot.efi. For example, http://

www.example.com/esxi/mboot.efi.

Note Newer versions of mboot.efi can generally boot older versions of ESXi, but older

versions of mboot.efi might be unable to boot newer versions of ESXi. If you plan to

configure different hosts to boot different versions of the ESXi installer, use the mboot.efi

from the newest version.

2 Configure the DHCP server.

3 Create a directory on your HTTP server with the same name as the version of ESXi it will hold.

For example, http://www.example.com/esxi/ESXi-7.x.x-XXXXXX.

4 Copy the contents of the ESXi installer image to the newly created directory.

5 Modify the boot.cfg file.

a Add the following line with the URL of the newly created directory.

prefix=http://www.example.com/esxi/ESXi-7.x.x-XXXXXX

b If the filenames in the kernel= and modules= lines begin with a forward slash (/) character,

delete that character.

c If the kernelopt= line contains the string cdromBoot, remove the string only.

6 (Optional) For a scripted installation, in the boot.cfg file, add the kernelopt option to the line

after the kernel command, to specify the location of the installation script.

For example, kernelopt=ks=http://www.example.com/esxi_ksFiles/ks.cfg

VMware ESXi Installation and Setup

VMware by Broadcom 103

7 (Optional) Starting with ESXi 7.0 Update 2, you can use the virtual machine configuration

parameters

networkBootProtocol

and

networkBootUri

to specify from where a virtual

machines can boot. The setting

networkBootProtocol

specifies the boot protocol, IPv4 or

IPv6. For example, networkBootProtocol = httpv4. The setting

networkBootUri

specifies

the HTTP URL to the ESXi bootloader (bootx64.efi). For example, networkBootUri = http://

192.168.30.6/esxi70uc1/efi/boot/bootx64.efi.

8 Specify whether you want all UEFI hosts to boot the same installer.

Option Description

Same installer Add the boot.cfg file to the same directory as mboot.efi. For example,

http://www.example.com/esxi/boot.cfg

Different installers a Create a subdirectory of the directory that contains the mboot.efi file.

Name the directory as the MAC address of the target host machine (01-

mac_address_of_target_ESXi_host

), for example, 01-23-45-67-89-0a-

bc.

b Add the custom boot.cfg file in the directory. For example, http://

www.example.com/esxi/01-23-45-67-89-0a-bc/boot.cfg.

You can use both installer types. ESXi hosts without custom boot.cfg file on your HTTP

server, boot from the default boot.cfg file.

Network Boot Background Information

Understanding the network boot process can help you during troubleshooting.

TFTP Server

Trivial File Transfer Protocol (TFTP) is similar to the FTP service, and is typically used only

for network booting systems or loading firmware on network devices such as routers. TFTP is

available on Linux and Windows.

n Most Linux distributions include a copy of the tftp-hpa server. If you require a supported

solution, purchase a supported TFTP server from your vendor of choice. You can also acquire

a TFTP server from one of the packaged appliances on the VMware Marketplace.

n If your TFTP server runs on a Microsoft Windows host, use tftpd32 version 2.11 or later. See

http://tftpd32.jounin.net/.

SYSLINUX and PXELINUX

If you are using PXE in a legacy BIOS environment, you must understand the different boot

environments.

n SYSLINUX is an open-source boot environment for machines that run legacy BIOS firmware.

The ESXi boot loader for BIOS systems, mboot.c32, runs as a SYSLINUX plugin. You can

configure SYSLINUX to boot from several types of media, including disk, ISO image, and

network. You can find the SYSLINUX package at http://www.kernel.org/pub/linux/utils/boot/

syslinux/.

VMware ESXi Installation and Setup

VMware by Broadcom 104

n PXELINUX is a SYSXLINUX configuration for booting from a TFTP server according to the

PXE standard. If you use PXELINUX to boot the ESXi installer, the pxelinux.0 binary file,

mboot.c32, the configuration file, the kernel, and other files are transferred by TFTP.

Note VMware builds the mboot.c32 plugin to work with SYSLINUX version 3.86 and tests

PXE booting only with that version. Other versions might be incompatible.

The Open Source

Disclosure Package for VMware vSphere Hypervisor

includes bug fixes for SYSLINUX version

3.86.

iPXE

iPXE is open-source software that provides an implementation of HTTP. You can use the

software to perform an initial boot. For more information, see https://ipxe.org/.

VMware includes a build of iPXE as part of Auto Deploy. The source tree for this build is available

The Open Source Disclosure Package for VMware vCenter Server

UEFI PXE and UEFI HTTP

Most UEFI firmware natively includes PXE support that allows booting from a TFTP server.

The firmware can directly load the ESXi boot loader for UEFI systems, mboot.efi. Additional

software such as PXELINUX is not required.

Some UEFI firmware support native UEFI HTTP boot. The feature is introduced in version 2.5 of

the UEFI specification. The firmware can load the ESXi boot loader from an HTTP server, without

additional software, such as iPXE.

Note Apple Macintosh products do not include PXE boot support. They include support for

network booting through an Apple-specific protocol instead.

Alternative Approaches to Network Booting

Alternative approaches to network booting different software on different hosts are also

possible, for example:

n Configuring the DHCP server to provide different initial boot loader filenames to different

hosts depending on MAC address or other criteria. See your DCHP server's documentation.

n Approaches using iPXE as the initial bootloader with an iPXE configuration file that selects the

next bootloader based on the MAC address or other criteria.

PXELINUX Configuration Files

You need a PXELINUX configuration file to boot the ESXi installer on a legacy BIOS system. The

configuration file defines the menu displayed to the target ESXi host as it starts.

This section gives general information about PXELINUX configuration files.

For syntax details, see the SYSLINUX website at http://www.syslinux.org/.

VMware ESXi Installation and Setup

VMware by Broadcom 105

Required Files

In the PXE configuration file, you must include paths to the following files:

n mboot.c32 is the boot loader.

n boot.cfg is the boot loader configuration file.

See About the boot.cfg File

Filename for the PXE Configuration File

For the filename of the PXE configuration file, select one of the following options:

n 01-mac_address_of_target_ESXi_host. For example, 01-23-45-67-89-0a-bc

n The target ESXi host IP address in a hexadecimal notation.

n default

The initial boot file pxelinux.0 tries to load a PXE configuration file in the following order:

1 It tries with the MAC address of the target ESXi host, prefixed with its ARP type code, which

is 01 for Ethernet.

2 If that attempt fails, it tries with the hexadecimal notation of target ESXi system IP address.

3 Ultimately, it tries to load a file named default.

File Location for the PXE Configuration File

Save the file in /tftpboot/pxelinux.cfg/ on the TFTP server.

For example, you might save the file on the TFTP server at /tftpboot/pxelinux.cfg/

01-00-21-5a-ce-40-f6. The MAC address of the network adapter on the target ESXi host is

00-21-5a-ce-40-f6.

Sample DHCP Configurations

The DHCP server must send the address of the TFTP or HTTP server and the filename of the

initial boot loader to the ESXi host.

When the target machine first boots, it broadcasts a packet across the network requesting

information to boot itself. The DHCP server responds. The DHCP server must be able to

determine whether the target machine is allowed to boot and the location of the initial boot

loader binary. For PXE boot, the location is a file on a TFTP server. For UEFI HTTP boot, the

location is a URL.

Caution Do not set up a second DHCP server if your network already has one. If multiple DHCP

servers respond to DHCP requests, machines can obtain incorrect or conflicting IP addresses, or

can fail to receive the proper boot information. Talk to a network administrator before setting up

a DHCP server. For support on configuring DHCP, contact your DHCP server vendor.

VMware ESXi Installation and Setup

VMware by Broadcom 106

There are many DHCP servers that you can use. The following examples are for an ISC DHCP

server. If you are using a version of DHCP for Microsoft Windows, see the DHCP server

documentation to determine how to pass the next-server and filename arguments to the target

machine.

Example of Booting Using PXE and TFTP with IPv4

This example shows how to configure an ISC DHCP server to PXE boot ESXi using a TFTP server

at IPv4 address xxx.xxx.xxx.xxx.

# ISC DHCP server configuration file snippet. This is not a complete

# configuration file; see the ISC server documentation for details on

# how to configure the DHCP server.

allow booting;

allow bootp;

option client-system-arch code 93 = unsigned integer 16;

class "pxeclients" {

match if substring(option vendor-class-identifier, 0, 9) = "PXEClient";

next-server xxx.xxx.xxx.xxx;

if option client-system-arch = 00:07 or option client-system-arch = 00:09 {

filename = "mboot.efi";

} else {

filename = "pxelinux.0";

}

When a machine attempts to PXE boot, the DHCP server provides an IP address and the location

of the pxelinux.0 or mboot.efi binary file on the TFTP server.

Example of Booting Using PXE and TFTP with IPv6

This example shows how to configure an ISC DHCPv6 server to PXE boot ESXi using a TFTP

server at IPv6 address xxxx:xxxx:xxxx:xxxx::xxxx.

# ISC DHCPv6 server configuration file snippet. This is not a complete

# configuration file; see the ISC server documentation for details on

# how to configure the DHCP server.

allow booting;

allow bootp;

option dhcp6.bootfile-url code 59 = string;

option dhcp6.bootfile-url "tftp://[xxxx:xxxx:xxxx:xxxx::xxxx]/mboot.efi";

When a machine attempts to PXE boot, the DHCP server provides an IP address and the location

of the mboot.efi binary file on the TFTP server.

VMware ESXi Installation and Setup

VMware by Broadcom 107

Example of Booting Using iPXE and HTTP with IPv4

This example shows how to configure an ISC DHCP server to boot ESXi by loading iPXE from a

TFTP server at IPv4 address xxx.xxx.xxx.xxx.

# ISC DHCP server configuration file snippet. This is not a complete

# configuration file; see the ISC server documentation for details on

# how to configure the DHCP server.

allow booting;

allow bootp;

option client-system-arch code 93 = unsigned integer 16;

class "pxeclients" {

match if substring(option vendor-class-identifier, 0, 9) = "PXEClient";

next-server xxx.xxx.xxx.xxx;

if option client-system-arch = 00:07 or option client-system-arch = 00:09 {

if exists user-class and option user-class = "iPXE" {

# Instruct iPXE to load mboot.efi as secondary bootloader

filename = "mboot.efi";

} else {

# Load the snponly.efi configuration of iPXE as initial bootloader

filename = "snponly.efi";

}

} else {

if exists user-class and option user-class = "iPXE" {

# Instruct iPXE to load pxelinux as secondary bootloader

filename = "pxelinux.0";

} else {

# Load the undionly configuration of iPXE as initial bootloader

filename = "undionly.kpxe";

}

When a machine attempts to PXE boot, the DHCP server provides an IP address and the location

of the undionly.kpxe or snponly.efi binary file on the TFTP server. In the legacy BIOS case,

iPXE then asks the DHCP server for the next file to load, and the server returns pxelinux.0 as

the filename. In the UEFI case, iPXE then asks the DHCP server for the next file to load, and this

time the server returns mboot.efi as the filename. In both cases, iPXE is resident and the system

has HTTP capability. As a result, the system can load additional files from an HTTP server.

Example of Booting Using iPXE and HTTP with IPv6

This example shows how to configure an ISC DHCPv6 server to boot ESXi by loading iPXE from a

TFTP server at IPv6 address xxxx:xxxx:xxxx:xxxx::xxxx.

# ISC DHCPv6 server configuration file snippet. This is not a complete

# configuration file; see the ISC server documentation for details on

# how to configure the DHCP server.

allow booting;

allow bootp;

VMware ESXi Installation and Setup

VMware by Broadcom 108

option dhcp6.bootfile-url code 59 = string;

if exists user-class and option user-class = "iPXE" {

# Instruct iPXE to load mboot.efi as secondary bootloader

option dhcp6.bootfile-url "tftp://[xxxx:xxxx:xxxx:xxxx::xxxx]/mboot.efi";

} else {

# Load the snponly.efi configuration of iPXE as initial bootloader

option dhcp6.bootfile-url "tftp://[xxxx:xxxx:xxxx:xxxx::xxxx]/snponly.efi";

}

When a machine attempts to PXE boot, the DHCP server provides an IP address and the location

of the snponly.efi (iPXE) binary file on the TFTP server. iPXE then asks the DHCP server for the

next file to load, and this time the server returns mboot.efi as the filename. iPXE is resident and

the system has HTTP capability. As a result, the system can load additional files from an HTTP

server.

Example of Booting Using UEFI HTTP with IPv4

This example shows how to configure an ISC DHCP server to boot ESXi by using native UEFI

HTTP over IPv4 from Web server www.example.com.

# ISC DHCP server configuration file snippet. This is not a complete

# configuration file; see the ISC server documentation for details on

# how to configure the DHCP server.

allow booting;

allow bootp;

option client-system-arch code 93 = unsigned integer 16;

class "httpclients" {

match if substring(option vendor-class-identifier, 0, 10) = "HTTPClient";

option vendor-class-identifier "HTTPClient";

if option client-system-arch = 00:10 {

# x86_64 UEFI HTTP client

filename = http://www.example.com/esxi/mboot.efi;

}

Example of Booting Using UEFI HTTP with IPv6

This example shows how to configure an ISC DHCPv6 server to boot ESXi by using native UEFI

HTTP over IPv6 from Web server www.example.com.

# ISC DHCPv6 server configuration file snippet. This is not a complete

# configuration file; see the ISC server documentation for details on

# how to configure the DHCP server.

allow booting;

allow bootp;

option dhcp6.bootfile-url code 59 = string;

VMware ESXi Installation and Setup

VMware by Broadcom 109

option dhcp6.user-class code 15 = { integer 16, string };

option dhcp6.vendor-class code 16 = { integer 32, integer 16, string };

if option dhcp6.client-arch-type = 00:10 {

# x86_64 HTTP clients

option dhcp6.vendor-class 0 10 "HTTPClient";

option dhcp6.bootfile-url "http://www.example.com/esxi/mboot.efi";

}

Installing ESXi Using vSphere Auto Deploy

vSphere Auto Deploy lets you provision hundreds of physical hosts with ESXi software.

Using Auto Deploy, experienced system administrators can manage large deployments

efficiently. Hosts are network-booted from a central Auto Deploy server. Optionally, hosts are

configured with a host profile of a reference host. The host profile can be set up to prompt the

user for input. After boot up and configuration complete, the hosts are managed by vCenter

Server just like other ESXi hosts.

Auto Deploy can also be used for stateless caching or stateful installs.

Important Auto Deploy requires a secure separation between the production network and

the management or deployment networks as discussed in vSphere Auto Deploy Security

Considerations. Using Auto Deploy without this separation is insecure.

Stateless caching

By default, Auto Deploy does not store ESXi configuration or state on the host disk. Instead,

an image profile defines the image that the host is provisioned with, and other host attributes

are managed through host profiles. A host that uses Auto Deploy for stateless caching still

needs to connect to the Auto Deploy server and the vCenter Server.

Stateful installs

You can provision a host with Auto Deploy and set up the host to store the image to disk. On

subsequent boots, the host boots from disk.

Understanding vSphere Auto Deploy

vSphere Auto Deploy can provision hundreds of physical hosts with ESXi software.

You can specify the image to deploy and the hosts to provision with the image. Optionally, you

can specify host profiles to apply to the hosts, a vCenter Server location (datacenter, folder or

cluster), and assign a script bundle for each host.

Introduction to vSphere Auto Deploy

When you start a physical host that is set up for vSphere Auto Deploy, vSphere Auto Deploy

uses PXE boot infrastructure in conjunction with vSphere host profiles to provision and customize

that host. No state is stored on the host itself. Instead, the vSphere Auto Deploy server manages

state information for each host.

VMware ESXi Installation and Setup

VMware by Broadcom 110

State Information for ESXi Hosts

vSphere Auto Deploy stores the information for the ESXi hosts to be provisioned in different

locations. Information about the location of image profiles and host profiles is initially specified in

the rules that map machines to image profiles and host profiles.

Table 5-16. vSphere Auto Deploy Stores Information for Deployment

Information

Type Description Source of Information

Image state The executable software to run on an ESXi host. Image profile, created with vSphere ESXi Image

Builder.

Configuration

state

The configurable settings that determine how

the host is configured, for example, virtual

switches and their settings, driver settings, boot

parameters, and so on.

Host profile, created by using the host profile

UI. Often comes from a template host.

Dynamic state The runtime state that is generated by the

running software, for example, generated

private keys or runtime databases.

Host memory, lost during reboot.

Virtual machine

state

The virtual machines stored on a host

and virtual machine autostart information

(subsequent boots only).

Virtual machine information sent by vCenter

Server to vSphere Auto Deploy must be

available to supply virtual machine information

to vSphere Auto Deploy.

User input State that is based on user input, for example,

an IP address that the user provides when

the system starts up, cannot automatically be

included in the host profile.

Host customization information, stored by

vCenter Server during first boot.

You can create a host profile that requires user

input for certain values.

When vSphere Auto Deploy applies a host

profile that requires user provided information,

the host is placed in maintenance mode. Use

the host profile UI to check the host profile

compliance, and respond to the prompt to

customize the host.

vSphere Auto Deploy Architecture

The vSphere Auto Deploy infrastructure consists of several components.

For more information, watch the video "Auto Deploy Architecture":

(

Auto Deploy Architecture )

VMware ESXi Installation and Setup

VMware by Broadcom 111

Figure 5-5. vSphere Auto Deploy Architecture

HTTP fetch of images/VIBs

and host profiles (iPXE boot

and update)

Host profile

engine

ESXi host

Plug-in

VIBs and

image profiles

Public depot

Fetch of predefined image

profiles and VIBs

Auto Deploy

PowerCLI

Rules Engine

Auto Deploy

server

(Web server)

Image Builder

PowerCLI

Image

Profiles

Host profile

Host profiles and

host customization

vSphere Auto Deploy server

Serves images and host profiles to ESXi hosts.

vSphere Auto Deploy rules engine

Sends information to the vSphere Auto Deploy server which image profile and which host

profile to serve to which host. Administrators use vSphere Auto Deploy to define the rules

that assign image profiles and host profiles to hosts. For more information on vSphere Auto

Deploy rules and rule sets, see Rules and Rule Sets.

Image profiles

Define the set of VIBs to boot ESXi hosts with.

n VMware and VMware partners make image profiles and VIBs available in public depots.

Use vSphere ESXi Image Builder to examine the depot and use the vSphere Auto Deploy

rules engine to specify which image profile to assign to which host.

n VMware customers can create a custom image profile based on the public image profiles

and VIBs in the depot and apply that image profile to the host. See Customizing

Installations with vSphere ESXi Image Builder.

Host profiles

Define machine-specific configuration such as networking or storage setup. Use the host

profile UI to create host profiles. You can create a host profile for a reference host and apply

VMware ESXi Installation and Setup

VMware by Broadcom 112

that host profile to other hosts in your environment for a consistent configuration. For more

information, see the

vSphere Host Profiles

documentation or the Setting Up a vSphere Auto

Deploy Reference Host section.

Host customization

Stores information that the user provides when host profiles are applied to the host. Host

customization might contain an IP address or other information that the user supplied for

that host. For more information about host customizations, see the

vSphere Host Profiles

documentation.

Host customization was called answer file in earlier releases of vSphere Auto Deploy.

Rules and Rule Sets

You specify the behavior of the vSphere Auto Deploy server by using a set of rules. The vSphere

Auto Deploy rules engine checks the rule set for matching host patterns to decide which items

(image profile, host profile, vCenter Server location, or script object) to provision each host with.

The rules engine maps software and configuration settings to hosts based on the attributes of

the host. For example, you can deploy image profiles or host profiles to two clusters of hosts by

writing two rules, each matching on the network address of one cluster.

For hosts that have not yet been added to a vCenter Server system, the vSphere Auto Deploy

server checks with the rules engine before serving image profiles, host profiles, and inventory

location information to hosts. For hosts that are managed by a vCenter Server system, the

image profile, host profile, and inventory location that vCenter Server has stored in the host

object is used. If you make changes to rules, you can use the vSphere Client or vSphere Auto

Deploy cmdlets in a PowerCLI session to test and repair rule compliance. When you repair rule

compliance for a host, that host's image profile and host profile assignments are updated.

The rules engine includes rules and rule sets.

Rules

Rules can assign image profiles and host profiles to a set of hosts, or specify the location

(folder or cluster) of a host on the target vCenter Server system. A rule can identify target

hosts by boot MAC address, SMBIOS information, BIOS UUID, Vendor, Model, or fixed DHCP

IP address. In most cases, rules apply to multiple hosts. You create rules by using the vSphere

Client or vSphere Auto Deploy cmdlets in a PowerCLI session. After you create a rule, you

must add it to a rule set. Only two rule sets, the active rule set and the working rule set, are

supported. A rule can belong to both sets, the default, or only to the working rule set. After

you add a rule to a rule set, you can no longer change the rule. Instead, you copy the rule

and replace items or patterns in the copy. If you are managing vSphere Auto Deploy with the

vSphere Client, you can edit a rule if it is in inactive state.

You can specify the following parameters in a rule.

VMware ESXi Installation and Setup

VMware by Broadcom 113

Parameter Description

Name Name of the rule, specified with the -Name parameter.

Item One or more items, specified with the -Item parameter. An item can be an image profile, a host profile,

vCenter Server inventory location (datacenter, folder, cluster) for the target host, or a custom script.

You can specify multiple items separated by commas.

Pattern The pattern specifies the host or group of hosts to which the rule applies.

vendor

Machine vendor name.

model

Machine model name.

serial

Machine serial number.

hostname

Machine hostname.

domain

Domain name.

ipv4

IPv4 address of the machine.

ipv6

IPv6 address of the machine.

PXE booting with BIOS firmware is possible only with IPv4, PXE booting with UEFI firmware is

possible with either IPv4 or IPv6.

mac

Boot NIC MAC address.

asset

Machine asset tag.

oemstring

OEM-specific strings in the SMBIOS.

You can specify -AllHosts to apply the item or items to all hosts.

Active Rule Set

When a newly started host contacts the vSphere Auto Deploy server with a request for an

image profile, the vSphere Auto Deploy server checks the active rule set for matching rules.

The image profile, host profile, vCenter Server inventory location, and script object that are

mapped by matching rules are then used to boot the host. If more than one item of the same

VMware ESXi Installation and Setup

VMware by Broadcom 114

type is mapped by the rules, the vSphere Auto Deploy server uses the item that is first in the

rule set.

Working Rule Set

The working rule set allows you to test changes to rules before making the changes active.

For example, you can use vSphere Auto Deploy cmdlets for testing compliance with the

working rule set. The test verifies that hosts managed by a vCenter Server system are

following the rules in the working rule set. By default, cmdlets add the rule to the working

rule set and activate the rules. Use the NoActivate parameter to add a rule only to the

working rule set.

You use the following workflow with rules and rule sets.

1 Make changes to the working rule set.

2 Test the working rule set rules against a host to make sure that everything is working

correctly.

3 Refine and retest the rules in the working rule set.

4 Activate the rules in the working rule set.

If you add a rule in a PowerCLI session and do not specify the NoActivate parameter, all

rules that are currently in the working rule set are activated. You cannot activate individual

rules.

See the PowerCLI command-line help and Managing vSphere Auto Deploy with PowerCLI

Cmdlets for more information on using vSphere Auto Deploy with PowerCLI cmdlets. See

Managing vSphere Auto Deploy with the vSphere Client for more information on using vSphere

Auto Deploy with the vSphere Client.

vSphere Auto Deploy Boot Process

When you boot a host that you want to provision or reprovision with vSphere Auto Deploy, the

vSphere Auto Deploy infrastructure supplies the image profile and, optionally, a host profile, a

vCenter Server location, and script bundle for that host.

The boot process is different for hosts that have not yet been provisioned with vSphere Auto

Deploy (first boot) and for hosts that have been provisioned with vSphere Auto Deploy and

added to a vCenter Server system (subsequent boot).

First Boot Prerequisites

Before a first boot process, you must set up your system. Setup includes the following tasks,

which are discussed in more detail in Preparing for vSphere Auto Deploy.

n Set up a DHCP server that assigns an IP address to each host upon startup and that points

the host to the TFTP server to download the iPXE boot loader from.

VMware ESXi Installation and Setup

VMware by Broadcom 115

n If the hosts that you plan to provision with vSphere Auto Deploy are with legacy BIOS, verify

that the vSphere Auto Deploy server has an IPv4 address. PXE booting with legacy BIOS

firmware is possible only over IPv4. PXE booting with UEFI firmware is possible with either

IPv4 or IPv6.

n Identify an image profile to be used in one of the following ways.

n Choose an ESXi image profile in a public depot.

n (Optional) Create a custom image profile by using vSphere ESXi Image Builder, and place

the image profile in a depot that the vSphere Auto Deploy server can access. The image

profile must include a base ESXi VIB.

n (Optional) If you have a reference host in your environment, export the host profile of the

reference host and define a rule that applies the host profile to one or more hosts. See

Setting Up a vSphere Auto Deploy Reference Host.

n Specify rules for the deployment of the host and add the rules to the active rule set.

First Boot Overview

When a host that has not yet been provisioned with vSphere Auto Deploy boots (first boot), the

host interacts with several vSphere Auto Deploy components.

1 When the administrator turns on a host, the host starts a PXE boot sequence.

The DHCP Server assigns an IP address to the host and instructs the host to contact the TFTP

server.

2 The host contacts the TFTP server and downloads the iPXE file (executable boot loader) and

an iPXE configuration file.

3 iPXE starts executing.

The configuration file instructs the host to make a HTTP boot request to the vSphere Auto

Deploy server. The HTTP request includes hardware and network information.

4 In response, the vSphere Auto Deploy server performs these tasks:

a Queries the rules engine for information about the host.

b Streams the components specified in the image profile, the optional host profile, and

optional vCenter Server location information.

5 The host boots using the image profile.

If the vSphere Auto Deploy server provided a host profile, the host profile is applied to the

host.

6 vSphere Auto Deploy adds the host to thevCenter Server system that vSphere Auto Deploy

is registered with.

a If a rule specifies a target folder or cluster on the vCenter Server system, the host is

placed in that folder or cluster. The target folder must be under a data center.

VMware ESXi Installation and Setup

VMware by Broadcom 116

b If no rule exists that specifies a vCenter Server inventory location, vSphere Auto Deploy

adds the host to the first datacenter displayed in the vSphere Client UI.

7 (Optional) If the host profile requires the user to specify certain information, such as a static

IP address, the host is placed in maintenance mode when the host is added to the vCenter

Server system.

You must reapply the host profile and update the host customization to have the host exit

maintenance mode. When you update the host customization, answer any questions when

prompted.

8 If the host is part of a DRS cluster, virtual machines from other hosts might be migrated to the

host after the host has successfully been added to the vCenter Server system.

See Provision a Host (First Boot).

Figure 5-6. vSphere Auto Deploy Installation, First Boot

PXE

Host sends hardware

and network information

to Auto Deploy server

Auto Deploy server

streams host and image

profiles to the host

Host boots using

image profile

Subsequent Boots Without Updates

For hosts that are provisioned with vSphere Auto Deploy and managed by avCenter Server

system, subsequent boots can become completely automatic.

1 The administrator reboots the host.

2 As the host boots up, vSphere Auto Deploy provisions the host with its image profile and

host profile.

3 Virtual machines are brought up or migrated to the host based on the settings of the host.

n Standalone host. Virtual machines are powered on according to autostart rules defined

on the host.

n DRS cluster host. Virtual machines that were successfully migrated to other hosts stay

there. Virtual machines for which no host had enough resources are registered to the

rebooted host.

VMware ESXi Installation and Setup

VMware by Broadcom 117

If the vCenter Server system is unavailable, the host contacts the vSphere Auto Deploy server

and is provisioned with an image profile. The host continues to contact the vSphere Auto Deploy

server until vSphere Auto Deploy reconnects to the vCenter Server system.

vSphere Auto Deploy cannot set up vSphere distributed switches if vCenter Server is unavailable,

and virtual machines are assigned to hosts only if they participate in an HA cluster. Until the host

is reconnected to vCenter Server and the host profile is applied, the switch cannot be created.

Because the host is in maintenance mode, virtual machines cannot start. See Reprovision Hosts

with Simple Reboot Operations.

Any hosts that are set up to require user input are placed in maintenance mode. See Update the

Host Customization in the vSphere Client.

Subsequent Boots With Updates

You can change the image profile, host profile, vCenter Server location, or script bundle for

hosts. The process includes changing rules and testing and repairing the host's rule compliance.

1 The administrator uses the Copy-DeployRule PowerCLI cmdlet to copy and edit one or more

rules and updates the rule set. See Overview of the vSphere Auto Deploy Process by Using

PowerCLI for an example.

2 The administrator runs the Test-DeployRulesetCompliance cmdlet to check whether each

host is using the information that the current rule set specifies.

3 The host returns a PowerCLI object that encapsulates compliance information.

4 The administrator runs the Repair-DeployRulesetCompliance cmdlet to update the image

profile, host profile, or vCenter Server location the vCenter Server system stores for each

host.

5 When the host reboots, it uses the updated image profile, host profile, vCenter Server

location, or script bundle for the host.

If the host profile is set up to request user input, the host is placed in maintenance mode.

Follow the steps in Update the Host Customization in the vSphere Client.

See Test and Repair Rule Compliance .

Figure 5-7. vSphere Auto Deploy Installation, Subsequent Boots

Subsequent Boot with Image Update

Subsequent Boot with No Update

Reboot host

vCenter Server

provisions host using

host and image pofiles

Use updated

image profile

Update the host and image

profile associations stored

in vCenter Server

Check rule set

compliance

Edit and update rule set

(Optional)

VMware ESXi Installation and Setup

VMware by Broadcom 118

Provisioning of Systems that Have Distributed Switches

You can configure the host profile of a vSphere Auto Deploy reference host with a distributed

switch.

When you configure the distributed switch, the boot configuration parameters policy is

automatically set to match the network parameters required for host connectivity after a reboot.

When vSphere Auto Deploy provisions the ESXi host with the host profile, the host goes through

a two-step process.

1 The host creates a standard virtual switch with the properties specified in the boot

configuration parameters field.

2 The host creates the VMkernel NICs. The VMkernel NICs allow the host to connect to vSphere

Auto Deploy and to the vCenter Server system.

When the host is added to vCenter Server, vCenter Server removes the standard switch and

reapplies the distributed switch to the host.

Note Do not change the boot configuration parameters to avoid problems with your distributed

switch.

Overview of the vSphere Auto Deploy Process by Using the vSphere Client

Getting started with vSphere Auto Deploy requires that you learn how vSphere Auto Deploy

works, start the vSphere Auto Deploy and vSphere ESXi Image Builder vCenter Server services,

create deploy rules that provision hosts, and power on your hosts to be booted with the image

profile you specify.

The workflow for provisioning the hosts in your environment with vSphere Auto Deploy includes

the following tasks:

1 Deploy vCenter Server.

The vSphere Auto Deploy server is included.

2 Configure the vSphere Auto Deploy and vSphere ESXi Image Builder service startup types.

See Prepare Your System for vSphere Auto Deploy and Configure the vSphere ESXi Image

Builder.

3 Add or import a software depot to the vSphere Auto Deploy inventory.

See Add a Software Depot or Import a Software Depot.

4 (Optional) If you want to create a custom image profile, clone, or create an image profile by

using the vSphere Client.

See Clone an Image Profile or Create an Image Profile.

5 Create a deploy rule that assigns the image profile to one host, to multiple hosts specified by

a pattern, or to all hosts.

VMware ESXi Installation and Setup

VMware by Broadcom 119

See Create a Deploy Rule.

Note vSphere Auto Deploy is optimized for provisioning hosts that have a fixed MAC

address to IP address mapping in DHCP (sometimes called DHCP reservations). If you want

to use static IP addresses, you must set up the host profile to prompt for host customization.

For more information, see the

vSphere Host Profiles

documentation.

6 Power on the hosts that you want to provision.

7 Set up the host you provisioned as a reference host for your host profile.

You can specify the reference host syslog settings, firewall settings, storage, networking, and

so on.

8 Extract a host profile from the reference host.

See the

Host Profiles

documentation.

9 To provision multiple hosts with the host profile, clone or edit the previously created rule by

using the vSphere Client.

See Clone a Deploy Rule or Edit a Deploy Rule.

10 Activate the new rule and deactivate the old one.

See Activate, Deactivate, and Reorder Deploy Rules.

11 Remediate the host associations to apply the new rule to the host.

See Remediate a Non-compliant Host.

12 Verify that the hosts you provisioned meet the following requirements.

n Each host is connected to the vCenter Server system.

n The hosts are not in maintenance mode.

n The hosts have no compliance failures.

n Each host with a host profile that requires user input has up-to-date host customization

information.

Remediate host associations and compliance problems and reboot hosts until all hosts meet

the requirements.

Read for an introduction to the boot process, differences between first and subsequent boots,

and an overview of using host customization.

Overview of the vSphere Auto Deploy Process by Using PowerCLI

Getting started with vSphere Auto Deploy requires that you learn how vSphere Auto Deploy

works, install the vSphere Auto Deploy server, install PowerCLI, write PowerCLI rules that

provision hosts, and power on your hosts to be booted with the image profile you specify. You

can customize of the image profile, host profile, and vCenter Server location.

VMware ESXi Installation and Setup

VMware by Broadcom 120

See Set Up vSphere Auto Deploy and Provision Hosts with vSphere PowerCLI for a step-by-step

exercise that helps you set up your first vSphere Auto Deploy environment.

To provision the hosts in your environment with vSphere Auto Deploy successfully, you can

follow these steps.

1 Deploy vCenter Server.

The vSphere Auto Deploy server is included.

2 Configure the vSphere Auto Deploy service startup type.

See Prepare Your System for vSphere Auto Deploy.

3 Install PowerCLI, which includes vSphere Auto Deploy and vSphere ESXi Image Builder

cmdlets.

See Install vSphere ESXi Image Builder and Prerequisite Software, Using vSphere Auto

Deploy Cmdlets, and Using VMware.Image Builder Cmdlets .

4 Find the image profile that includes the VIBs that you want to deploy to your hosts.

n Usually, you add the depots containing the required software to your PowerCLI session,

and then select an image profile from one of those depots.

n To create a custom image profile, use vSphere ESXi Image Builder cmdlets to clone an

existing image profile and add the custom VIBs to the clone. Add the custom image

profile to the PowerCLI session.

You must use vSphere ESXi Image Builder for customization only if you have to add or

remove VIBs. In most cases, you can add the depot where VMware hosts the image profiles

to your PowerCLI session as a URL.

5 Start a PowerCLI session and connect to the vCenter Server system that vSphere Auto

Deploy is registered with.

6 Use the New-DeployRule PowerCLI cmdlet to write a rule that assigns the image profile to

one host, to multiple hosts specified by a pattern, or to all hosts.

New-DeployRule -Name "testrule" -Item image-profile -AllHosts

See Assign an Image Profile to Hosts.

Note vSphere Auto Deploy is optimized for provisioning hosts that have a fixed MAC

address to IP address mapping in DHCP (sometimes called DHCP reservations). If you want

to use static IP addresses, you must set up the host profile to prompt for host customization.

For more information, see the

vSphere Host Profiles

documentation.

7 Power on the hosts that you want to provision.

8 Set up the host you provisioned as a reference host for your host profile.

You can specify the reference host syslog settings, firewall settings, storage, networking, and

so on.

VMware ESXi Installation and Setup

VMware by Broadcom 121

9 Set up the host you provisioned as a reference host for your host profile.

You can specify the reference host syslog settings, firewall settings, storage, networking, and

so on. See Setting Up a vSphere Auto Deploy Reference Host.

10 Create and export a host profile for the reference host.

See the

Host Profiles

documentation.

11 To provision multiple hosts with the host profile, use the Copy-DeployRule cmdlet to edit the

previously created rule.

You can revise the rule to assign not only an image profile but also a host profile, a vCenter

Server location, and a custom script bundle.

Copy-DeployRule -DeployRule "testrule" -ReplaceItem

my_host_profile_from_reference_host,my_target_cluster

-ReplacePattern "ipv4=192.XXX.1.10-192.XXX.1.20"

Where

my_host_profile_from_reference_host

is the name of the reference host profile, and

my_target_cluster

is the name of the target cluster.

12 Perform the test and repair compliance operations to remediate the hosts.

See Test and Repair Rule Compliance .

13 Verify that the hosts you provisioned meet the following requirements.

n Each host is connected to the vCenter Server system.

n The hosts are not in maintenance mode.

n The hosts have no compliance failures.

n Each host with a host profile that requires user input has up-to-date host customization

information.

Remediate host associations and compliance problems and reboot hosts until all hosts meet

the requirements.

Read for an introduction to the boot process, differences between first and subsequent boots,

and an overview of using host customization.

Preparing for vSphere Auto Deploy

Before you can start using vSphere Auto Deploy, you must prepare your environment. You

start with server setup and hardware preparation. You must configure the vSphere Auto Deploy

service startup type in the vCenter Server system that you plan to use for managing the hosts

you provision, and install PowerCLI.

n Prepare Your System for vSphere Auto Deploy

Before you can PXE boot an ESXi host with vSphere Auto Deploy, you must install

prerequisite software and set up the DHCP and TFTP servers that vSphere Auto Deploy

interacts with.

VMware ESXi Installation and Setup

VMware by Broadcom 122

n Using vSphere Auto Deploy Cmdlets

vSphere Auto Deploy cmdlets are implemented as Microsoft PowerShell cmdlets and

included in PowerCLI. Users of vSphere Auto Deploy cmdlets can take advantage of all

PowerCLI features.

n Set Up Bulk Licensing

You can use the vSphere Client or ESXi Shell to specify individual license keys, or you can

set up bulk licensing by using PowerCLI cmdlets. Bulk licensing works for all ESXi hosts, but

is especially useful for hosts provisioned with vSphere Auto Deploy.

Prepare Your System for vSphere Auto Deploy

Before you can PXE boot an ESXi host with vSphere Auto Deploy, you must install prerequisite

software and set up the DHCP and TFTP servers that vSphere Auto Deploy interacts with.

If you want to manage vSphere Auto Deploy with PowerCLI cmdlets, see

Set Up vSphere Auto

Deploy and Provision Hosts with vSphere PowerCLI

Prerequisites

n Verify that the hosts that you plan to provision with vSphere Auto Deploy meet the hardware

requirements for ESXi. See ESXi Hardware Requirements.

n Verify that the ESXi hosts have network connectivity to vCenter Server and that all port

requirements are met. See

vCenter Server Upgrade

n Verify that you have a TFTP server and a DHCP server in your environment to send files and

assign network addresses to the ESXi hosts that Auto Deploy provisions. See Install the TFTP

Server and Prepare the DHCP Server for vSphere Auto Deploy Provisioning.

n Verify that the ESXi hosts have network connectivity to DHCP, TFTP, and vSphere Auto

Deploy servers.

n If you want to use VLANs in your vSphere Auto Deploy environment, you must set up the

end to end networking properly. When the host is PXE booting, the firmware driver must be

set up to tag the frames with proper VLAN IDs. You must do this set up manually by making

the correct changes in the UEFI/BIOS interface. You must also correctly configure the ESXi

port groups with the correct VLAN IDs. Ask your network administrator how VLAN IDs are

used in your environment.

n Verify that you have enough storage for the vSphere Auto Deploy repository. The vSphere

Auto Deploy server uses the repository to store data it needs, including the rules and rule

sets you create and the VIBs and image profiles that you specify in your rules.

Best practice is to allocate 2 GB to have enough room for four image profiles and some extra

space. Each image profile requires approximately 400 MB. Determine how much space to

reserve for the vSphere Auto Deploy repository by considering how many image profiles you

expect to use.

VMware ESXi Installation and Setup

VMware by Broadcom 123

n Obtain administrative privileges to the DHCP server that manages the network segment you

want to boot from. You can use a DHCP server already in your environment, or install a

DHCP server. For your vSphere Auto Deploy setup, replace the gpxelinux.0 filename with

snponly64.efi.vmw-hardwired for UEFI or undionly.kpxe.vmw-hardwired for BIOS. For

more information on DHCP configurations, see Sample DHCP Configurations.

n Secure your network as for any other PXE-based deployment method. vSphere Auto

Deploy transfers data over SSL to prevent casual interference and snooping. However, the

authenticity of the client or the vSphere Auto Deploy server is not checked during a PXE

boot.

n If you want to manage vSphere Auto Deploy with PowerCLI cmdlets, verify that

Microsoft .NET Framework 4.5 or 4.5.x and Windows PowerShell 3.0 or 4.0 are installed on a

Windows machine. See the

vSphere PowerCLI User's Guide

n Set up a remote Syslog server. See the

vCenter Server and Host Management

documentation

for Syslog server configuration information. Configure the first host you boot to use the

remote Syslog server and apply that host's host profile to all other target hosts. Optionally,

install and use VMware vCenter Log Insight, which provides log aggregation and analytics

for VMware and non-VMware products, virtual and physical, with near real-time search and

analytics of log events.

n Install ESXi Dump Collector, set up your first host so that all core dumps are directed to ESXi

Dump Collector, and apply the host profile from that host to all other hosts. See Configure

ESXi Dump Collector with ESXCLI .

n If the hosts that you plan to provision with vSphere Auto Deploy are with legacy BIOS, verify

that the vSphere Auto Deploy server has an IPv4 address. PXE booting with legacy BIOS

firmware is possible only over IPv4. PXE booting with UEFI firmware is possible with either

IPv4 or IPv6.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere Auto Deploy service.

2 On the Auto Deploy page, select your vCenter Server from the drop-down menu at the top.

3 Click Enable Auto Deploy and Image Builder to activate the service.

If the Image Builder service is already active, select the Configure tab and click Enable Auto

Deploy Service.

The Software Depot page appears.

VMware ESXi Installation and Setup

VMware by Broadcom 124

4 Configure the TFTP server.

a Click the Configure tab.

b Click Download TFTP Boot Zip to download the TFTP configuration file and unzip the file

to the directory in which your TFTP server stores files.

c (Optional) To use a proxy server, click Add on the

Auto Deploy Runtime Summary

pane

and enter a proxy server URL in the text box.

Using reverse proxy servers can offload the requests made to the vSphere Auto Deploy

server.

5 Set up your DHCP server to point to the TFTP server on which the TFTP ZIP file is located.

a Specify the TFTP Server's IP address in DHCP option 66, frequently called next-server.

b Specify the boot filename, which is snponly64.efi.vmw-hardwired for UEFI or

undionly.kpxe.vmw-hardwired for BIOS in the DHCP option 67, frequently called

boot-filename.

6 Set each host you want to provision with vSphere Auto Deploy to network boot or PXE boot,

following the manufacturer's instructions.

7 (Optional) If you set up your environment to use Thumbprint mode, you can use your own

Certificate Authority (CA) by replacing the OpenSSL certificate rbd-ca.crt and the OpenSSL

private key rbd-ca.key with your own certificate and key file.

The files are in /etc/vmware-rbd/ssl/.

By default, vCenter Server uses VMware Certificate Authority (VMCA).

Results

When you start an ESXi host that is set up for vSphere Auto Deploy, the host contacts the DHCP

server and is directed to the vSphere Auto Deploy server, which provisions the host with the

image profile specified in the active rule set.

What to do next

n You can change the default configuration properties of the Auto Deploy Service. For more

information, see "Configuring vCenter Server" in the

vCenter Server and Host Management

documentation.

n You can change the default configuration properties of the Image Builder Service. For more

information, see "Configuring vCenter Server" in the

vCenter Server and Host Management

documentation.

n Define a rule that assigns an image profile and optional host profile, host location, or script

bundle to the host. For Managing vSphere Auto Deploy with PowerCLI cmdlets, see the

Managing vSphere Auto Deploy with PowerCLI Cmdlets section. For managing vSphere Auto

Deploy with the vSphere Client, see the Managing vSphere Auto Deploy with the vSphere

Client section.

VMware ESXi Installation and Setup

VMware by Broadcom 125

n (Optional) Configure the first host that you provision as a reference host. Use the storage,

networking, and other settings you want for your target hosts to share. Create a host profile

for the reference host and write a rule that assigns both the already tested image profile and

the host profile to target hosts.

n (Optional) If you want to have vSphere Auto Deploy overwrite existing partitions, set up a

reference host to do auto partitioning and apply the host profile of the reference host to

other hosts. See Configure a Reference Host for Auto-Partitioning .

n (Optional) If you have to configure host-specific information, set up the host profile of the

reference host to prompt for user input. For more information about host customizations, see

the

vSphere Host Profiles

documentation.

Using vSphere Auto Deploy Cmdlets

vSphere Auto Deploy cmdlets are implemented as Microsoft PowerShell cmdlets and included in

PowerCLI. Users of vSphere Auto Deploy cmdlets can take advantage of all PowerCLI features.

Experienced PowerShell users can use vSphere Auto Deploy cmdlets just like other PowerShell

cmdlets. If you are new to PowerShell and PowerCLI, the following tips might be helpful.

You can type cmdlets, parameters, and parameter values in the PowerCLI shell.

n Get help for any cmdlet by running Get-Helpcmdlet_name.

n Remember that PowerShell is not case sensitive.

n Use tab completion for cmdlet names and parameter names.

n Format any variable and cmdlet output by using Format-List or Format-Table, or their

short forms fl or ft. For more information, run the Get-Help Format-List cmdlet.

Passing Parameters by Name

You can pass in parameters by name in most cases and surround parameter values that contain

spaces or special characters with double quotes.

Copy-DeployRule -DeployRule testrule -ReplaceItem MyNewProfile

Most examples in the

vCenter Server Installation and Setup

documentation pass in parameters by

name.

Passing Parameters as Objects

You can pass parameters as objects if you want to perform scripting and automation. Passing in

parameters as objects is useful with cmdlets that return multiple objects and with cmdlets that

return a single object. Consider the following example.

1 Bind the object that encapsulates rule set compliance information for a host to a variable.

$tr = Test-DeployRuleSetCompliance MyEsxi42

VMware ESXi Installation and Setup

VMware by Broadcom 126

2 View the itemlist property of the object to see the difference between what is in the rule

set and what the host is currently using.

$tr.itemlist

3 Remediate the host to use the revised rule set by using the Repair-

DeployRuleSetCompliance cmdlet with the variable.

Repair-DeployRuleSetCompliance $tr

The example remediates the host the next time you boot the host.

Set Up Bulk Licensing

You can use the vSphere Client or ESXi Shell to specify individual license keys, or you can set up

bulk licensing by using PowerCLI cmdlets. Bulk licensing works for all ESXi hosts, but is especially

useful for hosts provisioned with vSphere Auto Deploy.

Assigning license keys through the vSphere Client and assigning licensing by using PowerCLI

cmdlets function differently.

Assign license keys with the vSphere Client

You can assign license keys to a host when you add the host to the vCenter Server system or

when the host is managed by a vCenter Server system.

Assign license keys with LicenseDataManager PowerCLI

You can specify a set of license keys to be added to a set of hosts. The license keys are

added to the vCenter Server database. Each time a host is added to the vCenter Server

system or reconnects to it, the host is assigned a license key. A license key that is assigned

through PowerCLI is treated as a default license key. When an unlicensed host is added or

reconnected, it is assigned the default license key. If a host is already licensed, it keeps its

license key.

The following example assigns licenses to all hosts in a data center. You can also associate

licenses with hosts and clusters.

The following example is for advanced PowerCLI users who know how to use PowerShell

variables.

Prerequisites

Prepare Your System for vSphere Auto Deploy.

Procedure

1 In a PowerCLI session, connect to the vCenter Server system you want to use and bind the

associated license manager to a variable.

Connect-VIServer -Server 192.XXX.X.XX -User username -Password password

$licenseDataManager = Get-LicenseDataManager

VMware ESXi Installation and Setup

VMware by Broadcom 127

2 Run a cmdlet that retrieves the data center in which the hosts for which you want to use the

bulk licensing feature are located.

$hostContainer = Get-Datacenter -Name Datacenter-X

You can also run a cmdlet that retrieves a cluster to use bulk licensing for all hosts in a cluster,

or retrieves a folder to use bulk licensing for all hosts in a folder.

3 Create a LicenseData object and a LicenseKeyEntry object with associated type ID and

license key.

$licenseData = New-Object VMware.VimAutomation.License.Types.LicenseData

$licenseKeyEntry = New-Object Vmware.VimAutomation.License.Types.LicenseKeyEntry

$licenseKeyEntry.TypeId = "vmware-vsphere"

$licenseKeyEntry.LicenseKey = "XXXXX-XXXXX-XXXXX-XXXXX-XXXXX"

4 Associate the LicenseKeys attribute of the LicenseData object you created in step 3 with the

LicenseKeyEntry object.

$licenseData.LicenseKeys += $licenseKeyEntry

5 Update the license data for the data center with the LicenseData object and verify that the

license is associated with the host container.

$licenseDataManager.UpdateAssociatedLicenseData($hostContainer.Uid, $licenseData)

$licenseDataManager.QueryAssociatedLicenseData($hostContainer.Uid)

6 Provision one or more hosts with vSphere Auto Deploy and assign them to the data center or

to the cluster that you assigned the license data to.

7 You can use the vSphere Client to verify that the host is successfully assigned to the default

license XXXXX-XXXXX-XXXXX-XXXXX-XXXXX.

Results

All hosts that you assigned to the data center are now licensed automatically.

Managing vSphere Auto Deploy with PowerCLI Cmdlets

You can manage vSphere Auto Deploy with PowerCLI cmdlets to create rules that associate

hosts with image profiles, host profiles, custom scripts and locations on the vCenter Server

target. You can also update hosts by testing rule compliance and repairing compliance issues.

vSphere Auto Deploy PowerCLI Cmdlet Overview

You specify the rules that assign image profiles and host profiles to hosts using a set of PowerCLI

cmdlets that are included in PowerCLI.

If you are new to PowerCLI, read the PowerCLI documentation and review Using vSphere Auto

Deploy Cmdlets. You can get help for any command at the PowerShell prompt.

n Basic help: Get-Help

cmdlet_name

VMware ESXi Installation and Setup

VMware by Broadcom 128

n Detailed help: Get-Help

cmdlet_name

-Detailed

Note When you run vSphere Auto Deploy cmdlets, provide all parameters on the command line

when you invoke the cmdlet. Supplying parameters in interactive mode is not recommended.

Table 5-17. Rule Engine PowerCLI Cmdlets

Command Description

Get-DeployCommand

Returns a list of vSphere Auto Deploy cmdlets.

New-DeployRule

Creates a new rule with the specified items and patterns.

Set-DeployRule

Updates an existing rule with the specified items and

patterns. You cannot update a rule that is part of a rule set.

Get-DeployRule

Retrieves the rules with the specified names.

Copy-DeployRule

Clones and updates an existing rule.

Add-DeployRule

Adds one or more rules to the working rule set and, by

default, also to the active rule set. Use the NoActivate

parameter to add a rule only to the working rule set.

Remove-DeployRule

Removes one or more rules from the working rule set

and from the active rule set. Run this command with the

-Delete parameter to completely delete the rule.

Set-DeployRuleset

Explicitly sets the list of rules in the working rule set.

Get-DeployRuleset

Retrieves the current working rule set or the current active

rule set.

Switch-ActiveDeployRuleset

Activates a rule set so that any new requests are evaluated

through the rule set.

Get-VMHostMatchingRules

Retrieves rules matching a pattern. For example, you can

retrieve all rules that apply to a host or hosts. Use this

cmdlet primarily for debugging.

Test-DeployRulesetCompliance

Checks whether the items associated with a specified host

are in compliance with the active rule set.

Repair-DeployRulesetCompliance

Given the output of Test-DeployRulesetCompliance, this

cmdlet updates the image profile, host profile, and location

for each host in the vCenter Server inventory. The cmdlet

might apply image profiles, apply host profiles, or move

hosts to prespecified folders or clusters on the vCenter

Server system.

Apply-EsxImageProfile

Associates the specified image profile with the specified

host.

Get-VMHostImageProfile

Retrieves the image profile in use by a specified host. This

cmdlet differs from the Get-EsxImageProfile cmdlet in

vSphere ESXi Image Builder.

Repair-DeployImageCache

Use this cmdlet only if the vSphere Auto Deploy image

cache is accidentally deleted.

VMware ESXi Installation and Setup

VMware by Broadcom 129

Table 5-17. Rule Engine PowerCLI Cmdlets (continued)

Command Description

Get-VMHostAttributes

Retrieves the attributes for a host that are used when the

vSphere Auto Deploy server evaluates the rules.

Get-DeployMachineIdentity

Returns a string value that vSphere Auto Deploy uses to

logically link an ESXi host in vCenter Server to a physical

machine.

Set-DeployMachineIdentity

Logically links a host object in the vCenter Server database

to a physical machine. Use this cmdlet to add hosts without

specifying rules.

Get-DeployOption

Retrieves the vSphere Auto Deploy global configuration

options. This cmdlet currently supports the vlan-id

option, which specifies the default VLAN ID for the ESXi

Management Network of a host provisioned with vSphere

Auto Deploy. vSphere Auto Deploy uses the value only if

the host boots without a host profile.

Set-DeployOption

Sets the value of a global configuration option. Currently

supports the vlan-id option for setting the default VLAN ID

for the ESXi Management Network.

Add-ProxyServer

Adds a proxy server to the vSphere Auto Deploy database.

Run the command with the -Address parameter to specify

the IPv4 or IPv6 address. The address can include a port

number.

List-ProxyServer

Lists the proxy servers that are currently registered with

vSphere Auto Deploy.

Delete-ProxyServer

Deletes one or more proxy servers from the list of proxy

servers that are registered with vSphere Auto Deploy. You

can run the command with the -id parameter from the

list of proxy servers or with the

-Address parameter by

specifying the IPv4 or IPv6 address of the proxy server you

want to delete.

Add-ScriptBundle

Adds one or more script bundles to the vSphere Auto

Deploy server.

Get-ScriptBundle

Retrieves the list of script bundles available on the vSphere

Auto Deploy server and the scripts they contain.

Remove-ScriptBundle

Removes a script bundle from vSphere Auto Deploy.

Applicable for vSphere version 6.7 and later.

Get-CustomCertificate

Retrieves the custom host certificate uploaded into

AutoDeploy. You must run the command with the -HostId

[MAC_Address | BIOS_UUID] parameter. The first time

you add custom certificates, you don't see any certificates

returned by this cmdlet.

List-CustomCertificates

Retrieves information about all custom host certificates

used by Auto Deploy. The list provides details for the name

of the certificate, Host ID, and Associated Host Name,

which reflects the name of the vCenter Server for the Auto

Deploy server.

VMware ESXi Installation and Setup

VMware by Broadcom 130

Table 5-17. Rule Engine PowerCLI Cmdlets (continued)

Command Description

Add-CustomCertificate

Adds a custom certificate to the VMware Endpoint

Certificate Store and associates it with an ESXi host.

The certificate becomes active upon host reboot.

You can use the Get-CustomCertificate cmdlet to

retrieve the custom host certificate key. You can run

the command with the

-HostId [MAC_Address |

BIOS_UUID] parameter to associate the certificate to the

host, specifying a

-Key [file:///path/to/key.key] and

-Cert [file:///path/to/cert.crt]. Using this cmdlet

requires the

AutoDeploy.Rule.Create privilege on the root

folder of vCenter Server.

Remove-CustomCertificate

Removes a set of custom host certificates from Auto

Deploy. The certificate entries are deleted from the

database and the certificate files are removed from

the filestore. Hosts that have already booted with a

custom certificate must be rebooted to receive a new

certificate. You must provide at least one of -Cert

or -HostId parameters. Using this cmdlet requires the

AutoDeploy.Rule.Create privilege on the root folder of

vCenter Server.

Assign an Image Profile to Hosts

Before you can provision a host, you must create rules that assign an image profile to each host

that you want to provision by using vSphere Auto Deploy.

vSphere Auto Deploy extensibility rules enforce that VIBs at the CommunitySupported level can

only contain files from certain predefined locations, such as the ESXCLI plug-in path, jumpstart

plug-in path, and so on. If you add a VIB that is in a different location to an image profile, a

warning results. You can override the warning by using the force option.

If you call the New-DeployRule cmdlet on an image profile that includes VIBs at the

CommunitySupported level which violate the rule, set $DeployNoSignatureCheck = $true before

adding the image profile. With that setting, the system ignores signature validation and does not

perform the extensibility rules check.

Note Image profiles that include VIBs at the CommunitySupported level are not supported on

production systems.

Procedure

1 In a PowerCLI session, run the Connect-VIServer cmdlet to connect to the vCenter Server

system that vSphere Auto Deploy is registered with.

Connect-VIServer ipv4_or_ipv6_address

VMware ESXi Installation and Setup

VMware by Broadcom 131

The cmdlet might return a server certificate warning. In a production environment, make

sure no server certificate warnings result. In a development environment, you can ignore the

warning.

2 Determine the location of a public software depot, or define a custom image profile by using

vSphere ESXi Image Builder.

3 Run Add-EsxSoftwareDepot to add the software depot that contains the image profile to

the PowerCLI session.

Depot Type Cmdlet

Remote depot Run Add-EsxSoftwareDepot depot_url.

ZIP file a Download the ZIP file to a local file path.

b Run Add-EsxSoftwareDepot C:\file_path\my_offline_depot.zip.

4 In the depot, find the image profile that you want to use by running the Get-

EsxImageProfile cmdlet.

By default, the ESXi depot includes one base image profile that includes VMware tools and

has the string standard in its name, and one base image profile that does not include

VMware tools.

5 Define a rule in which hosts with certain attributes, for example a range of IP addresses, are

assigned to the image profile.

New-DeployRule -Name "testrule" -Item "My Profile25" -Pattern "vendor=Acme,Zven",

"ipv4=192.XXX.1.10-192.XXX.1.20"

Double quotes are required if a name contains spaces, optional otherwise. Specify

-AllHosts instead of a pattern to apply the item to all hosts.

The cmdlet creates a rule named testrule. The rule assigns the image profile named My

Profile25 to all hosts with a vendor of Acme or Zven that also have an IP address in the

specified range.

6 Add the rule to the rule set.

Add-DeployRule testrule

By default, the rule is added to both the working rule set and the active rule set. If you use

the NoActivate parameter, the working rule set does not become the active rule set.

Results

When the host boots from iPXE, it reports attributes of the machine to the console. Use the same

format of the attributes when writing deploy rules.

******************************************************************

* Booting through VMware AutoDeploy...

VMware ESXi Installation and Setup

VMware by Broadcom 132

* Machine attributes:

* . asset=No Asset Tag

* . domain=vmware.com

* . hostname=myhost.mycompany.com

* . ipv4=XX.XX.XXX.XXX

* . mac=XX:Xa:Xb:Xc:Xx:XX

* . model=MyVendorModel

* . oemstring=Product ID: XXXXXX-XXX

* . serial=XX XX XX XX XX XX...

* . uuid=XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX

* . vendor=MyVendor

******************************************************************

What to do next

n For hosts already provisioned with vSphere Auto Deploy, perform the compliance testing and

repair operations to provision them with the new image profile. See Test and Repair Rule

Compliance .

n Turn on unprovisioned hosts to provision them with the new image profile.

Write a Rule and Assign a Host Profile to Hosts

vSphere Auto Deploy can assign a host profile to one or more ESXi hosts.

In many cases, you assign a host to a cluster instead of specifying a host profile explicitly. The

host uses the host profile of the cluster.

Prerequisites

The host profile might include information about storage configuration, network configuration, or

other characteristics of the host. If you add a host to a cluster, that cluster's host profile is used.

n Install PowerCLI and all prerequisite software. For information, see vCenter Server Installation

and Setup.

n Export the host profile that you want to use.

Procedure

1 In a PowerCLI session, run the Connect-VIServer cmdlet to connect to the vCenter Server

system that vSphere Auto Deploy is registered with.

Connect-VIServer ipv4_or_ipv6_address

The cmdlet might return a server certificate warning. In a production environment, make

sure no server certificate warnings result. In a development environment, you can ignore the

warning.

2 Using the vSphere Client, set up a host with the settings you want to use and create a host

profile from that host.

VMware ESXi Installation and Setup

VMware by Broadcom 133

3 Find the name of the host profile by running Get-VMhostProfile PowerCLI cmdlet, passing

in the ESXi host from which you create a host profile.

4 At the PowerCLI prompt, define a rule in which host profiles are assigned to hosts with

certain attributes, for example a range of IP addresses.

New-DeployRule -Name "testrule2" -Item my_host_profile -Pattern "vendor=Acme,Zven",

"ipv4=192.XXX.1.10-192.XXX.1.20"

The specified item is assigned to all hosts with the specified attributes. This example specifies

a rule named testrule2. The rule assigns the specified host profile

my_host_profile

to all hosts

with an IP address inside the specified range and with a manufacturer of Acme or Zven.

5 Add the rule to the rule set.

Add-DeployRule testrule2

By default, the working rule set becomes the active rule set, and any changes to the rule set

become active when you add a rule. If you use the NoActivate parameter, the working rule

set does not become the active rule set.

What to do next

n Assign a host already provisioned with vSphere Auto Deploy to the new host profile by

performing compliance test and repair operations on those hosts. For more information, see

Test and Repair Rule Compliance .

n Power on unprovisioned hosts to provision them with the host profile.

Write a Rule and Assign a Host to a Folder or Cluster

vSphere Auto Deploy can assign a host to a folder or cluster. When the host boots, vSphere

Auto Deploy adds it to the specified location on the vCenter Server. Hosts assigned to a cluster

inherit the cluster's host profile.

Prerequisites

n Prepare your system and install the Auto Deploy Server. For more information, see Prepare

Your System for vSphere Auto Deploy.

n Verify that the folder you select is in a data center or in a cluster. You cannot assign the host

to a standalone top-level folder.

Procedure

1 In a PowerCLI session, run the Connect-VIServer cmdlet to connect to the vCenter Server

system that vSphere Auto Deploy is registered with.

Connect-VIServer ipv4_or_ipv6_address

VMware ESXi Installation and Setup

VMware by Broadcom 134

The cmdlet might return a server certificate warning. In a production environment, make

sure no server certificate warnings result. In a development environment, you can ignore the

warning.

2 Define a rule in which hosts with certain attributes, for example a range of IP addresses, are

assigned to a folder or a cluster.

New-DeployRule -Name testrule3 -Item "my folder" -Pattern "vendor=Acme,Zven",

"ipv4=192.XXX.1.10-192.XXX.1.20"

This example passes in the folder by name. You can instead pass in a folder, cluster, or

data center object that you retrieve with the Get-Folder, Get-Cluster, or Get-Datacenter

cmdlet.

3 Add the rule to the rule set.

Add-DeployRule testrule3

By default, the working rule set becomes the active rule set, and any changes to the rule set

become active when you add a rule. If you use the NoActivate parameter, the working rule

set does not become the active rule set.

What to do next

n Assign a host already provisioned with vSphere Auto Deploy to the new folder or cluster

location by performing test and repair compliance operation. See Test and Repair Rule

Compliance .

n Power on unprovisioned hosts to add them to the specified vCenter Server location.

Configure a Stateless System by Running a Custom Script

You can use vSphere Auto Deploy to configure one or more hosts by associating custom scripts

with a vSphere Auto Deploy rule.

The scripts run in alphabetical order after the initial ESXi boot workflow of the host.

Prerequisites

n Verify that the script bundle you want to associate with a vSphere Auto Deploy rule is

in .tgz format, with a maximum size of 10 MB, and written in Python or BusyBox ash scripting

language.

Procedure

1 In a PowerCLI session, run the Connect-VIServer cmdlet to connect to the vCenter Server

system that vSphere Auto Deploy is registered with.

Connect-VIServer ipv4_or_ipv6_address

VMware ESXi Installation and Setup

VMware by Broadcom 135

The cmdlet might return a server certificate warning. In a production environment, make

sure no server certificate warnings result. In a development environment, you can ignore the

warning.

2 Run the Add-ScriptBundle cmdlet to add the script bundle that contains the necessary

scripts to the vSphere Auto Deploy inventory.

Add-ScriptBundle c:/temp/MyScriptBundle.tgz

The name of the script bundle without the .tgz extension is the name identifier or object

of the script bundle item. You can update an existing script bundle by using the

-Update

parameter with the Add-ScriptBundle cmdlet.

3 (Optional) Run the Get-ScriptBundle cmdlet to verify that the script bundle is added to the

vSphere Auto Deploy inventory.

4 Define a rule in which hosts with certain attributes, for example a range of IP addresses, are

assigned to the script bundle.

New-DeployRule -Name "testrule4" -Item "MyScriptBundle" -Pattern "vendor=Acme,Zven",

"ipv4=192.XXX.1.10-192.XXX.1.20"

Double quotes are required if a name contains spaces, optional otherwise. Specify

-AllHosts instead of a pattern to apply the item to all hosts.

You create a rule named

testrule4

. The rule assigns the script bundle named My Script Bundle

to all hosts with a vendor of Acme or Zven that also have an IP address in the specified

range. You can use the name identifier of the script bundle or the object returned by the

Get-ScriptBundle cmdlet to identify the script bundle you want to associate with the rule.

5 Add the rule to the rule set.

Add-DeployRule testrule4

By default, the rule is added to both the working rule set and the active rule set. If you use

the NoActivate parameter, the working rule set does not become the active rule set.

What to do next

n For hosts already provisioned with vSphere Auto Deploy, perform the compliance testing

and repair operations to provision them with the new scripts. See Test and Repair Rule

Compliance .

n Turn on unprovisioned hosts to provision them with the new scripts.

Test and Repair Rule Compliance

Test new or modified rules for compliance and repair accordingly, as changes in the vSphere

Auto Deploy rule set are not updated automatically.

VMware ESXi Installation and Setup

VMware by Broadcom 136

Prerequisites

When you add a rule to the vSphere Auto Deploy rule set or modify one or more rules, hosts are

not updated automatically. vSphere Auto Deploy applies the new rules only when you test their

rule compliance and perform remediation.

n Prepare your system and install the Auto Deploy Server. For more information, see Prepare

Your System for vSphere Auto Deploy.

n Verify that your infrastructure includes one or more ESXi hosts provisioned with vSphere

Auto Deploy, and that the host on which you installed PowerCLI can access those ESXi hosts.

Procedure

1 In a PowerCLI session, run the Connect-VIServer cmdlet to connect to the vCenter Server

system that vSphere Auto Deploy is registered with.

Connect-VIServer ipv4_or_ipv6_address

The cmdlet might return a server certificate warning. In a production environment, make

sure no server certificate warnings result. In a development environment, you can ignore the

warning.

2 Use PowerCLI to check which vSphere Auto Deploy rules are currently available.

Get-DeployRule

The system returns the rules and the associated items and patterns.

3 Modify one of the available rules.

For example, you can change the image profile and the name of the rule.

Copy-DeployRule -DeployRule testrule -ReplaceItem MyNewProfile

You cannot edit a rule already added to the active rule set. Instead, you can copy the rule

and replace the item or pattern you want to change.

4 Verify that you can access the host for which you want to test rule set compliance.

Get-VMHost -Name MyEsxi42

5 Run the cmdlet that tests rule set compliance for the host, and bind the return value to a

variable for later use.

$tr = Test-DeployRuleSetCompliance MyEsxi42

6 Examine the differences between the contents of the rule set and configuration of the host.

$tr.itemlist

VMware ESXi Installation and Setup

VMware by Broadcom 137

If the host for which you want to test the new rule set compliance is compliant with the active

rule set, the system returns a table of current and expected items.

CurrentItem ExpectedItem

----------- ------------

My Profile 25 MyNewProfile

7 Remediate the host to use the revised rule set the next time you boot the host.

Repair-DeployRuleSetCompliance $tr

What to do next

If the rule you changed specified the inventory location, the change takes effect when you repair

compliance. For all other changes, reboot your host to have vSphere Auto Deploy apply the new

rule and to achieve compliance between the rule set and the host.

Simultaneously booting large number of stateless hosts places a significant load on the vSphere

Auto Deploy server. You can load balance the requests between the vSphere Auto Deploy

server and one or more proxy servers that you register with vSphere Auto Deploy.

Prerequisites

Procedure

1 In a PowerCLI session, run the Connect-VIServer cmdlet to connect to the vCenter Server

system that vSphere Auto Deploy is registered with.

Connect-VIServer ipv4_or_ipv6_address

The cmdlet might return a server certificate warning. In a production environment, make

sure no server certificate warnings result. In a development environment, you can ignore the

warning.

2 Register a caching proxy server addresses with vSphere Auto Deploy by running the Add-

ProxyServer cmdlet.

Add-ProxyServer -Address 'https://proxy_server_ip_address:port_number'

You can run the cmdlet multiple times to register multiple proxy servers. The address can

contain a port number.

3 (Optional) Run the List-ProxyServer cmdlet to verify that the caching proxy server is

registered with vSphere Auto Deploy.

VMware ESXi Installation and Setup

VMware by Broadcom 138

Managing vSphere Auto Deploy with the vSphere Client

You can add ESXi hosts to the vSphere Auto Deploy inventory, create, monitor, and manage

rules, and host associations by using the vSphere Client.

(Auto Deploy Enhancements in the vSphere Client )

Create a Deploy Rule

Before you provision ESXi hosts with vSphere Auto Deploy, you must create rules that assign

host locations, image profiles, and host profiles to the hosts. An ESXi host can match more than

one vSphere Auto Deploy rule criteria, when this is the case, the rule order is considered.

Prerequisites

n Prepare your system and install the Auto Deploy Server. For more information, see Prepare

Your System for vSphere Auto Deploy.

n If you want to include an image profile to the rule, verify that the software depot you need is

added to the inventory. See Add a Software Depot or Import a Software Depot.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere Auto Deploy service.

2 On the Deploy Rules tab, click New Deploy Rule.

The New Deploy Rule wizard appears.

3 On the Name and hosts page of the wizard, enter a name for the new rule.

4 Select to either apply the rule to all hosts in the inventory or only to hosts that match a

specific pattern.

You can select one or more patterns.

For example, the rule can apply only to hosts in a vCenter Single Sign-On domain, with a

specific host name, or that match a specific IPv4 range.

5 On the Configuration page of the wizard, you can optionally include items in the rule.

Each enabled item adds a new page to the wizard.

Option

Action

Host Location Add the hosts that match the criteria of the rule to a

specific location.

Image Profile Assign an image profile to the hosts that match the rule

criteria.

VMware ESXi Installation and Setup

VMware by Broadcom 139

Option Action

Host Profile Assign a host profile to the hosts that match the rule

criteria.

Script Bundle Assign a script bundle to the host that match the rule

criteria.

6 (Optional) On the Select host location page of the wizard, select a data center, folder, or

cluster as host location for the hosts that match the rule.

7 (Optional) On the Select image profile page of the wizard, use the drop-down menu to select

a software depot and choose an image profile from the list.

If you want to bypass the acceptance level verification for the image profile, select the Skip

image profile signature check check box.

8 (Optional) On the Select host profile page of the wizard, select a host profile from the list.

9 (Optional) On the Select script bundle page of the wizard, select a script bundle from the list.

10 On the Ready to complete page, review the summary information for the new rule.

Results

You can view the newly created rule listed on the Deploy Rules tab.

What to do next

n Activate a vSphere Auto Deploy rule. See Activate, Deactivate, and Reorder Deploy Rules.

n Edit a vSphere Auto Deploy rule. See Edit an Image Profile.

n Clone a vSphere Auto Deploy rule. See Clone a Deploy Rule

n View the host location, image profile, host profile, and added script bundles. See View Host

Associations.

n Remediate non-compliant hosts. See Remediate a Non-compliant Host.

n Change the image profile association of a host. See Edit the Image Profile Association of a

Host.

Clone a Deploy Rule

You can use a vSphere Auto Deploy rule as a template and modify only parts of the rule instead

of creating a new one.

You can clone an existing vSphere Auto Deploy rule by using the Clone Deploy Rule wizard.

Prerequisites

n Prepare your system and install the Auto Deploy Server. For more information, see Prepare

Your System for vSphere Auto Deploy.

n Create a vSphere Auto Deploy rule. See Create a Deploy Rule.

VMware ESXi Installation and Setup

VMware by Broadcom 140

n If you want to include an image profile to the rule, verify that the software depot you need is

added to the inventory. See Add a Software Depot or Import a Software Depot.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere Auto Deploy service.

2 On the Deploy Rules tab, select a rule from the list.

3 Click Clone.

The Clone Deploy Rule wizard appears.

4 On the Name and hosts page of the wizard, enter a name for the new rule.

5 Select to either apply the rule to all hosts in the inventory or only to hosts that match a

specific pattern.

You can select one or more patterns.

For example, the rule can apply only to hosts in a vCenter Single Sign-On domain, with a

specific host name, or that match a specific IPv4 range.

6 On the Configuration page of the wizard, you can optionally include items in the rule.

Each enabled item adds a new page to the wizard.

Option

Action

Host Location Add the hosts that match the criteria of the rule to a

specific location.

Image Profile Assign an image profile to the hosts that match the rule

criteria.

Host Profile Assign a host profile to the hosts that match the rule

criteria.

Script Bundle Assign a script bundle to the host that match the rule

criteria.

7 On the Select host location page of the wizard, select a location for the hosts that match the

rule.

Option

Action

If you want to keep the host location used in the cloned

rule

Select the Same Host location check box.

If you want to select a new location for the selected

hosts

1 Select the Browse for Host location check box.

2 Select a data center, folder, or cluster as host

location.

3 Click Next.

VMware ESXi Installation and Setup

VMware by Broadcom 141

8 On the Select image profile page of the wizard, select an image profile.

Option Action

If you do not want to change the image profile Select the Same image profile check box.

If you want to assign a new image profile to the

selected hosts

1 Select the Browse for Image Profile check box.

2 Select a software depot from the drop-down menu.

3 Select an image profile from the list.

4 (Optional) If you want to bypass the acceptance

level verification for the image profile, select the

Skip image profile signature check check box.

9 On the Select host profile page of the wizard, select a host profile.

Option Action

If you want to keep the host profile used in the cloned

rule

Select the Same Host profile check box.

If you want to assign a new host profile to the selected

hosts

1 Select the Browse for Host Profile check box.

2 Select a host profile from the list and click Next.

10 On the Select script bundle page of the wizard, select a script bundle from the list.

11 On the Ready to complete page, review the summary information for the new rule.

What to do next

n Activate a vSphere Auto Deploy rule. See Activate, Deactivate, and Reorder Deploy Rules.

n Edit a vSphere Auto Deploy rule. See Edit an Image Profile.

Edit a Deploy Rule

You can edit the name of an Auto Deploy rule, its matching hosts, the host location, the image

profile, and the host profile if the rule is inactive in the inventory.

Prerequisites

n Prepare your system and install the Auto Deploy Server. For more information, see Prepare

Your System for vSphere Auto Deploy.

n Create a vSphere Auto Deploy rule. See Create a Deploy Rule.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere Auto Deploy service.

2 On the Deploy Rules tab, from the list of rules in the inventory select the rule and click Edit.

The Edit Deploy Rule dialog box appears.

3 (Optional) On the Name and hosts page of the wizard, enter a new name for the rule.

VMware ESXi Installation and Setup

VMware by Broadcom 142

4 Select to either apply the rule to all hosts in the inventory or only to hosts that match a

specific pattern.

You can select one or more patterns.

For example, the rule can apply only to hosts in a vCenter Single Sign-On domain, with a

specific host name, or that match a specific IPv4 range.

5 On the Configuration page of the wizard, you can optionally include items in the rule.

Each enabled item adds a new page to the wizard.

Option Action

Host Location Add the hosts that match the criteria of the rule to a

specific location.

Image Profile Assign an image profile to the hosts that match the rule

criteria.

Host Profile Assign a host profile to the hosts that match the rule

criteria.

Script Bundle Assign a script bundle to the host that match the rule

criteria.

6 On the Select host location page of the wizard, select a location for the hosts that match the

rule.

Option

Action

If you want to keep the host location used in the cloned

rule

Select the Same Host location check box.

If you want to select a new location for the selected

hosts

1 Select the Browse for Host location check box.

2 Select a data center, folder, or cluster as host

location.

3 Click Next.

7 On the Select image profile page of the wizard, select an image profile.

Option

Action

If you do not want to change the image profile Select the Same image profile check box.

If you want to assign a new image profile to the

selected hosts

1 Select the Browse for Image Profile check box.

2 Select a software depot from the drop-down menu.

3 Select an image profile from the list.

4 (Optional) If you want to bypass the acceptance

level verification for the image profile, select the

Skip image profile signature check check box.

VMware ESXi Installation and Setup

VMware by Broadcom 143

8 On the Select host profile page of the wizard, select a host profile.

Option Action

If you want to keep the host profile used in the cloned

rule

Select the Same Host profile check box.

If you want to assign a new host profile to the selected

hosts

1 Select the Browse for Host Profile check box.

2 Select a host profile from the list and click Next.

9 On the Select script bundle page of the wizard, select a script bundle from the list.

10 On the Ready to complete page, review the summary information for the new rule.

What to do next

n Activate a vSphere Auto Deploy rule. See Activate, Deactivate, and Reorder Deploy Rules.

n Clone a vSphere Auto Deploy rule. See Clone a Deploy Rule

Activate, Deactivate, and Reorder Deploy Rules

After you create a vSphere Auto Deploy rule, the rule is in inactive state. You must activate the

rule for it to take effect. You can use the Activate and Reorder wizard to activate, deactivate, and

change the order of the rules.

The upper list on the Activate and Reorder page of the wizard displays the rules in the active rule

set. The lower list displays the inactive rules.

Prerequisites

n Prepare your system and install the Auto Deploy Server. For more information, see Prepare

Your System for vSphere Auto Deploy.

n Create a vSphere Auto Deploy rule. See Create a Deploy Rule.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere Auto Deploy service.

2 On the Deploy Rules tab, click Activate/Deactivate rules.

The Activate and Reorder wizard appears.

3 (Optional) If you want to deactivate an active rule, select the rule from the active rules list and

click the Deactivate button.

4 From the list of inactive rules, select the rule that you want to activate and click the Activate

button.

VMware ESXi Installation and Setup

VMware by Broadcom 144

5 (Optional) If you want to reorder the rules in the active rule list, select a rule that you want to

move up or down in the list and click Move up or Move down above the list of active rules.

The rules are listed by priority. For example, if two or more rules apply to the same host but

are set to provision the host with different host locations, image profiles, and host profiles,

the rule that is highest in the list takes effect on the host.

6 (Optional) If you want to test an inactive rule before activation, click Test rules before

activation.

a Select a host from the list and click Check Compliance to view the current status of the

host and the changes that are expected after the activation of the rule.

If the host is compliant with the rule, you do not need to remediate the host after you

activate the rule.

b (Optional) If you want to remediate the selected hosts after the rule activation, enable the

toggle button or select the Remediate all host associations after rule activation check

box to remediate all hosts.

7 Review the list of active rules and click ОК.

Results

On the Deploy Rules tab, the rule is listed as active in the Status column.

What to do next

n View the host location, image profile, host profile, and added script bundles. See View Host

Associations.

n Remediate non-compliant hosts. See Remediate a Non-compliant Host.

View Host Associations

Some of the hosts in the vSphere Auto Deploy inventory might not be compliant with the active

deploy rules. To verify that one or more ESXi hosts are compliant with the active rule set, you

must check the host associations compliance.

Prerequisites

n Prepare your system and install the Auto Deploy Server. For more information, see Prepare

Your System for vSphere Auto Deploy.

n Create a vSphere Auto Deploy rule. See Create a Deploy Rule.

n Activate a vSphere Auto Deploy rule. See Activate, Deactivate, and Reorder Deploy Rules.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere Auto Deploy service.

VMware ESXi Installation and Setup

VMware by Broadcom 145

2 Check the host associations compliance.

The Check Host Associations Compliance window displays the status of the host and

whether the host is compliant with the active rule set. You can view the currently assigned

host location, image profile, host profile, script bundle, and the associations that will take

effect after a remediation of the host.

Option Steps

If you want to check

the host associations

compliance of a single

host

1 On the Deployed Hosts tab, select an ESXi host.

2 Click Check Host Associations Compliance.

3 Check if the host associations are compliant with the current active rule set.

4 (Optional) If you want to remediate the host, click Remediate.

5 Close the Check Host Associations Compliance window.

If you want to check

the host associations

compliance of multiple

hosts

1 On the Deployed Hosts tab, select multiple ESXi hosts.

2 Click Check Host Associations Compliance.

3 Confirm that you want to check the compliance of all selected hosts.

4 Review the compliance status of the hosts in the left pane.

5 (Optional) Select a host to view the compliance status details.

6 (Optional) Select a host and click Remediate .

7 (Optional) Select the Remediate all host associations after rule activation check

box to remediate all hosts.

8 Close the Check Host Associations Compliance window.

What to do next

n Remediate non-compliant hosts. See Remediate a Non-compliant Host.

n Edit the image profile association of a host. See Edit the Image Profile Association of a Host.

n Edit a vSphere Auto Deploy rule. See Edit an Image Profile.

Edit the Image Profile Association of a Host

You can edit the image profile association of a single host if the host is not associated with

a vSphere Auto Deploy rule or if you do not want to change the image profile association of

multiple hosts by editing a rule.

Prerequisites

n Prepare your system and install the Auto Deploy Server. For more information, see Prepare

Your System for vSphere Auto Deploy.

n Create a vSphere Auto Deploy rule. See Create a Deploy Rule.

n Activate a vSphere Auto Deploy rule. See Activate, Deactivate, and Reorder Deploy Rules.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere Auto Deploy service.

2 On the Deployed Hosts tab, select an ESXi host.

VMware ESXi Installation and Setup

VMware by Broadcom 146

3 Click Edit Image Profile Association.

The Edit Image Profile Association dialog box appears.

4 Edit the image profile association of the host.

Option Action

If you do not want to change the image profile Select the Same image profile check box.

If you want to assign a new image profile to the

selected hosts

1 Select the Browse for Image Profile check box.

2 Select a software depot from the drop-down menu.

3 Select an image profile from the list.

4 (Optional) If you want to bypass the acceptance

level verification for the image profile, select the

Skip image profile signature check check box.

5 Click OK.

Results

The new image profile is listed in the Associated Image Profile column after a refresh of the page.

What to do next

n View the host location, image profile, host profile, and added script bundles. See View Host

Associations.

n If the host is associated with a rule and you want to revert to the image profile defined in the

rule, remediate the host. See Remediate a Non-compliant Host.

Remediate a Non-compliant Host

When you add a rule to the vSphere Auto Deploy active rule set or make changes to one or

more rules, hosts are not updated automatically. You must remediate the host associations to

apply the new rules to the host.

Prerequisites

n Prepare your system and install the Auto Deploy Server. For more information, see Prepare

Your System for vSphere Auto Deploy.

n Create a vSphere Auto Deploy rule. See Create a Deploy Rule.

n Activate a vSphere Auto Deploy rule. See Activate, Deactivate, and Reorder Deploy Rules.

n If the remediation of a host, results in a change in its location, the host must be placed in

maintenance mode.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere Auto Deploy service.

2 On the Deployed Hosts tab, select a single or multiple ESXi hosts.

VMware ESXi Installation and Setup

VMware by Broadcom 147

3 Click Remediate Host Associations.

If you remediate a host that has an edited image profile association, the host reverts to the

settings defined in the rule that it matches.

You can monitor the progress of the remediation process in the Recent Tasks pane.

What to do next

n View the host location, image profile, host profile, and added script bundles. See View Host

Associations.

n Change the image profile association of a host. See Edit the Image Profile Association of a

Host.

Add a Host to the vSphere Auto Deploy Inventory

You can view the hosts that do not match any vSphere Auto Deploy rule and manually add a

host to the vSphere Auto Deploy inventory.

To add a host to the current vSphere Auto Deploy inventory of deployed hosts, you can create

a new rule or edit an existing rule to include a host that is not deployed with vSphere Auto

Deploy and associate it with a specific host location, image profile, host profile, and script bundle.

Alternatively, you can manually add a host to the inventory by assigning it a host location, image

profile, host profile, and script bundle.

Prerequisites

n Prepare your system and install the Auto Deploy Server. For more information, see Prepare

Your System for vSphere Auto Deploy.

n To assign an image profile to the host, add the software depot that you need to the

inventory. See Add a Software Depot or Import a Software Depot.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere Auto Deploy service.

2 On the Discovered Hosts tab, select one or more hosts that you want to provision with a host

location, image profile, and host profile.

3 Select Add to Inventory.

Alternatively, click Remove to dismiss the selected hosts from the Discovered Hosts tab.

The Add to Inventory wizard appears.

4 On the Select host location page of the wizard, select a data center, folder, or cluster as host

location for the hosts that match the rule.

VMware ESXi Installation and Setup

VMware by Broadcom 148

5 On the Select image profile page of the wizard, use the drop-down menu to select a

software depot and choose an image profile from the list.

If you want to bypass the acceptance level verification for the image profile, select the Skip

image profile signature check check box.

6 On the Select host profile page of the wizard, select a host profile from the list.

7 On the Select host profile page of the wizard, use the Filter to search the host profiles list or

select the Do not include a host profile check box to continue without adding a host profile.

8 On the Select script bundle page of the wizard, select a script bundle from the list.

9 On the Ready to complete page, review the selected host associations.

What to do next

n Edit a vSphere Auto Deploy rule. See Edit an Image Profile.

n Clone a vSphere Auto Deploy rule. See Clone a Deploy Rule

n View the host location, image profile, host profile, and added script bundles. See View Host

Associations.

n Remediate non-compliant hosts. See Remediate a Non-compliant Host.

Add a Host to a Cluster That Uses a Single Image

То add ESXi hosts to a cluster that you manage by an image, you create a rule in Auto Deploy

that assigns a host location to the hosts.

By creating an Auto Deploy rule, where the host target location is a cluster managed by

an image, you can transition stateful ESXi hosts to the cluster. Based on host identification

mechanisms, the rule adds the hosts to the target cluster.

Such Auto Deploy rule is not allowed to contain an Image Profile or a Host Profile, as the image

specification and configuration of the target cluster define the same.

Prerequisites

n Prepare your system and install the Auto Deploy Server. For more information, see

Prepare Your System for vSphere Auto Deploy

in the

VMware ESXi Installation and Setup

documentation.

n Verify that each ESXi host is version 7.0 or later.

n Verify that all hosts in the cluster are stateful and have a physical storage attached.

n Verify that solutions, which are not integrated with vSphere Lifecycle Manager are not

enabled for the cluster.

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere Auto Deploy service.

VMware ESXi Installation and Setup

VMware by Broadcom 149

2 On the Deploy Rules tab, click New Deploy Rule.

The New Deploy Rule wizard appears.

3 On the Name and hosts page of the wizard, enter a name for the new rule.

4 Select to either apply the rule to all hosts in the inventory or only to hosts that match a

specific pattern.

You can select one or more patterns.

For example, the rule can apply only to hosts in a vCenter Single Sign-On domain, with a

specific host name, or that match a specific IPv4 range.

5 On the Configuration page of the wizard, select the Host Location check box, and click Next.

You can optionally include a script bundle to the ESXi hosts that match the rule criteria by

selecting the Script Bundle check box.

Note The image profile and host profile attached to the target cluster are used.

6 On the Select host location page of the wizard, select a cluster that uses a single image.

7 (Optional) On the Select script bundle page of the wizard, select a script bundle from the list.

8 On the Ready to complete page, review the summary information for the new rule.

9 Click Finish.

Results

You can view the newly created rule listed on the Deploy Rules tab.

What to do next

n Activate a vSphere Auto Deploy rule. See Activate, Deactivate, and Reorder Deploy Rules.

n For more information on stateless caching and stateful installs, see Use vSphere Auto Deploy

for Stateless Caching and Stateful Installs.

Working with Script Bundles

You can add a custom script for additional post-deployment host configuration. The script runs

after you provision an ESXi host with Auto Deploy. For example, you can create a custom ESXi

firewall rule and other configurations not available with Host Profiles.

Since vSphere 6.7 Update 1, you can add or remove a custom script by using the vSphere Client.

A script bundle can include multiple scripts and must be delivered as a single compressed file

with the .tgz extension. After uploaded to the vCenter Server, you can include the script bundle

to an Auto Deploy rule.

Prerequisites

n Verify that you can run the script in the ESXi Shell.

VMware ESXi Installation and Setup

VMware by Broadcom 150

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere Auto Deploy service.

2 Select the Script Bundles tab.

3 Click Upload.

4 Browse to a script bundle file and select Upload.

The script is present in the Script Bundles list.

5 (Optional) Select a script bundle, click Remove, and confirm the selection.

The script bundle is deleted from the list.

What to do next

n Activate a vSphere Auto Deploy rule. See Activate, Deactivate, and Reorder Deploy Rules.

n Edit a vSphere Auto Deploy rule. See Edit an Image Profile.

n Clone a vSphere Auto Deploy rule. See Clone a Deploy Rule

n View the host location, image profile, host profile, and added script bundles. See View Host

Associations.

n Remediate non-compliant hosts. See Remediate a Non-compliant Host.

n Change the image profile association of a host. See Edit the Image Profile Association of a

Host.

Download vSphere Auto Deploy Logs

You can use the vSphere Auto Deploy logging information from the vSphere Client to resolve

problems that you encounter with vSphere Auto Deploy.

Prerequisites

Use the vSphere Client to log in to the vCenter Server instance that vSphere Auto Deploy is

registered with.

Procedure

1 Navigate toHome > Administration and select Deployment > System Configuration.

2 Select one of the nodes for which you want to retrieve a support bundle. The support bundle

holds the services logs.

3 Click Export Support Bundle.

4 Select only VirtualAppliance > Auto Deploy.

5 Click the Export Support Bundle button to download the log files.

VMware ESXi Installation and Setup

VMware by Broadcom 151

Start, Stop, or Restart the vSphere Auto Deploy Service

You can start, stop, or restart the Auto Deploy service in the vCenter Server Management

Interface.

To start, stop, and restart services in vCenter Server, you use the vCenter Server Management

Interface.

Prerequisites

Verify that you have a root access to the vCenter Server Management Interface.

Procedure

1 Log in to the vCenter Server Management Interface, https://

IP-address-or-FQDN

:5480.

2 Click Services.

The Services pane displays a table of all installed services. You can sort them by name,

startup type, health, and state.

3 Select the Auto Deploy service and select your action.

The available actions depend on whether the Auto Deploy service is already running or not.

n Click Restart to restart the service.

Restarting the service requires confirmation and might lead to the Auto Deploy

functionality becoming temporarily unavailable.

n Click Start to start the service.

n Click Stop to stop the service.

Stopping the service requires confirmation.

Provisioning ESXi Systems with vSphere Auto Deploy

vSphere Auto Deploy can provision hundreds of physical hosts with ESXi software, either for first

boot, reboot, or reprovisioning.

You can provision hosts that did not previously run ESXi software (first boot), reboot hosts, or

reprovision hosts with a different image profile, host profile, custom script, or folder, or cluster

location. The vSphere Auto Deploy process differs depending on the state of the host and on the

changes that you want to make.

Provision a Host (First Boot)

Provisioning a host that has never been provisioned with vSphere Auto Deploy (first boot) differs

from subsequent boot processes. You must prepare the host and fulfill all other prerequisites

before you can provision the host. You can optionally define a custom image profile with vSphere

ESXi Image Builder by using the vSphere Client or PowerCLI cmdlets.

Prerequisites

n Make sure your host meets the hardware requirements for ESXi hosts.

VMware ESXi Installation and Setup

VMware by Broadcom 152

See ESXi Hardware Requirements.

n Prepare the system for vSphere Auto Deploy. See Preparing for vSphere Auto Deploy.

n Write rules that assign an image profile to the host and optionally assign a host profile and

a vCenter Server location to the host. See Managing vSphere Auto Deploy with PowerCLI

Cmdlets or Managing vSphere Auto Deploy with the vSphere Client.

When the setup is complete, the vSphere Auto Deploy service is enabled, DHCP setup is

complete, and rules for the host that you want to provision are in the active rule set.

Procedure

1 Turn on the host.

The host contacts the DHCP server and downloads iPXE from the location the server points it

to. Next, the vSphere Auto Deploy server provisions the host with the image specified by the

rule engine. The vSphere Auto Deploy server might also apply a host profile to the host if one

is specified in the rule set. Finally, vSphere Auto Deploy adds the host to the vCenter Server

system that is specified in the rule set.

2 (Optional) If vSphere Auto Deploy applies a host profile that requires user input such as an IP

address, the host is placed in maintenance mode. Reapply the host profile with the vSphere

Client and provide the user input when prompted.

Results

After the first boot process, the host is running and managed by a vCenter Server system. The

vCenter Server stores the host's image profile, host profile, and location information.

You can now reboot the host as needed. Each time you reboot, the host is reprovisioned by the

vCenter Server system.

What to do next

Reprovision hosts as needed. See Reprovisioning Hosts.

If you want to change the image profile, host profile, custom script, or location of the host,

update the rules and activate them by using the vSphere Client or perform a test and repair

compliance operation in a PowerCLI session. See Rules and Rule Sets or Test and Repair Rule

Compliance .

Reprovisioning Hosts

Use vSphere Auto Deploy to reprovision ESXi hosts with a different image profile or a different

host profile.

vSphere Auto Deploy supports multiple reprovisioning options. You can perform a simple reboot

or reprovision with a different image profile or a different host profile.

A first boot using vSphere Auto Deploy requires that you set up your environment and add rules

to the rule set. See Preparing for vSphere Auto Deploy.

VMware ESXi Installation and Setup

VMware by Broadcom 153

The following reprovisioning operations are available.

n Simple reboot.

n Reboot of hosts for which the user answered questions during the boot operation.

n Reprovision with a different image profile.

n Reprovision with a different host profile.

Reprovision Hosts with Simple Reboot Operations

You can reprovisions ESXi hosts with the image profile, host profile, custom script, and vCenter

Server location assigned during first boot.

Prerequisites

A simple reboot of a host that is provisioned with vSphere Auto Deploy requires only that all

prerequisites are still met. The process uses the previously assigned image profile, host profile,

custom script, and vCenter Server location.

n Verify that the setup you performed during the first boot operation is in place. See Provision

a Host (First Boot).

n Verify that all associated items like are available. An item can be an image profile, host profile,

custom script or vCenter Server inventory location.

n Verify that the host has the identifying information (asset tag, IP address) it had during

previous boot operations.

Procedure

1 Place the host in maintenance mode.

Host Type

Action

Host is part of a DRS cluster VMware DRS migrates virtual machines to appropriate hosts when you place

the host in maintenance mode.

Host is not part of a DRS cluster You must migrate all virtual machines to different hosts and place each host

in maintenance mode.

2 Reboot the host.

Results

The host shuts down. When the host reboots, it uses the image profile that the vSphere Auto

Deploy server provides. The vSphere Auto Deploy server also applies the host profile stored on

the vCenter Server system.

Reprovision a Host with a New Image Profile by Using PowerCLI

You can use vSphere Auto Deploy to reprovision a host with a new image profile in a PowerCLI

session by changing the rule for the host and performing a test and repair compliance operation.

VMware ESXi Installation and Setup

VMware by Broadcom 154

Several options for reprovisioning hosts exist.

n If the VIBs that you want to use support live update, you can use an esxcli software

vib command. In that case, you must also update the rule set to use an image profile that

includes the new VIBs.

During testing, you can apply an image profile to an individual host with the Apply-

EsxImageProfile cmdlet and reboot the host so the change takes effect. The Apply-

EsxImageProfile cmdlet updates the association between the host and the image profile

but does not install VIBs on the host.

n In all other cases, use this procedure.

Prerequisites

n Verify that the image profile you want to use to reprovision the host is available. Use vSphere

ESXi Image Builder in a PowerCLI session. See Customizing Installations with vSphere ESXi

Image Builder.

n Verify that the setup you performed during the first boot operation is in place.

Procedure

1 At the PowerShell prompt, run the Connect-VIServer PowerCLI cmdlet to connect to the

vCenter Server system that vSphere Auto Deploy is registered with.

Connect-VIServer ipv4_or_ipv6_address

The cmdlet might return a server certificate warning. In a production environment, make

sure no server certificate warnings result. In a development environment, you can ignore the

warning.

2 Determine the location of a public software depot that contains the image profile that you

want to use, or define a custom image profile with vSphere ESXi Image Builder.

3 Run Add-EsxSoftwareDepot to add the software depot that contains the image profile to

the PowerCLI session.

Depot Type

Cmdlet

Remote depot Run Add-EsxSoftwareDepot depot_url.

ZIP file a Download the ZIP file to a local file path or create a mount point local to

the PowerCLI machine.

b Run Add-EsxSoftwareDepot C:\file_path\my_offline_depot.zip.

4 Run Get-EsxImageProfile to see a list of image profiles, and decide which profile you want

to use.

VMware ESXi Installation and Setup

VMware by Broadcom 155

5 Run Copy-DeployRule and specify the ReplaceItem parameter to change the rule that

assigns an image profile to hosts.

The following cmdlet replaces the current image profile that the rule assigns to the host with

the

my_new_imageprofile

profile. After the cmdlet completes, myrule assigns the new image

profile to hosts. The old version of myrule is renamed and hidden.

Copy-DeployRule myrule -ReplaceItem my_new_imageprofile

6 Test the rule compliance for each host that you want to deploy the image to.

a Verify that you can access the host for which you want to test rule set compliance.

Get-VMHost -Name ESXi_hostname

b Run the cmdlet that tests rule set compliance for the host, and bind the return value to a

variable for later use.

$tr = Test-DeployRuleSetCompliance ESXi_hostname

c Examine the differences between the contents of the rule set and configuration of the

host.

$tr.itemlist

The system returns a table of current and expected items if the host for which you want

to test the new rule set compliance is compliant with the active rule set.

CurrentItem ExpectedItem

----------- ------------

my_old_imageprofile my_new_imageprofile

d Remediate the host to use the revised rule set the next time you boot the host.

Repair-DeployRuleSetCompliance $tr

7 Reboot the host to provision it with the new image profile.

Reprovision a Host with a New Image Profile by Using the vSphere Client

You can use vSphere Auto Deploy to reprovision a host with a new image profile with the

vSphere Client by changing the rule that the host corresponds to and activating the rule.

Prerequisites

n Verify that the image profile you want to use to reprovision the host is available. See Create

an Image Profile.

n Verify that the setup you performed during the first boot operation is in place.

VMware ESXi Installation and Setup

VMware by Broadcom 156

Procedure

1 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere Auto Deploy service.

2 On the Deploy Rules tab, from the list of rules in the inventory select the rule and click Edit.

The Edit Deploy Rule dialog box appears.

3 (Optional) On the Name and hosts page of the wizard, enter a name for the new rule.

4 (Optional) Select to either apply the rule to all hosts in the inventory or only to hosts that

match a specific pattern.

You can select one or more patterns.

For example, the rule can apply only to hosts in a vCenter Single Sign-On domain, with a

specific host name, or that match a specific IPv4 range.

5 On the Configuration page of the wizard, you can optionally include items in the rule.

Each enabled item adds a new page to the wizard.

Option Action

Host Location Add the hosts that match the criteria of the rule to a

specific location.

Image Profile Assign an image profile to the hosts that match the rule

criteria.

Host Profile Assign a host profile to the hosts that match the rule

criteria.

Script Bundle Assign a script bundle to the host that match the rule

criteria.

6 Click Next to skip the Host Location selection.

7 On the Select image profile page of the wizard, assign an image profile to the hosts that

match the rule criteria.

Option

Action

If you do not want to change the image profile Select the Same image profile check box.

If you want to assign a new image profile to the

selected hosts

1 Select the Browse for Image Profile check box.

2 Select a software depot from the drop-down menu.

3 Select an image profile from the list.

4 (Optional) If you want to bypass the acceptance

level verification for the image profile, select the

Skip image profile signature check check box.

8 Click Next to skip the Host profile selection.

9 On the Ready to complete page, review the summary information for the new image profile

and click Finish.

VMware ESXi Installation and Setup

VMware by Broadcom 157

10 Click Activate/Deactivate rules.

11 From the list of inactive rules, select the rule that you want to activate and click the Activate

button.

12 (Optional) If you want to reorder the rules in the active rule list, select a rule that you want to

move up or down in the list and click Move up or Move down above the list of active rules.

The rules are listed by priority. For example, if two or more rules apply to the same host but

are set to provision the host with different host locations, image profiles, and host profiles,

the rule that is highest in the list takes effect on the host.

13 (Optional) If you want to test an inactive rule before activation, click Test rules before

activation.

a Select a host from the list and click Check Compliance to view the current status of the

host and the changes that are expected after the activation of the rule.

If the host is compliant with the rule, you do not need to remediate the host after you

activate the rule.

b (Optional) If you want to remediate the selected hosts after the rule activation, enable the

toggle button or select the Remediate all host associations after rule activation check

box to remediate all hosts.

14 Review the list of active rules and click ОК.

15 Reboot the host to provision it with the new image profile.

Update the Host Customization in the vSphere Client

If a host required user input during a previous boot, the answers are saved with the vCenter

Server. If you want to prompt the user for new information, you must remediate the host.

Prerequisites

Attach a host profile that prompts for user input to the host.

Procedure

1 Migrate all virtual machines to different hosts, and place the host into maintenance mode.

Host Type

Action

Host is part of a DRS cluster VMware DRS migrates virtual machines to appropriate hosts when you place

the host in maintenance mode.

Host is not part of a DRS cluster You must migrate all virtual machines to different hosts and place each host

in maintenance mode.

2 Navigate to Home > Auto Deploy.

By default, only the administrator role has privileges to use the vSphere Auto Deploy service.

3 On the Deployed Hosts tab, select an ESXi host.

VMware ESXi Installation and Setup

VMware by Broadcom 158

4 Click Remediate Host Associations.

You can monitor the progress of the remediation process in the Recent Tasks pane.

5 When prompted, provide the user input.

6 Direct the host to exit maintenance mode.

Results

The host customization is saved and takes effect the next time you boot the host.

Provision ESXi Host by Using an Image Profile Without VMware Tools

When you provision v hosts with vSphere Auto Deploy, you can select to provision the hosts

with an image profile that does not contain VMware Tools binaries. This image profile is smaller,

has a lower memory overhead, and boots faster in a PXE-boot environment.

If the network boot time is too slow when using the standard image, or if you want to save space

on the hosts, you can use an image profile that does not include VMware Tools and place the

VMware Tools binaries on a shared storage.

Prerequisites

Download the xxxxx-no-tools image profile from the VMware download site.

Procedure

1 Boot an ESXi host that was not provisioned with vSphere Auto Deploy.

2 Copy the /productLocker directory from the ESXi host to a shared storage.

You can connect to an ESXi host using an SSH client, see Knowledge Base article1019852.

3 Change the

UserVars.ProductLockerLocation

variable to point to the new /productLocker

directory location.

a In the vSphere Client, select the reference host and click the Configure tab.

b Under System, click Advanced System Settings.

c Click Edit.

d Filter the settings for uservars, and select UserVars.ProductLockerLocation.

e Click the current value and edit the location so it points to the shared storage.

4 Create a host profile from the reference host.

5 Create a vSphere Auto Deploy rule that assigns the xxxxx-no-tools image profile and host

profile from the reference host to all other hosts.

6 Boot your target hosts with the rule so they pick up the product locker location from the

reference host.

VMware ESXi Installation and Setup

VMware by Broadcom 159

Use vSphere Auto Deploy for Stateless Caching and Stateful Installs

With stateless caching, you can cache the image of an ESXi host. With stateful installs, you can

install hosts over the network.

The vSphere Auto Deploy stateless caching feature lets you cache the host's image. The vSphere

Auto Deploy stateful installs feature lets you install hosts over the network. After the initial

network boot, these hosts boot like other ESXi hosts. The stateless caching solution is primarily

intended for situations when several hosts boot simultaneously. The locally cached image helps

prevent a bottleneck that results if several hundreds of hosts connect to the vSphere Auto

Deploy server simultaneously. After the boot operation is complete, hosts connect to vSphere

Auto Deploy to complete the setup.

The stateful installs feature lets you provision hosts with the image profile over the network

without having to set up the PXE boot infrastructure.

What to read next

n Introduction to Stateless Caching and Stateful Installs

You can use the System Cache Configuration host profile to provision hosts with vSphere

Auto Deploy stateless caching and stateful installs.

n Understanding Stateless Caching and Stateful Installs

When you want to use vSphere Auto Deploy with stateless caching or stateful installs, you

must set up a host profile, apply the host profile, and set the boot order.

n Configure a Host Profile to Use Stateless Caching

When a host is set up to use stateless caching, the host uses a cached image if the vSphere

Auto Deploy Server is not available. To use stateless caching, you must configure a host

profile. You can apply that host profile to other hosts that you want to set up for stateless

caching.

n Configure a Host Profile to Enable Stateful Installs

To set up a host provisioned with vSphere Auto Deploy to boot from disk, you must

configure a host profile. You can apply that host profile to other hosts that you want to

set up for stateful installs.

Introduction to Stateless Caching and Stateful Installs

You can use the System Cache Configuration host profile to provision hosts with vSphere Auto

Deploy stateless caching and stateful installs.

Examples of Stateless Caching and Stateful Installs

Hosts provisioned with vSphere Auto Deploy cache the image (stateless caching)

Set up and apply a host profile for stateless caching. You can cache the image on a local

disk, a remote disk, or a USB drive. Continue provisioning this host with vSphere Auto Deploy.

If the vSphere Auto Deploy server becomes unavailable, for example because hundreds of

VMware ESXi Installation and Setup

VMware by Broadcom 160

hosts attempt to access it simultaneously, the host boots from the cache. The host attempts

to reach the vSphere Auto Deploy server after the boot operation to complete configuration.

Hosts provisioned with vSphere Auto Deploy become stateful hosts

Set up and apply a host profile for stateful installs. When you provision a host with vSphere

Auto Deploy, the image is installed on the local disk, a remote disk, or a USB drive. For

subsequent boots, you boot from the disk. The host no longer uses vSphere Auto Deploy.

Preparation

To successfully use stateless caching or stateful installs, decide how to configure the system and

set the boot order.

Table 5-18. Preparation for Stateless Caching or Stateful Installs

Requirement or Decision Description

Decide on VMFS partition overwrite When you install ESXi by using the interactive installer,

you are prompted whether you want to overwrite an

existing VMFS datastore. The System Cache Configuration

host profile provides an option to overwrite existing VMFS

partitions.

The option is not available if you set up the host profile to

use a USB drive.

Decide whether you need a highly available environment If you use vSphere Auto Deploy with stateless caching,

you can set up a highly available vSphere Auto Deploy

environment to guarantee that virtual machines are

migrated on newly provisioned hosts and that the

environment supports vNetwork Distributed Switch even

if the vCenter Server system becomes temporarily

unavailable.

Set the boot order The boot order you specify for your hosts depends on

the feature you want to use.

n To set up vSphere Auto Deploy with stateless

caching, configure your host to first attempt to boot

from the network, and to then attempt to boot

from disk. If the vSphere Auto Deploy server is not

available, the host boots using the cache.

n To set up vSphere Auto Deploy for stateful installs

on hosts that do not currently have a bootable disk,

configure your hosts to first attempt to boot from

disk, and to then attempt to boot from the network.

Note If you currently have a bootable image on the

disk, configure the hosts for one-time PXE boot, and

provision the host with vSphere Auto Deploy to use a

host profile that specifies stateful installs.

VMware ESXi Installation and Setup

VMware by Broadcom 161

Stateless Caching and Loss of Connectivity

If the ESXi hosts that run your virtual machines lose connectivity to the vSphere Auto Deploy

server, the vCenter Server system, or both, some limitations apply the next time you reboot the

host.

n If vCenter Server is available but the vSphere Auto Deploy server is unavailable, hosts do not

connect to the vCenter Server system automatically. You can manually connect the hosts to

the vCenter Server, or wait until the vSphere Auto Deploy server is available again.

n If both vCenter Server and vSphere Auto Deploy are unavailable, you can connect to each

ESXi host by using the VMware Host Client, and add virtual machines to each host.

n If vCenter Server is not available, vSphere DRS does not work. The vSphere Auto Deploy

server cannot add hosts to the vCenter Server. You can connect to each ESXi host by using

the VMware Host Client, and add virtual machines to each host.

n If you make changes to your setup while connectivity is lost, the changes are lost when the

connection to the vSphere Auto Deploy server is restored.

Understanding Stateless Caching and Stateful Installs

When you want to use vSphere Auto Deploy with stateless caching or stateful installs, you must

set up a host profile, apply the host profile, and set the boot order.

When you apply a host profile that enables caching to a host, vSphere Auto Deploy partitions the

specified disk. What happens next depends on how you set up the host profile and how you set

the boot order on the host.

n vSphere Auto Deploy caches the image when you apply the host profile if Enable stateless

caching on the host is selected in the System Cache Configuration host profile. No reboot

is required. When you later reboot, the host continues to use the vSphere Auto Deploy

infrastructure to retrieve its image. If the vSphere Auto Deploy server is not available, the

host uses the cached image.

n vSphere Auto Deploy installs the image if Enable stateful installs on the host is selected in

the System Cache Configuration host profile. When you reboot, the host initially boots using

vSphere Auto Deploy to complete the installation. A reboot is then issued automatically, after

which the host boots from disk, similar to a host that was provisioned with the installer.

vSphere Auto Deploy no longer provisions the host.

You can apply the host profile from the vSphere Client, or write a vSphere Auto Deploy rule in a

PowerCLI session that applies the host profile.

Using the vSphere Client to Set Up vSphere Auto Deploy for Stateless Caching or Stateful Installs

You can create a host profile on a reference host and apply that host profile to additional hosts

or to a vCenter Server folder or cluster. The following workflow results.

1 You provision a host with vSphere Auto Deploy and edit that host's System Image Cache

Configuration host profile.

VMware ESXi Installation and Setup

VMware by Broadcom 162

2 You place one or more target hosts in maintenance mode, apply the host profile to each host,

and instruct the host to exit maintenance mode.

3 What happens next depends on the host profile you selected.

n If the host profile enabled stateless caching, the image is cached to disk. No reboot is

required.

n If the host profile enabled stateful installs, the image is installed. When you reboot, the

host uses the installed image.

Using PowerCLI to Set Up vSphere Auto Deploy for Stateless Caching or Stateful Installs

You can create a host profile for a reference host and write a vSphere Auto Deploy rule that

applies that host profile to other target hosts in a PowerCLI session. The following workflow

results.

1 You provision a reference host with vSphere Auto Deploy and create a host profile to enable

a form of caching.

2 You write a rule that provisions additional hosts with vSphere Auto Deploy and that applies

the host profile of the reference host to those hosts.

3 vSphere Auto Deploy provisions each host with the image profile or by using the script

bundle associated with the rule. The exact effect of applying the host profile depends on the

host profile you selected.

n For stateful installs, vSphere Auto Deploy proceeds as follows:

n During first boot, vSphere Auto Deploy installs the image on the host.

n During subsequent boots, the host boots from disk. The hosts do not need a

connection to the vSphere Auto Deploy server.

n For stateless caching, vSphere Auto Deploy proceeds as follows:

n During first boot, vSphere Auto Deploy provisions the host and caches the image.

n During subsequent boots, vSphere Auto Deploy provisions the host. If vSphere Auto

Deploy is unavailable, the host boots from the cached image, however, setup can only

be completed when the host can reach the vSphere Auto Deploy server.

Configure a Host Profile to Use Stateless Caching

When a host is set up to use stateless caching, the host uses a cached image if the vSphere Auto

Deploy Server is not available. To use stateless caching, you must configure a host profile. You

can apply that host profile to other hosts that you want to set up for stateless caching.

Prerequisites

n Decide which disk to use for caching and determine whether the caching process will

overwrite an existing VMFS partition.

VMware ESXi Installation and Setup

VMware by Broadcom 163

n In production environments, protect the vCenter Server system and the vSphere Auto Deploy

server by including them in a highly available environment. Having the vCenter Server in

a management cluster guarantees that VDS and virtual machine migration are available. If

possible, also protect other elements of your infrastructure. See Set Up Highly Available

vSphere Auto Deploy Infrastructure.

n Set up your environment for vSphere Auto Deploy. See Preparing for vSphere Auto Deploy.

n Verify that a disk with at least 4GB of free space is available. If the disk is not yet partitioned,

partitioning happens when you apply the host profile.

n Set up the host to attempt a network boot first and to boot from disk if network boot fails.

See your hardware vendor's documentation.

n Create a host profile. See the

Host Profiles

documentation.

Procedure

1 Navigate to Home > Policies and Profiles > Host Profiles.

2 Click the host profile you want to configure and select the Configure tab.

3 Click Edit Host Profile.

4 On the Edit host profile page of the wizard, select Advanced Configuration Settings >

System Image Cache Configuration > System Image Cache Configuration.

5 In the System Image Cache Profile Settings drop-down menu, choose a policy option.

Option

Description

Enable stateless caching on the host Caches the image to disk.

Enable stateless caching to a USB

disk on the host

Caches the image to a USB disk attached to the host.

VMware ESXi Installation and Setup

VMware by Broadcom 164

6 (Optional) If you select Enable stateless caching on the host, specify the information about

the disk to use.

Option Description

Arguments for first disk When configuring a System Image Install disk, you have multiple options to

define the device you want ESXi to be installed to and booted from. You can

use the following arguments to define the disk for the installation:

n localesx – The first disk detected containing a valid installation of ESXi

n local – The first local disk detected by ESXi after boot

n remoteesx - The first remote disk detected containing a valid installation

ESXi

n sortedremoteesx- The first remote disk sorted by the lowest LUN ID

detected containing a valid installation of ESXi

n remote - The first remote disk detected by ESXi after boot

n sortedremote - The first remote disk sorted by the lowest LUN ID

detected by ESXi after boot

n device model

n device vendor

n vmkernel device driver name

You can get the values for the device model and vendor arguments by

running the command esxcli storage core device list in a console to the

ESXi host, logging in as the root. You get the vmkernel device driver name

argument by running the command esxcli storage core adapter list.

You must then identify the storage adapter to which your boot device is

connected.

By default, the system attempts to replace an existing ESXi installation, and

then attempts to write to the local disk.

You can use the Arguments for first disk field to specify a comma-separated

list of disks to use, in order of preference. You can specify more than one

disk. Use localesx for the first disk with ESX installed on it, model and

vendor information, or specify the name of the vmkernel device driver. For

example, to have the system first look for a disk with the model name

ST3120814A, second for any disk that uses the mptsas driver, and third for

the local disk, specify ST3120814A,mptsas,local as the value of this field.

The first disk setting in the host profile specifies the search order for

determining which disk to use for the cache. The search order is specified

as a comma delimited list of values. The default setting localesx,local

specifies that vSphere Auto Deploy should first look for an existing local

cache disk. The cache disk is identified as a disk with an existing ESXi

software image. If vSphere Auto Deploy cannot find an existing cache disk,

it searches for an available local disk device. When searching for an available

disk vSphere Auto Deploy uses the first empty disk that does not have an

existing VMFS partition.

VMware ESXi Installation and Setup

VMware by Broadcom 165

Option Description

You can use the first disk argument only to specify the search order. You

cannot explicitly specify a disk. For example, you cannot specify a specific

LUN on a SAN.

Check to overwrite any VMFS

volumes on the selected disk

If you select this check box, the system overwrites existing VMFS volumes

if not enough space is available to store the image, image profile, and host

profile.

Check to ignore any SSD devices

connected to the host

If you select this check box, the system ignores any existing SSD devices

and does not store image profiles and host profiles on them.

7 Click Save to complete the host profile configuration.

What to do next

Apply the host profile to individual hosts by using the Host Profiles feature in the vSphere Client.

See the

Host Profiles

documentation. Alternatively, you can create a rule to assign the host

profile to hosts with the vSphere Client or by using PowerCLI. See Write a Rule and Assign a Host

Profile to Hosts.

n Create a rule that applies the host profile to all hosts that you want to provision with the

settings specified in the reference host. For writing a rule in a PowerCLI session, see Write a

Rule and Assign a Host Profile to Hosts.

n For hosts that are already provisioned with vSphere Auto Deploy, perform the test and repair

compliance operations in a PowerCLI session, see Test and Repair Rule Compliance .

n Power on unprovisioned hosts to provision them with the new host profile.

Configure a Host Profile to Enable Stateful Installs

To set up a host provisioned with vSphere Auto Deploy to boot from disk, you must configure

a host profile. You can apply that host profile to other hosts that you want to set up for stateful

installs.

You can configure the host profile on a single host. You can also create a host profile on a

reference host and apply that host profile to other hosts.

Prerequisites

n Decide which disk to use for storing the image, and determine whether the new image will

overwrite an existing VMFS partition.

n Set up your environment for vSphere Auto Deploy. See Preparing for vSphere Auto Deploy.

n Verify that a disk with at least 4GB of free space is available. If the disk is not yet partitioned,

partitioning happens when you apply the host profile.

n Set up the host to boot from disk. See your hardware vendor's documentation.

n Create a host profile. See the

Host Profiles

documentation.

VMware ESXi Installation and Setup

VMware by Broadcom 166

Procedure

1 Navigate to Home > Policies and Profiles > Host Profiles.

2 Click the host profile you want to configure and select the Configure tab.

3 Click Edit Host Profile.

4 On the Edit host profile page of the wizard, select Advanced Configuration Settings >

System Image Cache Configuration > System Image Cache Configuration.

5 In the System Image Cache Profile Settings drop-down menu, choose a policy option.

Option Description

Enable stateful installs on the host Caches the image to a disk.

Enable stateful installs to a USB disk

on the host

Caches the image to a USB disk attached to the host.

VMware ESXi Installation and Setup

VMware by Broadcom 167

6 (Optional) If you select Enable stateful installs on the host, specify information about the disk