lunedì 30 gennaio 2012

ESX enable ssh and snmp


Enable SSH on ESX 3.5
ESXi 3.5 does ship with the ability to run SSH, but this is disabled by default (and is not supported). If you just need to access the console of ESXi, then you only need to perform steps 1 - 3.
1) At the console of the ESXi host, press ALT-F1 to access the console window.
2) Enter unsupported in the console and then press Enter. You will not see the text you type in.
3) If you typed in unsupported correctly, you will see the Tech Support Mode warning and a password prompt. Enter the password for the root login.
4) You should then see the prompt of ~ #. Edit the file inetd.conf (enter the command vi /etc/inetd.conf).
5) Find the line that begins with #ssh and remove the #. Then save the file. If you're new to using vi, then move the cursor down to #ssh line and then press the Insert key. Move the cursor over one space and then hit backspace to delete the #. Then press ESC and type in :wq to save the file and exit vi. If you make a mistake, you can press the ESC key and then type it :q! to quit vi without saving the file.
6) Once you've closed the vi editor, run the command /sbin/services.sh restart to restart the management services. You'll now be able to connect to the ESXi host with a SSH client.
Tip - with some applications like WinSCP, the default encryption cipher used is AES. If you change that to Blowfish you will likely see significantly faster transfers.
Update for ESXi 3.5 Update 2 - With Update 2 the service.sh command no longer restarts the inetd process which enables SSH access. You can either restart your host or run ps | grep inetd to determine the process ID for the inetd process. The output of the command will be something like 1299 1299 busybox      inetd, and the process ID is 1299. Then run kill -HUP (kill -HUP 1299 in this example) and you'll then be able to access the host via SSH.



ENABLE SSH AND SNMP ON ESX
There are two ways to go about with this depending upon your installation
a. If your esxi installation is new and/ or your evaluation license is still valid, then go to the section that says Enable       SNMP via RCLI
b. If your esxi installation has been in production for a while / and or you got a license installed and your evaluation period has expired then go to the following section which is to enable SNMP via SSH. For this you will need to enable SSH first on your esxi host by following the steps detailed below.
Enabling SSH on your ESXI host.
  1. Shutdown all your running VM’s on the esxi host and place the host on Maintenance mode.
  2. Log onto your Esxi Console physically from the box by pressing F2
  3. Type in your root password
  4. Press ALT+ F1 to enter the Technical Support login. Beware that any changes from here will not be warranted for support with VMware. So please be careful and test this and practice on a test esxi host before going live with production.
  5. Type unsupported and press enter
  6. Type in your root password
    at the prompt again and press enter
  7. Now you need to edit the inetd.conf file. To do this type vi /etc/inetd.conf
  8. Scroll down using your down arrow key sort of towards the end of the screen where you would see two lines starting with #ssh. Place the cursor on top of the # and press delete. Do this for the next line as well.
  9. Now press SHIFT+: and type wq to save the file.
  10. Now you will be back at your #prompt. To restart the service type services.sh restart.
  11. Press ALT+F1 to return to the esxi host console page.
  12. Press ESC to log off
  13. Press F12 to initiate your restart of the esxi host.
  14. You will be promoted for your root password and press enter.
  15. Press F11 to restart the host.
  16. Once the esxi host is up and running again use your favourite SSH client mine is Putty and WinSCP to test SSH connectivity to your esxi host.
Enabling SNMP via SSH on your ESXI host.
  1. Once you got SSH running , download and install WinSCP on your workstation..
  2. Open WinSCP and type in the details for your esxi host including IP address, root as the username and root password. Make sure you change connection type to SCP from default SFTP option as shown
http://wellytonian.com/wp-content/uploads/2010/03/032410_2152_EnablingSSH1.png
  1. Once logged in your WinSCP window will look like the follow. On the Esxi host side navigate to /etc/vmware and find the file called snmp.xml
http://wellytonian.com/wp-content/uploads/2010/03/032410_2152_EnablingSSH2.png
  1. Drag and drop the snmp.xml file from the right to the left of the screen.
http://wellytonian.com/wp-content/uploads/2010/03/032410_2152_EnablingSSH3.png
  1. Open the document with your favourite Notepad editor. I am using Notepad++
http://wellytonian.com/wp-content/uploads/2010/03/032410_2152_EnablingSSH4.png
  1. It would have the following default settings:
http://wellytonian.com/wp-content/uploads/2010/03/032410_2152_EnablingSSH5.png
  1. First and foremost make a copy of the file before editing it and save it with a different file name so that if something goes wrong you always have a copy of the original.
  2. Now do the following editing to it and save it with same file name snmp.xml.
http://wellytonian.com/wp-content/uploads/2010/03/032410_2152_EnablingSSH6.png
  1. Save the file and now go back to WinSCP and drag the file from the left to the right and accept the warning message to overwrite the file
http://wellytonian.com/wp-content/uploads/2010/03/032410_2152_EnablingSSH7.png
  1. Once that is done restart your esxi host and test SNMP which will be followed up in the next section.
Enabling SNMP via RCLI ( Only works for New Installation of Esxi , Valuation License still valid state)
  1. Download the Remote Command Line Interface from Vmware RCLI Download for Vsphere.
  2. Install it on your workstation.
  3. To start RCLI browse to your VMware folder under all programs and kick start the command line under vmware
http://wellytonian.com/wp-content/uploads/2010/03/032410_2152_EnablingSSH8.png
  1. At the command prompt type cd bin and then do a dir. This Directory has all the scripts that are required to run a variety of tasks on your esxi and esx servers.
  2. Type the following command
vicfg-snmp.pl –server ESXISERVERIP -c SNMPCOMMUNITYSTRING -t MONITORINGSERVERIP@162_or_161/SNMPCOMMUNITYSTRING
  1. To enable SNMP type vicfg-snmp.pl –server ESXISERVERIP –E
  2. To show the running config of SNMP on your esxi server type vicfg-snmp.pl –server ESXISERVERIP –s
  3. To test the SNMP confi type vicfg-snmp –server ESXISERVERIP –T
As you may have seen in the heading of this section this works only for new installation of esxi or those that have their Valuation license still valid (60 Days). For those who don’t fall into the category the only option is to go with SSH and then enabling SNMP option.
You will see this error if you try via RCLI
http://wellytonian.com/wp-content/uploads/2010/03/032410_2152_EnablingSSH9.png
This is because remote write permission is disabled on the free version of esxi.
http://wellytonian.com/wp-content/uploads/2010/03/032410_2152_EnablingSSH10.png
Now user your favourite SNMP monitoring station Cacti, Zenoss, Spiceworks there are so many to start monitoring your Esxi environment.
Next post update on this will be to check on Cacti monitoring these ladies
I would really appreciate some feedback for this article as to if this can be done in a simpler way or if there is a way to hack the write permission issue for the free esxi hosts.


Enabling SNMP on VMware ESXi Servers
The following procedure enables SNMP on VMware ESXi.
Notes:
  • The free version of VMware ESXi does not support SNMP.
  • The following procedure to enable SNMP requires the vSphere command line interface (CLI). The vSphere CLI is not packaged with your ESXi Server by default, so you will need to download it from VMware, as indicated.
To enable SNMP on VMware ESXi:
  1. Download and install the VMware vSphere command line interface from the VMware Download Center (http://downloads.vmware.com/d/).
  2. Use the vSphere CLI to view your ESXi server SNMP settings, as indicated in the following procedure:
    1. In the Perl\bin directory of your vSphere installation, execute the following script:
      perl ..\..\bin\vicfg-snmp.pl --server ip_address –s
      Notes:
      • C:\Program Files\VMware\VMware vSphere CLI\Perl\bin is the default location of the vSphere Perl\bin directory.
      • Replace ip_address with the IP address of your ESXi server.
    2. Enter an appropriate user name at the prompt.
      Note: For most environments,
      root should be sufficient.
    3. Enter the associated password at the prompt.
  3. Use the vSphere CLI to enable SNMP on your ESXi server, as indicated in the following procedure:
    1. In the Perl\bin directory of your vSphere installation, execute the following script to add an appropriate community string:
      perl ..\..\bin\vicfg-snmp.pl --server ip_address -c cstring
      Note: Replace
      ip_address with the IP address of your ESXi server, and replace cstring with the community string you are adding. For most environments, the community string public should be sufficient.
    2. Enter an appropriate user name at the prompt.
      Note: For most environments,
      root should be sufficient.
    3. Enter the associated password at the prompt.
    4. In the Perl\bin directory of your vSphere installation, execute the following script to enable SNMP:
      perl ..\..\bin\vicfg-snmp.pl --server ip_address –E
      Note: Replace
      ip_address with the IP address of your ESXi server.
    5. Enter an appropriate user name at the prompt.
      Note: For most environments,
      root should be sufficient.
    6. Enter the associated password at the prompt.
  4. Reboot your ESXi server to allow settings to take effect.




Nessun commento: