Use ESXCLI Commands to View Host Hardware Configuration

View the hardware configuration by using the command prompt.
a. Enter esxcli hardware clock get to view the time and date on the host.


  1. b. Enter esxcli hardware cpu list | less to view the number of CPUs on the host.

  1. You must press the space bar to scroll through the output. When done, press q to exit the less utility.
    c. Enter esxcli hardware memory get to view the host memory.
  1. d. Enter esxcli hardware pci list to view the PCI address of vmnic7.

Use ESXCLI Commands to View Storage Information
You use the CLI to view the storage configuration of the vSphere environment.

  1. View the storage configuration by using the command prompt.
    a. Enter esxcli storage vmfs extent list to view the number of VMFS extents that are available to the host.

  1. b. Enter esxcli storage core adapter list to view the SCSI host bus adapters.

  1. c. Enter esxcli storage core path stats get to view the SCSI path statistics.

  1. d. Enter esxcli storage filesystem list to view the boot partitions and the datastores that are available to each host.

  1. e. Enter esxcli storage nfs list to view the information about the NFS 3 datastores that are available on this host.

Use ESXCLI Commands to View Virtual Switch Information

You use the CLI to view the virtual switch configuration of the vSphere environment.

  1. View the virtual switch configuration by using the command prompt.
    1. Enter esxcli network ip dns server list to view the IP address of the DNS server.
  1. Enter esxcli network nic list to view the physical NICs.
  1. Enter esxcli network vswitch standard list to view that two standard switches are available to the host.
  1. Enter esxcli network vswitch dvs vmware list | more to view the available distributed switches.
  1. Enter esxcli network vswitch standard portgroup list to view the standard switch port groups.
  1. Enter esxcli network ip interface list | less to view the VMkernel interfaces on the host.
  1. Enter esxcli network ip interface ipv4 get to view the IP address and subnet mask of the VMkernel interfaces on the host.
  1. Enter esxcli network ip route ipv4 list to view the default gateway address for the VMkernel interfaces on the host.

Using vim-cmd Commands

Use vim-cmd commands to manage ESXi hosts and VMs:

  1. Get VM Information
  2. Manage the ESXi Hosts
  3. Register a VM
  4. Power On a VM
  5. Unregister a VM

You use vim-cmd commands to list information about the VMs that run on the sa-esxi- 03.vclass.local host. You also use vim-cmd commands to change the power state of a VM.

  1. Use MTPuTTY to establish an SSH session with sa-esxi-03.vclass.local.
  2. List the commands available under the vmsvc namespace.

vim-cmd vmsvc

  • List and review information about the VMs that are registered on the ESXi host.
    • List information about the VMs running on the ESXi host.

vim-cmd vmsvc/getallvms

  • Record the VMID for the Win-6 VM.                          
  • Get the configuration of the VM running on the ESXi host.

vim-cmd vmsvc/get.guest <VMID of Win-6>

Information about VM disk capacity does not appear in the command output because Win-6 is powered off. The get.guest command only provides disk capacity information if the VM is powered on and has VMware Tools installed.

  • List the power-related commands under the vmsvc namespace.

vim-cmd vmsvc/power

  • View the power state of Win-6.

vim-cmd vmsvc/power.getstate <VMID of Win-6>

The command output should state that Win-6 is powered off.

  • Power on Win-6.

vim-cmd vmsvc/power.on <VMID of Win-6> to boot the VM.

  • View the power state of Win-6.

vim-cmd vmsvc/power.getstate <VMID of Win-6>

  • Wait for the OS and VMware Tools services to fully start and then get the configuration of Win-6 running on the ESXi host.

vim-cmd vmsvc/get.guest <VMID of Win-6> | less

  1. From the command output, determine the disk capacity for this VM.

Manage the ESXi Hosts

You use vim-cmd commands to place the sa-esxi-03.vclass.local host in maintenance mode, take it out of maintenance mode, and view host configuration information.

  1. Place sa-esxi-03 in maintenance mode.

vim-cmd hostsvc/maintenance_mode_enter

The operation times out because Win-6 is powered on and the host does not belong to a fully automated DRS cluster.

  • Use vim-cmd to shut down Win-6.
  • Place sa-esxi-03 in maintenance mode.
  • View the configuration of host sa-esxi-03.

vim-cmd hostsvc/hostsummary | less

  • In the command output, find information about the ESXi host’s memory size, CPU information, number of NICs, and number of HBAs.
  • Take sa-esxi-03 out of maintenance mode.

vim-cmd hostsvc/maintenance_mode_exit

Register a VM

You use vim-cmd commands to register the Win-11 VM with the host. The Win-11 files are on the Shared3 datastore.

  1. Register Win-11 with the vCenter Server system.

vim-cmd solo/registervm /vmfs/volumes/Shared3/Win-11/Win- 11.vmx

The command returns the VMID of the newly registered VM.

  • List all the VMs on sa-esxi-03.vclass.local.

vim-cmd vmsvc/getallvms

Win-11 should appear in the list.

  • Verify that Win-11 appears in the vSphere Client inventory.
    • In the Firefox bookmarks toolbar, click the vSphere Client (SA-VCSA-01) bookmark in the vSphere Site-A folder.
    • Verify that Win-11 appears in the Hosts and Clusters inventory.

Power On a VM

You use vim-cmd commands to power on the Win-11 VM.

  1. Return to the MTPuTTY session for sa-esxi-03.
  2. Use vim-cmd to get the VMID for Win-11.
  3. View the power state of Win-11.

The command output should state that Win-11 is powered off.

  • Power on Win-11 using vim-cmd.
  • View the power state of Win-11 again and verify that this VM is powered on.

Unregister a VM

You use vim-cmd commands to unregister the Win-11 VM from the host and the vCenter Server system.

  1. Use vim-cmd to power off Win-11.

The VM must be powered off before it can be unregistered.

  • Unregister Win-11.

vim-cmd vmsvc/unregister <VMID of Win-11>

  • Verify that Win-11 is unregistered. vim-cmd vmsvc/getallvms Win-11 should not appear in the list.
  • View Win-11 in the vSphere Client inventory.

Win-11 should be in an orphaned state. An orphaned VM is one that exists in the vCenter Server database but is no longer present on the ESXi host.

  1. If Win-11 is not in an orphaned state, refresh the vSphere Client to update the navigation pane.
  2. In the vSphere Client, remove Win-11 from the Hosts and Clusters inventory.

Using Standalone ESXCLI and DCLI

  1. Log In to Standalone ESXCLI
  2. Load the Digital Security Certificate from the vCenter Server System
  3. Test the Digital Security Certificate from the vCenter Server System
  4. (Optional) Add Credentials and Thumbprint for ESXCLI Commands
  5. Use the DCLI to Manage vCenter Server

Log In to Standalone ESXCLI

Load the Digital Security Certificate from the vCenter Server System

You load the digital security certificate from the vCenter Server system into the Ubuntu VM for use with ESXCLI commands.

With this digital security certificate, you can run commands on ESXi hosts without entering a digital thumbprint for each ESXi host.

  1. Enter the esxcli command from the vSphere CLI VM to examine the CPU hardware on sa-esxi-01.

esxcli -s sa-esxi-01.vclass.local hardware cpu list

  • Enter root for the user name.

This command fails. For security reasons, you are required to enter the thumbprint of the target ESXi host.

  1. Instead of manually entering a long thumbprint, load the digital certificate from the vCenter Server system.
  2. Minimize the MTPuTTY utility but do not close it.
  3. Return to the Firefox web browser, open a new tab, and go to https://sa-vcsa- 01.vclass.local.
5.        Click Download trusted root CA certificates.
  • Select Save File and click OK.
  • Open Windows File Explorer and go to the Downloads folder (This PC > Downloads) on the student desktop.
  • Right-click download.zip and select Extract All.
  • Click Browse and navigate to C:\Materials\Downloads\Certs\vcsa-cert.
  • Click OK and click Extract.
  • Use Windows File Explorer to navigate to
C:\Materials\Downloads\Certs\vcsa-cert\certs\lin.

Two files are in the folder. Both files begin with an 8-character hexadecimal code, for example, d819a6fb.0 and d819a6fb.r0. The d819a6fb.0 file is the certificate. The d819a6fb.r0 file is a certificate revocation list (CRL) file.

  1. Rename the d819a6fb.0 file to sa-vcsa-01.crt. The file extension must be .crt and lowercase.
  2. Minimize Windows File Explorer.
  3. Click the WinSCP utility icon on the student desktop taskbar.
  4. Select the Ubuntu-CLI site and click Login to open an SCP session to the Ubuntu-CLI VM.
  5. If you see a security warning, click Yes to add the thumbprint to the cache.
  6. . In the left pane, navigate to C:\Materials\Downloads\Certs\vcsa- cert\certs\lin.
  7. In the right pane, navigate to the /usr/local/share/ca-certificates folder.

Different operating systems use different folders and procedures to load the digital certificates of certificate authority (CA) servers. The procedure used in this lab is required for Ubuntu Linux servers. If you host vSphere CLI software on a different OS, you must look up the required procedure and file location for that OS.

  1. Select the sa-vcsa-01.crt certificate file in the left pane and click Upload.
  1. Click OK to upload the file.
  2. Minimize the WinSCP utility and return to MTPuTTY.
  3. In the Ubuntu-CLI SSH session, enter the update-ca-certificates command. The command output shows that a new certificate is added.

Test the Digital Security Certificate from the vCenter Server System

You test the vCenter Server system’s digital security certificate that you loaded into the Ubuntu VM for use with ESXCLI commands.

  1. Use the Ubuntu-CLI VM session in MTPuTTY and enter the command to change the directory to where the certificate is stored.

cd /usr/local/share/ca-certificates/

You must either be in the same directory in which the certificate file is stored or use the full path to the certificate file when you enter a command.

  • Enter the command to test your certificate.

esxcli –vihost sa-esxi-01.vclass.local –server sa-vcsa- 01.vclass.local –cacertsfile sa-vcsa-01.crt hardware cpu list

The name of the server must be in FQDN form to match the name on the security certificate.

You should see a complete configuration description of all CPUs on sa-esxi- 01.vclass.local.

Add Credentials and Thumbprint for ESXCLI Commands

You add the user name, password, and digital thumbprint of the sa-esxi-01 host into the Ubuntu VM credential store for use with ESXCLI commands.

  1. Return the MTPuTTY utility session to the Ubuntu-CLI VM and enter

cd /root/vmware-vsphere-cli-distrib/apps/general.

  • Display the CPU hardware.

esxcli -s sa-esxi-01.vclass.local hardware cpu list

  • When prompted for a user name, enter root.

The command fails but it shows the thumbprint of the ESXi host.

  • Add the user name and password to the credentials store.
    • Add the root user of sa-esxi-01.vclass.local to the credentials store.

./credstore_admin.pl add -s sa-esxi-01.vclass.local -u root

  • When prompted for the password, enter VMware1!.

When adding credentials to the credential store, always add the user name and password before you add the thumbprint.

  • Add the thumbprint to the credentials store.
    • Add the thumbprint.

./credstore_admin.pl add -s sa-esxi-01.vclass.local -t

<thumbprint>

  • Replace the <thumbprint> with the thumbprint provided in the error message that you received, for example, 1D:67:07:E9:58:FC:97:81:AC:17:8F:BF:0E:74:E9:8F:BD:61:27: D5.

The thumbprint is case-sensitive and must match exactly.

  • Display the CPU hardware.

esxcli -s sa-esxi-01.vclass.local hardware cpu list

The command should successfully connect to the sa-esxi-01.vclass.local host and display the CPU hardware.

To manage the credentials store, use the following commands:

·         ./credstore_admin.pl help
·         ./credstore_admin.pl list
·         ./credstore_admin.pl add
·         ./credstore_admin.pl remove
·         ./credstore_admin.pl clear

To remove a bad thumbprint, use this command:

·         ./credstore_admin.pl remove -s server-name -t
<thumbprint>

To remove a bad user name and password, use this command:

·         ./credstore_admin.pl remove -s server-name -u <user>

Use the DCLI to Manage vCenter Server

You use the Data Center CLI from the Ubuntu-CLI VM to manage the vCenter Server system.

  1. Return the MTPuTTY utility session to the Ubuntu-CLI VM and enter the command to start a DCLI interactive session to vCenter Server.

dcli +interactive +server sa-vcsa-01.vclass.local +cacert- file /usr/local/share/ca-certificates/sa-vcsa-01.crt

  • At the dcli> prompt, enter the command to list the datastores visible to vCenter Server.

com vmware vcenter datastore list

  • When prompted, enter administrator@vsphere.local as the user name.
  • When prompted, enter VMware1! as the password.
  • Enter y to save the credentials.

You can use the following commands to manage the credentials store:

·      +credstore-list
·      +credstore-add
·      +credstore-remove

ESXi Command History

Determine commands run by each user in the ESXi Shell command history:

You view the command history on sa-esxi-03.vclass.local.

An administrator might run commands directly on an ESXi host that cause downtime or disconnection. In the same session, you can use the up arrow key to find which commands were previously run. However, if the session is closed or you log in as a different user, you must use a different method to view the history of the commands that were previously run.

  1. Use MTPuTTY to connect to sa-esxi-03.vclass.local.
  2. Determine the most recent date and time that sa-esxi-03 was placed into maintenance mode using the vim-cmd command.
    1. Use /var/log/shell.log to determine the most recent date and time that sa- esxi-03 was placed into maintenance mode using the vim-cmd command.
    1. Record the user that ran the vim-cmd command.                           
    1. Record the date and time that the command was run.                           
  3. Use /var/log/auth.log to determine the date and time that the user logged in and the IP address from which the user logged in.

About the author

Mosab Shaker

I stand at the forefront of the fastest moving technology trends like Digital Transformation, computer virtualization ,networking and security. I spent the past tenth years evangelizing an industry-wide shift to the co location in the MENA by promoting virtualization and cloud services many Customers . With a unique mix of knowledge about different industries, businesses, and technologies

View all posts

Leave a Reply

Your email address will not be published. Required fields are marked *