Controller status commands # show control-cluster status # show control-cluster connections # show control-cluster startup-nodes # show control-cluster roles # show control-cluster history # join control-cluster xxx.xxx.xxx.xxx # join control-cluster xxx.xxx.xxx.xxx force # show status # show network interface # show network default-gateway # show network dns-servers # show network ntp-servers # show network ntp-status […]
Author Archives: russ oconnor
NSX Labs – Nested ESXi for NSX Lab
Nested ESXi for NSX Lab In my last lab build for NSX I came across some issues that were very time consuming to diagnose as they only show up when you start working with nsx I built the nested esx lab in esxi5.1 with vsphere 6 esxi and vsca. See the diagrams in other post for […]
PowerCLI – Find mac in a haystack
find a vms mac in two minutes with this really useful one-liner Get-VM | Get-NetworkAdapter ´ | Where-Object {$_.MacAddress -eq “00:50:56:xx:xx:xx:”} | Select MacAddress,NetworkName,Name,Parent,ConnectionState Ok, it’s a bit slow to run, this function by Robert van den Nieuwendijk is much faster [code language=”powershell”] function Get-VmByMacAddress { <# .SYNOPSIS Retrieves the virtual machines with a […]
PowerCLI – configure host dump-collector
There are a number of post showing how to setup VMware’s Dump Collector, once that is done the hosts need to be configured to point to the dump collector. First check that you can connect to the dump collector nc -z -u <your dump collector ip><port> see the following kb for troubleshooting http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2003042 Jonathan […]
Security Audit – Set ssh timeouts
Security auditors will consider ssh access a vulnerability. This can be mitigated by setting timeout values and linking the starting of the service to a vCenter user When a ssh session is needed the service will have to be started from the vCenter or DCUI. (In the case of DCUI access, either physical controls to the data […]
Security Audit – esxi logon
How are are you going to control logon to the esxi hosts? One solution is to add hosts to the domain, and then use active directory nominal accounts and groups assignments to access the esxi servers. The advantage of this is that account creation, permissions and policies are set in the domain and will be covered by the […]
Security Audit – vCenter logs retention and extract
As vCenter access is a entry control point, failure to produce logon events will be a major failure in the audit. vSphere vCenter should be configured to save logs for at lease 90 days or longer depending on your stated policy. If you have a sizeable environment you probably want to limit the size of […]