VMware vSphere - 6.0.2 Installation Manual

vSphere Installation and Setup
Update 2
vSphere 6.0
This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
EN-001986-04
You can find the most up-to-date technical documentation on the VMware Web site at:
hp://www.vmware.com/support/
The VMware Web site also provides the latest product updates.
If you have comments about this documentation, submit your feedback to:
docfeedback@vmware.com
Copyright © 2009–2016 VMware, Inc. All rights reserved. Copyright and trademark information.
VMware, Inc.
3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com
2 VMware, Inc.

Contents

About vSphere Installation and Setup 7
Updated Information 9
Introduction to vSphere Installation and Setup 11
1
vCenter Server Components and Services 11
vCenter Server Deployment Models 13
Overview of the vSphere Installation and Setup Process 16
vSphere Security Certicates Overview 17
Enhanced Linked Mode Overview 20
System Requirements 23
2
ESXi Requirements 23
vCenter Server for Windows Requirements 29
vCenter Server Appliance Requirements 31
Required Ports for vCenter Server and Platform Services Controller 33
vSphere DNS Requirements 37
vSphere Web Client Software Requirements 38
Client Integration Plug-In Software Requirements 38
vSphere Client Requirements 39
Required Free Space for System Logging 40
Before You Install ESXi 41
3
Options for Installing ESXi 41
Media Options for Booting the ESXi Installer 44
Using Remote Management Applications 55
Required Information for ESXi Installation 55
Download the ESXi Installer 56
VMware, Inc.
Installing ESXi 57
4
Installing ESXi Interactively 57
Installing or Upgrading Hosts by Using a Script 60
Installing ESXi Using vSphere Auto Deploy 74
Using vSphere ESXi Image Builder 139
Seing Up ESXi 163
5
ESXi Autoconguration 164
About the Direct Console ESXi Interface 164
Set the Password for the Administrator Account 167
Conguring the BIOS Boot Seings 167
Host Fails to Boot After You Install ESXi in UEFI Mode 168
3
Network Access to Your ESXi Host 169
Congure the Network Seings on a Host That Is Not Aached to the Network 169
Managing ESXi Remotely 170
Conguring Network Seings 170
Storage Behavior 175
Enable ESXi Shell and SSH Access with the Direct Console User Interface 177
View System Logs 178
Congure Syslog on ESXi Hosts 178
Congure Log Filtering on ESXi Hosts 179
Set the Host Image Prole Acceptance Level 180
Reset the System Conguration 181
Remove All Custom Packages on ESXi 181
Disable Support for Non-ASCII Characters in Virtual Machine File and Directory Names 182
Decommission an ESXi Host 182
After You Install and Set Up ESXi 183
6
Managing the ESXi Host 183
Licensing ESXi Hosts 183
Install the vSphere Client 185
Before You Install vCenter Server or Deploy the vCenter Server Appliance 187
7
Preparing vCenter Server Databases 187
How vCenter Single Sign-On Aects Installation 207
Synchronizing Clocks on the vSphere Network 211
Using a User Account for Running vCenter Server 211
Installing vCenter Server on IPv6 Machines 212
Running the vCenter Server Installer from a Network Drive 212
Required Information for Installing vCenter Server 212
Required Information for Deploying the vCenter Server Appliance 216
Installing vCenter Server on a Windows Virtual Machine or Physical Server 225
8
Download the vCenter Server for Windows Installer 225
Install vCenter Server with an Embedded Platform Services Controller 226
Installing vCenter Server with an External Platform Services Controller 228
Installing vCenter Server in an Environment with Multiple NICs 233
Deploying the vCenter Server Appliance 235
9
Download the vCenter Server Appliance Installer 236
Install the Client Integration Plug-In 236
Deploy the vCenter Server Appliance with an Embedded Platform Services Controller 237
Deploying a vCenter Server Appliance with an External Platform Services Controller 240
Troubleshooting vCenter Server Installation or Deployment 247
10
Collecting Logs for Troubleshooting a vCenter Server Installation or Upgrade 247
Aempt to Install a Platform Services Controller After a Prior Installation Failure 249
Microsoft SQL Database Set to Unsupported Compatibility Mode Causes vCenter Server
Installation or Upgrade to Fail 250
4 VMware, Inc.
After You Install vCenter Server or Deploy the vCenter Server Appliance 251
11
Log in to vCenter Server by Using the vSphere Web Client 251
Collect vCenter Server Log Files 252
Install or Upgrade vSphere Authentication Proxy 252
Uninstall vCenter Server 254
Repoint the Connections Between vCenter Server and Platform Services Controller 254
Recongure a Standalone vCenter Server with an Embedded Platform Services Controller to a
vCenter Server with an External Platform Services Controller 256
Recongure Multiple Joined Instances of vCenter Server with an Embedded
Platform Services Controller to vCenter Server with an External Platform Services Controller 259
Contents
Backing Up and Restoring a vCenter Server Environment 269
12
General vSphere Data Protection Workow 270
Backing Up and Restoring vCenter Server with an Embedded Platform Services Controller 277
Backing Up and Restoring a vCenter Server Environment with a Single External
Platform Services Controller 278
Backing Up and Restoring a vCenter Server Environment with Multiple
Platform Services Controller Instances 281
Index 291
VMware, Inc. 5
6 VMware, Inc.

About vSphere Installation and Setup

vSphere Installation and Setup describes how to install and congure VMware® vCenter Server, deploy the vCenter Server Appliance, and ESXi.
Intended Audience
vSphere Installation and Setup is intended for experienced administrators who want to install and congure vCenter Server, deploy and congure the vCenter Server Appliance, and install and congure ESXi.
This information is wrien for experienced Windows or Linux system administrators who are familiar with virtual machine technology and data center operations. The information about using the Image Builder and Auto Deploy is wrien for administrators who have experience with Microsoft PowerShell and PowerCLI.
VMware, Inc.
7
8 VMware, Inc.

Updated Information

This vSphere Installation and Setup is updated with each release of the product or when necessary.
This table provides the update history of the vSphere Installation and Setup.
Revision Description
EN-001986-04
EN-001986-03
EN-001986-02
EN-001986-01
EN-001986-00 Initial release.
Updated “vCenter Server for Windows Hardware Requirements,” on page 30 and “vCenter Server
n
Appliance Hardware Requirements,” on page 31 to state that the hardware requirements for
vCenter Server with an embedded Platform Services Controller and vCenter Server with an external Platform Services Controller are the same.
Updated “Recongure Each vCenter Server Instance and Repoint It from an Embedded to External
n
Platform Services Controller Instance,” on page 265 to add a step for creating direct replication
agreement between the embedded and the external Platform Services Controller instances if not present.
Revised the prerequisites and steps in “Format a USB Flash Drive to Boot the ESXi Installation or
n
Upgrade,” on page 44.
Updated “Install the Client Integration Plug-In,” on page 236 to improve the information about the
n
location of the executable le.
Updated information on ports 389, 636, 11711, and 11712 in “Required Ports for vCenter Server and
n
Platform Services Controller,” on page 33.
Minor revisions of the examples in “Create an Installer ISO Image with a Custom Installation or
n
Upgrade Script,” on page 47 and “Boot Options,” on page 61.
Updated topics “Set the Scratch Partition from the vSphere Web Client,” on page 176 and “Host
n
Stops Unexpectedly at Bootup When Sharing a Boot Disk with Another Host,” on page 177 to add an
example for seing a directory path for the scratch partition.
n
Updated the psc_restore script name in Chapter 12, “Backing Up and Restoring a vCenter Server
Environment,” on page 269 section.
Updated topic “Auto Deploy Best Practices,” on page 114 to state that Auto Deploy is deployed
n
together with the vCenter Server system.
Corrected URL in topic “Create a Backup Job in vSphere Data Protection,” on page 273.
n
Updated information on number of vCenter Server instances in “How vCenter Single Sign-On
n
Aects Installation,” on page 207.
Updated topic “Recongure a Standalone vCenter Server with an Embedded Platform Services
n
Controller to a vCenter Server with an External Platform Services Controller,” on page 256 and
added “Recongure Multiple Joined Instances of vCenter Server with an Embedded Platform
Services Controller to vCenter Server with an External Platform Services Controller,” on page 259 to
improve the information about reconguring a standalone and multiple instances of vCenter Server with an embedded Platform Services Controller.
VMware, Inc. 9
10 VMware, Inc.
Introduction to vSphere Installation
and Setup 1
vSphere 6.0 provides various options for installation and setup. To ensure a successful vSphere deployment, understand the installation and setup options, and the sequence of tasks.
The two core components of vSphere are VMware ESXi® and VMware vCenter Server®. ESXi is the virtualization platform on which you can create and run virtual machines and virtual appliances. vCenter Server is a service that acts as a central administrator for ESXi hosts connected in a network. vCenter Server lets you pool and manage the resources of multiple hosts.
You can install vCenter Server on a Windows virtual machine or physical server, or deploy the vCenter Server Appliance. The vCenter Server Appliance is a precongured Linux-based virtual machine optimized for running vCenter Server and the vCenter Server components. You can deploy the vCenter Server Appliance on ESXi hosts 5.0 or later, or on vCenter Server instances 5.0 or later.
Starting with vSphere 6.0, all prerequisite services for running vCenter Server and the vCenter Server components are bundled in the VMware Platform Services Controller. You can deploy vCenter Server with an embedded or external Platform Services Controller, but you must always install or deploy the Platform Services Controller before installing or deploying vCenter Server.
This chapter includes the following topics:
“vCenter Server Components and Services,” on page 11
n
“vCenter Server Deployment Models,” on page 13
n
“Overview of the vSphere Installation and Setup Process,” on page 16
n
“vSphere Security Certicates Overview,” on page 17
n
“Enhanced Linked Mode Overview,” on page 20
n

vCenter Server Components and Services

vCenter Server provides a centralized platform for management, operation, resource provisioning, and performance evaluation of virtual machines and hosts.
When you install vCenter Server with an embedded Platform Services Controller, or deploy the vCenter Server Appliance with an embedded Platform Services Controller, vCenter Server, the vCenter Server components, and the services included in the Platform Services Controller are deployed on the same system.
When you install vCenter Server with an external Platform Services Controller, or deploy the vCenter Server Appliance with an external Platform Services Controller, vCenter Server and the vCenter Server components are deployed on one system, and the services included in the Platform Services Controller are deployed on another system.
VMware, Inc.
11
The following components are included in the vCenter Server and vCenter Server Appliance installations:
The VMware Platform Services Controller group of infrastructure services contains vCenter Single Sign-
n
On, License service, Lookup Service, and VMware Certicate Authority.
The vCenter Server group of services contains vCenter Server, vSphere Web Client, Inventory Service,
n
vSphere Auto Deploy, vSphere ESXi Dump Collector, VMware vSphere Syslog Collector on Windows and VMware Sphere Syslog Service for the vCenter Server Appliance.
Services Installed with VMware Platform Services Controller
vCenter Single Sign-On
vSphere License Service
VMware Certificate Authority
The vCenter Single Sign-On authentication service provides secure authentication services to the vSphere software components. By using vCenter Single Sign-On, the vSphere components communicate with each other through a secure token exchange mechanism, instead of requiring each component to authenticate a user separately with a directory service like Active Directory. vCenter Single Sign-On constructs an internal security domain (for example, vsphere.local) where the vSphere solutions and components are registered during the installation or upgrade process, providing an infrastructure resource. vCenter Single Sign-On can authenticate users from its own internal users and groups, or it can connect to trusted external directory services such as Microsoft Active Directory. Authenticated users can then be assigned registered solution-based permissions or roles within a vSphere environment.
vCenter Single Sign-On is available and required with vCenter Server 5.1.x and later.
The vSphere License service provides common license inventory and management capabilities to all vCenter Server systems that are connected to a Platform Services Controller or multiple linked Platform Services Controllers.
VMware Certicate Authority (VMCA) provisions each ESXi host with a signed certicate that has VMCA as the root certicate authority, by default. Provisioning occurs when the ESXi host is added to vCenter Server explicitly or as part of the ESXi host installation process. All ESXi certicates are stored locally on the host.
Services Installed with vCenter Server
These additional components are installed silently when you install vCenter Server. The components cannot be installed separately as they do not have their own installers.
vCenter Inventory Service
PostgreSQL
vSphere Web Client
vSphere ESXi Dump Collector
12 VMware, Inc.
Inventory Service stores vCenter Server conguration and inventory data, enabling you to search and access inventory objects across vCenter Server instances.
A bundled version of the VMware distribution of PostgreSQL database for vSphere and vCloud Hybrid Services.
The vSphere Web Client lets you connect to vCenter Server instances by using a Web browser, so that you can manage your vSphere infrastructure.
The vCenter Server support tool. You can congure ESXi to save the VMkernel memory to a network server, rather than to a disk, when the system encounters a critical failure. The vSphere ESXi Dump Collector collects such memory dumps over the network.
Chapter 1 Introduction to vSphere Installation and Setup
VMware vSphere Syslog Collector
VMware Syslog Service
vSphere Auto Deploy
The vCenter Server on Windows support tool that enables network logging and combining of logs from multiple hosts. You can use the vSphere Syslog Collector to direct ESXi system logs to a server on the network, rather than to a local disk. The recommended maximum number of supported hosts to collect logs from is 30. For information about conguring vSphere Syslog Collector, see hp://kb.vmware.com/kb/2021652.
The vCenter Server Appliance support tool that provides a unied architecture for system logging, network logging and collecting logs from hosts. You can use the VMware Syslog Service to direct ESXi system logs to a server on the network, rather than to a local disk. The recommended maximum number of supported hosts to collect logs from is 30. For information about conguring VMware Syslog Service, see vCenter Server Appliance Conguration.
The vCenter Server support tool that can provision hundreds of physical hosts with ESXi software. You can specify the image to deploy and the hosts to provision with the image. Optionally, you can specify host proles to apply to the hosts, and a vCenter Server location (folder or cluster) for each host.

vCenter Server Deployment Models

You can install vCenter Server on a virtual machine or a physical server running Microsoft Windows Server 2008 SP2 or later, or can deploy the vCenter Server Appliance. The vCenter Server Appliance is a precongured Linux-based virtual machine, optimized for running vCenter Server.
vSphere 6.0 introduces vCenter Server with an embedded Platform Services Controller and vCenter Server with an external Platform Services Controller.
I This documentation provides information about the basic deployment models. For information about the recommended topologies, see List of recommended topologies for vSphere 6.0.x.
vCenter Server with an embedded Platform Services Controller
vCenter Server with an external Platform Services Controller
N After you deploy vCenter Server with an embedded Platform Services Controller, you can
recongure your topology and switch to vCenter Server with an external Platform Services Controller. This is a one-way process after which you cannot switch back to vCenter Server with an embedded Platform Services Controller. You can repoint the vCenter Server instance only to an external Platform Services Controller that is congured to replicate the infrastructure data within the same domain.
All services bundled with the Platform Services Controller are deployed on the same virtual machine or physical server as vCenter Server.
The services bundled with the Platform Services Controller and vCenter Server are deployed on dierent virtual machines or physical servers.
You rst must deploy the Platform Services Controller on one virtual machine or physical server and then deploy vCenter Server on another virtual machine or physical server.
vCenter Server with an Embedded Platform Services Controller
vCenter Server and the Platform Services Controller are deployed on a single virtual machine or physical server.
VMware, Inc. 13
Platform Services
Controller
Virtual Machine
or Physical Server
vCenter Server
Platform Services
Controller
Virtual Machine
or Physical Server
Virtual Machine
or Physical Server
vCenter Server
Virtual Machine
or Physical Server
vCenter Server
Figure 11. vCenter Server with an Embedded Platform Services Controller
Installing vCenter Server with an embedded Platform Services Controller has the following advantages:
The connection between vCenter Server and the Platform Services Controller is not over the network,
n
and vCenter Server is not prone to outages because of connectivity and name resolution issues between vCenter Server and the Platform Services Controller.
If you install vCenter Server on Windows virtual machines or physical servers, you will need fewer
n
Windows licenses.
You will have to manage fewer virtual machines or physical servers.
n
You do not need a load balancer to distribute the load across Platform Services Controller.
n
Installing with an embedded Platform Services Controller has the following disadvantages:
There is a Platform Services Controller for each product which might be more than required. This
n
consumes more resources.
The model is suitable for small-scale environments.
n
vCenter Server with an External Platform Services Controller
vCenter Server and the Platform Services Controller are deployed on separate virtual machine or physical server. The Platform Services Controller can be shared across several vCenter Server instances. You can install a Platform Services Controller and then install several vCenter Server instances and register them with the Platform Services Controller. You can then install another Platform Services Controller, congure it to replicate data with the rst Platform Services Controller, and then install vCenter Server instances and register them with the second Platform Services Controller.
Figure 12. vCenter Server with an External Platform Services Controller
14 VMware, Inc.
Installing vCenter Server with an external Platform Services Controller has the following advantages:
Less resources consumed by the combined services in the Platform Services Controllers enables a
n
n
reduced footprint and reduced maintenance.
Your environment can consist of more vCenter Server instances.
Platform Services
Controller on Windows
Windows Virtual Machine
or Physical Server
Virtual Machine
vCenter Server
Appliance
Virtual Machine
or Physical Server
vCenter Server
on Windows
Platform Services
Controller Appliance
Linux Virtual Machine
Virtual Machine
vCenter Server
Appliance
Virtual Machine
or Physical Server
vCenter Server
on Windows
Chapter 1 Introduction to vSphere Installation and Setup
Installing vCenter Server with an external Platform Services Controller has the following disadvantages:
The connection between vCenter Server and Platform Services Controller is over the network and is
n
prone to connectivity and name resolution issues.
If you install vCenter Server on Windows virtual machines or physical servers, you need more
n
Microsoft Windows licenses.
You must manage more virtual machines or physical servers.
n
Mixed Operating Systems Environment
A vCenter Server instance installed on Windows can be registered with either a Platform Services Controller installed on Windows or a Platform Services Controller appliance. A vCenter Server Appliance, can be registered with either a Platform Services Controller installed on Windows or a Platform Services Controller appliance. Both vCenter Server and the vCenter Server Appliance can be registered with the same Platform Services Controller within a domain.
Figure 13. Example of a Mixed Operating Systems Environment with an External Platform Services Controller on Windows
Figure 14. Example of a Mixed Operating Systems Environment with an External Platform Services Controller Appliance
Having many Platform Services Controllers that replicate their infrastructure data, allows you to ensure high availability of your system.
If an external Platform Services Controller with which your vCenter Server instance or vCenter Server Appliance was initially registered, stops responding, you can repoint your vCenter Server or vCenter Server Appliance to another external Platform Services Controller in the domain. For more information, see “Repoint the Connections Between vCenter Server and Platform Services Controller,” on page 254.
VMware, Inc. 15

Overview of the vSphere Installation and Setup Process

vSphere is a sophisticated product with multiple components to install and set up. To ensure a successful vSphere deployment, understand the sequence of tasks required.
Installing vSphere includes the following tasks:
1 Read the vSphere release notes.
2 Verify that your system meets vSphere hardware and software requirements. See Chapter 2, “System
Requirements,” on page 23.
3 Install ESXi.
a Verify that your system meets the minimum hardware requirements. See “ESXi Requirements,” on
page 23.
b Determine the ESXi installation option to use. See “Options for Installing ESXi,” on page 41.
c Determine where you want to locate and boot the ESXi installer. See “Media Options for Booting
the ESXi Installer,” on page 44. If you are PXE-booting the installer, verify that your network PXE
infrastructure is properly set up. See “PXE Booting the ESXi Installer,” on page 48.
d Create a worksheet with the information you will need when you install ESXi. See “Required
Information for ESXi Installation,” on page 55.
e Install ESXi.
“Installing ESXi Interactively,” on page 57
n
“Installing or Upgrading Hosts by Using a Script,” on page 60
n
“Installing ESXi Using vSphere Auto Deploy,” on page 74
n
I In vSphere 6.0, Auto Deploy is installed together with vCenter Server. To provision ESXi hosts by using Auto Deploy, you must install vCenter Server or deploy the vCenter Server Appliance.
4 Congure ESXi boot and network seings, the direct console, and other seings. See Chapter 5, “Seing
Up ESXi,” on page 163 and Chapter 6, “After You Install and Set Up ESXi,” on page 183.
5 Consider seing up a syslog server for remote logging, to ensure sucient disk storage for log les.
Seing up logging on a remote host is especially important for hosts with limited local storage. See
“Required Free Space for System Logging,” on page 40 and “Congure Syslog on ESXi Hosts,” on
page 178.
6 Install vCenter Server on a Windows virtual machine or physical server or deploy the
vCenter Server Appliance.
In vSphere 6.0, you can install vCenter Server or deploy the vCenter Server Appliance, and connect them in Enhanced Linked Mode conguration by registering the vCenter Server instance and the vCenter Server Appliance to Platform Services Controllers that replicate their infrastructure data.
Concurrent installations are not supported. After you install or deploy a Platform Services Controller, you must install vCenter Server instances or deploy vCenter Server Appliance sequentially.
Install vCenter Server on a Windows virtual machine or physical server.
n
1 Verify that your system meets the hardware and software requirements for installing
vCenter Server. See “vCenter Server for Windows Requirements,” on page 29.
2 (Optional) Set up an external vCenter Server database. See “Preparing vCenter Server
Databases,” on page 187.
16 VMware, Inc.
Chapter 1 Introduction to vSphere Installation and Setup
For an environment with up to 20 hosts and 200 virtual machines, you can use the bundled PostgreSQL database. For production and large scale environments, set up an external database, because the migration from the embedded PostgreSQL database to an external database is not a trivial manual process.
3 Create a worksheet with the information you need for installation. See “Required Information
for Installing vCenter Server,” on page 212.
4 Install vCenter Server and the Platform Services Controller. See Chapter 8, “Installing vCenter
Server on a Windows Virtual Machine or Physical Server,” on page 225.
You can install vCenter Server with an embedded or with an external Platform Services Controller.
vCenter Server with an embedded Platform Services Controller deployment is suitable for small-scale environments. vCenter Server with an external Platform Services Controller deployment is suitable for environments with several vCenter Server instances. See “vCenter
Server Deployment Models,” on page 13 .
Deploy the vCenter Server Appliance.
n
1 Review the topics in “vCenter Server Appliance Requirements,” on page 31 and verify that
your system meets the hardware and software requirements for deploying the vCenter Server Appliance.
2 (Optional) Set up an external Oracle database. The vCenter Server Appliance supports only
Oracle database as an external database. See “Preparing vCenter Server Databases,” on page 187.
You can also use the bundled PostgreSQL database, which is suitable for environments that contain up to 1,000 hosts and 10,000 virtual machines.
3 Use the topic “Required Information for Deploying the vCenter Server Appliance,” on
page 216 to create a worksheet with the information you need for installation.
4 Deploy the vCenter Server Appliance with an embedded Platform Services Controller or with
an external Platform Services Controller. See Chapter 9, “Deploying the vCenter Server
Appliance,” on page 235.
vCenter Server with an embedded Platform Services Controller deployment is suitable for small-scale environments. vCenter Server with an external Platform Services Controller deployment is suitable for environments with several vCenter Server instances. See “vCenter
Server Deployment Models,” on page 13 .
7 Connect to vCenter Server from the vSphere Web Client. See Chapter 11, “After You Install vCenter
Server or Deploy the vCenter Server Appliance,” on page 251.
8 Congure vCenter Server and the vCenter Server Appliance. See vCenter Server and Host Management
and vCenter Server Appliance Conguration.

vSphere Security Certificates Overview

ESXi hosts and vCenter Server communicate securely over SSL to ensure condentiality, data integrity and authentication.
In vSphere 6.0, the VMware Certicate Authority (VMCA) provisions each ESXi host with a signed certicate that has VMCA as the root certicate authority, by default. Provisioning happens when the ESXi host is added to vCenter Server explicitly or as part of the ESXi host installation. All ESXi certicates are stored locally on the host.
You can also use custom certicates with a dierent root Certicate Authority (CA). For information about managing certicates for ESXi hosts, see the vSphere Security documentation.
VMware, Inc. 17
CA-Cert
VECS
Machine-Cert
Signed
VMCA
All certicates for vCenter Server and the vCenter Server services are stored in the VMware Endpoint Certicate Store (VECS).
You can replace the VMCA certicate for vCenter Server with a dierent certicate signed by a CA. If you want to use a third party certicate, install the Platform Services Controller, add the new CA-signed root
certicate to VMCA, and then install vCenter Server. For information about managing vCenter Server certicates, see the vSphere Security documentation.

Certificate Replacement Overview

You can perform dierent types of certicate replacement depending on company policy and requirements for the system that you are conguring. You can perform each replacement with the vSphere Certicate Manager utility or manually by using the CLIs included with your installation.
VMCA is included in each Platform Services Controller and in each embedded deployment. VMCA provisions each node, each vCenter Server solution user, and each ESXi host with a certicate that is signed by VMCA as the certicate authority. vCenter Server solution users are groups of vCenter Server services. See vSphere Security for a list of solution users.
You can replace the default certicates. For vCenter Server components, you can use a set of command-line tools included in your installation. You have several options.
See the vSphere Security publication for details on the replacement workows and on the vSphere Certicate Manager utility.
Replace With Certificates Signed by VMCA
If your VMCA certicate expires or you want to replace it for other reasons, you can use the certicate management CLIs to perform that process. By default, the VMCA root certicate expires after ten years, and all certicates that VMCA signs expire when the root certicate expires, that is, after a maximum of ten years.
Figure 15. Certificates Signed by VMCA Are Stored in VECS
18 VMware, Inc.
CA-Cert
VECS
Machine-Cert
Signed
VMware vSphere
VMCA
Root
CA-Cert
Enterprise
CA-Cert
Signed Signed
Chapter 1 Introduction to vSphere Installation and Setup
Make VMCA an Intermediate CA
You can replace the VMCA root certicate with a certicate that is signed by an enterprise CA or third-party CA. VMCA signs the custom root certicate each time it provisions certicates, making VMCA an intermediate CA.
N If you perform a fresh install that includes an external Platform Services Controller, install the Platform Services Controller rst and replace the VMCA root certicate. Next, install other services or add ESXi hosts to your environment. If you perform a fresh install with an embedded Platform Services Controller, replace the VMCA root certicate before you add ESXi hosts. If you do, all certicates are signed by the whole chain, and you do not have to generate new certicates.
Figure 16. Certificates Signed by a Third-Party or Enterprise CA Use VMCA as an Intermediate CA
Do Not Use VMCA, Provision with Custom Certificates
You can replace the existing VMCA-signed certicates with custom certicates. If you use that approach, you are responsible for all certicate provisioning and monitoring.
VMware, Inc. 19
Unused
VECS
Machine-Cert
VMware vSphere
VMCA
External CA
(Commercial or
Enterprise)
Signed
Figure 17. External Certificates are Stored Directly in VECS
Hybrid Deployment
You can have VMCA supply some of the certicates, but use custom certicates for other parts of your infrastructure. For example, because solution user certicates are used only to authenticate to vCenter Single Sign-On, consider having VMCA provision those certicates. Replace the machine SSL certicates with custom certicates to secure all SSL trac.
ESXi Certificate Replacement
For ESXi hosts, you can change certicate provisioning behavior from the vSphere Web Client.
VMware Certificate Authority mode (default)
When you renew certicates from the vSphere Web Client, VMCA issues the certicates for the hosts. If you changed the VMCA root certicate to include a certicate chain, the host certicates include the full chain.
Custom Certificate Authority mode
Thumbprint mode
Allows you to manually update and use certicates that are not signed or issued by VMCA.
Can be used to retain 5.5 certicates during refresh. Use this mode only temporarily in debugging situations.

Enhanced Linked Mode Overview

Enhanced Linked Mode connects multiple vCenter Server systems together by using one or more Platform Services Controllers.
Enhanced Linked Mode lets you view and search across all linked vCenter Server systems and replicate roles, permissions, licenses, policies, and tags.
When you install vCenter Server or deploy the vCenter Server Appliance with an external Platform Services Controller, you must rst install the Platform Services Controller. During installation of the Platform Services Controller, you can select whether to create a new vCenter Single Sign-On domain or join an existing domain. You can select to join an existing vCenter Single Sign-On domain if you have already installed or deployed a Platform Services Controller, and have created a vCenter Single Sign-On domain. When you join an existing vCenter Single Sign-On domain, the data between the existing Platform Services Controller and the new Platform Services Controller is replicated, and the infrastructure data is replicated between the two Platform Services Controllers.
20 VMware, Inc.
Chapter 1 Introduction to vSphere Installation and Setup
With Enhanced Linked Mode, you can connect not only vCenter Server systems running on Windows but also many vCenter Server Appliances. You can also have an environment where multiple vCenter Server systems and vCenter Server Appliances are linked together.
If you install vCenter Server with an external Platform Services Controller, you rst must deploy the Platform Services Controller on one virtual machines or physical server and then deploy vCenter Server on another virtual machines or physical server. While installing vCenter Server, you must select the external Platform Services Controller. Make sure that the Platform Services Controller you select is an external standalone Platform Services Controller. Selecting an existing Platform Services Controller that is a part of an embedded installation is not supported and cannot be recongured after the deployment. For information about the recommended topologies, see hp://kb.vmware.com/kb/2108548.
VMware, Inc. 21
22 VMware, Inc.

System Requirements 2

Systems running vCenter Server on Windows, the vCenter Server Appliance, and ESXi instances must meet specic hardware and operating system requirements.
If you are using Auto Deploy to provision ESXi hosts, see also “Preparing for vSphere Auto Deploy,” on page 84.
This chapter includes the following topics:
“ESXi Requirements,” on page 23
n
“vCenter Server for Windows Requirements,” on page 29
n
“vCenter Server Appliance Requirements,” on page 31
n
“Required Ports for vCenter Server and Platform Services Controller,” on page 33
n
“vSphere DNS Requirements,” on page 37
n
“vSphere Web Client Software Requirements,” on page 38
n
“Client Integration Plug-In Software Requirements,” on page 38
n
“vSphere Client Requirements,” on page 39
n
“Required Free Space for System Logging,” on page 40
n

ESXi Requirements

To install ESXi 6.0 or upgrade to ESXi 6.0, your system must meet specic hardware and software requirements.

ESXi Hardware Requirements

Make sure the host meets the minimum hardware congurations supported by ESXi 6.0.
Hardware and System Resources
To install or upgrade ESXi 6.0, your hardware and system resources must meet the following requirements:
Supported server platform . For a list of supported platforms, see the VMware Compatibility Guide at
n
hp://www.vmware.com/resources/compatibility.
ESXi 6.0 requires a host machine with at least two CPU cores.
n
ESXi 6.0 supports 64-bit x86 processors released after September 2006. This includes a broad range of
n
multi-core processors. For a complete list of supported processors, see the VMware compatibility guide at hp://www.vmware.com/resources/compatibility.
VMware, Inc.
23
ESXi 6.0 requires the NX/XD bit to be enabled for the CPU in the BIOS.
n
ESXi requires a minimum of 4GB of physical RAM. It is recommended to provide at least 8 GB of RAM
n
to run virtual machines in typical production environments.
To support 64-bit virtual machines, support for hardware virtualization (Intel VT-x or AMD RVI) must
n
be enabled on x64 CPUs.
One or more Gigabit or faster Ethernet controllers. For a list of supported network adapter models, see
n
the VMware Compatibility Guide at hp://www.vmware.com/resources/compatibility.
SCSI disk or a local, non-network, RAID LUN with unpartitioned space for the virtual machines.
n
For Serial ATA (SATA), a disk connected through supported SAS controllers or supported on-board
n
SATA controllers. SATA disks will be considered remote, not local. These disks will not be used as a scratch partition by default because they are seen as remote.
N You cannot connect a SATA CD-ROM device to a virtual machine on an ESXi 6.0 host. To use the SATA CD-ROM device, you must use IDE emulation mode.
Storage Systems
For a list of supported storage systems, see the VMware Compatibility Guide at
hp://www.vmware.com/resources/compatibility. For Software Fibre Channel over Ethernet (FCoE), see
“Installing and Booting ESXi with Software FCoE,” on page 55.
ESXi Booting Requirements
vSphere 6.0 supports booting ESXi hosts from the Unied Extensible Firmware Interface (UEFI). With UEFI, you can boot systems from hard drives, CD-ROM drives, or USB media. Network booting or provisioning with VMware Auto Deploy requires the legacy BIOS rmware and is not available with UEFI.
ESXi can boot from a disk larger than 2TB provided that the system rmware and the rmware on any add­in card that you are using support it. See the vendor documentation.
N Changing the boot type from legacy BIOS to UEFI after you install ESXi 6.0 might cause the host to fail to boot. In this case, the host displays an error message similar to Not a VMware boot bank. Changing the host boot type between legacy BIOS and UEFI is not supported after you install ESXi 6.0.
Storage Requirements for ESXi 6.0 Installation or Upgrade
Installing ESXi 6.0 or upgrading to ESXi 6.0 requires a boot device that is a minimum of 1GB in size. When booting from a local disk, SAN or iSCSI LUN, a 5.2GB disk is required to allow for the creation of the VMFS volume and a 4GB scratch partition on the boot device . If a smaller disk or LUN is used, the installer aempts to allocate a scratch region on a separate local disk. If a local disk cannot be found the scratch partition, /scratch, is located on the ESXi host ramdisk, linked to /tmp/scratch. You can recongure /scratch to use a separate disk or LUN. For best performance and memory optimization, do not leave /scratch on the ESXi host ramdisk.
To recongure /scratch, see “Set the Scratch Partition from the vSphere Web Client,” on page 176.
Due to the I/O sensitivity of USB and SD devices the installer does not create a scratch partition on these devices. When installing or upgrading on USB or SD devices, the installer aempts to allocate a scratch region on an available local disk or datastore. If no local disk or datastore is found, /scratch is placed on the ramdisk. After the installation or upgrade, you should recongure /scratch to use a persistent datastore. Although a 1GB USB or SD device suces for a minimal installation, you should use a 4GB or larger device. The extra space will be used for an expanded coredump partition on the USB/SD device. Use a high quality USB ash drive of 16GB or larger so that the extra ash cells can prolong the life of the boot media, but high quality drives of 4GB or larger are sucient to hold the extended coredump partition. See Knowledge Base article hp://kb.vmware.com/kb/2004784.
24 VMware, Inc.
Chapter 2 System Requirements
In Auto Deploy installations, the installer aempts to allocate a scratch region on an available local disk or datastore. If no local disk or datastore is found, /scratch is placed on ramdisk. You should recongure /scratch to use a persistent datastore following the installation.
For environments that boot from a SAN or use Auto Deploy, you need not allocate a separate LUN for each ESXi host. You can co-locate the scratch regions for many ESXi hosts onto a single LUN. The number of hosts assigned to any single LUN should be weighed against the LUN size and the I/O behavior of the virtual machines.

Supported Remote Management Server Models and Firmware Versions

You can use remote management applications to install or upgrade ESXi, or to manage hosts remotely.
Table 21. Supported Remote Management Server Models and Minimum Firmware Versions
Remote Management Server Model Firmware Version Java
Dell DRAC 7 1.30.30 (Build 43) 1.7.0_60-b19
Dell DRAC 6 1.54 (Build 15), 1.70 (Build 21) 1.6.0_24
Dell DRAC 5 1.0, 1.45, 1.51 1.6.0_20,1.6.0_203
Dell DRAC 4 1.75 1.6.0_23
HP ILO 1.81, 1.92 1.6.0_22, 1.6.0_23
HP ILO 2 1.8, 1.81 1.6.0_20, 1.6.0_23
HP ILO 3 1.28 1.7.0_60-b19
HP ILO 4 1.13 1.7.0_60-b19
IBM RSA 2 1.03, 1.2 1.6.0_22

Recommendations for Enhanced ESXi Performance

To enhance performance, install or upgrade ESXi on a robust system with more RAM than the minimum required and with multiple physical disks.
For ESXi system requirements, see “ESXi Hardware Requirements,” on page 23. See also the technical papers on vSphere performance at
hps://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/vmware-perest­practices-vsphere6-0-white-paper.pdf.
VMware, Inc. 25
Table 22. Recommendations for Enhanced Performance
System Element Recommendation
RAM ESXi hosts require more RAM than typical servers. Provide
Dedicated Fast Ethernet adapters for virtual machines Place the management network and virtual machine
Disk location Place all data that your virtual machines use on physical
VMFS5 partitioning The ESXi installer creates the initial VMFS volumes on the
Processors Faster processors improve ESXi performance. For certain
Hardware compatibility Use devices in your server that are supported by ESXi 6.0
at least 8GB of RAM to take full advantage of ESXi features and run virtual machines in typical production environments. An ESXi host must have sucient RAM to run concurrent virtual machines. The following examples are provided to help you calculate the RAM required by the virtual machines running on the ESXi host.
Operating four virtual machines with Red Hat Enterprise Linux or Windows XP requires at least 3GB of RAM for baseline performance. This gure includes approximately 1024MB for the virtual machines, 256MB minimum for each operating system as recommended by vendors.
Running these four virtual machines with 512MB RAM requires that the ESXi host have approximately 4GB RAM, which includes 2048MB for the virtual machines.
These calculations do not take into account possible memory savings from using variable overhead memory for each virtual machine. See vSphere Resource Management.
networks on dierent physical network cards. Dedicated Gigabit Ethernet cards for virtual machines, such as Intel PRO 1000 adapters, improve throughput to virtual machines with high network trac.
disks allocated specically to virtual machines. Performance is beer when you do not place your virtual machines on the disk containing the ESXi boot image. Use physical disks that are large enough to hold disk images that all the virtual machines use.
rst blank local disk found. To add disks or modify the original conguration, use the vSphere Web Client. This practice ensures that the starting sectors of partitions are 64K-aligned, which improves storage performance.
N For SAS-only environments, the installer might not format the disks. For some SAS disks, it is not possible to identify whether the disks are local or remote. After the installation, you can use the vSphere Web Client to set up VMFS.
workloads, larger caches improve ESXi performance.
drivers. See the Hardware Compatibility Guide at
hp://www.vmware.com/resources/compatibility.

Incoming and Outgoing Firewall Ports for ESXi Hosts

The vSphere Web Client allows you to open and close rewall ports for each service or to allow trac from selected IP addresses.
The following table lists the rewalls for services that are usually installed. If you install other VIBs on your host, additional services and rewall ports might become available.
26 VMware, Inc.
Chapter 2 System Requirements
Table 23. Incoming Firewall Connections
Service Port Comment
CIM Server 5988 (TCP) Server for CIM (Common Information Model).
CIM Secure Server 5989 (TCP) Secure server for CIM.
CIM SLP 427 (TCP, UDP) The CIM client uses the Service Location Protocol,
version 2 (SLPv2) to nd CIM servers.
DHCPv6 546 (TCP, UDP) DHCP client for IPv6.
DVSSync 8301, 8302 (UDP) DVSSync ports are used for synchronizing states
of distributed virtual ports between hosts that have VMware FT record/replay enabled. Only hosts that run primary or backup virtual machines must have these ports open. On hosts that are not using VMware FT these ports do not have to be open.
NFC 902 (TCP) Network File Copy (NFC) provides a le-type-
aware FTP service for vSphere components. ESXi uses NFC for operations such as copying and moving data between datastores by default.
Virtual SAN Clustering Service 12345, 23451 (UDP) Virtual SAN Cluster Monitoring and Membership
Directory Service. Uses UDP-based IP multicast to establish cluster members and distribute Virtual SAN metadata to all cluster members. If disabled, Virtual SAN does not work.
DHCP Client 68 (UDP) DHCP client for IPv4.
DNS Client 53 (UDP) DNS client.
Fault Tolerance 8200, 8100, 8300 (TCP, UDP) Trac between hosts for vSphere Fault Tolerance
(FT).
NSX Distributed Logical Router Service
Virtual SAN Transport 2233 (TCP) Virtual SAN reliable datagram transport. Uses
SNMP Server 161 (UDP) Allows the host to connect to an SNMP server.
SSH Server 22 (TCP) Required for SSH access.
vMotion 8000 (TCP) Required for virtual machine migration with
vSphere Web Client 902, 443 (TCP) Client connections
vsanvp 8080 (TCP) VSAN VASA Vendor Provider. Used by the
vSphere Web Access 80 (TCP) Welcome page, with download links for dierent
6999 (UDP) NSX Virtual Distributed Router service. The
rewall port associated with this service is opened when NSX VIBs are installed and the VDR module is created. If no VDR instances are associated with the host, the port does not have to be open.
This service was called NSX Distributed Logical Router in earlier versions of the product.
TCP and is used for Virtual SAN storage IO. If disabled, Virtual SAN does not work.
vMotion.
Storage Management Service (SMS) that is part of vCenter to access information about Virtual SAN storage proles, capabilities, and compliance. If disabled, Virtual SAN Storage Prole Based Management (SPBM) does not work.
interfaces.
VMware, Inc. 27
Table 24. Outgoing Firewall Connections
Service Port Comment
CIM SLP 427 (TCP, UDP) The CIM client uses the Service Location Protocol,
DHCPv6 547 (TCP, UDP) DHCP client for IPv6.
DVSSync 8301, 8302 (UDP) DVSSync ports are used for synchronizing states
HBR 44046, 31031 (TCP) Used for ongoing replication trac by vSphere
NFC 902 (TCP) Network File Copy (NFC) provides a le-type-
WOL 9 (UDP) Used by Wake on LAN.
Virtual SAN Clustering Service 12345 23451 (UDP) Cluster Monitoring, Membership, and Directory
DHCP Client 68 (UDP) DHCP client.
DNS Client 53 (TCP, UDP) DNS client.
Fault Tolerance 80, 8200, 8100, 8300 (TCP, UDP) Supports VMware Fault Tolerance.
Software iSCSI Client 3260 (TCP) Supports software iSCSI.
NSX Distributed Logical Router Service
rabbitmqproxy 5671 (TCP) A proxy running on the ESXi host that allows
Virtual SAN Transport 2233 (TCP) Used for RDT trac (Unicast peer to peer
vMotion 8000 (TCP) Required for virtual machine migration with
VMware vCenter Agent 902 (UDP) vCenter Server agent.
vsanvp 8080 (TCP) Used for Virtual SAN Vendor Provider trac.
version 2 (SLPv2) to nd CIM servers.
of distributed virtual ports between hosts that have VMware FT record/replay enabled. Only hosts that run primary or backup virtual machines must have these ports open. On hosts that are not using VMware FT these ports do not have to be open.
Replication and VMware Site Recovery Manager.
aware FTP service for vSphere components. ESXi uses NFC for operations such as copying and moving data between datastores by default.
Service used by Virtual SAN.
6999 (UDP) The rewall port associated with this service is
opened when NSX VIBs are installed and the VDR module is created. If no VDR instances are associated with the host, the port does not have to be open.
applications running inside virtual machines to communicate to the AMQP brokers running in the vCenter network domain. The virtual machine does not have to be on the network, that is, no NIC is required. The proxy connects to the brokers in the vCenter network domain. Therefore, the outgoing connection IP addresses should at least include the current brokers in use or future brokers. Brokers can be added if customer would like to scale up.
communication) between Virtual SAN nodes.
vMotion.
28 VMware, Inc.

vCenter Server for Windows Requirements

To install vCenter Server on a Windows virtual machine or physical server, your system must meet specic hardware and software requirements.
Synchronize the clocks of the virtual machines on which you plan to install vCenter Server and the
n
Platform Services Controller. See “Synchronizing Clocks on the vSphere Network,” on page 211.
Verify that the DNS name of the virtual machine or physical server matches the actual full computer
n
name.
Verify that the host name of the virtual machine or physical server that you are installing or upgrading
n
vCenter Server on complies with RFC 1123 guidelines.
Verify that the system on which you are installing vCenter Server is not an Active Directory domain
n
controller.
If your vCenter Server service is running in a user account other than the Local System account, verify
n
that the user account in which the vCenter Server service is running has the following permissions:
Member of the Administrators group
n
Log on as a service
n
Act as part of the operating system (if the user is a domain user)
n
Chapter 2 System Requirements
If the system that you use for your vCenter Server installation belongs to a workgroup rather than a
n
domain, not all functionality is available to vCenter Server. If assigned to a workgroup, the vCenter Server system is not able to discover all domains and systems available on the network when using some features. Your host machine must be connected to a domain if you want to add Active Directory identity sources after the installation.
Verify that the LOCAL SERVICE account has read permission on the folder in which vCenter Server is
n
installed and on the HKLM registry.
Verify that the connection between the virtual machine or physical server and the domain controller is
n
working.

vCenter Server for Windows Pre-Install Checks

When you install vCenter Server and the Platform Services Controller, the installer does a pre-install check, for example, to verify that enough space is available on the virtual machine or physical server where you are installing vCenter Server, and veries that the external database, if any, can be successfully accessed.
When you deploy vCenter Server with an embedded Platform Services Controller, or an external Platform Services Controller, vCenter Single Sign-On is installed as part of the Platform Services Controller. At the time of installation, the installer provides you with the option to join an existing vCenter Single Sign­On server domain. When you provide the information about the other vCenter Single Sign-On service, the installer uses the administrator account to check the host name and password, to verify that the details of the vCenter Single Sign-On server you provided can be authenticated before proceeding with the installation process.
The pre-install checker performs checks for the following aspects of the environment:
Windows version
n
Minimum processor requirements
n
Minimum memory requirements
n
Minimum disk space requirements
n
Permissions on the selected install and data directory
n
VMware, Inc. 29
Internal and external port availability
n
External database version
n
External database connectivity
n
Administrator privileges on the Windows machine
n
Any credentials that you enter
n
For information about the minimum storage requirements, see “vCenter Server for Windows Storage
Requirements,” on page 30. For information about the minimum hardware requirements, see “vCenter Server for Windows Hardware Requirements,” on page 30.

vCenter Server for Windows Hardware Requirements

When you install vCenter Server on a virtual machine or physical server running Microsoft Windows, your system must meet specic hardware requirements.
You can install vCenter Server and the Platform Services Controller on the same virtual machine or physical server or on dierent virtual machines or physical servers. When you install vCenter Server with an embedded Platform Services Controller, you install vCenter Server and the Platform Services Controller on the same virtual machine or physical server. When you install the vCenter Server with an external Platform Services Controller, rst install the Platform Services Controller that contains all of the required services on one virtual machine or physical server, and then install vCenter Server and the vCenter Server components on another virtual machine or physical server.
N Installing vCenter Server on a network drive or USB ash drive is not supported.
Table 25. Minimum Recommended Hardware Requirements for Installing vCenter Server and Platform Services Controller on Windows
vCenter Server with an Embedded or External Platform Services Controller for a Tiny Environment (up to 10
Hosts, 100 Platform Services Controller
Number of CPUs 2 2 4 8 16
Memory 2 GB RAM 8 GB RAM 16 GB RAM 24 GB RAM 32 GB RAM
Virtual
Machines)
vCenter Server with an Embedded or External Platform Services Controller for a Small Environment (up to 100 Hosts, 1000 Virtual Machines)
vCenter Server with an Embedded or External Platform Services Controller for a Medium Environment (up to 400 Hosts, 4,000 Virtual Machines)
For the hardware requirements of your database, see the database documentation. The database requirements are in addition to the vCenter Server requirements if the database and vCenter Server run on the same machine.

vCenter Server for Windows Storage Requirements

When you install vCenter Server, your system must meet minimum storage requirements.
vCenter Server with an Embedded or External Platform Services Controller for a Large Environment (up to 1,000 Hosts, 10,000 Virtual Machines)
The storage requirements per folder depend on the deployment model that you decide to install. During installation, you can select a folder other than the default C:\Program Files\VMware folder to install vCenter Server and the Platform Services Controller. You can also select a folder other than the default
C:\ProgramData\VMware\vCenterServer\ in which to store data.
30 VMware, Inc.
Chapter 2 System Requirements
Table 26. vCenter Server Minimum Storage Requirements Depending On the Deployment Model
Default Folder
Program Files
ProgramData
System folder (to cache the MSI installer)
vCenter Server with an Embedded Platform Services Controller
6 GB 6 GB 1 GB
8 GB 8 GB 2 GB
3 GB 3 GB 1 GB
vCenter Server with an External Platform Services Controller
External Platform Services Controller

vCenter Server for Windows Software Requirements

Make sure that your operating system supports vCenter Server.
vCenter Server requires a 64-bit operating system, and the 64-bit system DSN is required for vCenter Server to connect to the external database.
The earliest Windows Server version that vCenter Server supports is Windows Server 2008 SP2. Your Windows Server must have the latest updates and patches installed. For a full list of supported operating systems, see hp://kb.vmware.com/kb/2091273.

vCenter Server for Windows Database Requirements

vCenter Server requires a database to store and organize server data.
Each vCenter Server instance must have its own database. For environments with up to 20 hosts and 200 virtual machines, you can use the bundled PostgreSQL database that the vCenter Server installer can install and set up for you during the vCenter Server installation. A larger installation requires a supported external database for the size of the environment.
During vCenter Server installation or upgrade, you must select to install the embedded database or point the vCenter Server system to any existing supported database. vCenter Server supports Oracle and Microsoft SQL Server databases. For information about supported database server versions, see the VMware Product Interoperability Matrix at
hp://www.vmware.com/resources/compatibility/sim/interop_matrix.php.

vCenter Server Appliance Requirements

You can deploy the vCenter Server Appliance on an ESXi host 5.0 or later, or on a vCenter Server instance
5.0 or later. Your system must also meet specic software and hardware requirements.
When you use Fully Qualied Domain Names, make sure that the machine you use for deploying the vCenter Server Appliance and the ESXi host are on the same DNS server.
Before you deploy the vCenter Server Appliance, synchronize the clocks of all virtual machines on the vSphere network. Unsynchronized clocks might result in authentication problems and can cause the installation to fail or prevent the vCenter Server services from starting. See “Synchronizing Clocks on the
vSphere Network,” on page 211.

vCenter Server Appliance Hardware Requirements

When you deploy the vCenter Server Appliance, you can select to deploy an appliance that is suitable for the size of your vSphere environment. The option that you select determine the number of CPUs and the amount of memory that the appliance will have.
The hardware requirements such as number of CPUs and memory depend on the size of your vSphere inventory.
VMware, Inc. 31
Table 27. Hardware Requirements for VMware vCenter Server Appliance and Platform Services Controller Appliance
vCenter
Server
Appliance with
an Embedded
or External
Platform
Services
Controller for
a Tiny
Environment
(up to 10
Hosts, 100 Platform Services
Resources
Number of CPUs 2 2 4 8 16
Memory 2 GB RAM 8 GB RAM 16 GB RAM 24 GB RAM 32 GB RAM
Controller Appliance
Virtual
Machines)

vCenter Server Appliance Storage Requirements

When you deploy the vCenter Server Appliance, the host on which you deploy the appliance must meet minimum storage requirements. The required storage depends not only on the size of the vSphere environment, but also on the disk provisioning mode.
vCenter Server Appliance with an Embedded or External Platform Services Controller for a Small Environment (up to 100 Hosts, 1,000 Virtual Machines)
vCenter Server Appliance with an Embedded or External Platform Services Controller for a Medium Environment (up to 400 Hosts, 4,000 Virtual Machines)
vCenter Server Appliance with an Embedded or External Platform Services Controller for a Large Environment (up to 1,000 Hosts, 10,000 Virtual Machines)
The storage requirements depend on the deployment model that you select to deploy.
Table 28. vCenter Server Minimum Storage Requirements Depending On the Deployment Model
Tiny environment (up to 10 hosts, 100 virtual machines)
Small environment (up to 100 hosts, 1,000 virtual machines)
Medium environment (up to 400 hosts, 4,000 virtual machine)
Large environment (up to 1,000 hosts, 10,000 virtual machines)
vCenter Server Appliance with an Embedded Platform Services Controller
120 GB 86 GB 30 GB
150 GB 108 GB 30 GB
300 GB 220 GB 30 GB
450 GB 280 GB 30 GB
vCenter Server Appliance with an External Platform Services Controller
External Platform Services Controller Appliance

Software Included in the vCenter Server Appliance

The vCenter Server Appliance is a precongured Linux-based virtual machine optimized for running vCenter Server and associated services.
The vCenter Server Appliance package contains the following software:
SUSE Linux Enterprise Server 11 Update 3 for VMware, 64-bit edition
n
PostgreSQL
n
vCenter Server 6.0 and vCenter Server 6.0 components.
n
32 VMware, Inc.
Chapter 2 System Requirements

vCenter Server Appliance Software Requirements

The VMware vCenter Server Appliance can be deployed on ESXi hosts 5.0 or later, or on vCenter Server instances 5.0 or later.
You can deploy the vCenter Server Appliance only by using the Client Integration Plug-In, which is an HTML installer for Windows that you use to connect to the target server and deploy the vCenter Server Appliance on the server. You can connect directly to an ESXi 5.0.x, ESXi 5.1.x, ESXi 5.5.x, or ESXi 6.0.x host on which to deploy the appliance. You can also connect to a vCenter Server 5.0.x, vCenter Server 5.1.x, vCenter Server 5.5.x, or vCenter Server 6.0.x instance to deploy the appliance on an ESXi host or DRS cluster that resides in the vCenter Server inventory.
I You cannot deploy the vCenter Server Appliance by using the vSphere Client or the vSphere Web Client. During the deployment of the vCenter Server Appliance you must provide various inputs, such as operating system and vCenter Single Sign-On passwords. If you try to deploy the appliance by using the vSphere Client or the vSphere Web Client, you are not prompted to provide such inputs and the deployment fails.

vCenter Server Appliance Database Requirements

The vCenter Server Appliance requires a database to store and organize server data.
Each vCenter Server Appliance instance must have its own database. You can use the bundled PostgreSQL database that is included in the vCenter Server Appliance, which supports up to 1,000 hosts and 10,000 virtual machines.
For external databases, the vCenter Server Appliance supports only Oracle databases. These Oracle databases are of the same versions shown in the VMware Product Interoperability Matrix for the version of the vCenter Server that you are installing. See the VMware Product Interoperability Matrix at
hp://www.vmware.com/resources/compatibility/sim/interop_matrix.php.
If you want to use an external database, make sure that you create a 64-bit DSN so that vCenter Server can connect to the Oracle database.

Required Ports for vCenter Server and Platform Services Controller

The vCenter Server system both on Windows and in the appliance, must be able to send data to every managed host and receive data from the vSphere Web Client and the Platform Services Controller services. To enable migration and provisioning activities between managed hosts, the source and destination hosts must be able to receive data from each other.
If a port is in use or is blacklisted, the vCenter Server installer displays an error message. You must use another port number to proceed with the installation. There are internal ports that are used only for inter­process communication.
VMware uses designated ports for communication. Additionally, the managed hosts monitor designated ports for data from vCenter Server. If a rewall exists between any of these elements, the installer opens the ports during the installation or upgrade process. For custom rewalls, you must manually open the required ports. If you have a rewall between two managed hosts and you want to perform source or target activities, such as migration or cloning, you must congure a means for the managed hosts to receive data.
N In Microsoft Windows Server 2008 and later, rewall is enabled by default.
VMware, Inc. 33
Table 29. Ports Required for Communication Between Components
Port Protocol Description Required for
22 TCP/UDP System port for SSHD. Appliance
80 TCP vCenter Server requires port 80 for
88 TCP Active Directory server. Windows
389 TCP/UDP This port must be open on the local
direct HTTP connections. Port 80 redirects requests to HTTPS port 443. This redirection is useful if you accidentally use hp://server instead of hps://server.
WS-Management (also requires port 443 to be open).
If you use a Microsoft SQL database that is stored on the same virtual machine or physical server as the vCenter Server, port 80 is used by the SQL Reporting Service. When you install or upgrade vCenter Server, the installer prompts you to change the HTTP port for vCenter Server. Change the vCenter Server HTTP port to a custom value to ensure a successful installation or upgrade.
I You can change this port number during the vCenter Server and Platform Services Controller installations on Windows.
and all remote instances of vCenter Server. This is the LDAP port number for the Directory Services for the vCenter Server group. If another service is running on this port, it might be preferable to remove it or change its port to a dierent port. You can run the LDAP service on any port from 1025 through 65535.
If this instance is serving as the Microsoft Windows Active Directory, change the port number from 389 to an available port from 1025 through
65535.
deployments of
vCenter Server
n
Platform Services
n
Controller
Windows installations and appliance deployments of
vCenter Server
n
Platform Services
n
Controller
installations and appliance deployments of Platform Services Controller
Windows installations and appliance deployments of Platform Services Controller
Used for Node-to­Node Communication
No
No
No
vCenter Server to
n
Platform Services Controller
Platform Services
n
Controller to Platform Services Controller
34 VMware, Inc.
Table 29. Ports Required for Communication Between Components (Continued)
Port Protocol Description Required for
443 TCP The default port that the
vCenter Server system uses to listen for connections from the vSphere Web Client. To enable the vCenter Server system to receive data from the vSphere Web Client, open port 443 in the rewall.
The vCenter Server system also uses port 443 to monitor data transfer from SDK clients.
This port is also used for the following services:
WS-Management (also requires
n
port 80 to be open)
Third-party network
n
management client connections to vCenter Server
Third-party network
n
management clients access to hosts
I You can change this port number during the vCenter Server and Platform Services Controller installations on Windows.
514 UDP vSphere Syslog Collector port for
vCenter Server on Windows and vSphere Syslog Service port for vCenter Server Appliance
I You can change this port number during the vCenter Server and Platform Services Controller installations on Windows.
636 TCP vCenter Single Sign-On LDAPS Windows
902 TCP/UDP The default port that the
vCenter Server system uses to send data to managed hosts. Managed hosts also send a regular heartbeat over UDP port 902 to the vCenter Server system. This port must not be blocked by rewalls between the server and the hosts or between hosts.
Port 902 must not be blocked between the vSphere Client and the hosts. The vSphere Client uses this port to display virtual machine consoles
I You can change this port number during the vCenter Server installations on Windows.
Windows installations and appliance deployments of
vCenter Server
n
Platform Services
n
Controller
Windows installations and appliance deployments of
vCenter Server
n
Platform Services
n
Controller
installations and appliance deployments of Platform Services Controller
Windows installations and appliance deployments of vCenter Server
Chapter 2 System Requirements
Used for Node-to­Node Communication
vCenter Server to
n
vCenter Server
vCenter Server to
n
Platform Services Controller
Platform Services
n
Controller to vCenter Server
No
vCenter Server to Platform Services Controller
No
VMware, Inc. 35
Table 29. Ports Required for Communication Between Components (Continued)
Port Protocol Description Required for
1514 TCP/UDP vSphere Syslog Collector TLS port for
2012 TCP Control interface RPC for vCenter
2014 TCP RPC port for all VMCA (VMware
2020 TCP/UDP Authentication framework
6500 TCP/UDP ESXi Dump Collector port
6501 TCP Auto Deploy service
6502 TCP Auto Deploy management
7444 TCP Secure Token Service Windows
vCenter Server on Windows and vSphere Syslog Service TLS port for vCenter Server Appliance
I You can change this port number during the vCenter Server and Platform Services Controller installations on Windows.
Single Sign-On
Certicate Authority) APIs
I You can change this port number during the Platform Services Controller installations on Windows.
management
I You can change this port number during the vCenter Server and Platform Services Controller installations on Windows.
I You can change this port number during the vCenter Server installations on Windows.
I You can change this port number during the vCenter Server installations on Windows.
I You can change this port number during the vCenter Server installations on Windows.
Windows installations and appliance deployments of
vCenter Server
n
Platform Services
n
Controller
Windows installations and appliance deployments of Platform Services Controller
Windows installations and appliance deployments of Platform Services Controller
Windows installations and appliance deployments of
vCenter Server
n
Platform Services
n
Controller
Windows installations and appliance deployments of vCenter Server
Windows installations and appliance deployments of vCenter Server
Windows installations and appliance deployments of vCenter Server
installations and appliance deployments of Platform Services Controller
Used for Node-to­Node Communication
No
vCenter Server to
n
Platform Services Controller
Platform Services
n
Controller to vCenter Server
Platform Services
n
Controller to Platform Services Controller
vCenter Server to
n
Platform Services Controller
Platform Services
n
Controller to vCenter Server
vCenter Server to
n
Platform Services Controller
Platform Services
n
Controller to vCenter Server
No
No
No
vCenter Server to
n
Platform Services Controller
Platform Services
n
Controller to vCenter Server
36 VMware, Inc.
Chapter 2 System Requirements
Table 29. Ports Required for Communication Between Components (Continued)
Used for Node-to­Node
Port Protocol Description Required for
9443 TCP vSphere Web Client HTTPS Windows
installations and appliance deployments of vCenter Server
11711 TCP vCenter Single Sign-On LDAP - For backward
11712 TCP vCenter Single Sign-On LDAPS - For backward
Communication
No
compatibility with vSphere 5.5 only.
vCenter Single Sign­On 5.5 to Platform Services Controller 6.0
compatibility with vSphere 5.5 only.
vCenter Single Sign­On 5.5 to Platform Services Controller 6.0
To congure the vCenter Server system to use a dierent port to receive vSphere Web Client data, see the vCenter Server and Host Management documentation.
For more information about rewall conguration, see the vSphere Security documentation.

vSphere DNS Requirements

You install or upgrade vCenter Server, like any other network server, on a host machine with a xed IP address and well-known DNS name, so that clients can reliably access the service.
Assign a static IP address and host name to the Windows server that will host the vCenter Server system. This IP address must have a valid (internal) domain name system (DNS) registration. When you install vCenter Server and the Platform Services Controller, you must provide the fully qualied domain name (FQDN) or the static IP of the host machine on which you are performing the install or upgrade. The recommendation is to use the FQDN.
When you deploy the vCenter Server Appliance, you can assign a static IP to the appliance. This way, you ensure that in case of system restart, the IP address of the vCenter Server Appliance remains the same.
Ensure that DNS reverse lookup returns an FQDN when queried with the IP address of the host machine on which vCenter Server is installed. When you install or upgrade vCenter Server, the installation or upgrade of the Web server component that supports the vSphere Web Client fails if the installer cannot look up the fully qualied domain name of the vCenter Server host machine from its IP address. Reverse lookup is implemented using PTR records.
If you use DHCP instead of a static IP address for vCenter Server, make sure that the vCenter Server computer name is updated in the domain name service (DNS). If you can ping the computer name, the name is updated in DNS.
Ensure that the ESXi host management interface has a valid DNS resolution from the vCenter Server and all vSphere Web Client instances. Ensure that the vCenter Server has a valid DNS resolution from all ESXi hosts and all vSphere Web Clients.
VMware, Inc. 37

Verify That the FQDN is Resolvable

You install or upgrade vCenter Server, like any other network server, on a virtual machine or physical server with a xed IP address and well-known DNS name, so that clients can reliably access the service.
If you plan to use a FQDN, for the virtual machine or physical server on which you install or upgrade vCenter Server, you must verify that the FQDN is resolvable.
Procedure
At the Windows command prompt, run the nslookup command.
u
nslookup -nosearch -nodefname your_vCenter_Server_FQDN
If the FQDN is resolvable, the nslookup command returns the IP address and name of the vCenter Server virtual machine or physical server.

vSphere Web Client Software Requirements

Make sure that your browser supports the vSphere Web Client.
The vSphere Web Client 6.0 requires Adobe Flash Player 16 or later. The latest Adobe Flash Player version for Linux systems is 11.2. Therefore, the vSphere Web Client cannot run on Linux platforms.
VMware has tested and supports the following guest operating systems and browser versions for the vSphere Web Client. For best performance, use Google Chrome.
Table 210. Supported Guest Operating Systems and Minimum Browser Versions for the vSphere Web Client
Operating system Browser
Windows Microsoft Internet Explorer 10.0.19 and later.
Mozilla Firefox 34 and later.
Google Chrome 39 and later.
Mac OS Mozilla Firefox 34 and later.
Google Chrome 39 and later.

Client Integration Plug-In Software Requirements

If you plan to install the Client Integration Plug-in separately from the vSphere Web Client so that you can connect to an ESXi host and deploy or upgrade the vCenter Server Appliance, make sure that your browser supports the Client Integration Plug-in.
To use the Client Integration Plug-in, verify that you have one of the supported Web browsers.
Table 211. Supported Web Browsers
Browser Supported Versions
Microsoft Internet Explorer Version 10 and 11
Mozilla Firefox Version 30 and later
Google Chrome Version 35 and later
38 VMware, Inc.

vSphere Client Requirements

You can install the vSphere Client to manage single ESXi host. The Windows system on which you install the vSphere Client must meet specic hardware and software requirements.

vSphere Client Hardware Requirements

Make sure that the vSphere Client hardware meets the minimum requirements.
vSphere Client Minimum Hardware Requirements and Recommendations
Table 212. vSphere Client Minimum Hardware Requirements and Recommendations
vSphere Client Hardware Requirements and Recommendations
CPU 1 CPU
Processor 500MHz or faster Intel or AMD processor (1GHz
Memory 500MB (1GB recommended)
Disk Storage 1.5GB free disk space for a complete installation, which
Networking Gigabit connection recommended
Chapter 2 System Requirements
recommended)
includes the following components:
Microsoft .NET 2.0 SP2
n
Microsoft .NET 3.0 SP2
n
Microsoft .NET 3.5 SP1
n
Microsoft Visual J#
n
Remove any previously installed versions of Microsoft Visual J# on the system where you are installing the vSphere Client.
vSphere Client
n
If you do not have any of these components already installed, you must have 400MB free on the drive that has the %temp% directory.
If you have all of the components already installed, 300MB of free space is required on the drive that has the %temp% directory, and 450MB is required for vSphere Client.

vSphere Client Software Requirements

Make sure that your operating system supports the vSphere Client.
For the most current, complete list of supported operating systems for the vSphere Client, see Supported
host operating systems for vSphere Client (Windows) installation.
The vSphere Client requires the Microsoft .NET 3.5 SP1 Framework. If it is not installed on your system, the vSphere Client installer installs it. The .NET 3.5 SP1 installation might require Internet connectivity to download more les.

TCP and UDP Ports for the vSphere Client

ESXi hosts and other network components are accessed using predetermined TCP and UDP ports. If you manage network components from outside a rewall, you might be required to recongure the rewall to allow access on the appropriate ports.
The table lists TCP and UDP ports, and the purpose and the type of each. Ports that are open by default at installation time are indicated by (Default).
VMware, Inc. 39
Table 213. TCP and UDP Ports
Port Purpose Traffic Type
443 (Default) HTTPS access
vSphere Client access to vCenter Server
vSphere Client access to ESXi hosts
vSphere Client access to vSphere Update Manager
902 (Default) vSphere Client access to virtual machine consoles Incoming TCP to the
903 Remote console trac generated by user access to virtual machines on a
specic host.
vSphere Client access to virtual machine consoles
MKS transactions (xinetd/vmware-authd-mks)

Required Free Space for System Logging

If you used Auto Deploy to install your ESXi 6.0 host, or if you set up a log directory separate from the default location in a scratch directory on the VMFS volume, you might need to change your current log size and rotation seings to ensure that enough space is available for system logging .
Incoming TCP to the ESXi host
ESXi host, outgoing TCP from the ESXi host, outgoing UDP from the ESXi host
Incoming TCP to the ESXi host
All vSphere components use this infrastructure. The default values for log capacity in this infrastructure vary, depending on the amount of storage available and on how you have congured system logging. Hosts that are deployed with Auto Deploy store logs on a RAM disk, which means that the amount of space available for logs is small.
If your host is deployed with Auto Deploy, recongure your log storage in one of the following ways:
Redirect logs over the network to a remote collector.
n
Redirect logs to a NAS or NFS store.
n
If you redirect logs to non-default storage, such as a NAS or NFS store, you might also want to recongure log sizing and rotations for hosts that are installed to disk.
You do not need to recongure log storage for ESXi hosts that use the default conguration, which stores logs in a scratch directory on the VMFS volume. For these hosts, ESXi 6.0 congures logs to best suit your installation, and provides enough space to accommodate log messages.
Table 2‑14. Recommended Minimum Size and Rotation Configuration for hostd, vpxa, and fdm Logs
Number of Rotations to
Log Maximum Log File Size
Management Agent (hostd)
VirtualCenter Agent (vpxa)
vSphere HA agent (Fault Domain Manager, fdm)
10 MB 10 100 MB
5 MB 10 50 MB
5 MB 10 50 MB
Preserve Minimum Disk Space Required
For information about seing up a remote log server, see “Congure Syslog on ESXi Hosts,” on page 178.
40 VMware, Inc.

Before You Install ESXi 3

Before you install ESXi, understand the installation process and options.
This chapter includes the following topics:
“Options for Installing ESXi,” on page 41
n
“Media Options for Booting the ESXi Installer,” on page 44
n
“Using Remote Management Applications,” on page 55
n
“Required Information for ESXi Installation,” on page 55
n
“Download the ESXi Installer,” on page 56
n

Options for Installing ESXi

ESXi can be installed in several ways. To ensure the best vSphere deployment, understand the options thoroughly before beginning the installation.
ESXi installations are designed to accommodate a range of deployment sizes.
Depending on the installation method you choose, dierent options are available for accessing the installation media and booting the installer.

Interactive ESXi Installation

Interactive installations are recommended for small deployments of fewer than ve hosts.
You boot the installer from a CD or DVD, from a bootable USB device, or by PXE booting the installer from a location on the network. You follow the prompts in the installation wizard to install ESXi to disk. See
“Installing ESXi Interactively,” on page 57.

Scripted ESXi Installation

Running a script is an ecient way to deploy multiple ESXi hosts with an unaended installation.
The installation script contains the host conguration seings. You can use the script to congure multiple hosts with the same seings. See “Installing or Upgrading Hosts by Using a Script,” on page 60.
The installation script must be stored in a location that the host can access by HTTP, HTTPS, FTP, NFS, CDROM, or USB. You can PXE boot the ESXi installer or boot it from a CD/DVD or USB drive.
VMware, Inc.
41
scripted
HTTP
HTTPS
FTP NFS
CDROM
USB
create installation script (kickstart file)
and copy to appropriate location
issue command
to specify location of
installation script and
start installation
PXE boot
start
installation
boot
from CD
boot
from USB
Figure 31. Scripted Installation

Auto Deploy ESXi Installation

vSphere 5.x and vSphere 6.0 provide several ways to install ESXi with Auto Deploy.
These topics describe Auto Deploy options for ESXi installation.
Provisioning ESXi Hosts by Using vSphere Auto Deploy
With the vSphere Auto Deploy ESXi feature, you can provision and reprovision large numbers of ESXi hosts eciently with vCenter Server.
When you provision hosts by using Auto Deploy, vCenter Server loads the ESXi image directly into the host memory. Auto Deploy does not store the ESXi state on the host disk.
vCenter Server makes ESXi updates and patches available for download in the form of an image prole. Optionally, the host conguration is provided in the form of a host prole. You can create host proles by using the vSphere Web Client. You can create custom image proles by using ESXi Image Builder CLI. See
“Using vSphere ESXi Image Builder,” on page 139 and vSphere Host Proles.
The rst time you provision a host by using Auto Deploy, the host PXE boots and establishes contact with the Auto Deploy server, which streams the image prole and any host prole to the host. The host starts using the image prole, and Auto Deploy assigns the host to the appropriate vCenter Server system.
When you restart the host, the Auto Deploy server continues to provision the host with the appropriate image and host prole. To provision the host with a dierent image prole, you must change the rule that species the image prole, and perform a test and repair compliance operation. To propagate changes to all hosts that the rule species, change the rule and perform the test and repair operation. The ability to propagate changes to multiple hosts makes Auto Deploy an ecient way to provision and reprovision large numbers of hosts, and to enforce compliance to a master ESXi image.
See “Understanding vSphere Auto Deploy,” on page 74.
42 VMware, Inc.
Chapter 3 Before You Install ESXi
Using vSphere Auto Deploy for Stateful Installations
In some situations, it is useful to provision hosts with Auto Deploy and to perform all subsequent boots from disk.
You can use vSphere Auto Deploy to provision an ESXi host, and set up a host prole that causes the host to store the ESXi image and conguration on the local disk, a remote disk, or a USB drive. Subsequently, the ESXi host boots from this local image. Auto Deploy no longer provisions the host. This process is similar to performing a scripted installation. With a scripted installation, the script provisions a host and the host then boots from disk. For this case, Auto Deploy provisions a host and the host then boots from disk.
See “Using Auto Deploy for Stateless Caching and Stateful Installs,” on page 96.
vSphere Auto Deploy and Stateless Caching
You can use vSphere Auto Deploy to provision an ESXi host, and set up a host prole that causes the host to store the ESXI image and conguration on the local disk, a remote disk, or a USB drive.
Subsequently, the Auto Deploy server continues to provision this host. If the Auto Deploy server is not available, the host uses the image on disk.
See “Using Auto Deploy for Stateless Caching and Stateful Installs,” on page 96.

Customizing Installations with ESXi Image Builder CLI

You can use ESXi Image Builder CLI to create ESXi installation images with a customized set of updates, patches, and drivers.
ESXi Image Builder CLI is a PowerShell CLI command set that you can use to create an ESXi installation image with a customized set of ESXi updates and patches. You can also include third-party network or storage drivers that are released between vSphere releases.
You can deploy an ESXi image created with Image Builder in either of the following ways:
By burning it to an installation DVD.
n
Through vCenter Server, using the Auto Deploy feature.
n
See “Using vSphere ESXi Image Builder,” on page 139 and “Installing ESXi Using vSphere Auto Deploy,” on page 74.

About ESXi Evaluation and Licensed Modes

You can use evaluation mode to explore the entire set of features for ESXi hosts. The evaluation mode provides the set of features equal to a vSphere Enterprise Plus license. Before the evaluation mode expires, you must assign to your hosts a license that supports all the features in use.
For example, in evaluation mode, you can use vSphere vMotion technology, the vSphere HA feature, the vSphere DRS feature, and other features. If you want to continue using these features, you must assign a license that supports them.
The installable version of ESXi hosts is always installed in evaluation mode. ESXi Embedded is preinstalled on an internal storage device by your hardware vendor. It might be in evaluation mode or prelicensed.
The evaluation period is 60 days and begins when you turn on the ESXi host. At any time during the 60-day evaluation period, you can convert from licensed mode to evaluation mode. The time available in the evaluation period is decreased by the time already used.
VMware, Inc. 43
For example, suppose that you use an ESXi host in evaluation mode for 20 days and then assign a vSphere Standard Edition license key to the host. If you set the host back in evaluation mode, you can explore the entire set of features for the host for the remaining evaluation period of 40 days.
For information about managing licensing for ESXi hosts, see the vCenter Server and Host Management documentation.

Media Options for Booting the ESXi Installer

The ESXi installer must be accessible to the system on which you are installing ESXi.
The following boot media are supported for the ESXi installer:
Boot from a CD/DVD. See “Download and Burn the ESXi Installer ISO Image to a CD or DVD,” on
n
page 44.
Boot from a USB ash drive. See “Format a USB Flash Drive to Boot the ESXi Installation or Upgrade,”
n
on page 44.
PXE boot from the network. “PXE Booting the ESXi Installer,” on page 48
n
Boot from a remote location using a remote management application. See “Using Remote Management
n
Applications,” on page 55

Download and Burn the ESXi Installer ISO Image to a CD or DVD

If you do not have an ESXi installation CD/DVD, you can create one.
You can also create an installer ISO image that includes a custom installation script. See “Create an Installer
ISO Image with a Custom Installation or Upgrade Script,” on page 47.
Procedure
1 Download the ESXi installer from the VMware Web site at
hps://my.vmware.com/web/vmware/downloads.
ESXi is listed under Datacenter & Cloud Infrastructure.
2 Conrm that the md5sum is correct.
See the VMware Web site topic Using MD5 Checksums at
hp://www.vmware.com/download/md5.html.
3 Burn the ISO image to a CD or DVD.

Format a USB Flash Drive to Boot the ESXi Installation or Upgrade

You can format a USB ash drive to boot the ESXi installation or upgrade.
The instructions in this procedure assume that the USB ash drive is detected as /dev/sdb.
N The ks.cfg le that contains the installation script cannot be located on the same USB ash drive that you are using to boot the installation or upgrade.
Prerequisites
Linux machine with superuser access to it
n
USB ash drive that can be detected by the Linux machine
n
The ESXi ISO image, VMware-VMvisor-Installer-version_number-build_number.x86_64.iso, which
n
includes the isolinux.cfg le
Syslinux package
n
44 VMware, Inc.
Chapter 3 Before You Install ESXi
Procedure
1 If your USB ash drive is not detected as /dev/sdb, or you are not sure how your USB ash drive is
detected, determine how it is detected.
a At the command line, run the command for displaying the current log messages.
tail -f /var/log/messages
b Plug in your USB ash drive.
You see several messages that identify the USB ash drive in a format similar to the following message.
Oct 25 13:25:23 ubuntu kernel: [ 712.447080] sd 3:0:0:0: [sdb] Attached SCSI removable
disk
In this example, sdb identies the USB device. If your device is identied dierently, use that identication, in place of sdb.
2 Create a partition table on the USB ash device.
/sbin/fdisk /dev/sdb
a Enter d to delete partitions until they are all deleted.
b Enter n to create a primary partition 1 that extends over the entire disk.
c Enter t to set the type to an appropriate seing for the FAT32 le system, such as c.
d Enter a to set the active ag on partition 1.
e Enter p to print the partition table.
The result should be similar to the following message.
Disk /dev/sdb: 2004 MB, 2004877312 bytes
255 heads, 63 sectors/track, 243 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sdb1 1 243 1951866 c W95 FAT32 (LBA)
f Enter w to write the partition table and exit the program.
3 Format the USB ash drive with the Fat32 le system.
/sbin/mkfs.vfat -F 32 -n USB /dev/sdb1
4 Install the Syslinux bootloader on the USB ash drive.
The locations of the Syslinux executable le and the mbr.bin le might vary for the dierent Syslinux versions. For example, if you downloaded Syslinux 6.02, run the following commands.
/usr/bin/syslinux /dev/sdb1
cat /usr/lib/syslinux/mbr/mbr.bin > /dev/sdb
5 Create a destination directory and mount the USB ash drive to it.
mkdir /usbdisk
mount /dev/sdb1 /usbdisk
6 Create a destination directory and mount the ESXi installer ISO image to it.
mkdir /esxi_cdrom
mount -o loop VMware-VMvisor-Installer-6.x.x-XXXXXX.x86_64.iso /esxi_cdrom
7 Copy the contents of the ISO image to the USB ash drive.
cp -r /esxi_cdrom/* /usbdisk
VMware, Inc. 45
8 Rename the isolinux.cfg le to syslinux.cfg.
mv /usbdisk/isolinux.cfg /usbdisk/syslinux.cfg
9 In the /usbdisk/syslinux.cfg le, edit the APPEND -c boot.cfg line to APPEND -c boot.cfg -p 1.
10 Unmount the USB ash drive.
umount /usbdisk
11 Unmount the installer ISO image.
umount /esxi_cdrom
The USB ash drive can boot the ESXi installer.

Create a USB Flash Drive to Store the ESXi Installation Script or Upgrade Script

You can use a USB ash drive to store the ESXi installation script or upgrade script that is used during scripted installation or upgrade of ESXi.
When multiple USB ash drives are present on the installation machine, the installation software searches for the installation or upgrade script on all aached USB ash drives.
The instructions in this procedure assume that the USB ash drive is detected as /dev/sdb.
N The ks le containing the installation or upgrade script cannot be located on the same USB ash drive that you are using to boot the installation or upgrade.
Prerequisites
Linux machine
n
ESXi installation or upgrade script, the ks.cfg kickstart le
n
USB ash drive
n
Procedure
1 Aach the USB ash drive to a Linux machine that has access to the installation or upgrade script.
2 Create a partition table.
/sbin/fdisk /dev/sdb
a Type d to delete partitions until they are all deleted.
b Type n to create primary partition 1 that extends over the entire disk.
c Type t to set the type to an appropriate seing for the FAT32 le system, such as c.
d Type p to print the partition table.
The result should be similar to the following text:
Disk /dev/sdb: 2004 MB, 2004877312 bytes
255 heads, 63 sectors/track, 243 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sdb1 1 243 1951866 c W95 FAT32 (LBA)
e Type w to write the partition table and quit.
3 Format the USB ash drive with the Fat32 le system.
/sbin/mkfs.vfat -F 32 -n USB /dev/sdb1
46 VMware, Inc.
Chapter 3 Before You Install ESXi
4 Mount the USB ash drive.
mount /dev/sdb1 /usbdisk
5 Copy the ESXi installation script to the USB ash drive.
cp ks.cfg /usbdisk
6 Unmount the USB ash drive.
The USB ash drive contains the installation or upgrade script for ESXi.
What to do next
When you boot the ESXi installer, point to the location of the USB ash drive for the installation or upgrade script. See “Enter Boot Options to Start an Installation or Upgrade Script,” on page 60 and “About PXE
Conguration Files,” on page 51.

Create an Installer ISO Image with a Custom Installation or Upgrade Script

You can customize the standard ESXi installer ISO image with your own installation or upgrade script. This customization enables you to perform a scripted, unaended installation or upgrade when you boot the resulting installer ISO image.
See also “About Installation and Upgrade Scripts,” on page 62 and “About the boot.cfg File,” on page 71.
Prerequisites
Linux machine
n
The ESXi ISO image VMware-VMvisor-Installer-6.x.x-XXXXXX.x86_64.iso,where 6.x.x is the version of
n
ESXi you are installing, and XXXXXX is the build number of the installer ISO image
Your custom installation or upgrade script, the ks_cust.cfg kickstart le
n
Procedure
1 Download the ESXi ISO image from the VMware Web site.
2 Mount the ISO image in a folder:
mount -o loop VMware-VMvisor-Installer-6.x.x-XXXXXX.x86_64.iso /esxi_cdrom_mount
XXXXXX is the ESXi build number for the version that you are installing or upgrading to.
3 Copy the contents of cdrom to another folder:
cp -r /esxi_cdrom_mount /esxi_cdrom
4 Copy the kickstart le to /esxi_cdrom.
cp ks_cust.cfg /esxi_cdrom
5 (Optional) Modify the boot.cfg le to specify the location of the installation or upgrade script by using
the kernelopt option.
You must use uppercase characters to provide the path of the script, for example,
kernelopt=runweasel ks=cdrom:/KS_CUST.CFG
The installation or upgrade becomes completely automatic, without the need to specify the kickstart le during the installation or upgrade.
6 Recreate the ISO image:
mkisofs -relaxed-filenames -J -R -o custom_esxi.iso -b isolinux.bin -c boot.cat -no-emul-boot
-boot-load-size 4 -boot-info-table /esxi_cdrom
VMware, Inc. 47
The ISO image includes your custom installation or upgrade script.
What to do next
Install ESXi from the ISO image.

PXE Booting the ESXi Installer

You use the preboot execution environment (PXE) to boot a host and start the ESXi installer from a network interface.
ESXi 6.0 is distributed in an ISO format that is designed to install to ash memory or to a local hard drive. You can extract the les and boot by using PXE.
PXE uses Dynamic Host Conguration Protocol (DHCP) and Trivial File Transfer Protocol (TFTP) to boot an operating system over a network.
PXE booting requires some network infrastructure and a machine with a PXE-capable network adapter. Most machines that can run ESXi have network adapters that can PXE boot.
N Ensure that the vSphere Auto Deploy server has an IPv4 address. PXE booting is supported only with IPv4.
About the TFTP Server, PXELINUX, and gPXE
Trivial File Transfer Protocol (TFTP) is similar to the FTP service, and is typically used only for network booting systems or loading rmware on network devices such as routers.
Most Linux distributions include a copy of the tftp-hpa server. If you require a supported solution, purchase a supported TFTP server from your vendor of choice.
If your TFTP server will run on a Microsoft Windows host, use tftpd32 version 2.11 or later. See
hp://tftpd32.jounin.net/. Earlier versions of tftpd32 were incompatible with PXELINUX and gPXE.
You can also acquire a TFTP server from one of the packaged appliances on the VMware Marketplace.
The PXELINUX and gPXE environments allow your target machine to boot the ESXi installer. PXELINUX is part of the SYSLINUX package, which can be found at hp://www.kernel.org/pub/linux/utils/boot/syslinux/, although many Linux distributions include it. Many versions of PXELINUX also include gPXE. Some distributions, such as Red Hat Enterprise Linux version 5.3, include earlier versions of PXELINUX that do not include gPXE.
If you do not use gPXE, you might experience problems while booting the ESXi installer on a heavily loaded network TFTP is sometimes unreliable for transferring large amounts of data. If you use PXELINUX without gPXE, the pxelinux.0 binary le, the conguration le, the kernel, and other les are transferred by TFTP. If you use gPXE, only the gpxelinux.0 binary le and conguration le are transferred by TFTP. With gPXE, you can use a Web server to transfer the kernel and other les required to boot the ESXi installer.
N VMware tests PXE booting with PXELINUX version 3.86. This is not a statement of limited support. For support of third-party agents that you use to set up your PXE booting infrastructure, contact the vendor.
48 VMware, Inc.
Figure 32. Overview of PXE Boot Installation Process
DHCP server
DHCP server
Web server
ESXi target host
ESXi host
Give me an IP
for the virtual
network adapter
UDP
IP & TFTP server
kernel
IP
TCP for gPXELINUX UDP for PXELINUX
UDP
Give me
the kernel
Give me an IP
for the kernel
TFTP server
gpxelinux.0 or pxelinux.0
UDP
Give me the
network boot loader
scripts depot
Installer
starts
ks.cfg
TCP
Give me an
installation script
Chapter 3 Before You Install ESXi
Sample DHCP Configuration
To PXE boot the ESXi installer, the DHCP server must send the address of the TFTP server and a pointer to the pxelinux.0 or gpxelinux.0 directory.
The DHCP server is used by the target machine to obtain an IP address. The DHCP server must be able to determine whether the target machine is allowed to boot and the location of the PXELINUX binary (which usually resides on a TFTP server). When the target machine rst boots, it broadcasts a packet across the network requesting this information to boot itself. The DHCP server responds.
C Do not set up a new DHCP server if your network already has one. If multiple DHCP servers respond to DHCP requests, machines can obtain incorrect or conicting IP addresses, or can fail to receive the proper boot information. Talk to a network administrator before seing up a DHCP server. For support on conguring DHCP, contact your DHCP server vendor.
VMware, Inc. 49
Many DHCP servers can PXE boot hosts. If you are using a version of DHCP for Microsoft Windows, see the DHCP server documentation to determine how to pass the next-server and filename arguments to the target machine.
gPXE Example
This example shows how to congure a ISC DHCP version 3.0 server to enable gPXE.
allow booting;
allow bootp;
# gPXE options
option space gpxe;
option gpxe-encap-opts code 175 = encapsulate gpxe;
option gpxe.bus-id code 177 = string;
class "pxeclients" {
match if substring(option vendor-class-identifier, 0, 9) = "PXEClient";
next-server TFTP server address;
if not exists gpxe.bus-id {
filename "/gpxelinux.0";
}
}
subnet Network address netmask Subnet Mask {
range Starting IP Address Ending IP Address;
}
When a machine aempts to PXE boot, the DHCP server provides an IP address and the location of the
gpxelinux.0 binary le on the TFTP server. The IP address assigned is in the range dened in the subnet
section of the conguration le.
PXELINUX (without gPXE) Example
This example shows how to congure a ISC DHCP version 3.0 server to enable PXELINUX.
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.sample
#
ddns-update-style ad-hoc;
allow booting;
allow bootp;
class "pxeclients" {
match if substring(option vendor-class-identifier, 0, 9) = "PXEClient";
next-server xxx.xxx.xx.xx;
filename = "pxelinux.0";
}
subnet 192.168.48.0 netmask 255.255.255.0 {
range 192.168.48.100 192.168.48.250;
}
When a machine aempts to PXE boot, the DHCP server provides an IP address and the location of the
pxelinux.0 binary le on the TFTP server. The IP address assigned is in the range dened in the subnet
section of the conguration le.
50 VMware, Inc.
Chapter 3 Before You Install ESXi
About PXE Configuration Files
The PXE conguration le denes the menu displayed to the target ESXi host as it boots up and contacts the TFTP server. You need a PXE conguration le to PXE boot the ESXi installer.
The TFTP server constantly listens for PXE clients on the network. When it detects that a PXE client is requesting PXE services, it sends the client a network package that contains a boot menu.
Required Files
In the PXE conguration le, you must include paths to the following les:
mboot.c32 is the boot loader.
n
boot.cfg is the boot loader conguration le.
n
See “About the boot.cfg File,” on page 71
File Name for the PXE Configuration File
For the le name of the PXE conguration le, select one of the following options:
01-mac_address_of_target_ESXi_host. For example, 01-23-45-67-89-0a-bc
n
The target ESXi host IP address in hexadecimal notation.
n
default
n
The initial boot le, pxelinux.0 or gpxelinux.0, tries to load a PXE conguration le. It tries with the MAC address of the target ESXi host, prexed with its ARP type code, which is 01 for Ethernet. If that aempt fails, it tries with the hexadecimal notation of target ESXi system IP address. Ultimately, it tries to load a le named default.
File Location for the PXE Configuration File
Save the le in var/lib/tftpboot/pxelinux.cfg/ on the TFTP server.
For example, you might save the le on the TFTP server at /tftpboot/pxelinux.cfg/01-00-21-5a-ce-40-f6. The MAC address of the network adapter on the target ESXi host is 00-21-5a-ce-40-f6.
PXE Boot the ESXi Installer by Using PXELINUX and a PXE Configuration File
You can use a TFTP server to PXE boot the ESXi installer, using PXELINUX and a PXE conguration le.
See also “About Installation and Upgrade Scripts,” on page 62 and “About the boot.cfg File,” on page 71.
Prerequisites
Verify that your environment has the following components:
The ESXi installer ISO image downloaded from the VMware Web site.
n
TFTP server that supports PXE booting with gPXE. See “About the TFTP Server, PXELINUX, and
n
gPXE,” on page 48.
DHCP server congured for PXE booting. See “Sample DHCP Conguration,” on page 49.
n
PXELINUX.
n
Server with a hardware conguration that is supported with your version of ESXi. See VMware
n
Compatibility Guide at hp://www.vmware.com/resources/compatibility/search.php.
Network security policies to allow TFTP trac (UDP port 69).
n
(Optional) Installation script, the kickstart le. See “About Installation and Upgrade Scripts,” on
n
page 62.
VMware, Inc. 51
Network adapter with PXE support on the target ESXi host.
n
IPv4 networking. IPv6 is not supported for PXE booting.
n
Use a native VLAN in most cases. To specify the VLAN ID to be used with PXE booting, verify that your NIC supports VLAN ID specication.
Procedure
1 Create the /tftpboot/pxelinux.cfg directory on your TFTP server.
2 On the Linux machine, install PXELINUX.
PXELINUX is included in the Syslinux package. Extract the les, locate the pxelinux.0 le, and copy it to the /tftpboot directory on your TFTP server.
3 Congure the DHCP server to send the following information to each client host:
The name or IP address of your TFTP server
n
The name of your initial boot le, pxelinux.0
n
4 Copy the contents of the ESXi installer image to the /var/lib/tftpboot directory on the TFTP server.
5 (Optional) For a scripted installation, in the boot.cfg le, add the kernelopt option to the line after the
kernel command, to specify the location of the installation script.
Use the following code as a model, where XXX.XXX.XXX.XXX is the IP address of the server where the installation script resides, and esxi_ksFiles is the directory that contains the ks.cfg le.
kernelopt=ks=http://XXX.XXX.XXX.XXX/esxi_ksFiles/ks.cfg
6 Create a PXE conguration le.
This le denes how the host boots when no operating system is present. The PXE conguration le references the boot les. Use the following code as a model, where XXXXXX is the build number of the ESXi installer image.
DEFAULT menu.c32
MENU TITLE ESXi-6.x.x-XXXXXX-full Boot Menu
NOHALT 1
PROMPT 0
TIMEOUT 80
LABEL install
KERNEL mboot.c32
APPEND -c location of boot.cfg
MENU LABEL ESXi-6.x.x-XXXXXX-full ^Installer
LABEL hddboot
LOCALBOOT 0x80
MENU LABEL ^Boot from local disk
7 Name the le with the media access control (MAC) address of the target host machine: 01-
mac_address_of_target_ESXi_host.
For example, 01-23-45-67-89-0a-bc.
8 Save the PXE conguration le in /tftpboot/pxelinux.cfg on the TFTP server.
9 Boot the machine with the network adapter.
52 VMware, Inc.
Chapter 3 Before You Install ESXi
PXE Boot the ESXi Installer by Using PXELINUX and an isolinux.cfg PXE Configuration File
You can PXE boot the ESXi installer by using PXELINUX, and you can use the isolinux.cfg le as the PXE conguration le.
See also “About Installation and Upgrade Scripts,” on page 62 and “About the boot.cfg File,” on page 71
Prerequisites
Verify that your environment has the following components:
The ESXi installer ISO image downloaded from the VMware Web site.
n
TFTP server that supports PXE booting with PXELINUX. See “About the TFTP Server, PXELINUX, and
n
gPXE,” on page 48.
DHCP server congured for PXE booting. See “Sample DHCP Conguration,” on page 49.
n
PXELINUX.
n
Server with a hardware conguration that is supported with your version of ESXi. See the VMware
n
Compatibility Guide hp://www.vmware.com/resources/compatibility/search.php.
Network security policies to allow TFTP trac (UDP port 69).
n
(Optional) Installation script, the kickstart le. See “About Installation and Upgrade Scripts,” on
n
page 62.
Network adapter with PXE support on the target ESXi host.
n
IPv4 networking. IPv6 is not supported for PXE booting.
n
Use a native VLAN in most cases. To specify the VLAN ID to be used with PXE booting, verify that your NIC supports VLAN ID specication.
Procedure
1 Create the /tftpboot/pxelinux.cfg directory on your TFTP server.
2 On the Linux machine, install PXELINUX.
PXELINUX is included in the Syslinux package. Extract the les, locate the pxelinux.0 le, and copy it to the /tftpboot directory on your TFTP server.
3 Congure the DHCP server.
The DHCP server sends the following information to your client hosts:
The name or IP address of your TFTP server
n
The name of your initial boot le, pxelinux.0
n
4 Copy the contents of the ESXi installer image to the /var/lib/tftpboot directory on the TFTP server.
5 (Optional) For a scripted installation, in the boot.cfg le, add the kernelopt option on the line after the
kernel command to specify the location of the installation script.
In the following example, XXX.XXX.XXX.XXX is the IP address of the server where the installation script resides.
kernelopt=ks=http://XXX.XXX.XXX.XXX/esxi_ksFiles/ks.cfg
VMware, Inc. 53
6 Copy the isolinux.cfg le from the ESXi installer ISO image to the /tftpboot/pxelinux.cfg directory.
The isolinux.cfg le contains the following code, where XXXXXX is the build number of the ESXi installer image:
DEFAULT menu.c32
MENU TITLE ESXi-6.x.x-XXXXXX-full Boot Menu
NOHALT 1
PROMPT 0
TIMEOUT 80
LABEL install
KERNEL mboot.c32
APPEND -c location of boot.cfg
MENU LABEL ESXi-6.x.x-XXXXXX-full ^Installer
LABEL hddboot
LOCALBOOT 0x80
MENU LABEL ^Boot from local disk
7 Rename the isolinux.cfg le with the MAC address of the target host machine: 01-
mac_address_of_target_ESXi_host. For example, 01-23-45-67-89-0a-bc
8 Boot the machine with the network adapter.
PXE Boot the ESXi Installer Using gPXE
You can PXE boot the ESXi installer using gPXE.
See also “About Installation and Upgrade Scripts,” on page 62 and “About the boot.cfg File,” on page 71
Prerequisites
Verify that your environment has the following components:
The ESXi installer ISO image downloaded from the VMware Web site
n
HTTP Web server that is accessible by your target ESXi hosts
n
DHCP server congured for PXE booting: /etc/dhcpd.conf is congured for client hosts with a TFTP
n
server and the initial boot le set to gpxelinux.0/undionly.kpxe. See “Sample DHCP Conguration,” on page 49.
Server with a hardware conguration that is supported with your version of ESXi. See the Hardware
n
Compatibility Guide at hp://www.vmware.com/resources/compatibility/search.php.
gPXELINUX
n
(Optional) ESXi installation script. See “About Installation and Upgrade Scripts,” on page 62.
n
Use a native VLAN in most cases. If you want to specify the VLAN ID to be used with PXE booting, check that your NIC supports VLAN ID specication.
Procedure
1 Copy the contents of the ESXi installer ISO image to the /var/www/html directory on the HTTP server.
54 VMware, Inc.
Chapter 3 Before You Install ESXi
2 Modify the boot.cfg le with the information for the HTTP server.
Use the following code as a model, where XXX.XXX.XXX.XXX is the HTTP server IP address. The
kernelopt line is optional. Include that option to specify the location of the installation script for a
scripted installation.
title=Loading ESX installer
kernel=http://XXX.XXX.XXX.XXX/tboot.b00
kernelopt=ks=http://XXX.XXX.XXX.XXX/esxi_ksFiles/ks.cfg
modules=http://XXX.XXX.XXX.XXX/b.b00 --- http://XXX.XXX.XXX.XXX/useropts.gz ---
http://XXX.XXX.XXX.XXX/k.b00 --- http://XXX.XXX.XXX.XXX/a.b00 ---
http://XXX.XXX.XXX.XXX/s.v00 --- http://XXX.XXX.XXX.XXX/weaselin.t00 ---
http://XXX.XXX.XXX.XXX/tools.t00 --- http://XXX.XXX.XXX.XXX/imgdb.tgz ---
http://XXX.XXX.XXX.XXX/imgpayld.tgz
3 gPXE boot the host and press Ctrl+B to access the GPT menu.
4 Enter the following commands to boot with the ESXi installer, where XXX.XXX.XXX.XXX is the HTTP
server IP address.
dhcp net0 ( if dchp is not set)
kernel -n mboot.c32 http://XXX.XXX.XXX.XXX/mboot.c32
imgargs mboot.c32 -c http://XXX.XXX.XXX.XXX/boot.cfg
boot mboot.c32

Installing and Booting ESXi with Software FCoE

You can install and boot ESXi from an FCoE LUN using VMware software FCoE adapters and network adapters with FCoE ooad capabilities. Your host does not require a dedicated FCoE HBA.
See the vSphere Storage documentation for information about installing and booting ESXi with software FCoE.

Using Remote Management Applications

Remote management applications allow you to install ESXi on servers that are in remote locations.
Remote management applications supported for installation include HP Integrated Lights-Out (iLO), Dell Remote Access Card (DRAC), IBM management module (MM), and Remote Supervisor Adapter II (RSA II). For a list of currently supported server models and remote management rmware versions, see “Supported
Remote Management Server Models and Firmware Versions,” on page 25. For support on remote
management applications, contact the vendor.
You can use remote management applications to do both interactive and scripted installations of ESXi remotely.
If you use remote management applications to install ESXi, the virtual CD might encounter corruption problems with systems or networks operating at peak capacity. If a remote installation from an ISO image fails, complete the installation from the physical CD media.

Required Information for ESXi Installation

In an interactive installation, the system prompts you for the required system information. In a scripted installation, you must supply this information in the installation script.
For future use, note the values you use during the installation. These notes are useful if you must reinstall ESXi and reenter the values that you originally chose.
VMware, Inc. 55
Table 31. Required Information for ESXi Installation
Information
Keyboard layout Required U.S. English
VLAN ID Optional None Range: 0 through 4094
IP address Optional DHCP You can allow DHCP to congure the network
Subnet mask Optional Calculated based on the IP
Gateway Optional Based on the congured IP
Primary DNS Optional Based on the congured IP
Secondary DNS Optional None
Host name Required for
Install location Required None Must be at least 5 GB if you install the
Migrate existing ESXi seings. Preserve existing VMFS datastore.
Root password Optional None The root password must contain between 8 and
Required or Optional Default Comments
during installation. After installation, you can change the network seings.
name or the IP address to access the ESXi host.
components on a single disk.
ESXi installer oers a choice between preserving or overwriting the VMFS datastore during installation
40 characters. For information about passwords see the vSphere Security documentation.
static IP
seings
Required if you are installing ESXi on a drive with an existing ESXi installation.
address
address and subnet mask
address and subnet mask
None The vSphere Web Client can use either the host
None If you have an existing ESXi 5.x installation, the

Download the ESXi Installer

Download the installer for ESXi.
Prerequisites
Create a My VMware account at hps://my.vmware.com/web/vmware/.
Procedure
1 Download the ESXi installer from the VMware Web site at
hps://my.vmware.com/web/vmware/downloads.
ESXi is listed under Datacenter & Cloud Infrastructure.
2 Conrm that the md5sum is correct.
See the VMware Web site topic Using MD5 Checksums at
hp://www.vmware.com/download/md5.html.
56 VMware, Inc.

Installing ESXi 4

You can install ESXi interactively, with a scripted installation, or with vSphere Auto Deploy.
This chapter includes the following topics:
“Installing ESXi Interactively,” on page 57
n
“Installing or Upgrading Hosts by Using a Script,” on page 60
n
“Installing ESXi Using vSphere Auto Deploy,” on page 74
n
“Using vSphere ESXi Image Builder,” on page 139
n

Installing ESXi Interactively

Use the interactive installation option for small deployments of less than ve hosts.
In a typical interactive installation, you boot the ESXi installer and respond to the installer prompts to install ESXi to the local host disk. The installer reformats and partitions the target disk and installs the ESXi boot image. If you have not installed ESXi on the target disk before, all data located on the drive is overwrien, including hardware vendor partitions, operating system partitions, and associated data.
N To ensure that you do not lose any data, migrate the data to another machine before you install ESXi.
If you are installing ESXi on a disk that contains a previous installation of ESXi or ESX, or a VMFS datastore, the installer provides you with options for upgrading. See the vSphere Upgrade documentation.

Install ESXi Interactively

You use the ESXi CD/DVD or a USB ash drive to install the ESXi software onto a SAS, SATA, SCSI hard drive, or USB drive.
Prerequisites
You must have the ESXi installer ISO in one of the following locations:
n
On CD or DVD. If you do not have the installation CD/DVD, you can create one. See “Download
n
and Burn the ESXi Installer ISO Image to a CD or DVD,” on page 44
On a USB ash drive. See “Format a USB Flash Drive to Boot the ESXi Installation or Upgrade,” on
n
page 44.
N You can also PXE boot the ESXi installer to launch an interactive installation or a scripted installation. See “PXE Booting the ESXi Installer,” on page 48.
Verify that the server hardware clock is set to UTC. This seing is in the system BIOS.
n
VMware, Inc.
57
Verify that a keyboard and monitor are aached to the machine on which the ESXi software will be
n
installed. Alternatively, use a remote management application. See “Using Remote Management
Applications,” on page 55.
Consider disconnecting your network storage. This action decreases the time it takes the installer to
n
search for available disk drives. Note that when you disconnect network storage, any les on the disconnected disks are unavailable at installation.
Do not disconnect a LUN that contains an existing ESX or ESXi installation. Do not disconnect a VMFS datastore that contains the Service Console of an existing ESX installation. These actions can aect the outcome of the installation.
Gather the information required by the ESXi installation wizard. See “Required Information for ESXi
n
Installation,” on page 55.
Verify that ESXi Embedded is not present on the host machine. ESXi Installable and ESXi Embedded
n
cannot exist on the same host.
Procedure
1 Insert the ESXi installer CD/DVD into the CD/DVD-ROM drive, or aach the Installer USB ash drive
and restart the machine.
2 Set the BIOS to boot from the CD-ROM device or the USB ash drive.
See your hardware vendor documentation for information on changing boot order.
3 On the Select a Disk page, select the drive on which to install ESXi and press Enter.
Press F1 for information about the selected disk.
N Do not rely on the disk order in the list to select a disk. The disk order is determined by the BIOS and might be out of order. This might occur on systems where drives are continuously being added and removed.
If you select a disk that contains data, the Conrm Disk Selection page appears.
If you are installing on a disc with a previous ESXi or ESX installation or VMFS datastore, the installer provides several choices.
I If you are upgrading or migrating an existing ESX/ESXi installation, see the vSphere Upgrade documentation. The instructions in this vSphere Installation and Setup documentation are for a
fresh installation of ESXi.
If you select a disk that is in Virtual SAN disk group, the resulting installation depends on the type of disk and the group size:
If you select an SSD, the SSD and all underlying HDDs in the same disk group will be wiped.
n
If you select an HDD, and the disk group size is greater than two, only the selected HDD will be
n
wiped.
If you select an HDD disk, and the disk group size is two or less, the SSD and the selected HDD
n
will be wiped.
For more information about managing Virtual SAN disk groups, see the vSphere Storage documentation.
4 Select the keyboard type for the host.
You can change the keyboard type after installation in the direct console.
5 Enter the root password for the host.
You can leave the password blank, but to secure the system from the rst boot, enter a password. You can change the password after installation in the direct console.
58 VMware, Inc.
Chapter 4 Installing ESXi
6 Press Enter to start the installation.
7 When the installation is complete, remove the installation CD, DVD, or USB ash drive.
8 Press Enter to reboot the host.
If you are performing a new installation, or you chose to overwrite an existing VMFS datastore, during the reboot operation, VFAT scratch and VMFS partitions are created on the host disk.
9 Set the rst boot device to be the drive on which you installed ESXi in Step 3.
For information about changing boot order, see your hardware vendor documentation.
N UEFI systems might require additional steps to set the boot device. See “Host Fails to Boot After
You Install ESXi in UEFI Mode,” on page 168
After the installation is complete, you can migrate existing VMFS data to the ESXi host.
You can boot a single machine from each ESXi image. Booting multiple devices from a single shared ESXi image is not supported.
What to do next
Set up basic administration and network conguration for ESXi. See Chapter 6, “After You Install and Set Up
ESXi,” on page 183.

Install ESXi on a Software iSCSI Disk

When you install ESXi to a software iSCSI disk, you must congure the target iSCSI qualied name (IQN).
During system boot, the system performs a Power-On Self Test (POST), and begins booting the adapters in the order specied in the system BIOS. When the boot order comes to the iSCSI Boot Firmware Table (iBFT) adapter, the adapter aempts to connect to the target, but does not boot from it. See Prerequisites.
If the connection to the iSCSI target is successful, the iSCSI boot rmware saves the iSCSI boot conguration in the iBFT. The next adapter to boot must be the ESXi installation media, either a mounted ISO image or a physical CD-ROM.
Prerequisites
Verify that the target IQN is congured in the iBFT BIOS target parameter seing. This seing is in the
n
option ROM of the network interface card (NIC) to be used for the iSCSI LUN. See the vendor documentation for your system.
Disable the iBFT adapter option to boot to the iSCSI target. This action is necessary to make sure that
n
the ESXi installer boots, rather than the iSCSI target. When you start your system, follow the prompt to log in to your iBFT adapter and disable the option to boot to the iSCSI target. See the vendor documentation for your system and iBFT adapter. After you nish the ESXi installation, you can reenable the option to boot from the LUN you install ESXi on.
Procedure
1 Start an interactive installation from the ESXi installation CD/DVD or mounted ISO image.
2 On the Select a Disk screen, select the iSCSI target you specied in the iBFT BIOS target parameter
seing.
If the target does not appear in this menu, make sure that the TCP/IP and initiator iSCSI IQN seings are correct. Check the network Access Control List (ACL) and conrm that the adapter has adequate permissions to access the target.
3 Follow the prompts to complete the installation.
4 Reboot the host.
VMware, Inc. 59
5 In the host BIOS seings, enter the iBFT adapter BIOS conguration, and change the adapter parameter
to boot from the iSCSI target.
See the vendor documentation for your system.
What to do next
On your iBFT adapter, reenable the option to boot to the iSCSI target, so the system will boot from the LUN you installed ESXi on.

Installing or Upgrading Hosts by Using a Script

You can quickly deploy ESXi hosts by using scripted, unaended installations or upgrades. Scripted installations or upgrades provide an ecient way to deploy multiple hosts.
The installation or upgrade script contains the installation seings for ESXi. You can apply the script to all hosts that you want to have a similar conguration.
For a scripted installation or upgrade, you must use the supported commands to create a script. You can edit the script to change seings that are unique for each host.
The installation or upgrade script can reside in one of the following locations:
FTP server
n
HTTP/HTTPS server
n
NFS server
n
USB ash drive
n
CD-ROM drive
n

Approaches for Scripted Installation

You can install ESXi on multiple machines using a single script for all of them or a separate script for each machine.
For example, because disk names vary from machine to machine, one of the seings that you might want to congure in a script is the selection for the disk to install ESXi on.
Table 41. Scripted Installation Choices
Option Action
Always install on the rst disk on multiple machines. Create one script.
Install ESXi on a dierent disk for each machine. Create multiple scripts.
For information about the commands required to specify the disk to install on, see “Installation and
Upgrade Script Commands,” on page 64.

Enter Boot Options to Start an Installation or Upgrade Script

You can start an installation or upgrade script by typing boot options at the ESXi installer boot command line.
At boot time you might need to specify options to access the kickstart le. You can enter boot options by pressing Shift+O in the boot loader. For a PXE boot installation, you can pass options through the
kernelopts line of the boot.cfg le. See “About the boot.cfg File,” on page 71 and “PXE Booting the ESXi
Installer,” on page 48.
60 VMware, Inc.
Chapter 4 Installing ESXi
To specify the location of the installation script, set the ks=filepath option, where lepath is indicates the location of your Kickstart le. Otherwise, a scripted installation or upgrade cannot start. If ks=filepath is omied, the text installer is run.
Supported boot options are listed in “Boot Options,” on page 61.
Procedure
1 Start the host.
2 When the ESXi installer window appears, press Shift+O to edit boot options.
3 At the runweasel command prompt, type
ks=location of installation script plus boot command-line options.
Example: Boot Option
You type the following boot options:
ks=http://00.00.00.00/kickstart/ks-osdc-pdp101.cfg nameserver=00.00.0.0 ip=00.00.00.000
netmask=255.255.255.0 gateway=00.00.00.000
Boot Options
When you perform a scripted installation, you might need to specify options at boot time to access the kickstart le.
Supported Boot Options
Table 42. Boot Options for ESXi Installation
Boot Option Description
BOOTIF=hwtype-MAC address Similar to the netdevice option, except in the PXELINUX
format as described in the IPAPPEND option under SYSLINUX at the syslinux.zytor.com site.
gateway=ip address
ip=ip address
Sets this network gateway as the default gateway to be used for downloading the installation script and installation media.
Sets up a static IP address to be used for downloading the installation script and the installation media. Note: the PXELINUX format for this option is also supported. See the IPAPPEND option under SYSLINUX at the syslinux.zytor.com site.
VMware, Inc. 61
Table 42. Boot Options for ESXi Installation (Continued)
Boot Option Description
ks=cdrom:/path
ks=file://path
ks=protocol://serverpath
ks=usb
ks=usb:/path
ksdevice=device
nameserver=ip address
netdevice=device
netmask=subnet mask
vlanid=vlanid
Performs a scripted installation with the script at path, which resides on the CD in the CD-ROM drive. Each CDROM is mounted and checked until the le that matches the path is found.
I If you have created an installer ISO image with a custom installation or upgrade script, you must use uppercase characters to provide the path of the script, for example, ks=cdrom:/KS_CUST.CFG.
Performs a scripted installation with the script at path.
Performs a scripted installation with a script located on the network at the given URL. protocol can be http, https, ftp, or nfs. An example using nfs protocol is ks=nfs://host/porturl-path. The format of an NFS URL is specied in RFC 2224.
Performs a scripted installation, accessing the script from an
aached USB drive. Searches for a le named ks.cfg. The le must be located in the root directory of the drive. If
multiple USB ash drives are aached, they are searched until the ks.cfg le is found. Only FAT16 and FAT32 le systems are supported.
Performs a scripted installation with the script le at the specied path, which resides on USB.
Tries to use a network adapter device when looking for an installation script and installation media. Specify as a MAC address, for example, 00:50:56:C0:00:01. This location can also be a vmnicNN name. If not specied and les need to be retrieved over the network, the installer defaults to the
rst discovered network adapter that is plugged in.
Species a domain name server to be used for downloading
the installation script and installation media.
Tries to use a network adapter device when looking for an installation script and installation media. Specify as a MAC address, for example, 00:50:56:C0:00:01. This location can also be a vmnicNN name. If not specied and les need to be retrieved over the network, the installer defaults to the
rst discovered network adapter that is plugged in.
Species subnet mask for the network interface that
downloads the installation script and the installation media.
Congure the network card to be on the specied VLAN.

About Installation and Upgrade Scripts

The installation/upgrade script is a text le, for example ks.cfg, that contains supported commands.
The command section of the script contains the ESXi installation options. This section is required and must appear rst in the script.
62 VMware, Inc.
Chapter 4 Installing ESXi
About the Default ks.cfg Installation Script
The ESXi installer includes a default installation script that performs a standard installation to the rst detected disk.
The default ks.cfg installation script is located in the initial RAM disk at /etc/vmware/weasel/ks.cfg. You can specify the location of the default ks.cfg le with the ks=file://etc/vmware/weasel/ks.cfg boot option. See “Enter Boot Options to Start an Installation or Upgrade Script,” on page 60.
When you install ESXi using the ks.cfg script, the default root password is mypassword.
You cannot modify the default script on the installation media. After the installation, you can use the vSphere Web Client to log in to the vCenter Server that manages the ESXi host and modify the default
seings.
The default script contains the following commands:
#
# Sample scripted installation file
#
# Accept the VMware End User License Agreement
vmaccepteula
# Set the root password for the DCUI and Tech Support Mode
rootpw mypassword
# Install on the first local disk available on machine
install --firstdisk --overwritevmfs
# Set the network to DHCP on the first network adapter
network --bootproto=dhcp --device=vmnic0
# A sample post-install script
%post --interpreter=python --ignorefailure=true
import time
stampFile = open('/finished.stamp', mode='w')
stampFile.write( time.asctime() )
Locations Supported for Installation or Upgrade Scripts
In scripted installations and upgrades, the ESXi installer can access the installation or upgrade script, also called the kickstart le, from several locations.
The following locations are supported for the installation or upgrade script:
CD/DVD. See “Create an Installer ISO Image with a Custom Installation or Upgrade Script,” on
n
page 47.
USB Flash drive. See “Create a USB Flash Drive to Store the ESXi Installation Script or Upgrade Script,”
n
on page 46.
A network location accessible through the following protocols: NFS, HTTP, HTTPS, FTP
n
VMware, Inc. 63
Path to the Installation or Upgrade Script
You can specify the path to an installation or upgrade script.
ks=http://XXX.XXX.XXX.XXX/kickstart/KS.CFG is the path to the ESXi installation script, where XXX.XXX.XXX.XXX is the IP address of the machine where the script resides. See “About Installation and
Upgrade Scripts,” on page 62.
To start an installation script from an interactive installation, you enter the ks= option manually. See “Enter
Boot Options to Start an Installation or Upgrade Script,” on page 60.
Installation and Upgrade Script Commands
To modify the default installation or upgrade script or to create your own script, use supported commands. Use supported commands in the installation script, which you specify with a boot command when you boot the installer.
To determine which disk to install or upgrade ESXi on, the installation script requires one of the following commands: install, upgrade, or installorupgrade. The install command creates the default partitions, including a VMFS datastore that occupies all available space after the other partitions are created.
accepteula or vmaccepteula (required)
Accepts the ESXi license agreement.
clearpart (optional)
Clears any existing partitions on the disk. Requires the install command to be specied. Carefully edit the
clearpart command in your existing scripts.
--drives=
--alldrives
Remove partitions on the specied drives.
Ignores the --drives= requirement and allows clearing of partitions on every drive.
--ignoredrives=
--overwritevmfs
Removes partitions on all drives except those specied. Required unless the
--drives= or --alldrives ag is specied.
Allows overwriting of VMFS partitions on the specied drives. By default, overwriting VMFS partitions is not allowed.
--firstdisk=
disk-type1
[disk-type2,...]
Partitions the rst eligible disk found. By default, the eligible disks are set to the following order:
1 Locally aached storage (local)
2 Network storage (remote)
3 USB disks (usb)
You can change the order of the disks by using a comma-separated list appended to the argument. If you provide a lter list, the default seings are overridden. You can combine lters to specify a particular disk, including esx for the rst disk with ESXi installed on it, model and vendor information, or the name of the VMkernel device driver. For example, to prefer a disk with the model name ST3120814A and any disk that uses the mptsas driver rather than a normal local disk, the argument is
--firstdisk=ST3120814A,mptsas,local.
dryrun (optional)
Parses and checks the installation script. Does not perform the installation.
64 VMware, Inc.
Chapter 4 Installing ESXi
install
Species that this is a fresh installation. Replaces the deprecated autopart command used for ESXi 4.1 scripted installations. Either the install, upgrade, or installorupgrade command is required to determine which disk to install or upgrade ESXi on.
--disk= or --drive=
--firstdisk=
disk-type1,
[disk-type2,...]
Species the disk to partition. In the command --disk=diskname, the diskname can be in any of the forms shown in the following examples:
Path: --disk=/vmfs/devices/disks/mpx.vmhba1:C0:T0:L0
n
MPX name: --disk=mpx.vmhba1:C0:T0:L0
n
VML name: --disk=vml.000000034211234
n
vmkLUN UID: --disk=vmkLUN_UID
n
For accepted disk name formats, see “Disk Device Names,” on page 71.
Partitions the rst eligible disk found. By default, the eligible disks are set to the following order:
1 Locally aached storage (local)
2 Network storage (remote)
3 USB disks (usb)
You can change the order of the disks by using a comma-separated list appended to the argument. If you provide a lter list, the default seings are overridden. You can combine lters to specify a particular disk, including esx for the rst disk with ESX installed on it, model and vendor information, or the name of the vmkernel device driver. For example, to prefer a disk with the model name ST3120814A and any disk that uses the mptsas driver rather than a normal local disk, the argument is
--firstdisk=ST3120814A,mptsas,local.
--ignoressd
--overwritevsan
Excludes solid-state disks from eligibility for partitioning. This option can be used with the install command and the --firstdisk option. This option takes precedence over the --firstdisk option. This option is invalid with the --drive or --disk options and with the upgrade and installorupgrade commands. See the vSphere Storage documentation for more information about preventing SSD formaing during auto-partitioning.
You must use the --overwritevsan option when you install ESXi on a disk, either SSD or HDD (magnetic), that is in a Virtual SAN disk group. If you use this option and no Virtual SAN partition is on the selected disk, the installation will fail. When you install ESXi on a disk that is in Virtual SAN disk group, the result depends on the disk that you select:
If you select an SSD, the SSD and all underlying HDDs in the same disk
n
group will be wiped.
If you select an HDD, and the disk group size is greater than two, only
n
the selected HDD will be wiped.
If you select an HDD disk, and the disk group size is two or less, the SSD
n
and the selected HDD will be wiped.
For more information about managing Virtual SAN disk groups, see the vSphere Storage documentation.
VMware, Inc. 65
--overwritevmfs
Required to overwrite an existing VMFS datastore on the disk before installation.
--preservevmfs
--novmfsondisk
Preserves an existing VMFS datastore on the disk during installation.
Prevents a VMFS partition from being created on this disk. Must be used with --overwritevmfs if a VMFS partition already exists on the disk.
installorupgrade
Either the install, upgrade, or installorupgrade command is required to determine which disk to install or upgrade ESXi on.
--disk= or --drive=
Species the disk to partition. In the command --disk=diskname, the diskname can be in any of the forms shown in the following examples:
Path: --disk=/vmfs/devices/disks/mpx.vmhba1:C0:T0:L0
n
MPX name: --disk=mpx.vmhba1:C0:T0:L0
n
VML name: --disk=vml.000000034211234
n
vmkLUN UID: --disk=vmkLUN_UID
n
For accepted disk name formats, see “Disk Device Names,” on page 71.
--firstdisk=
disk-type1,
[disk-type2,...]
Partitions the rst eligible disk found. By default, the eligible disks are set to the following order:
1 Locally aached storage (local)
--overwritevsan
2 Network storage (remote)
3 USB disks (usb)
You can change the order of the disks by using a comma-separated list appended to the argument. If you provide a lter list, the default seings are overridden. You can combine lters to specify a particular disk, including esx for the rst disk with ESX installed on it, model and vendor information, or the name of the vmkernel device driver. For example, to prefer a disk with the model name ST3120814A and any disk that uses the mptsas driver rather than a normal local disk, the argument is
--firstdisk=ST3120814A,mptsas,local.
You must use the --overwritevsan option when you install ESXi on a disk, either SSD or HDD (magnetic), that is in a Virtual SAN disk group. If you use this option and no Virtual SAN partition is on the selected disk, the installation will fail. When you install ESXi on a disk that is in a Virtual SAN disk group, the result depends on the disk that you select:
If you select an SSD, the SSD and all underlying HDDs in the same disk
n
group will be wiped.
If you select an HDD, and the disk group size is greater than two, only
n
the selected HDD will be wiped.
66 VMware, Inc.
Chapter 4 Installing ESXi
If you select an HDD disk, and the disk group size is two or less, the SSD
n
and the selected HDD will be wiped.
For more information about managing Virtual SAN disk groups, see the vSphere Storage documentation.
--overwritevmfs
Install ESXi if a VMFS partition exists on the disk, but no ESX or ESXi installation exists. Unless this option is present, the installer will fail if a VMFS partition exists on the disk, but no ESX or ESXi installation exists.
keyboard (optional)
Sets the keyboard type for the system.
keyboardType
Species the keyboard map for the selected keyboard type. keyboardType must be one of the following types.
Belgian
n
Brazilian
n
Croatian
n
Czechoslovakian
n
Danish
n
Default
n
Estonian
n
Finnish
n
French
n
German
n
Greek
n
Icelandic
n
Italian
n
Japanese
n
Latin American
n
Norwegian
n
Polish
n
Portuguese
n
Russian
n
Slovenian
n
Spanish
n
Swedish
n
Swiss French
n
Swiss German
n
Turkish
n
US Dvorak
n
VMware, Inc. 67
serialnum or vmserialnum (optional)
Deprecated in ESXi 5.0.x. Supported in ESXi 5.1 and later. Congures licensing. If not included, ESXi installs in evaluation mode.
Ukrainian
n
United Kingdom
n
--esx=<license-key>
Species the vSphere license key to use. The format is 5 ve-character groups (XXXXX-XXXXX-XXXXX-XXXXX-XXXXX).
network (optional)
Species a network address for the system.
--bootproto=[dhcp|
static]
--device=
Species whether to obtain the network seings from DHCP or set them manually.
Species either the MAC address of the network card or the device name, in the form vmnicNN, as in vmnic0. This options refers to the uplink device for the virtual switch.
--ip=
Sets an IP address for the machine to be installed, in the form
xxx.xxx.xxx.xxx. Required with the --bootproto=static option and
ignored otherwise.
--gateway=
--nameserver=
Designates the default gateway as an IP address, in the form
xxx.xxx.xxx.xxx. Used with the --bootproto=static option.
Designates the primary name server as an IP address. Used with the --
bootproto=static option. Omit this option if you do not intend to use DNS.
The --nameserver option can accept two IP addresses. For example: --
nameserver="10.126.87.104[,10.126.87.120]"
--netmask=
--hostname=
--vlanid= vlanid
Species the subnet mask for the installed system, in the form
255.xxx.xxx.xxx. Used with the --bootproto=static option.
Species the host name for the installed system.
Species which VLAN the system is on. Used with either the
--bootproto=dhcp or --bootproto=static option. Set to an integer from 1 to 4096.
--addvmportgroup=(0|1)
Species whether to add the VM Network port group, which is used by virtual machines. The default value is 1.
paranoid (optional)
Causes warning messages to interrupt the installation. If you omit this command, warning messages are logged.
68 VMware, Inc.
Chapter 4 Installing ESXi
part or partition (optional)
Creates an additional VMFS datastore on the system. Only one datastore per disk can be created. Cannot be used on the same disk as the install command. Only one partition can be specied per disk and it can only be a VMFS partition.
datastore name
--ondisk= or --ondrive=
--firstdisk=
disk-type1,
[disk-type2,...]
Species where the partition is to be mounted.
Species the disk or drive where the partition is created.
Partitions the rst eligible disk found. By default, the eligible disks are set to the following order:
1 Locally aached storage (local)
2 Network storage (remote)
3 USB disks (usb)
You can change the order of the disks by using a comma-separated list appended to the argument. If you provide a lter list, the default seings are overridden. You can combine lters to specify a particular disk, including esx for the rst disk with ESX installed on it, model and vendor information, or the name of the vmkernel device driver. For example, to prefer a disk with the model name ST3120814A and any disk that uses the mptsas driver rather than a normal local disk, the argument is
--firstdisk=ST3120814A,mptsas,local.
reboot (optional)
Reboots the machine after the scripted installation is complete.
<--noeject>
The CD is not ejected after the installation.
rootpw (required)
Sets the root password for the system.
--iscrypted
password
Species that the password is encrypted.
Species the password value.
upgrade
Either the install, upgrade, or installorupgrade command is required to determine which disk to install or upgrade ESXi on.
--disk= or --drive=
Species the disk to partition. In the command --disk=diskname, the diskname can be in any of the forms shown in the following examples:
Path: --disk=/vmfs/devices/disks/mpx.vmhba1:C0:T0:L0
n
MPX name: --disk=mpx.vmhba1:C0:T0:L0
n
VML name: --disk=vml.000000034211234
n
vmkLUN UID:--disk=vmkLUN_UID
n
For accepted disk name formats, see “Disk Device Names,” on page 71.
--firstdisk=
disk-type1,
[disk-type2,...]
Partitions the rst eligible disk found. By default, the eligible disks are set to the following order:
1 Locally aached storage (local)
VMware, Inc. 69
%include or include (optional)
Species another installation script to parse. This command is treated similarly to a multiline command, but takes only one argument.
2 Network storage (remote)
3 USB disks (usb)
You can change the order of the disks by using a comma-separated list appended to the argument. If you provide a lter list, the default seings are overridden. You can combine lters to specify a particular disk, including esx for the rst disk with ESX installed on it, model and vendor information, or the name of the vmkernel device driver. For example, to prefer a disk with the model name ST3120814A and any disk that uses the mptsas driver rather than a normal local disk, the argument is
--firstdisk=ST3120814A,mptsas,local.
filename
For example: %include part.cfg
%pre (optional)
Species a script to run before the kickstart conguration is evaluated. For example, you can use it to generate les for the kickstart le to include.
--interpreter
=[python|busybox]
Species an interpreter to use. The default is busybox.
%post (optional)
Runs the specied script after package installation is complete. If you specify multiple %post sections, they run in the order that they appear in the installation script.
--interpreter
=[python|busybox]
--timeout=secs
Species an interpreter to use. The default is busybox.
Species a timeout for running the script. If the script is not nished when
the timeout expires, the script is forcefully terminated.
--ignorefailure
=[true|false]
If true, the installation is considered a success even if the %post script terminated with an error.
%firstboot
Creates an init script that runs only during the rst boot. The script has no eect on subsequent boots. If multiple %firstboot sections are specied, they run in the order that they appear in the kickstart le.
N You cannot check the semantics of %firstboot scripts until the system is booting for the rst time. A
%firstboot script might contain potentially catastrophic errors that are not exposed until after the
installation is complete.
--interpreter
=[python|busybox]
Species an interpreter to use. The default is busybox.
N You cannot check the semantics of the %firstboot script until the system boots for the rst time. If the script contains errors, they are not exposed until after the installation is complete.
70 VMware, Inc.
Chapter 4 Installing ESXi
Disk Device Names
The install, upgrade, and installorupgrade installation script commands require the use of disk device names.
Table 43. Disk Device Names
Format Example Description
VML vml.00025261 The device name as reported by
the VMkernel
MPX mpx.vmhba0:C0:T0:L0 The device name
About the boot.cfg File
The boot loader conguration le boot.cfg species the kernel, the kernel options, and the boot modules that the mboot.c32 boot loader uses in an ESXi installation.
The boot.cfg le is provided in the ESXi installer. You can modify the kernelopt line of the boot.cfg le to specify the location of an installation script or to pass other boot options.
The boot.cfg le has the following syntax:
# boot.cfg -- mboot configuration file
#
# Any line preceded with '#' is a comment.
title=STRING
kernel=FILEPATH
kernelopt=STRING
modules=FILEPATH1 --- FILEPATH2... --- FILEPATHn
# Any other line must remain unchanged.
The commands in boot.cfg congure the boot loader.
Table 44. Commands in boot.cfg .
Command Description
title=STRING Sets the boot loader title to STRING.
kernel=FILEPATH Sets the kernel path to FILEPATH.
kernelopt=STRING Appends STRING to the kernel boot options.
modules=FILEPATH1 --- FILEPATH2... ---
FILEPATHn
Lists the modules to be loaded, separated by three hyphens (---).
See “Create an Installer ISO Image with a Custom Installation or Upgrade Script,” on page 47, “PXE Boot
the ESXi Installer by Using PXELINUX and a PXE Conguration File,” on page 51, “PXE Boot the ESXi Installer by Using PXELINUX and an isolinux.cfg PXE Conguration File,” on page 53, and “PXE Booting the ESXi Installer,” on page 48.
VMware, Inc. 71

Install or Upgrade ESXi from a CD or DVD by Using a Script

You can install or upgrade ESXi from a CD-ROM or DVD-ROM drive by using a script that species the installation or upgrade options.
You can start the installation or upgrade script by entering a boot option when you start the host. You can also create an installer ISO image that includes the installation script. With an installer ISO image, you can perform a scripted, unaended installation when you boot the resulting installer ISO image. See “Create an
Installer ISO Image with a Custom Installation or Upgrade Script,” on page 47.
Prerequisites
Before you run the scripted installation or upgrade, verify that the following prerequisites are met:
The system on which you are installing or upgrading meets the hardware requirements. See “ESXi
n
Hardware Requirements,” on page 23.
You have the ESXi installer ISO on an installation CD or DVD . See “Download and Burn the ESXi
n
Installer ISO Image to a CD or DVD,” on page 44.
The default installation or upgrade script (ks.cfg) or a custom installation or upgrade script is
n
accessible to the system. See “About Installation and Upgrade Scripts,” on page 62.
You have selected a boot command to run the scripted installation or upgrade. See “Enter Boot Options
n
to Start an Installation or Upgrade Script,” on page 60. For a complete list of boot commands, see “Boot Options,” on page 61.
Procedure
1 Boot the ESXi installer from the local CD-ROM or DVD-ROM drive.
2 When the ESXi installer window appears, press Shift+O to edit boot options.
3 Type a boot option that calls the default installation or upgrade script or an installation or upgrade
script le that you created.
The boot option has the form ks=.
4 Press Enter.
The installation, upgrade, or migration runs, using the options that you specied.

Install or Upgrade ESXi from a USB Flash Drive by Using a Script

You can install or upgrade ESXi from a USB ash drive by using a script that species the installation or upgrade options.
Supported boot options are listed in “Boot Options,” on page 61.
72 VMware, Inc.
Chapter 4 Installing ESXi
Prerequisites
Before running the scripted installation or upgrade, verify that the following prerequisites are met:
The system that you are installing or upgrading to ESXi meets the hardware requirements for the
n
installation or upgrade. See “ESXi Hardware Requirements,” on page 23.
You have the ESXi installer ISO on a bootable USB ash drive. See “Format a USB Flash Drive to Boot
n
the ESXi Installation or Upgrade,” on page 44.
The default installation or upgrade script (ks.cfg) or a custom installation or upgrade script is
n
accessible to the system. See “About Installation and Upgrade Scripts,” on page 62.
You have selected a boot option to run the scripted installation, upgrade, or migration. See “Enter Boot
n
Options to Start an Installation or Upgrade Script,” on page 60.
Procedure
1 Boot the ESXi installer from the USB ash drive.
2 When the ESXi installer window appears, press Shift+O to edit boot options.
3 Type a boot option that calls the default installation or upgrade script or an installation or upgrade
script le that you created.
The boot option has the form ks=.
4 Press Enter.
The installation, upgrade, or migration runs, using the options that you specied.

Performing a Scripted Installation or Upgrade of ESXi by Using PXE to Boot the Installer

ESXi 6.0 provides many options for using PXE to boot the installer and using an installation or upgrade script.
For information about seing up a PXE infrastructure, see “PXE Booting the ESXi Installer,” on page 48.
n
For information about creating and locating an installation script, see “About Installation and Upgrade
n
Scripts,” on page 62.
For specic procedures to use PXE to boot the ESXi installer and use an installation script, see one of the
n
following topics:
“PXE Boot the ESXi Installer by Using PXELINUX and an isolinux.cfg PXE Conguration File,” on
n
page 53
“PXE Boot the ESXi Installer by Using PXELINUX and a PXE Conguration File,” on page 51
n
“PXE Boot the ESXi Installer Using gPXE,” on page 54
n
VMware, Inc. 73
For information about using vSphere Auto Deploy to perform a scripted installation by using PXE to
n
boot, see “Installing ESXi Using vSphere Auto Deploy,” on page 74.

Installing ESXi Using vSphere Auto Deploy

vSphere Auto Deploy lets you provision hundreds of physical hosts with ESXi software.
Using Auto Deploy, experienced system administrators can manage large deployments eciently. Hosts are network-booted from a central Auto Deploy server. Optionally, hosts are congured with a host prole of a reference host. The host prole can be set up to prompt the user for input. After boot up and conguration complete, the hosts are managed by vCenter Server just like other ESXi hosts.
Auto Deploy can also be used for stateless caching or stateful installs.
I Auto Deploy requires a secure separation between the production network and the management or deployment networks as discussed in “Auto Deploy Security Considerations,” on page 118. Using Auto Deploy without this separation is insecure.
Stateless caching
By default, Auto Deploy does not store ESXi conguration or state on the host disk. Instead, an image prole denes the image that the host is provisioned with, and other host aributes are managed through host proles. A host that uses Auto Deploy for stateless caching still needs to connect to the Auto Deploy server and the vCenter Server.
Stateful installs
You can provision a host with Auto Deploy and set up the host to store the image to disk. On subsequent boots, the host boots from disk.

Understanding vSphere Auto Deploy

vSphere Auto Deploy can provision hundreds of physical hosts with ESXi software. You can specify the image to deploy and the hosts to provision with the image. Optionally, you can specify host proles to apply to the hosts, and a vCenter Server location (folder or cluster) for each host.
Introduction to Auto Deploy
When you start a physical host that is set up for Auto Deploy, Auto Deploy uses PXE boot infrastructure in conjunction with vSphere host proles to provision and customize that host. No state is stored on the host itself. Instead, the Auto Deploy server manages state information for each host.
State Information for ESXi Hosts
Auto Deploy stores the information for the ESXi hosts to be provisioned in dierent locations. Information about the location of image proles and host proles is initially specied in the rules that map machines to image proles and host proles.
Table 4‑5. Auto Deploy Stores Information for Deployment
Information Type Description Source of Information
Image state The executable software to run on an ESXi host. Image prole, created with Image Builder
PowerCLI.
Conguration
state
Dynamic state The runtime state that is generated by the
74 VMware, Inc.
The congurable seings that determine how the host is congured, for example, virtual switches and their seings, driver seings, boot parameters, and so on.
running software, for example, generated private keys or runtime databases.
Host prole, created by using the host prole UI. Often comes from a template host.
Host memory, lost during reboot.
Table 45. Auto Deploy Stores Information for Deployment (Continued)
Information Type Description Source of Information
Virtual machine state
User input State that is based on user input, for example,
The virtual machines stored on a host and virtual machine autostart information (subsequent boots only).
an IP address that the user provides when the system starts up, cannot automatically be included in the host prole.
Virtual machine information sent by vCenter Server to Auto Deploy must be available to supply virtual machine information to Auto Deploy.
Host customization information, stored by vCenter Server during rst boot.
You can create a host prole that requires user input for certain values.
When Auto Deploy applies a host prole that requires user provided information, the host is placed in maintenance mode. Use the host prole UI to check the host prole compliance, and respond to the prompt to customize the host.
Auto Deploy Architecture
The Auto Deploy infrastructure consists of several components.
For more information, watch the video "Auto Deploy Architecture":
Auto Deploy Architecture (hp://link.brightcove.com/services/player/bcpid2296383276001?
bctid=ref:video_auto_deploy_architecture)
Chapter 4 Installing ESXi
VMware, Inc. 75
Host profiles
and host
customization
Host profile
UI
Autp Deploy
PowerCLI
Rules Engine
Auto Deploy
server
(Web server)
Image Builder
PowerCLI
Image
profiles
Plug-in
Host
profile
engine
ESXi
host
HTTP fetch of images/VIBs and host profiles (iPXE boot and update)
VIBs and
image profiles
Fetch of predefined image
profiles and VIBs
public depot
Figure 41. vSphere Auto Deploy Architecture
Auto Deploy server
Auto Deploy rules engine
Image profiles
Host profiles
Host customization
Serves images and host proles to ESXi hosts.
Sends information to the Auto Deploy server which image prole and which host prole to serve to which host. Administrators use the Auto Deploy PowerCLI to dene the rules that assign image proles and host proles to hosts.
Dene the set of VIBs to boot ESXi hosts with.
VMware and VMware partners make image proles and VIBs available
n
in public depots. Use the Image Builder PowerCLI to examine the depot, and use the Auto Deploy rules engine to specify which image prole to assign to which host.
VMware customers can create a custom image prole based on the
n
public image proles and VIBs in the depot and apply that image prole to the host. See “Using vSphere ESXi Image Builder,” on page 139.
Dene machine-specic conguration such as networking or storage setup. Use the host prole UI to create host proles. You can create a host prole for a reference host and apply that host prole to other hosts in your environment for a consistent conguration.
Stores information that the user provides when host proles are applied to the host. Host customization might contain an IP address or other information that the user supplied for that host. See “Host Customization in
the vSphere Web Client,” on page 111.
Host customization was called answer le in earlier releases of Auto Deploy.
76 VMware, Inc.
Chapter 4 Installing ESXi
Rules and Rule Sets
You specify the behavior of the Auto Deploy server by using a set of rules wrien in PowerCLI. The Auto Deploy rules engine checks the rule set for matching host paerns to decide which items (image prole, host prole, or vCenter Server location) to provision each host with.
The rules engine maps software and conguration seings to hosts based on the aributes of the host. For example, you can deploy image proles or host proles to two clusters of hosts by writing two rules, each matching on the network address of one cluster.
For hosts that have not yet been added to a vCenter Server system, the Auto Deploy server checks with the rules engine before serving image proles, host proles, and inventory location information to hosts. For hosts that are managed by a vCenter Server system, the image prole, host prole, and inventory location that vCenter Server has stored in the host object is used. If you make changes to rules, you can use Auto Deploy PowerCLI cmdlets to test and repair rule compliance. When you repair rule compliance for a host, that host's image prole and host prole assignments are updated.
The rules engine includes rules and rule sets.
Rules
Active Rule Set
Working Rule Set
Rules can assign image proles and host proles to a set of hosts, or specify the location (folder or cluster) of a host on the target vCenter Server system. A rule can identify target hosts by boot MAC address, SMBIOS information, BIOS UUID, Vendor, Model, or xed DHCP IP address. In most cases, rules apply to multiple hosts. You create rules by using Auto Deploy PowerCLI cmdlets. After you create a rule, you must add it to a rule set. Only two rule sets, the active rule set and the working rule set, are supported. A rule can belong to both sets, the default, or only to the working rule set. After you add a rule to a rule set, you can no longer change the rule. Instead, you copy the rule and replace items or paerns in the copy.
When a newly started host contacts the Auto Deploy server with a request for an image prole, the Auto Deploy server checks the active rule set for matching rules. The image prole, host prole, and vCenter Server inventory location that are mapped by matching rules are then used to boot the host. If more than one item of the same type is mapped by the rules, the Auto Deploy server uses the item that is rst in the rule set.
The working rule set allows you to test changes to rules before making the changes active. For example, you can use Auto Deploy PowerCLI cmdlets for testing compliance with the working rule set. The test veries that hosts managed by a vCenter Server system are following the rules in the working rule set. By default, cmdlets add the rule to the working rule set and activate the rules. Use the NoActivate parameter to add a rule only to the working rule set.
You use the following workow with rules and rule sets.
1 Make changes to the working rule set.
2 Use cmdlets that execute the working rule set rules against a host to make sure that everything is
working correctly.
3 Rene and retest the rules in the working rule set.
4 Activate the rules in the working rule set.
If you add a rule and do not specify the NoActivate parameter, all rules that are currently in the working rule set are activated. You cannot activate individual rules.
See the PowerCLI command-line help and “Managing Auto Deploy with PowerCLI Cmdlets,” on page 89.
VMware, Inc. 77
Auto Deploy Boot Process
When you boot a host that you want to provision or reprovision with vSphere Auto Deploy, the Auto Deploy infrastructure supplies the image prole and, optionally, a host prole and a vCenter Server location for that host.
The boot process is dierent for hosts that have not yet been provisioned with Auto Deploy (rst boot) and for hosts that have been provisioned with Auto Deploy and added to a vCenter Server system (subsequent boot).
First Boot Prerequisites
Before a rst boot process, you must set up your system. Setup includes the following tasks, which are discussed in more detail in “Preparing for vSphere Auto Deploy,” on page 84.
Set up a DHCP server that assigns an IP address to each host upon startup and that points the host to
n
the TFTP server to download the iPXE boot loader from.
Verify that the Auto Deploy server has an IPv4 address. PXE booting is supported only with IPv4.
n
Identify an image prole to be used in one of the following ways.
n
Choose an ESXi image prole in a public depot.
n
(Optional) Create a custom image prole by using the Image Builder PowerCLI, and place the
n
image prole in a depot that the Auto Deploy server can access. The image prole must include a base ESXi VIB.
(Optional) If you have a reference host in your environment, export the host prole of the reference host
n
and dene a rule that applies the host prole to one or more hosts. See “Seing Up an Auto Deploy
Reference Host,” on page 103.
Specify rules for the deployment of the host and add the rules to the active rule set.
n
First Boot Overview
When a host that has not yet been provisioned with vSphere Auto Deploy boots (rst boot), the host interacts with several Auto Deploy components.
1 When the administrator turns on a host, the host starts a PXE boot sequence.
The DHCP Server assigns an IP address to the host and instructs the host to contact the TFTP server.
2 The host contacts the TFTP server and downloads the iPXE le (executable boot loader) and an iPXE
conguration le.
3 iPXE starts executing.
The conguration le instructs the host to make a HTTP boot request to the Auto Deploy server. The HTTP request includes hardware and network information.
4 In response, the Auto Deploy server performs these tasks:
a Queries the rules engine for information about the host.
b Streams the components specied in the image prole, the optional host prole, and optional
vCenter Server location information.
5 The host boots using the image prole.
If the Auto Deploy server provided a host prole, the host prole is applied to the host.
6 Auto Deploy adds the host to the vCenter Server system that Auto Deploy is registered with.
a If a rule species a target folder or cluster on the vCenter Server system, the host is placed in that
folder or cluster. The target folder must be under a data center.
78 VMware, Inc.
Auto Deploy first boot
host sends
hardware & network
information to
Auto Deploy server
Auto Deploy
server streams
host & image
profiles to the host
host boots
using image
profile
host assigned
to vCenter Server,
which stores host &
image profiles
PXE
Chapter 4 Installing ESXi
b If no rule exists that species a vCenter Server inventory location, Auto Deploy adds the host to the
rst datacenter displayed in the vSphere Web Client UI.
7 (Optional) If the host prole requires the user to specify certain information, such as a static IP address,
the host is placed in maintenance mode when the host is added to the vCenter Server system.
You must reapply the host prole and update the host customization to have the host exit maintenance mode. When you update the host customization, answer any questions when prompted.
8 If the host is part of a DRS cluster, virtual machines from other hosts might be migrated to the host after
the host has successfully been added to the vCenter Server system.
See “Provision a Host (First Boot),” on page 93.
Figure 42. Auto Deploy Installation, First Boot
Subsequent Boots Without Updates
For hosts that are provisioned with Auto Deploy and managed by a vCenter Server system, subsequent boots can become completely automatic.
VMware, Inc. 79
1 The administrator reboots the host.
2 As the host boots up, Auto Deploy provisions the host with its image prole and host prole.
3 Virtual machines are brought up or migrated to the host based on the seings of the host.
Standalone host. Virtual machines are powered on according to autostart rules dened on the host.
n
DRS cluster host. Virtual machines that were successfully migrated to other hosts stay there.
n
Virtual machines for which no host had enough resources are registered to the rebooted host.
Auto Deploy subsequent boots
vCenter Server provisions host
using host &
image profiles
edit and
update rule set
subsequent boot with
image update
subsequent boot
with no update
check
ruleset
compliance
use updated image profile
update the host
& image profile
associations
stored in
vCenter Server
reboot
host
(optional)
If the vCenter Server system is unavailable, the host contacts the Auto Deploy and is provisioned with an image prole. The host continues to contact the Auto Deploy server until Auto Deploy reconnects to the vCenter Server system.
Auto Deploy cannot set up vSphere distributed switches if vCenter Server is unavailable, and virtual machines are assigned to hosts only if they participate in an HA cluster. Until the host is reconnected to vCenter Server and the host prole is applied, the switch cannot be created. Because the host is in maintenance mode, virtual machines cannot start. See “Reprovision Hosts with Simple Reboot Operations,” on page 94.
Any hosts that are set up to require user input are placed in maintenance mode. See “Update the Host
Customization in the vSphere Web Client,” on page 96.
Subsequent Boots With Updates
You can change the image prole, host prole, or vCenter Server location for hosts. The process includes changing rules and testing and repairing the host's rule compliance.
1 The administrator uses the Copy-DeployRule PowerCLI cmdlet to copy and edit one or more rules and
updates the rule set. See “Auto Deploy Quick Start,” on page 81 for an example.
2 The administrator runs the Test-DeployRulesetCompliance cmdlet to check whether each host is using
the information that the current rule set species.
3 The host returns a PowerCLI object that encapsulates compliance information.
4 The administrator runs the Repair-DeployRulesetCompliance cmdlet to update the image prole, host
prole, or vCenter Server location the vCenter Server system stores for each host.
5 When the host reboots, it uses the updated image prole, host prole, or vCenter Server location for the
host.
If the host prole is set up to request user input, the host is placed in maintenance mode. Follow the steps in “Update the Host Customization in the vSphere Web Client,” on page 96.
See “Test and Repair Rule Compliance,” on page 92.
Figure 43. Auto Deploy Installation, Subsequent Boots
80 VMware, Inc.
Provisioning of Systems that Have Distributed Switches
You can congure the host prole of an Auto Deploy reference host with a distributed switch.
Chapter 4 Installing ESXi
When you congure the distributed switch, the boot conguration parameters policy is automatically set to match the network parameters required for host connectivity after a reboot.
When Auto Deploy provisions the ESXi host with the host prole, the host goes through a two-step process.
1 The host creates a standard virtual switch with the properties specied in the boot conguration
parameters eld.
2 The host creates the VMkernel NICs. The VMkernel NICs allow the host to connect to Auto Deploy and
to the vCenter Server system.
When the host is added to vCenter Server, vCenter Server removes the standard switch and reapplies the distributed switch to the host.
N Do not change the boot conguration parameters to avoid problems with your distributed switch.

Auto Deploy Quick Start and Cmdlet Overview

To be successful with Auto Deploy, you have to know the tasks involved in provisioning hosts, understand the Auto Deploy components and their interaction, and know the PowerCLI cmdlets.
Auto Deploy Quick Start
Geing started with Auto Deploy requires that you learn how Auto Deploy works, install the Auto Deploy server, install vSphere PowerCLI, write vSphere PowerCLI rules that provision hosts, and power on your hosts to be booted with the image prole you specify. You can customize of the image prole, host prole, and vCenter Server location.
See “Auto Deploy Proof of Concept Setup,” on page 126 for a step-by-step exercise that helps you set up your rst Auto Deploy environment on a Windows Server 2008 system.
To provision the hosts in your environment with Auto Deploy successfully, you can follow these steps.
1 Install vCenter Server and the vCenter Server components, or deploy the vCenter Server Appliance.
The Auto Deploy server is included with the management node.
2 Install vSphere PowerCLI, which includes Auto Deploy and Image Builder cmdlets.
See “Install vSphere PowerCLI and Prerequisite Software,” on page 86 and “Using Auto Deploy
Cmdlets,” on page 87.
3 Find the image prole that includes the VIBs that you want to deploy to your hosts.
In most cases, you add the depots containing the required software to your vSphere PowerCLI
n
session, and then select an image prole from one of those depots.
To create a custom image prole, use Image Builder cmdlets to clone an existing image prole and
n
add the custom VIBs to the clone. Add the custom image prole to the vSphere PowerCLI session.
You must use Image Builder for customization only if you have to add or remove VIBs. In most cases, you can add the depot where VMware hosts the image proles to your vSphere PowerCLI session as a URL.
4 Use the New-DeployRule vSphere PowerCLI cmdlet to write a rule that assigns the image prole to one
host, to multiple hosts specied by a paern, or to all hosts.
New-DeployRule -Name "testrule" -Item image-profile -AllHosts
See “Assign an Image Prole to Hosts,” on page 89.
N Auto Deploy is optimized for provisioning hosts that have a xed MAC address to IP address mapping in DHCP (sometimes called DHCP reservations). If you want to use static IP addresses, you must set up the host prole to prompt for host customization. See “Set Up Host Proles for Static IP
Addresses in the vSphere Web Client,” on page 110.
VMware, Inc. 81
5 Power on the host to have Auto Deploy provision the host with the specied image prole.
6 Set up the host you provisioned as a reference host for your host prole.
You can specify the reference host syslog seings, rewall seings, storage, networking, and so on. See
“Seing Up an Auto Deploy Reference Host,” on page 103.
7 Create and export a host prole for the reference host.
See the Host Proles documentation.
8 To provision multiple hosts, you can use the Copy-DeployRule cmdlet.
You can revise the rule to assign not only an image prole but also a host prole and a cluster location.
Copy-DeployRule -DeployRule "testrule" -ReplaceItem
my_host_profile_from_reference_host,my_target_cluster
-ReplacePattern "ipv4=192.XXX.1.10-192.XXX.1.20"
Where my_host_prole_from_reference_host is the name of the reference host prole, and my_target_cluster is the name of the target cluster.
9 Power on the hosts that you want to provision.
If the hosts that are specied by the paern are not currently managed by a vCenter Server system, Auto Deploy provisions them with the already stored image prole and the specied host prole, and adds them to the target cluster.
10 Verify that the hosts you provisioned meet the following requirements.
Each host is connected to the vCenter Server system.
n
The hosts are not in maintenance mode.
n
The hosts have no compliance failures.
n
Each host with a host prole that requires user input has up-to-date host customization
n
information.
Remedy host customization and compliance problems and reboot hosts until all hosts meet the requirements.
Read “Understanding vSphere Auto Deploy,” on page 74 for an introduction to the boot process, dierences between rst and subsequent boots, and an overview of using host customization.
Auto Deploy PowerCLI Cmdlet Overview
You specify the rules that assign image proles and host proles to hosts using a set of PowerCLI cmdlets that are included in VMware PowerCLI.
If you are new to PowerCLI, read the PowerCLI documentation and review “Using Auto Deploy Cmdlets,” on page 87. You can get help for any command at the PowerShell prompt.
Basic help: Get-Help cmdlet_name
n
Detailed help: Get-Help cmdlet_name -Detailed
n
N When you run Auto Deploy cmdlets, provide all parameters on the command line when you invoke the cmdlet. Supplying parameters in interactive mode is not recommended.
Table 46. Rule Engine PowerCLI Cmdlets
Command Description
Get-DeployCommand
New-DeployRule
82 VMware, Inc.
Returns a list of Auto Deploy cmdlets.
Creates a new rule with the specied items and paerns.
Chapter 4 Installing ESXi
Table 46. Rule Engine PowerCLI Cmdlets (Continued)
Command Description
Set-DeployRule
Get-DeployRule
Copy-DeployRule
Add-DeployRule
Remove-DeployRule
Set-DeployRuleset
Get-DeployRuleset
Switch-ActiveDeployRuleset
Get-VMHostMatchingRules
Test-DeployRulesetCompliance
Repair-DeployRulesetCompliance Given the output of Test-DeployRulesetCompliance,
Apply-EsxImageProfile
Get-VMHostImageProfile
Repair-DeployImageCache
Get-VMHostAttributes
Get-DeployMachineIdentity
Set-DeployMachineIdentity
Get-DeployOption
Set-DeployOption
Updates an existing rule with the specied items and paerns. You cannot update a rule that is part of a rule set.
Retrieves the rules with the specied names.
Clones and updates an existing rule.
Adds one or more rules to the working rule set and, by default, also to the active rule set. Use the NoActivate parameter to add a rule only to the working rule set.
Removes one or more rules from the working rule set and from the active rule set. Run this command with the ­Delete parameter to completely delete the rule.
Explicitly sets the list of rules in the working rule set.
Retrieves the current working rule set or the current active rule set.
Activates a rule set so that any new requests are evaluated through the rule set.
Retrieves rules matching a paern. For example, you can retrieve all rules that apply to a host or hosts. Use this cmdlet primarily for debugging.
Checks whether the items associated with a specied host are in compliance with the active rule set.
this cmdlet updates the image prole, host prole, and location for each host in the vCenter Server inventory. The cmdlet might apply image proles, apply host proles, or move hosts to prespecied folders or clusters on the vCenter Server system.
Associates the specied image prole with the specied host.
Retrieves the image prole in use by a specied host. This cmdlet diers from the Get-EsxImageProfile cmdlet in the Image Builder PowerCLI.
Use this cmdlet only if the Auto Deploy image cache is accidentally deleted.
Retrieves the aributes for a host that are used when the Auto Deploy server evaluates the rules.
Returns a string value that Auto Deploy uses to logically link an ESXi host in vCenter to a physical machine.
Logically links a host object in the vCenter Server database to a physical machine. Use this cmdlet to add hosts without specifying rules.
Retrieves the Auto Deploy global conguration options. This cmdlet currently supports the vlan-id option, which species the default VLAN ID for the ESXi Management Network of a host provisioned with Auto Deploy. Auto Deploy uses the value only if the host boots without a host
prole.
Sets the value of a global conguration option. Currently supports the vlan-id option for seing the default VLAN ID for the ESXi Management Network.
VMware, Inc. 83

Preparing for vSphere Auto Deploy

Before you can start to use vSphere Auto Deploy, you must prepare your environment. You start with server setup and hardware preparation. You must register the Auto Deploy software with the vCenter Server system that you plan to use for managing the hosts you provision, and install the VMware PowerCLI.
Prepare Your System and Install the Auto Deploy Server on page 84
n
Before you can PXE boot an ESXi host with vSphere Auto Deploy, you must install prerequisite software and set up the DHCP and TFTP servers that Auto Deploy interacts with.
Install vSphere PowerCLI and Prerequisite Software on page 86
n
Before you can run Auto Deploy cmdlets to create and modify the rules and rule sets that govern Auto Deploy behavior, you must install vSphere PowerCLI and all prerequisite software. The Auto Deploy cmdlets are included with the vSphere PowerCLI installation.
Using Auto Deploy Cmdlets on page 87
n
Auto Deploy cmdlets are implemented as Microsoft PowerShell cmdlets and included in vSphere PowerCLI. Users of Auto Deploy cmdlets can take advantage of all vSphere PowerCLI features.
Set Up Bulk Licensing on page 87
n
You can use the vSphere Web Client or ESXi Shell to specify individual license keys, or you can set up bulk licensing by using PowerCLI cmdlets. Bulk licensing works for all ESXi hosts, but is especially useful for hosts provisioned with Auto Deploy.
Prepare Your System and Install the Auto Deploy Server
Before you can PXE boot an ESXi host with vSphere Auto Deploy, you must install prerequisite software and set up the DHCP and TFTP servers that Auto Deploy interacts with.
Prerequisites
Verify that the hosts that you plan to provision with Auto Deploy meet the hardware requirements for
n
ESXi. See “ESXi Hardware Requirements,” on page 23.
N You cannot provision EFI hosts with Auto Deploy unless you switch the EFI system to BIOS compatibility mode.
Verify that the ESXi hosts have network connectivity to vCenter Server and that all port requirements
n
are met. See “Required Ports for vCenter Server and Platform Services Controller,” on page 33.
If you want to use VLANs in your Auto Deploy environment, you must set up the end to end
n
networking properly. When the host is PXE booting, the UNDI driver must be set up to tag the frames with proper VLAN IDs. You must do this set up manually by making the correct changes in the BIOS. You must also correctly congure the ESXi port groups with the correct VLAN IDs. Ask your network administrator how VLAN IDs are used in your environment.
Verify that you have enough storage for the Auto Deploy repository. The Auto Deploy server uses the
n
repository to store data it needs, including the rules and rule sets you create and the VIBs and image proles that you specify in your rules.
Best practice is to allocate 2 GB to have enough room for four image proles and some extra space. Each image prole requires approximately 350 MB. Determine how much space to reserve for the Auto Deploy repository by considering how many image proles you expect to use.
Obtain administrative privileges to the DHCP server that manages the network segment you want to
n
boot from. You can use a DHCP server already in your environment, or install a DHCP server. For your Auto Deploy setup, replace the gpxelinux.0 le name with undionly.kpxe.vmw-hardwired.
84 VMware, Inc.
Chapter 4 Installing ESXi
Secure your network as you would for any other PXE-based deployment method. Auto Deploy
n
transfers data over SSL to prevent casual interference and snooping. However, the authenticity of the client or the Auto Deploy server is not checked during a PXE boot.
Set up a remote Syslog server. See the vCenter Server and Host Management documentation for Syslog
n
server conguration information. Congure the rst host you boot to use the remote Syslog server and apply that host's host prole to all other target hosts. Optionally, install and use the vSphere Syslog Collector, a vCenter Server support tool that provides a unied architecture for system logging and enables network logging and combining of logs from multiple hosts.
Install ESXi Dump Collector, set up your rst host so that all core dumps are directed to ESXi Dump
n
Collector, and apply the host prole from that host to all other hosts. See “Congure ESXi Dump
Collector with ESXCLI,” on page 105.
Verify that the Auto Deploy server has an IPv4 address. Auto Deploy does not support a pure IPv6
n
environment end-to-end. The PXE boot infrastructure does not support IPv6. After the deployment you can manually recongure the hosts to use IPv6 and add them to vCenter Server over IPv6. However, when you reboot a stateless host, its IPv6 conguration is lost.
Procedure
1 Install vCenter Server or deploy the vCenter Server Appliance.
The Auto Deploy server is included with the management node.
2 Congure the Auto Deploy service startup type.
a Log in to your vCenter Server system by using the vSphere Web Client.
b On the vSphere Web Client Home page, click Administration.
c Under System  click Services.
d Select Auto Deploy, click the Actions menu, and select Edit Startup Type.
On Windows, the Auto Deploy service is disabled. In the Edit Startup Type window, select
n
Manual or Automatic to enable Auto Deploy.
On the vCenter Server Appliance, the Auto Deploy service by default is set to Manual. If you
n
want the Auto Deploy service to start automatically upon OS startup, select Automatic.
3 Congure the TFTP server.
a In a vSphere Web Client connected to the vCenter Server system, go to the inventory list and select
the vCenter Server system.
b Click the Manage tab, select , and click Auto Deploy.
c Click Download TFTP Boot Zip to download the TFTP conguration le and unzip the le to the
directory in which your TFTP server stores les.
4 Set up your DHCP server to point to the TFTP server on which the TFTP ZIP le is located.
a Specify the TFTP Server's IP address in DHCP option 66, frequently called next-server.
b Specify the boot le name, which is undionly.kpxe.vmw-hardwired in the DHCP option 67,
frequently called boot-filename.
5 Set each host you want to provision with Auto Deploy to network boot or PXE boot, following the
manufacturer's instructions.
6 Locate the image prole that you want to use and the depot in which it is located.
In most cases, you point to an image prole that VMware makes available in a public depot. If you want to include custom VIBs with the base image, you can use the vSphere ESXi Image Builder to create an image prole and use that image prole.
VMware, Inc. 85
7 Write a rule that assigns an image prole to hosts.
8 (Optional) If you set up your environment to use Thumbprint mode, you can use your own Certicate
Authority (CA) by replacing the OpenSSL certicate rbd-ca.crt and the OpenSSL private key rbd-
ca.key with your own certicate and key le.
On Windows, the les are in the SSL subfolder of the Auto Deploy installation directory. For
n
example, on Windows 7 the default is C:\ProgramData\VMware\VMware vSphere Auto Deploy\ssl.
On the vCenter Server Appliance, the les are in /etc/vmware-rbd/ssl/.
n
By default, vCenter Server 6.0 and later uses vSphere Certicate Authority.
When you start a host that is set up for Auto Deploy, the host contacts the DHCP server and is directed to the Auto Deploy server, which provisions the host with the image prole specied in the active rule set.
What to do next
Install vSphere PowerCLI. See “Install vSphere PowerCLI and Prerequisite Software,” on page 86.
n
Use the vSphere PowerCLI cmdlets to dene a rule that assigns an image prole and optional host
n
prole to the host.
(Optional) Congure the rst host that you provision as a reference host. Use the storage, networking,
n
and other seings you want for your target hosts to share. Create a host prole for the reference host and write a rule that assigns both the already tested image prole and the host prole to target hosts.
If you want to have Auto Deploy overwrite existing partitions, set up a reference host to do auto
n
partitioning and apply the host prole of the reference host to other hosts. See “Consider and
Implement Your Partitioning Strategy,” on page 109.
If you have to congure host-specic information, set up the host prole of the reference host to prompt
n
for user input. See “Host Customization in the vSphere Web Client,” on page 111.
Install vSphere PowerCLI and Prerequisite Software
Before you can run Auto Deploy cmdlets to create and modify the rules and rule sets that govern Auto Deploy behavior, you must install vSphere PowerCLI and all prerequisite software. The Auto Deploy cmdlets are included with the vSphere PowerCLI installation.
You install vSphere PowerCLI and prerequisite software on a Microsoft Windows system. See the Microsoft Web site for information about installing the Microsoft software. See the vSphere PowerCLI User's Guide for detailed instructions for vSphere PowerCLI installation.
Prerequisites
Verify that Microsoft .NET 4.5 SP2 is installed, or install it from the Microsoft Web site following the
n
instructions on that Web site.
Verify that Windows PowerShell 3.0 is installed, or install it from the Microsoft Web site following the
n
instructions on that Web site.
Procedure
Install vSphere PowerCLI, which includes the Auto Deploy cmdlets.
u
What to do next
Review “Using Auto Deploy Cmdlets,” on page 87. If you are new to vSphere PowerCLI, read the vSphere PowerCLI documentation.
Use Auto Deploy cmdlets and other vSphere PowerCLI cmdlets and PowerShell cmdlets to manage Auto Deploy rules and rule sets. Use Get-Helpcmdlet_name for command-line help.
86 VMware, Inc.
Chapter 4 Installing ESXi
Using Auto Deploy Cmdlets
Auto Deploy cmdlets are implemented as Microsoft PowerShell cmdlets and included in vSphere PowerCLI. Users of Auto Deploy cmdlets can take advantage of all vSphere PowerCLI features.
Experienced PowerShell users can use Auto Deploy cmdlets just like other PowerShell cmdlets. If you are new to PowerShell and vSphere PowerCLI, the following tips might be helpful.
You can type cmdlets, parameters, and parameter values in the vSphere PowerCLI shell.
Get help for any cmdlet by running Get-Helpcmdlet_name.
n
Remember that PowerShell is not case sensitive.
n
Use tab completion for cmdlet names and parameter names.
n
Format any variable and cmdlet output by using Format-List or Format-Table, or their short forms fl
n
or ft. For more information, run the Get-Help Format-List cmdlet.
Passing Parameters by Name
You can pass in parameters by name in most cases and surround parameter values that contain spaces or special characters with double quotes.
Copy-DeployRule -DeployRule testrule -ReplaceItem MyNewProfile
Most examples in the vSphere Installation and Setup documentation pass in parameters by name.
Passing Parameters as Objects
You can pass parameters as objects if you want to perform scripting and automation. Passing in parameters as objects is useful with cmdlets that return multiple objects and with cmdlets that return a single object. Consider the following example.
1 Bind the object that encapsulates rule set compliance information for a host to a variable.
$tr = Test-DeployRuleSetCompliance MyEsxi42
2 View the itemlist property of the object to see the dierence between what is in the rule set and what
the host is currently using.
$tr.itemlist
3 Remediate the host to use the revised rule set by using the Repair-DeployRuleSetCompliance cmdlet
with the variable.
Repair-DeployRuleSetCompliance $tr
The example remediates the host the next time you boot the host.
Set Up Bulk Licensing
You can use the vSphere Web Client or ESXi Shell to specify individual license keys, or you can set up bulk licensing by using PowerCLI cmdlets. Bulk licensing works for all ESXi hosts, but is especially useful for hosts provisioned with Auto Deploy.
The following example assigns licenses to all hosts in a data center. You can also associate licenses with hosts and clusters.
The following example is for advanced PowerCLI users who know how to use PowerShell variables.
Prerequisites
Install PowerCLI. See “Install vSphere PowerCLI and Prerequisite Software,” on page 86.
VMware, Inc. 87
Assigning license keys through the vSphere Web Client and assigning licensing by using PowerCLI cmdlets function dierently.
Assign license keys with the
You can assign license keys to a host when you add the host to the vCenter Server system or when the host is managed by a vCenter Server system.
vSphere Web Client
Assign license keys with LicenseDataManager PowerCLI
You can specify a set of license keys to be added to a set of hosts. The license keys are added to the vCenter Server database. Each time a host is added to the vCenter Server system or reconnects to the vCenter Server system, the host is assigned a license key. A license key that is assigned through the PowerCLI is treated as a default license key. When an unlicensed host is added or reconnected, it is assigned the default license key. If a host is already licensed, it keeps its license key.
Procedure
1 Connect to the vCenter Server system you want to use and bind the associated license manager to a
variable.
Connect-VIServer -Server 192.XXX.X.XX -User username -Password password
$licenseDataManager = Get-LicenseDataManager
2 Run a cmdlet that retrieves the datacenter in which the hosts for which you want to use the bulk
licensing feature are located.
$hostContainer = Get-Datacenter -Name Datacenter-X
You can also run a cmdlet that retrieves a cluster to use bulk licensing for all hosts in a cluster, or retrieves a folder to use bulk licensing for all hosts in a folder.
3 Create a new LicenseData object and a LicenseKeyEntry object with associated type ID and license key.
$licenseData = New-Object VMware.VimAutomation.License.Types.LicenseData
$licenseKeyEntry = New-Object Vmware.VimAutomation.License.Types.LicenseKeyEntry
$licenseKeyEntry.TypeId = "vmware-vsphere”
$licenseKeyEntry.LicenseKey = "XXXXX-XXXXX-XXXXX-XXXXX-XXXXX"
4 Associate the LicenseKeys aribute of the LicenseData object you created in step 3 with the
LicenseKeyEntry object.
$licenseData.LicenseKeys += $licenseKeyEntry
5 Update the license data for the data center with the LicenseData object and verify that the license is
associated with the host container.
$licenseDataManager.UpdateAssociatedLicenseData($hostContainer.Uid, $licenseData)
$licenseDataManager.QueryAssociatedLicenseData($hostContainer.Uid)
6 Provision one or more hosts with Auto Deploy and assign them to the data center or to the cluster that
you assigned the license data to.
7 You can use the vSphere Web Client to verify that the host is successfully assigned to the default license
XXXXX-XXXXX-XXXXX-XXXXX-XXXXX.
All hosts that you assigned to the data center are now licensed automatically.
88 VMware, Inc.
Chapter 4 Installing ESXi

Managing Auto Deploy with PowerCLI Cmdlets

You can use Auto Deploy PowerCLI cmdlets to create rules that associate hosts with image proles, host proles, and a location on the vCenter Server target. You can also update hosts by testing rule compliance
and repairing compliance issues.
Assign an Image Profile to Hosts
Before you can provision a host, you must create rules that assign an image prole to each host that you want to provision by using Auto Deploy.
Auto Deploy extensibility rules enforce that VIBs at the CommunitySupported level can only contain les from certain predened locations, such as the ESXCLI plug-in path, jumpstart plug-in path, and so on. If you add a VIB that is in a dierent location to an image prole, a warning results. You can override the warning by using the force option.
If you call the New-DeployRule cmdlet on an image prole that includes VIBs at the CommunitySupported level which violate the rule, set $DeployNoSignatureCheck = $true before adding the image prole. With that seing, the system ignores signature validation and does not perform the extensibility rules check.
N Image proles that include VIBs at the CommunitySupported level are not supported on production systems.
Prerequisites
Install VMware PowerCLI and all prerequisite software.
n
If you encounter problems running PowerCLI cmdlets, consider changing the execution policy. See
n
“Using Auto Deploy Cmdlets,” on page 87.
Procedure
1 Run the Connect-VIServer PowerCLI cmdlet to connect to the vCenter Server system that Auto Deploy
is registered with.
Connect-VIServer 192.XXX.X.XX
The cmdlet might return a server certicate warning. In a production environment, make sure no server certicate warnings result. In a development environment, you can ignore the warning.
2 Determine the location of a public software depot, or dene a custom image prole using the Image
Builder PowerCLI.
3 Run Add-EsxSoftwareDepot to add the software depot that contains the image prole to the PowerCLI
session.
Depot Type Cmdlet
Remote depot
ZIP file
Run Add-EsxSoftwareDepot depot_url.
a Download the ZIP le to a local le path.
b Run
Add-EsxSoftwareDepot C:\file_path\my_offline_depot.zip.
4 In the depot, nd the image prole that you want to use by running the Get-EsxImageProfile cmdlet.
By default, the ESXi depot includes one base image prole that includes VMware tools and has the string standard in its name, and one base image prole that does not include VMware tools.
VMware, Inc. 89
5 Dene a rule in which hosts with certain aributes, for example a range of IP addresses, are assigned to
the image prole.
New-DeployRule -Name "testrule" -Item "My Profile25" -Pattern "vendor=Acme,Zven",
"ipv4=192.XXX.1.10-192.XXX.1.20"
Double quotes are required if a name contains spaces, optional otherwise. Specify -AllHosts instead of a paern to apply the item to all hosts.
The cmdlet creates a rule named testrule. The rule assigns the image prole named My Prole25 to all hosts with a vendor of Acme or Zven that also have an IP address in the specied range.
6 Add the rule to the rule set.
Add-DeployRule testrule
By default, the rule is added to both the working rule set and the active rule set. If you use the
NoActivate parameter, the working rule set does not become the active rule set.
When the host boots from iPXE, it reports aributes of the machine to the console. Use the same format of the aributes when writing deploy rules.
******************************************************************
* Booting through VMware AutoDeploy...
*
* Machine attributes:
* . asset=No Asset Tag
* . domain=vmware.com
* . hostname=myhost.mycompany.com
* . ipv4=XX.XX.XXX.XXX
* . mac=XX:Xa:Xb:Xc:Xx:XX
* . model=MyVendorModel
* . oemstring=Product ID: XXXXXX-XXX
* . serial=XX XX XX XX XX XX...
* . uuid=XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX
* . vendor=MyVendor
******************************************************************
What to do next
For hosts already provisioned with Auto Deploy, perform the compliance testing and repair operations
n
to provision them with the new image prole. See “Test and Repair Rule Compliance,” on page 92.
Turn on unprovisioned hosts to provision them with the new image prole.
n
Write a Rule and Assign a Host Profile to Hosts
Auto Deploy can assign a host prole to one or more hosts. The host prole might include information about storage conguration, network conguration, or other characteristics of the host. If you add a host to a cluster, that cluster's host prole is used.
In many cases, you assign a host to a cluster instead of specifying a host prole explicitly. The host uses the host prole of the cluster.
Prerequisites
Install vSphere PowerCLI and all prerequisite software. See “Install vSphere PowerCLI and Prerequisite
n
Software,” on page 86.
Export the host prole that you want to use.
n
90 VMware, Inc.
Chapter 4 Installing ESXi
Procedure
1 Run the Connect-VIServer vSphere PowerCLI cmdlet to connect to the vCenter Server system that Auto
Deploy is registered with.
Connect-VIServer 192.XXX.X.XX
The cmdlet might return a server certicate warning. In a production environment, make sure no server certicate warnings result. In a development environment, you can ignore the warning.
2 Using the vSphere Web Client, set up a host with the seings you want to use and create a host prole
from that host.
3 Find the name of the host prole by running Get-VMhostProfile vSphere PowerCLI cmdlet, passing in
the ESXi host from which you create a host prole.
4 At the vSphere PowerCLI prompt, dene a rule in which host proles are assigned to hosts with certain
aributes, for example a range of IP addresses.
New-DeployRule -Name "testrule2" -Item my_host_profile -Pattern "vendor=Acme,Zven",
"ipv4=192.XXX.1.10-192.XXX.1.20"
The specied item is assigned to all hosts with the specied aributes. This example species a rule named testrule2. The rule assigns the specied host prole my_host_prole to all hosts with an IP address inside the specied range and with a manufacturer of Acme or Zven.
5 Add the rule to the rule set.
Add-DeployRule testrule2
By default, the working rule set becomes the active rule set, and any changes to the rule set become active when you add a rule. If you use the NoActivate parameter, the working rule set does not become the active rule set.
What to do next
Assign a host already provisioned with Auto Deploy to the new host prole by performing compliance
n
test and repair operations on those hosts. For more information, see “Test and Repair Rule
Compliance,” on page 92.
Power on unprovisioned hosts to provision them with the host prole.
n
Write a Rule and Assign a Host to a Folder or Cluster
Auto Deploy can assign a host to a folder or cluster. When the host boots, Auto Deploy adds it to the specied location on the vCenter Server. Hosts assigned to a cluster inherit the cluster's host prole.
Prerequisites
Install vSphere PowerCLI and all the prerequisite software.
n
Verify that the folder you select is in a data center or in a cluster. You cannot assign the host to a
n
standalone top-level folder.
Procedure
1 Run the Connect-VIServer vSphere PowerCLI cmdlet to connect to the vCenter Server system that Auto
Deploy is registered with.
Connect-VIServer 192.XXX.X.XX
The cmdlet might return a server certicate warning. In a production environment, make sure no server certicate warnings appear. In a development environment, you can ignore the warning.
VMware, Inc. 91
2 Dene a rule in which hosts with certain aributes, for example a range of IP addresses, are assigned to
a folder or a cluster.
New-DeployRule -Name testrule3 -Item "my folder" -Pattern "vendor=Acme,Zven",
"ipv4=192.XXX.1.10-192.XXX.1.20"
This example passes in the folder by name. You can instead pass in a folder, cluster, or data center object that you retrieve with the Get-Folder, Get-Cluster, or Get-Datacenter cmdlet.
3 Add the rule to the rule set.
Add-DeployRule testrule3
By default, the working rule set becomes the active rule set, and any changes to the rule set become active when you add a rule. If you use the NoActivate parameter, the working rule set does not become the active rule set.
What to do next
Assign a host already provisioned with Auto Deploy to the new folder or cluster location by
n
performing test and repair compliance operation. See “Test and Repair Rule Compliance,” on page 92.
Power on unprovisioned hosts to add them to the specied vCenter Server location.
n
Test and Repair Rule Compliance
When you add a rule to the Auto Deploy rule set or make changes to one or more rules, hosts are not updated automatically. Auto Deploy applies the new rules only when you test their rule compliance and perform remediation.
Prerequisites
Install vSphere PowerCLI and all prerequisite software.
n
Verify that your infrastructure includes one or more ESXi hosts provisioned with Auto Deploy, and that
n
the host on which you installed vSphere PowerCLI can access those ESXi hosts.
Procedure
1 Use vSphere PowerCLI to check which Auto Deploy rules are currently available.
Get-DeployRule
The system returns the rules and the associated items and paerns.
2 Make a change to one of the available rules.
For example, you can change the image prole and the name of the rule.
Copy-DeployRule -DeployRule testrule -ReplaceItem MyNewProfile
You cannot edit a rule already added to a rule set. Instead, you copy the rule and replace the item or paern you want to change.
3 Verify that you can access the host for which you want to test rule set compliance.
Get-VMHost -Name MyEsxi42
4 Run the cmdlet that tests rule set compliance for the host, and bind the return value to a variable for
later use.
$tr = Test-DeployRuleSetCompliance MyEsxi42
92 VMware, Inc.
Chapter 4 Installing ESXi
5 Examine the dierences between the contents of the rule set and conguration of the host.
$tr.itemlist
The system returns a table of current and expected items.
CurrentItem ExpectedItem
----------- ------------
My Profile 25 MyProfileUpdate
6 Remediate the host to use the revised rule set the next time you boot the host.
Repair-DeployRuleSetCompliance $tr
What to do next
If the rule you changed specied the inventory location, the change takes eect when you repair compliance. For all other changes, boot your host to have Auto Deploy apply the new rule and to achieve compliance between the rule set and the host.

Provisioning ESXi Systems with vSphere Auto Deploy

vSphere Auto Deploy can provision hundreds of physical hosts with ESXi software. You can provision hosts that did not previously run ESXi software (rst boot), reboot hosts, or reprovision hosts with a dierent image prole, host prole, or folder or cluster location.
The Auto Deploy process diers depending on the state of the host and on the changes that you want to make.
Provision a Host (First Boot)
Provisioning a host that has never been provisioned with Auto Deploy (rst boot) diers from subsequent boot processes. You must prepare the host and fulll all other prerequisites before you can provision the host. You can optionally dene a custom image prole with Image Builder PowerCLI cmdlets.
Prerequisites
Make sure your host meets the hardware requirements for ESXi hosts.
n
See “ESXi Hardware Requirements,” on page 23.
Prepare the system for vSphere Auto Deploy (see “Preparing for vSphere Auto Deploy,” on page 84).
n
Write rules that assign an image prole to the host and optionally assign a host prole and a vCenter
n
Server location to the host. See “Managing Auto Deploy with PowerCLI Cmdlets,” on page 89.
When setup is complete, the Auto Deploy server and PowerCLI are installed, DHCP setup is complete, and rules for the host that you want to provision are in the active rule set.
Procedure
1 Turn on the host.
The host contacts the DHCP server and downloads iPXE from the location the server points it to. Next, the Auto Deploy server provisions the host with the image specied by the rule engine. The Auto Deploy server might also apply a host prole to the host if one is specied in the rule set. Finally, Auto Deploy adds the host to the vCenter Server system that is specied in the rule set.
2 (Optional) If Auto Deploy applies a host prole that requires user input such as an IP address, the host
is placed in maintenance mode. Reapply the host prole with the vSphere Web Client and provide the user input when prompted.
VMware, Inc. 93
After the rst boot process, the host is running and managed by a vCenter Server system. The vCenter Server stores the host's image prole, host prole, and location information.
You can now reboot the host as needed. Each time you reboot, the host is reprovisioned by the vCenter Server system.
What to do next
Reprovision hosts as needed. See “Reprovisioning Hosts,” on page 94.
If you want to change the image prole, host prole, or location of the host, update the rules and perform a test and repair compliance operation. See “Test and Repair Rule Compliance,” on page 92.
Reprovisioning Hosts
vSphere Auto Deploy supports multiple reprovisioning options. You can perform a simple reboot or reprovision with a dierent image prole or a dierent host prole.
A rst boot using Auto Deploy requires that you set up your environment and add rules to the rule set. See
“Preparing for vSphere Auto Deploy,” on page 84.
The following reprovisioning operations are available.
Simple reboot.
n
Reboot of hosts for which the user answered questions during the boot operation.
n
Reprovision with a dierent image prole.
n
Reprovision with a dierent host prole.
n
Reprovision Hosts with Simple Reboot Operations
A simple reboot of a host that is provisioned with Auto Deploy requires only that all prerequisites are still met. The process uses the previously assigned image prole, host prole, and vCenter Server location.
Setup includes DHCP server setup, writing rules, and making an image prole available to the Auto Deploy infrastructure.
Prerequisites
Make sure the setup you performed during the rst boot operation is in place.
Procedure
1 Check that the image prole and host prole for the host are still available, and that the host has the
identifying information (asset tag, IP address) it had during previous boot operations.
2 Place the host in maintenance mode.
Host Type Action
Host is part of a DRS cluster
Host is not part of a DRS cluster
VMware DRS migrates virtual machines to appropriate hosts when you place the host in maintenance mode.
You must migrate all virtual machines to dierent hosts and place each host in maintenance mode.
3 Reboot the host.
The host shuts down. When the host reboots, it uses the image prole that the Auto Deploy server provides. The Auto Deploy server also applies the host prole stored on the vCenter Server system.
94 VMware, Inc.
Chapter 4 Installing ESXi
Reprovision a Host with a New Image Profile
You can reprovision the host with a new image prole, host prole, or vCenter Server location by changing the rule for the host and performing a test and repair compliance operation.
Several options for reprovisioning hosts exist.
If the VIBs that you want to use support live update, you can use an esxcli software vib command. In
n
that case, you must also update the rule set to use an image prole that includes the new VIBs.
During testing, you can apply an image prole to an individual host with the Apply-EsxImageProfile
n
cmdlet and reboot the host so the change takes eect. The Apply-EsxImageProfile cmdlet updates the association between the host and the image prole but does not install VIBs on the host.
In all other cases, use this procedure.
n
Prerequisites
Create the image prole you want to boot the host with. Use the Image Builder PowerCLI, discussed in
n
“Using vSphere ESXi Image Builder,” on page 139.
Make sure that the setup that you performed during the rst boot operation is in place.
n
Procedure
1 At the PowerShell prompt, run the Connect-VIServer PowerCLI cmdlet to connect to the vCenter Server
system that Auto Deploy is registered with.
Connect-VIServer myVCServer
The cmdlet might return a server certicate warning. In a production environment, make sure no server certicate warnings result. In a development environment, you can ignore the warning.
2 Determine the location of a public software depot that contains the image prole that you want to use,
or dene a custom image prole with the Image Builder PowerCLI.
3 Run Add-EsxSoftwareDepot to add the software depot that contains the image prole to the PowerCLI
session.
Depot Type Cmdlet
Remote depot
ZIP file
Run Add-EsxSoftwareDepot depot_url.
a Download the ZIP le to a local le path or create a mount point local
to the PowerCLI machine.
b Run
Add-EsxSoftwareDepot C:\file_path\my_offline_depot.zip.
4 Run Get-EsxImageProfile to see a list of image proles, and decide which prole you want to use.
5 Run Copy-DeployRule and specify the ReplaceItem parameter to change the rule that assigns an image
prole to hosts.
The following cmdlet replaces the current image prole that the rule assigns to the host with the my_new_imageprole prole. After the cmdlet completes, myrule assigns the new image prole to hosts. The old version of myrule is renamed and hidden.
Copy-DeployRule myrule -ReplaceItem my_new_imageprofile
6 Test and repair rule compliance for each host that you want to deploy the image to.
See “Test and Repair Rule Compliance,” on page 92.
When you reboot hosts after compliance repair, Auto Deploy provisions the hosts with the new image
prole.
VMware, Inc. 95
Update the Host Customization in the vSphere Web Client
If a host required user input during a previous boot, the answers are saved with the vCenter Server. If you want to prompt the user for new information, you remediate the host.
Prerequisites
Aach a host prole that prompts for user input to the host.
Procedure
1 Migrate all virtual machines to dierent hosts, and place the host into maintenance mode.
Host Type Action
Host is part of a DRS cluster
Host is not part of a DRS cluster
2 In the vSphere Web Client, right click the host and click All vCenter Actions > Host  >
Remediate to remediate the host.
3 When prompted, provide the user input.
You can now direct the host to exit maintenance mode.
VMware DRS migrates virtual machines to appropriate hosts when you place the host in maintenance mode.
You must migrate all virtual machines to dierent hosts and place each host in maintenance mode.
The host customization is saved. The next time you boot, the host customization is applied to the host.

Using Auto Deploy for Stateless Caching and Stateful Installs

The Auto Deploy stateless caching feature lets you cache the host's image. The Auto Deploy stateful installs feature lets you install hosts over the network. After the initial network boot, these hosts boot like other ESXi hosts.
The stateless caching solution is primarily intended for situations when several hosts boot simultaneously. The locally cached image helps prevent a boleneck that results if several hundreds of hosts connect to the Auto Deploy server simultaneously. After the boot operation is complete, hosts connect to Auto Deploy to complete the setup.
The stateful installs feature lets you provision hosts with the image prole over the network without having to set up the PXE boot infrastructure.
Introduction to Stateless Caching and Stateful Installs on page 97
n
You can use the System Cache Conguration host prole to provision hosts with Auto Deploy stateless caching and stateful installs.
Understanding Stateless Caching and Stateful Installs on page 98
n
When you want to use Auto Deploy with stateless caching or stateful installs, you must set up a host prole, apply the host prole, and set the boot order.
Set Up Stateless Hosts to Use Auto Deploy with Caching on page 99
n
You can set up your system to provision hosts with Auto Deploy, and congure the hosts to use stateless caching. If the Auto Deploy server is not available when a host reboots, the host uses the cached image.
Enable Stateful Installs for Hosts Provisioned with Auto Deploy on page 101
n
You can set up hosts provisioned with Auto Deploy to cache the image to disk and to use the cached image on subsequent boots. After the image is cached, the hosts act like hosts on which an image is installed.
96 VMware, Inc.
Chapter 4 Installing ESXi
Introduction to Stateless Caching and Stateful Installs
You can use the System Cache Conguration host prole to provision hosts with Auto Deploy stateless caching and stateful installs.
Examples of Stateless Caching and Stateful Installs
Hosts provisioned with Auto Deploy cache the image (stateless caching)
Set up and apply a host prole for stateless caching. You can cache the image on a local disk, a remote disk, or a USB drive. Continue provisioning this host with Auto Deploy. If the Auto Deploy server becomes unavailable, for example because hundreds of hosts aempt to access it simultaneously, the host boots from the cache. The host aempts to reach the Auto Deploy server after the boot operation to complete conguration.
Hosts provisioned with Auto Deploy become stateful hosts
Set up and apply a host prole for stateful installs. When you provision a host with Auto Deploy, the image is installed on the local disk, a remote disk, or a USB drive. For subsequent boots, you boot from the disk. The host no longer uses Auto Deploy.
Preparation
To successfully use stateless caching or stateful installs, decide how to congure the system and set the boot order.
Table 4‑7. Preparation for Stateless Caching or Stateful Installs
Requirement or Decision Description
Decide on VMFS partition overwrite When you install ESXi by using the interactive installer,
you are prompted whether you want to overwrite an existing VMFS datastore. The System Cache Conguration host prole provides an option to overwrite existing VMFS partitions.
The option is not available if you set up the host prole to use a USB drive.
Decide whether you need a highly available environment If you use Auto Deploy with stateless caching, you can set
up a highly available Auto Deploy environment to guarantee that virtual machines are migrated on newly provisioned hosts and that the environment supports vNetwork Distributed Switch even if the vCenter Server system becomes temporarily unavailable.
Set the boot order The boot order you specify for your hosts depends on the
feature you want to use.
To set up Auto Deploy with stateless caching,
n
congure your host to rst aempt to boot from the network, and to then aempt to boot from disk. If the Auto Deploy server is not available, the host boots using the cache.
To set up Auto Deploy for stateful installs on hosts that
n
do not currently have a bootable disk, congure your hosts to rst aempt to boot from disk, and to then aempt to boot from the network.
N If you currently have a bootable image on the disk, congure the hosts for one-time PXE boot, and provision the host with Auto Deploy to use a host prole that species stateful installs.
VMware, Inc. 97
Stateless Caching and Loss of Connectivity
If the ESXi hosts that run your virtual machines lose connectivity to the Auto Deploy server, the vCenter Server system, or both, some limitations apply the next time you reboot the host.
If vCenter Server is available but the Auto Deploy server is unavailable, hosts do not connect to the
n
vCenter Server system automatically. You can manually connect the hosts to the vCenter Server, or wait until the Auto Deploy server is available again.
If both vCenter Server and Auto Deploy are unavailable, you can connect to each ESXi host by using the
n
vSphere Client, and add virtual machines to each host.
If vCenter Server is not available, vSphere DRS does not work. The Auto Deploy server cannot add
n
hosts to the vCenter Server. You can connect to each ESXi host by using the vSphere Client, and add virtual machines to each host.
If you make changes to your setup while connectivity is lost, the changes are lost when the connection
n
to the Auto Deploy server is restored.
Understanding Stateless Caching and Stateful Installs
When you want to use Auto Deploy with stateless caching or stateful installs, you must set up a host prole, apply the host prole, and set the boot order.
When you apply a host prole that enables caching to a host, Auto Deploy partitions the specied disk. What happens next depends on how you set up the host prole and how you set the boot order on the host.
Auto Deploy caches the image when you apply the host prole if Enable stateless caching on the host
n
is selected in the System Cache Conguration host prole. No reboot is required. When you later reboot, the host continues to use the Auto Deploy infrastructure to retrieve its image. If the Auto Deploy server is not available, the host uses the cached image.
Auto Deploy installs the image if Enable stateful installs on the host is selected in the System Cache
n
Conguration host prole. When you reboot, the host boots from disk, just like a host that was provisioned with the installer. Auto Deploy no longer provisions the host.
You can apply the host prole from a vSphere Web Client, or write an Auto Deploy PowerCLI rule that applies the host prole.
Using the vSphere Web Client to Set Up Auto Deploy for Stateless Caching or Stateful Installs
You can create a host prole on a reference host and apply that host prole to additional hosts or to a vCenter Server folder or cluster. The following workow results.
1 You provision a host with Auto Deploy and edit that host's System Image Cache Conguration host
prole.
2 You place one or more target hosts in maintenance mode, apply the host prole to each host, and
instruct the host to exit maintenance mode.
3 What happens next depends on the host prole you selected.
If the host prole enabled stateless caching, the image is cached to disk. No reboot is required.
n
If the host prole enabled stateful installs, the image is installed. When you reboot, the host uses
n
the installed image.
4 A reboot is required so the changes can take eect.
Using PowerCLI to Set Up Auto Deploy for Stateless Caching or Stateful Installs
You can create a host prole for a reference host and write an Auto Deploy PowerCLI rule that applies that host prole to other target hosts. The following workow results.
1 You provision a reference with Auto Deploy and create a host prole to enable a form of caching.
98 VMware, Inc.
Chapter 4 Installing ESXi
2 You write a rule that provisions additional hosts with Auto Deploy and that applies the host prole of
the reference host to those hosts.
3 Auto Deploy provisions each host with the new image prole. The exact eect of applying the host
prole depends on the host prole you selected.
For stateful installs, Auto Deploy proceeds as follows:
n
During rst boot, Auto Deploy installs the image on the host.
n
During subsequent boots, the host boots from disk. Auto Deploy is no longer involved.
n
For stateless caching, Auto Deploy proceeds as follows:
n
During rst boot, Auto Deploy provisions the host and caches the image.
n
During subsequent boots, Auto Deploy provisions the host. If Auto Deploy is unavailable, the
n
host boots from the cached image, however, setup can only be completed when the host can reach the Auto Deploy server.
Set Up Stateless Hosts to Use Auto Deploy with Caching
You can set up your system to provision hosts with Auto Deploy, and congure the hosts to use stateless caching. If the Auto Deploy server is not available when a host reboots, the host uses the cached image.
A host that is set up for stateless caching uses the cached image only if the Auto Deploy server is not available when the host reboots. In all other situations, the host is provisioned with Auto Deploy. If you change the rule that applies an image prole to the host, and you perform a test and repair compliance operation, Auto Deploy provisions the host with the new image and the new image is cached.
Set up a highly available Auto Deploy infrastructure to guarantee that virtual machines are migrated to the host if the host reboots. Because vCenter Server assigns virtual machines to the host, vCenter Server must be available. See “Set Up Highly Available Auto Deploy Infrastructure,” on page 117.
You can set up your environment for stateless caching by applying host proles directly or by using PowerCLI rules.
Table 48. Setting up hosts for stateless caching or stateful installs
Workflow Stateless caching Stateful install
Apply host prole directly Apply the host prole either to
individual hosts or to all hosts in a folder or cluster. See “Congure a Host Prole
to Use Stateless Caching,” on page 100.
Write and apply PowerCLI rules
Set up a reference host with a host prole that has the caching setup you want. Write an Auto Deploy PowerCLI rule that provisions the host and that applies a host prole that is set up for stateless caching. See “Write a Rule and
Assign a Host Prole to Hosts,” on
page 90.
Apply the host prole either to individual hosts or to all hosts in a folder or cluster. See
“Congure a Host Prole to Enable Stateful Installs,” on page 102.
Set up a reference host with a host prole that has the caching setup you want. Write an Auto Deploy PowerCLI rule that provisions the host and that applies a host prole that is set up for stateful installs. See “Write a Rule
and Assign a Host Prole to Hosts,” on
page 90.
Prepare for Auto Deploy with Stateless Caching
Before you can start provisioning a host that uses stateless caching with Auto Deploy, you must verify that your environment is set up for Auto Deploy, prepare Auto Deploy PowerCLI rules, and set the host boot order.
Prerequisites
Decide which disk to use for caching and determine whether the caching process will overwrite an
n
existing VMFS partition.
VMware, Inc. 99
In production environments, protect the vCenter Server system and the Auto Deploy server by
n
including them in a highly available environment. Having the vCenter Server in a management cluster guarantees that VDS and virtual machine migration are available. If possible, protect other elements of your infrastructure. See “Set Up Highly Available Auto Deploy Infrastructure,” on page 117.
Procedure
1 Set up your environment for Auto Deploy and install PowerCLI.
See “Preparing for vSphere Auto Deploy,” on page 84.
2 Verify that a disk with at least 1GB of free space is available.
If the disk is not yet partitioned, partitioning happens when you apply the host prole.
3 Set up the host to rst aempt a network boot and to boot from disk if network boot fails.
See your hardware vendor's documentation.
What to do next
Set up a host prole for stateless caching. In most cases, you set up the host prole on a reference host and apply that host prole to other hosts.
Configure a Host Profile to Use Stateless Caching
When a host is set up to use stateless caching, the host uses a cached image if the Auto Deploy Server is not available. To use stateless caching, you must congure a host prole. You can apply that host prole to other hosts that you want to set up for stateless caching.
You can congure the host prole on a single host that you want to set up to use caching. You can also create a host prole that uses caching on a reference host and apply that host prole to other hosts.
Prerequisites
Prepare your host for stateless caching. See “Prepare for Auto Deploy with Stateless Caching,” on page 99.
Procedure
1 In the vSphere Web Client, create a host prole.
See the Host Proles documentation.
2 Select the host prole and click Edit Host .
3 Leave the name and description and click Next.
4 Click Advanced   and click the System Image Cache  folder.
5 Click the System Image Cache  icon.
6 In the System Image Cache Prole Seings drop-down menu, make your selection.
Option Description
Enable stateless caching on the host
Enable stateless caching to a USB disk on the host
Caches the image to disk.
Caches the image to a USB disk aached to the host.
100 VMware, Inc.
Loading...