How To – Make a firewall rule persistent in ESXi 5.x This is a quick how

This is a quick how to make a firewall rule persistent even after reboots on ESXi 5.x,

· Find a shared Datastore or use a local one if on a standalone ESXi host, Create a firewall rule on an xml file and in this instance we have a vnc rule.

vnc.xml

You will need a script that will call the file when the host is starting up, name it <YourRule.sh> and this is the content of the script.

Copy both files (.xml and .sh) into your DataStore and change their permissions.

Startup script

Permissions

· Edit the file /etc/rc.local.d/local.sh and add the path to the script before the “return 0”

Script

· Start the script for error verification if any using

This should apply the rule whenever your reboot your host.

Have Fun

How to create a custom firewall rule on ESXi

In this instance, we will have a VNC rule added to the firewall.

1- Verify if the firewall is active or not using  esxcli network firewall get

If the firewall is Active you will get the below

Enabled: true
Loaded: true

2- Create a copy of the file “/etc/vmware/firewall/service.xml”
cp /etc/vmware/firewall/service.xml /etc/VMware/firewall/service.xml-backup

3- modify the permission of the file service.xml:

chmod 644 /etc/vmware/firewall/service.xml
chmod +t /etc/vmware/firewall/service.xml

4- Edit the file and add the below at the end of the file

 

5- Once saved, apply the rule using the below as well as checking if the rule is functioning

esxcli network firewall refresh
esxcli network firewall ruleset list | grep VNC

Have Fun

an Internal error occurred in the vSphere client… VMware update Manager

 

 

Quickie post on how to correct the An Internal Error Occurred In The vSphere Client for  VUM Plugin.

Image1

I have searched the web and came across several cases simil to this one but my own is some kind of wired case. maybe installation issue.

let go.

Go to C:\Program Files (x86)\VMware\Infrastructure\Update Manager

Locate and open vci-integrity.xml and replace it with the FQDN of your vCenter

Image2

 

Image3

You do the same on the Extension.xml file where you put the FQDN of your vCenter instead of the IP Address

 

Image4

There will be one thing worth checking is the Firewall between the two machines, in my case, I’ve had to allow the ports on the windows built-in firewall to have this problem solved afterwards.

have fun

Syslog Configuration on All Hosts – PowerCLI

It comes to times when you will be looking at changing a setting on hosts at once avoiding the clicks, in my case I had to change a setting for around 150+ hosts on 4 datacenters from 4 vCenters and this will take a heck of a time.

This is a quick way you can change and point your ESXi hosts to a syslog server using PowerCli.

This will configure your Syslog Server IP address or hostname, Open the Outbound Ports and also restart your syslog services,

Double check your configuration through this

 

In case you wanted to go through this manually, these are the commands needed

To open your firewall :

To configure your Syslog entries

You will have to restart your syslog services .

Finally this command will show you the config state of your Host or hosts

 

ESXi – Add disk and convert your Raid0 to Raid1 on HP Proliant Gen9:

This quick post will show how to add a disk to your array and convert your Raid0 disk to a Raid1 configuration without bringing your ESXi host offline.

This chap has all the commands listed on his blog which are worth checking.

This has been tested and implemented on a Proliant BL460C Gen9 and went without any issue, you have to check the commands below if you are using a different HP Hardware and/or consult your hardware provider about similar commands if you are using a different hardware build.

Change a directory to /opt/hp/hpssacli/bin

We will start by checking that the status of your Array is healthy by running

./hpssacli ctrl all show status

clip_image002

Check again the status of your Slot using

./hpssacli ctrl slot=0 logicaldrive all show status

clip_image004

This command will show you the drives you have on your controller and the Raid Level used (Fault Tolerance)

./hpssacli ctrl slot=0 logicaldrive all show details

clip_image006

We added a disk to the blade and run the command. /hpssacli ctrl all show config which now shows me that I have an unassigned disk

clip_image008

./hpssacli ctrl slot=0 modify rebuildpriority=high to start the job as a priority

Running ./hpssacli ctrl slot=0 Id 1 add drives=allunassigned will assign the drive to the slot you are about to work with and you need to know that the cache will be disabled during the rebuild

clip_image010

Disk 2 is now added to the Raid0 which will be converted to a Raid1 once the rebuild is done

clip_image012

clip_image014

clip_image016

Running this ./hpssacli ctrl slot=0 id 1 modify raid=1 will modify the Raid0 into 1 which believe me it took around 5 Hours to convert a 1.TB Raid0 to  Raid1

clip_image018

clip_image020

clip_image022

Have fun