ESXi

ESXi uses daemon sandboxing as a means of access control between Userworlds(hostd, vpxa, etc.) and Objects(Files, directories, network sockets, etc.) Secpolicytools helps you list and tweak the security policies that are defiend under each domain(daemon sandbox) [root@esx01:~] secpolicytools -h Usage: secpolicytools <options> -r|--reset Reset all policy rules. -p|--load-policy[policy dir] Load a predefined policy. A default dir of /etc/vmware/secpolicy will be used. -d|--display-policy Display the current policy. -D|--lookup-domain <label> Lookup the value of a domain label....

I accidentally used the wrong VLAN on a portgroup in vDS while playing with NSX-T.(long story) This caused vCenter to lose access to all the hosts in a cluster. There is a KB article that goes through a few hoops before we can get the hosts back into vCenter Server, Recovering from a management portgroup VLAN misconfiguration on a vNetwork Distributed Switch (vDS) To resolve the issue, As i still had access to vCenter, after configuring the right vlan in vCenter I used net-dvs to manually change the vlan on each vmkernel interface....

Have you ever wondered why esxtop will not work in a Mac OS X terminal? This has been on my mind lately and i’ve managed to get esxtop to work in Mac OS X. Just change the terminal emulation to xterm instead of xterm 256 Launch terminal -> Terminal -> Preferences -> Profiles -> Select Profile -> Advanced -> Change declare terminal as to “xterm” ….the why? Esxi by default uses the busybox shell which uses xterm for emulation....

I recently lost access to few of my ESXi hosts after using the incorrect VLAN on the dvSwitch portgroup. Was unable to find any command to change the VLAN of a dvSwitch portgroup from the command line. Luckily I came across the Network Restore Option in DCUI To restore VDS from DCUI: Connect to the DCUI. From the Network Restore Options menu, select Restore vDS. Type the correct values for VLAN uplink and blocked properties, where appropriate....

When deploying a virtual infrastructure it is very important to configure a time server. Lately, most VMware solutions depend on accurate time. For the labs that i deploy, i generally configure the time server on a windows machine(For e.g. AD Machine), and let all the ESXi hosts synchronize time with this windows machine. The windows machine will synchronize time from a internet time server, for e.g. pool.ntp.org(The esxi hosts will not have access to the internet)...