Streamlining the VMware Management Assistant: User accounts and FastPass

Streamlining the VMware Management Assistant: User accounts and FastPass

Mike Laverick, Instructor, Author and Blogger

As we discussed in part one of this two-part series, the VMware Management Assistant (vMA) is a remote command-line utility for ESXi that allows you to use many of the same commands you may currently use with VMware ESX. Since VMware has long maintained that ESXi is the future of its server virtualization offerings, becoming comfortable with ESXi could make the switch easier for you down the road.

In this section, we skip over a vMA overview and installation walk-through (since we covered that in part one), and go right to configuring the vMA for ease of use. Let's get started.

Configuring user accounts and enabling FastPass
The vMA has two user accounts called vi-admin and vi-user. The vi-user account is initially disabled until it is enabled by the vi-admin. Once both accounts are active, you can use the 'vifp' command to add ESX hosts into the vMA. This process is similar to adding ESX hosts to vCenter. The vMA, however, doesn't care which vCenter "owns" the ESX host; as long as there is IP visibility from the vMA to the ESX host, any number of hosts can be added.

By carrying out this task it means you can indicate which ESX host you wish to manage without necessarily having to authenticate it as root. This is achieved by using a vi-admin and vi-user account linked to every ESX host, the same way that adding an ESX

    Requires Free Membership to View

    Login

    When you register, my team of editors will also send you alerts covering all areas of VMware, such as implementing VMware-related virtualization technologies for server consolidation, disaster recovery and backup strategies, management and performance, VM migration and more.

    Margie Semilof, Editorial Director

    By submitting your registration information to SearchVMware.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchVMware.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

host to vCenter creates a "vpxuser" account. The vMA contains an authentication component called vi-fastpass that allows this to happen.

When running commands after fastpass has been set up you have two options: you can use the command 'vifpinit' to select an ESX host to communicate with, or you can use a statement in Perl or Java to call the LoginByFastpass option. The directory location of /opt /vmware /vima /samples has examples of using these utilities in scripts.

The post-configuration of vMA involves enabling the vi-user for the first time, adding ESX hosts and enabling vi-fastpass.

 

  1. Use a secure shell (SSH) client to get into your vMA and log in as vi-admin with your password.
  2. Set a password for the vi-user account, sending your instructions using sudo like so:
    sudo passwd vi-user

    Note: The vi-admin is not "root" and receives all its privileges from the configuration of sudo. Sudo is a delegation system that allows "root" to allow other users privileges above and beyond merely being a "user." The response to this password reset is rather humorous:

    (Of course, I would add a fourth item – RTFM!)

  3. To add an ESX host, type:
    sudo vifp addserver esx1.corp.com

    Note: The first time you carry out this task for the first ESX host you will be challenged for the vMA vi-admin password and the ESX host's password. If you carry on adding additional ESX hosts, you will be challenged for passwords for each of them, as well.

    You can repeat this for each ESX host the vMA will manage. To confirm your ESX hosts have been successfully added to the vMA's list you can issue the command

    vifp listservers

    Note: The command sudo vifp removeserver can be used to remove ESX hosts from the vMA ESX host list.

Executing commands on the vMA
Now that we have vMA set up and configured we can carry out a simple test to see if we can connect to an ESX host and execute a command. If you only have one ESX host added to the vMA service then there is no need to specify the ESX host. If you have multiple ESX hosts added you must specify which ESX hosts should receive the commands. If you don't, the vMA will just send it to the first ESX host on the list.

  1. Tell ESX which host you want to run the command on with:
    vifpinit esx1.corp.com

  2. Type an ESX command, such as esxcfg-vswitch –l.

    Notice how the prompt changes after the vifpinit command to indicate the ESX hosts you have connected to.

  3. Let's say you wanted to create a standard vSwitch with two VMNICS attached – while creating port groups for VLAN tagging at the same time. This is what you would have to type:
     esxcfg-vswitch –a vSwitch2
    esxcfg-vswitch –A vlan10 vSwitch2
    esxcfg-vswitch –A vlan11 vSwitch2
    esxcfg-vswitch –A vlan12 vSwitch2
    esxcfg-vswitch –L vmnic4 vSwitch2
    esxcfg-vswitch –L vmnic5 vSwitch2
    esxcfg-vswitch –v 10 -p vlan10 vSwitch2
    esxcfg-vswitch –v 11 -p vlan11 vSwitch2
    esxcfg-vswitch –v 12 -p vlan12 vSwitch2

As well as including all the standard commands like esxcfg-vswitch, which you might be familiar with from ESX 3.x, the vMA uses vi-cfg commands and has a number of unique commands as well. One worth looking at is the resxtop utility, which creates an esxtop environment remotely, even for ESXi hosts.

Additionally, there is the vilogger utility that allows you to collect log files from the target ESX hosts according to the specified log policy. Finally, vMA includes the vima-update utility, which updates the vMA software. Updating the vMA software will be necessary to make sure its advanced programming interfaces (APIs), SDK and utilities are in sync with the distribution of ESX you are currently running.

Further vMA resources
To learn even more about the vMA, you can download the vSphere Management Assistant guide from VMware. Additionally, I documented a lot of the ESX commands back in the ESX 3.x.x days, and a lot of those commands work in the vMA. You can find a list of the commands in the RTFM guide to the VMware ESX 3 Service Console.. You can also find extensive coverage of all the different CLI tools options in my new book on vSphere4.

 

Mike Laverick (VCP) has been involved with the VMware community since 2003. Laverick is a VMware forum moderator and member of the London VMware User Group Steering Committee. Laverick is the owner and author of the virtualization website and blog RTFM Education, where he publishes free guides and utilities aimed at VMware ESX/VirtualCenter users, and has recently joined SearchVMware.com as an Editor at Large. In 2009, Laverick received the VMware vExpert award and helped found the Irish and Scottish VMware user groups. Laverick has had books published on VMware Virtual Infrastructure 3, VMware vSphere4 and VMware Site Recovery Manager.


This was first published in April 2010

Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.

    Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

    Back to top