Streamlining the VMware Management Assistant: User accounts and FastPass

If you haven't used it already, you may want to give the VMware Management Asssitant (vMA) a try. It is a remote command-line utility that allows you to use many of the same commands you can currently run on ESX. In part two of this two-part series, we go over configuring user accounts and enabling FastPass for ease of use.

As we discussed in part one of this two-part series, the VMware Management Assistant (vMA) is a remote command-line utility for ESXi that allows you to use many of the same commands you may currently use with VMware ESX. Since VMware has long maintained that ESXi is the future of its server virtualization offerings, becoming comfortable with ESXi could make the switch easier for you down the road.

In this section, we skip over a vMA overview and installation walk-through (since we covered that in part one), and go right to configuring the vMA for ease of use. Let's get started.

Configuring user accounts and enabling FastPass
The vMA has two user accounts called vi-admin and vi-user. The vi-user account is initially disabled until it is enabled by the vi-admin. Once both accounts are active, you can use the 'vifp' command to add ESX hosts into the vMA. This process is similar to adding ESX hosts to vCenter. The vMA, however, doesn't care which vCenter "owns" the ESX host; as long as there is IP visibility from the vMA to the ESX host, any number of hosts can be added.

By carrying out this task it means you can indicate which ESX host you wish to manage without necessarily having to authenticate it as root. This is achieved by using a vi-admin and vi-user account linked to every ESX host, the same way that adding an ESX host to vCenter creates a "vpxuser" account. The vMA contains an authentication component called vi-fastpass that allows this to happen.

When running commands after fastpass has been set up you have two options: you can use the command 'vifpinit' to select an ESX host to communicate with, or you can use a statement in Perl or Java to call the LoginByFastpass option. The directory location of /opt /vmware /vima /samples has examples of using these utilities in scripts.

The post-configuration of vMA involves enabling the vi-user for the first time, adding ESX hosts and enabling vi-fastpass.

 

  1. Use a secure shell (SSH) client to get into your vMA and log in as vi-admin with your password.
  2. Set a password for the vi-user account, sending your instructions using sudo like so:
    sudo passwd vi-user

    Note: The vi-admin is not "root" and receives all its privileges from the configuration of sudo. Sudo is a delegation system that allows "root" to allow other users privileges above and beyond merely being a "user." The response to this password reset is rather humorous:

    (Of course, I would add a fourth item – RTFM!)

  3. To add an ESX host, type:
    sudo vifp addserver esx1.corp.com

    Note: The first time you carry out this task for the first ESX host you will be challenged for the vMA vi-admin password and the ESX host's password. If you carry on adding additional ESX hosts, you will be challenged for passwords for each of them, as well.

    You can repeat this for each ESX host the vMA will manage. To confirm your ESX hosts have been successfully added to the vMA's list you can issue the command

    vifp listservers

    Note: The command sudo vifp removeserver can be used to remove ESX hosts from the vMA ESX host list.

Executing commands on the vMA
Now that we have vMA set up and configured we can carry out a simple test to see if we can connect to an ESX host and execute a command. If you only have one ESX host added to the vMA service then there is no need to specify the ESX host. If you have multiple ESX hosts added you must specify which ESX hosts should receive the commands. If you don't, the vMA will just send it to the first ESX host on the list.

  1. Tell ESX which host you want to run the command on with:
    vifpinit esx1.corp.com
  2. Type an ESX command, such as esxcfg-vswitch –l.

    Notice how the prompt changes after the vifpinit command to indicate the ESX hosts you have connected to.

  3. Let's say you wanted to create a standard vSwitch with two VMNICS attached – while creating port groups for VLAN tagging at the same time. This is what you would have to type:
     esxcfg-vswitch –a vSwitch2
    esxcfg-vswitch –A vlan10 vSwitch2
    esxcfg-vswitch –A vlan11 vSwitch2
    esxcfg-vswitch –A vlan12 vSwitch2
    esxcfg-vswitch –L vmnic4 vSwitch2
    esxcfg-vswitch –L vmnic5 vSwitch2
    esxcfg-vswitch –v 10 -p vlan10 vSwitch2
    esxcfg-vswitch –v 11 -p vlan11 vSwitch2
    esxcfg-vswitch –v 12 -p vlan12 vSwitch2

As well as including all the standard commands like esxcfg-vswitch, which you might be familiar with from ESX 3.x, the vMA uses vi-cfg commands and has a number of unique commands as well. One worth looking at is the resxtop utility, which creates an esxtop environment remotely, even for ESXi hosts.

Additionally, there is the vilogger utility that allows you to collect log files from the target ESX hosts according to the specified log policy. Finally, vMA includes the vima-update utility, which updates the vMA software. Updating the vMA software will be necessary to make sure its advanced programming interfaces (APIs), SDK and utilities are in sync with the distribution of ESX you are currently running.

Further vMA resources
To learn even more about the vMA, you can download the vSphere Management Assistant guide from VMware. Additionally, I documented a lot of the ESX commands back in the ESX 3.x.x days, and a lot of those commands work in the vMA. You can find a list of the commands in the RTFM guide to the VMware ESX 3 Service Console.. You can also find extensive coverage of all the different CLI tools options in my new book on vSphere4.

 

Mike Laverick (VCP) has been involved with the VMware community since 2003. Laverick is a VMware forum moderator and member of the London VMware User Group Steering Committee. Laverick is the owner and author of the virtualization website and blog RTFM Education, where he publishes free guides and utilities aimed at VMware ESX/VirtualCenter users, and has recently joined SearchVMware.com as an Editor at Large. In 2009, Laverick received the VMware vExpert award and helped found the Irish and Scottish VMware user groups. Laverick has had books published on VMware Virtual Infrastructure 3, VMware vSphere4 and VMware Site Recovery Manager.


This was first published in April 2010

Dig deeper on VMware how-tos

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchVirtualDesktop

SearchDataCenter

SearchCloudComputing

Close