MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.
COURSE of the MONTH
14 days, 20 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
ESXi provisioning and customization have hundreds to do
Posted on 2016-07-25
I am looking on the best way to setup a provisioning network and install hundreds of ESXi installs.
I have iDRAC which I complete all my installs.
I am building 50 ESXi Servers or more a week, and its getting old.
Is there a way to plug and play and let it provision on its own.
Either script or cfg file or etc. and best way to make a provisioning network.
Perhaps with PXE/DHCP
Also I have a custom iDRACK.ISO that we configure the servers with - Can this be automated..
However the ESXi Install is my main concern on automation..
So during install I need these configured as well.
Management interface --
IP
Netmask
Gateway
VLAN
IPV6 disabled
DNS settings
NTP settings
Change root password
Change vSwitch settings
a. General > Ports: Default of 120
b. General > MTU: 1500
c. Security > Promiscuous Mode: Reject
d. Security > MAC Address Changes: Accept
e. Security > Forged Transmits: Accept
f. Traffic Shaping: Status to Disabled
g. NIC Teaming: Leave Policy Exceptions to default, ensure that both of the vmnic's are set to active
dvSWITCH configuration other VLANS
Create Folder - Label xxx-xxx(x) xxx- Site -xxx - Group
Create dvSWITCH using above for each - Label above = xxx-xxx(x)-DVS1
Greate port group for each
iSCSI x2
a. ISCSI1: Uplink1 Active, Uplink2 Unused
b. ISCSI2: Uplink2 Active, Uplink1 Unused
vMOTION x2 (is it best to have 2 vmotion ports) one active one standby and visa versa
c. vMotion1: Uplink1 Active, Uplink2 Unused
d. vMotion2: Uplink2 Active, Uplink1 Unused
Port group naming sheme i.e
Storageheart-beat-VLANxxx-
vMOTION-VLANxxx-10.xx.x.0/
SETUP/ADD to DVSWITCH /VMKERNEL
a. Storage Heartbeat - vmk1
b. ISCSI1 - vmk2
c. ISCSI2 - vmk3
d. vMotion1 - vmk4 , check Use this virtual adapter for vMotion
e. vMotion2 – vmk5 , check Use this virtual adapter for vMotion
Set properties
i. MTU: 9000
ii. Discovery Protocol Status: Enabled
iii. Discovery Protocol Type: Link Layer Discovery Protocol
iv. Discovery Protocol Operation: Both
v. Admin Contact Information: Virtualization Support
Enable Network I/O control
Set as follows:
a. Fault Tolerance: Shares - Custom, value of 1 -- QOS priority 7
b. ISCSI Traffic: Custom, value of 60 -- QOS priority 1
c. Management Traffic: Custom, value of 10 -- QOS priority 2
d. NFS Traffic: Custom, value of 1 -- QOS priority 7
e. Virtual Machine Traffic: Shares - Custom, value of 100 -- QOS priority 1
f. vMotion Traffic: Shares: Custom, value of 20 -- QOS priority 3
g. vSphere Replication Traffic: Shares - Custom, value of 10 -- QOS priority 4
h. Virtual SAN traffic: Shares - Custom, value of 1 -- QOS priority 7
Disable AD Validation
Set EVC mode to Intel Bridge
Setup CHAP advance
LoginTimeout and change the value to 60
uncheck the box for “Delayed ack”
ENABLE SSH/
I have iDRAC which I complete all my installs.
I am building 50 ESXi Servers or more a week, and its getting old.
Is there a way to plug and play and let it provision on its own.
Either script or cfg file or etc. and best way to make a provisioning network.
Perhaps with PXE/DHCP
Also I have a custom iDRACK.ISO that we configure the servers with - Can this be automated..
However the ESXi Install is my main concern on automation..
So during install I need these configured as well.
Management interface --
IP
Netmask
Gateway
VLAN
IPV6 disabled
DNS settings
NTP settings
Change root password
Change vSwitch settings
a. General > Ports: Default of 120
b. General > MTU: 1500
c. Security > Promiscuous Mode: Reject
d. Security > MAC Address Changes: Accept
e. Security > Forged Transmits: Accept
f. Traffic Shaping: Status to Disabled
g. NIC Teaming: Leave Policy Exceptions to default, ensure that both of the vmnic's are set to active
dvSWITCH configuration other VLANS
Create Folder - Label xxx-xxx(x) xxx- Site -xxx - Group
Create dvSWITCH using above for each - Label above = xxx-xxx(x)-DVS1
Greate port group for each
iSCSI x2
a. ISCSI1: Uplink1 Active, Uplink2 Unused
b. ISCSI2: Uplink2 Active, Uplink1 Unused
vMOTION x2 (is it best to have 2 vmotion ports) one active one standby and visa versa
c. vMotion1: Uplink1 Active, Uplink2 Unused
d. vMotion2: Uplink2 Active, Uplink1 Unused
Port group naming sheme i.e
Storageheart-beat-VLANxxx-
vMOTION-VLANxxx-10.xx.x.0/
SETUP/ADD to DVSWITCH /VMKERNEL
a. Storage Heartbeat - vmk1
b. ISCSI1 - vmk2
c. ISCSI2 - vmk3
d. vMotion1 - vmk4 , check Use this virtual adapter for vMotion
e. vMotion2 – vmk5 , check Use this virtual adapter for vMotion
Set properties
i. MTU: 9000
ii. Discovery Protocol Status: Enabled
iii. Discovery Protocol Type: Link Layer Discovery Protocol
iv. Discovery Protocol Operation: Both
v. Admin Contact Information: Virtualization Support
Enable Network I/O control
Set as follows:
a. Fault Tolerance: Shares - Custom, value of 1 -- QOS priority 7
b. ISCSI Traffic: Custom, value of 60 -- QOS priority 1
c. Management Traffic: Custom, value of 10 -- QOS priority 2
d. NFS Traffic: Custom, value of 1 -- QOS priority 7
e. Virtual Machine Traffic: Shares - Custom, value of 100 -- QOS priority 1
f. vMotion Traffic: Shares: Custom, value of 20 -- QOS priority 3
g. vSphere Replication Traffic: Shares - Custom, value of 10 -- QOS priority 4
h. Virtual SAN traffic: Shares - Custom, value of 1 -- QOS priority 7
Disable AD Validation
Set EVC mode to Intel Bridge
Setup CHAP advance
LoginTimeout and change the value to 60
uncheck the box for “Delayed ack”
ENABLE SSH/
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
10-
10
- +1
22 Comments
Active today
Cant use host profiles due to license... Not sure about Auto-depoly -- Is there another way. scripts and etc. config files?
Active today
Yes, there is a setup guide to using Auto Deploy and Host Profiles.
What VMware vSphere license do you have, or take a look at AutoLab, and how hosts are deployed quickly using PXE and scripting...
HOW TO: Set up a lab environment for vSAN using VMware Workstation
You will have to reply on PXE, Kickstart scripts.
What VMware vSphere license do you have, or take a look at AutoLab, and how hosts are deployed quickly using PXE and scripting...
HOW TO: Set up a lab environment for vSAN using VMware Workstation
You will have to reply on PXE, Kickstart scripts.
Active today
Looks like this is for esxi 5... All my builds are 6.
Do you personally have any scripts and etc?
Do you personally have any scripts and etc?
Active today
If you are referring to the document I linked to, it is based on 5.x, but the skills and setup is exactly the same for 6.0.
So you have 100 of servers to build and not Auto Deploy or Host Profiles ?
What licenses do you have ?
If you do not have any of the advanced features for the quick deployment of servers, you will need to use a scripted installation.
So you have 100 of servers to build and not Auto Deploy or Host Profiles ?
What licenses do you have ?
If you do not have any of the advanced features for the quick deployment of servers, you will need to use a scripted installation.
Active today
This expert suggested creating a Gigs project.
I have suggested your question either be broken down into many questions, on how to complete the activities, or it's a Gig or Live for an EE Member.
Active today
We have Enterprise plus -- But as a service provided. So we dont have storage DRS, i/o or host profiles. Those are alla carte. Not sure if we are licensed for Auto deply either.
Active today
So these are individual ESXi host servers for clients and not a single site ?
Enterprise Plus includes vSphere Host Profiles and Auto Deploy, and also includes Storage DRS
Enterprise Plus includes vSphere Host Profiles and Auto Deploy, and also includes Storage DRS
Active today
Also is there a way to script / install VCSA applainces too... I am building out ton of these too.
Active today
our Enterprise + does not have host profiles... Wierd how its setup..
Yes there are main vcenters... Then for each customer there is a new VCSA -- then the esxi installs are attached to the new VCSA... tons of them..
Does that make sense?
Yes there are main vcenters... Then for each customer there is a new VCSA -- then the esxi installs are attached to the new VCSA... tons of them..
Does that make sense?
Active today
You will need to script them, using PXE and Kickstarter.
But to be honest with you the number of hours you spend researching and developing, you could have finished the installations!
or just have a handful of ESXi installations on SD cards/USB flash drives.
But to be honest with you the number of hours you spend researching and developing, you could have finished the installations!
or just have a handful of ESXi installations on SD cards/USB flash drives.
Active today
I was looking at one of our host, and looks like this is what were are typically licensed for.
Unlimited virtual SMP
H.264 for Remote Console Connections
vCenter agent for VMware host
vSphere API
Content Library
Storage APIs
VMsafe
vSphere vMotion
X-Switch vMotion
vSphere HA
vSphere Data Protection
vShield Endpoint
vSphere Replication
vShield Zones
Hot-Pluggable virtual HW
vSphere Storage vMotion
Shared Smart Card Reader
vSphere FT (up to 2 virtual CPUs)
Virtual Volumes
APIs for Storage Awareness
Storage-Policy Based Management
vSphere Storage APIs for Array Integration
vSphere DRS
Remote virtual Serial Port Concentrator
MPIO / Third-Party Multi-Pathing
Big Data Extensions
Reliable Memory
vSphere Distributed Switch
Unlimited virtual SMP
H.264 for Remote Console Connections
vCenter agent for VMware host
vSphere API
Content Library
Storage APIs
VMsafe
vSphere vMotion
X-Switch vMotion
vSphere HA
vSphere Data Protection
vShield Endpoint
vSphere Replication
vShield Zones
Hot-Pluggable virtual HW
vSphere Storage vMotion
Shared Smart Card Reader
vSphere FT (up to 2 virtual CPUs)
Virtual Volumes
APIs for Storage Awareness
Storage-Policy Based Management
vSphere Storage APIs for Array Integration
vSphere DRS
Remote virtual Serial Port Concentrator
MPIO / Third-Party Multi-Pathing
Big Data Extensions
Reliable Memory
vSphere Distributed Switch
Active today
if you are building for clients I do not think Auto Deploy and Host Profiles would not help you, it's designed to deploy 100 servers quickly in the same cluster.
Kickstart and scripted installations, if you've go the time to research and develop.
Kickstart and scripted installations, if you've go the time to research and develop.
Featured Post
This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations. Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
New style of hardware planning for Microsoft Exchange server.
In this video tutorial I show you the main steps to install and configure a VMware ESXi6.0 server.
The video has my comments as text on the screen and you can pause anytime when needed.
Hope this will be helpful.
Verify that your hardware and BIO…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail. The methods are covered in more detail in o…
Suggested Courses
Course of the Month14 days, 20 hours left to enroll
770 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.