目录
Backup and restore EXSi configuration:
ESXi Network Configuration
To understand the virtual network of VMWare, we can go through network topology.
The ESXi vSwitch, we can not use it as physical switch. Like the chart above, if we attach all the physical nics (lan ports in red rectangle) to one vSwitch, it will not eastablish the connection with the management port.
Going through a lot of documents, most of them recommend the network topology as below:
If multiple nics are attached to one vSwitch, they are used to imporve the throughput or failover. NIC Teaming is used and there are different load balancing policies to be configured.
Instead, we can use one physical nic to access all the VMs within on vSwitch. For the scenario of routeros and openwrt which need to route for multiple nics, we can harness the bridge function of routeros.
First, we can pick on nic as the management port and setup all the VMs (routeros and openwrt) in one vSwitch. Then, setup vSwitches and corresponding port groups for all the rest nics. Attache these port groups to routeros, create bridge in routeros to establish the connection between management port and rest of nics. By the way, for wan port, we need seperate port group and vSwitch.
When setup vSwitch, there are three options of security,
- Promiscuous mode is disabled by default for all virtualmachines. This prevents them from seeing unicast traffic together nodes on the network.
- MAC address change lockdown prevents virtual machines from changing their own unicast addresses. This also prevents them from seeing unicast traffic to other nodes on thenetwork, blocking a potential security vulnerability that is similar to but narrower than promiscuous mode.
- Forged transmit blocking, when you enable it, prevents virtual machines from sending traffic that appears to come from nodes on the network other than themselves.
Through the experiment, promiscuous mode and forged transmit need to be enabled. MAC address change can be disabled (it's used by MS NLB).
Backup and restore EXSi configuration:
For the details, please refer this link: VMware Knowledge Base
ESXi Command Line
Backing up ESXi host configuration data
- To synchronize the configuration changed with persistent storage, run this command:
vim-cmd hostsvc/firmware/sync_config- To back-up the configuration data for an ESXi host, run this command:
vim-cmd hostsvc/firmware/backup_config- From a web browser navigate to http://Host_FQDN/downloads/123456/configBundle-xx.xx.xx.xx.tgz
Restoring ESXi host configuration data
- The configBundle-HostFQDN.tgz should be renamed as configBundle.tgz before initiating the restore command.
- Put the host into maintenance mode by running this command:
vim-cmd hostsvc/maintenance_mode_enter- Copy the backup configuration file to the ESXi host or an available datastore.
- Run this command to restore the ESXi hosts configuration:
vim-cmd hostsvc/firmware/restore_config /backup_location/configBundle.tgz- Add a 1 to force an override of the UUID mismatch.
vim-cmd hostsvc/firmware/restore_config 1 /tmp/configBundle.tgz- Executing this command will initiate an automatic reboot of the host after command completion.
- However, starting from vSphere 7.0 U2, the configuration could be encrypted using TPMs and in which case, the -force option will not work if the host got changed. We need the same TPM that was used on the host during backup, to restore. In other words,
from vSphere 7.0U2, the override will not work if the host has TPM enabled.
When you met error of IO...
vmkfstools -x repair /vmfs/volumes/5d582a2a-40abb997-8ffd-e43a6e0448e3/LEDE/openwrt-x86-64-combined-squashfs.vmdk
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
