Skills and Abilities
- Use Profile Editor to edit and/or disable policies
- Create sub-profiles
- Use Host Profiles to deploy vDS
- Use Host Profiles to deploy vStorage policies
- Manage Answer Files
Use Profile Editor to edit and/or disable policies
The vSphere Host Profiles Guide, covers the following aspects regarding Host profiles:
- Creating host profiles
- Exporting and importing a host profile
- Editing host profile policies
- Attaching an entity to a host profile
- Applying a host profile to an entity attached to the host profile
- Checking the host profile’s compliance to an entity attached to the host profile
- Checking and updating the host profile’s answer file
The host profiles feature creates a profile that encapsulates the host configuration and helps to manage the host configuration, especially in environments where an administrator manages more than one host or cluster in vCenter Server.
Host profiles eliminates per-host, manual, or UI-based host configuration and maintains configuration consistency and correctness across the datacenter by using host profile policies. These policies capture the blueprint of a known, validated reference host configuration and use this to configure networking, storage, security, and other settings on multiple hosts or clusters. You can then check a host or cluster against a profile’s configuration for any deviations.
Host Profiles Usage Model
You perform host profiles tasks in a certain workflow order.
You must have an existing vSphere installation with at least one properly configured host.
- Set up and configure the host that will be used as the reference host.
A reference host is the host from which the profile is created.
- Create a profile using the designated reference host.
- Attach a host or cluster to the profile.
- Check the host’s compliance to the reference host’s profile. If all hosts are compliant with the reference host, they are correctly configured.
- Apply the host profile of the reference host to other hosts or clusters of hosts.
Using host profiles is only supported for VMware vSphere 4.0 hosts or later. This feature is not supported for VMware Infrastructure 3.5 or earlier hosts. If you have VMware Infrastructure 3.5 or earlier hosts managed by your vCenter Server 4.0 or later, the following problems can occur if you try to use host profiles for those hosts:
- You cannot create a host profile that uses a VMware Infrastructure 3.5 or earlier host as a reference host.
- You cannot apply a host profile to any VMware Infrastructure 3.5 or earlier hosts. The compliance check fails.
- While you can attach a host profile to a mixed cluster that contains VMware Infrastructure 3.5 or earlier hosts, the compliance check for those earlier hosts fails.
As a licensed feature of vSphere, host profiles are only available when the appropriate licensing is in place. If you see errors, ensure that you have the appropriate vSphere licensing for your hosts.
If you want the host profile to use directory services for authentication, the reference host needs to be configured to use a directory service. See the vSphere Security documentation.
Edit a Host Profile
You can view and edit host profile policies, select a policy to be checked for compliance, and change the policy name or description.
- In the Host Profiles main view, select the profile to edit from the profile list.
- Click Edit Host Profile.
- (Optional) Change the profile name or description in the fields at the top of the Profile Editor.
- Edit the policy.
- (Optional) Enable or disable the policy compliance check.
- Click OK to close the Profile Editor.
A good reading on Host Profiles is the VMware Host Profiles: Technical Overview.
vSphere Host Profiles Guide, Section “Edit a policy”, page 10.
Edit a Policy
A policy describes how a specific configuration setting should be applied. The Profile Editor allows you to edit policies belonging to a specific host profile.
On the left side of the Profile Editor, you can expand the host profile. Each host profile is composed of several subprofiles that are designated by functional group to represent configuration instances. Each subprofile contains many policies and compliance checks that describe the configuration that is relevant to the profile.
You can configure certain subprofiles, example policies, and compliance checks.
Each policy consists of one or more options that contains one or more parameters. Each parameter consists of a key and a value. The value can be one of a few basic types, for example integer, string, string array, or integer array.
|Sub-Profile Configuration||Example Policies and ComplianceChecks||Notes|
|Memory reservation||Set memory reservation to a fixed value.|
|Storage||Configure storage options, includingNative Multi-Pathing (NMP), PluggableStorage Architecture (PSA), FCoE andiSCSI adapters, and NFS storage.||
|Networking||Configure virtual switch, port groups,physical NIC speed, security and NICteaming policies, vSphere DistributedSwitch, and vSphere Distributed Switch
|When DHCPv6 is enabled in the networking subprofile,the corresponding ruleset must also bemanually turned on in the firewall subprofile.|
|Date and Time||Configure the time settings and timezoneof server.||For the time zone, enter a UTC string. Forexample, “America/Los_Angeles” for UnitedStates Pacific time zone. The default time zone is set to the local time and location of the vSphere Client machine. Network Time Protocol (NTP) should be correctly configured. You can configure the NTP settings on the host’s configuration tab. Click Time Configuration, then Properties at the top right of the panel.|
|Firewall||Enable or disable a ruleset.|
|Security||Add a user or a usergroup and set the rootpassword.|
|Service||Configure settings for a service.|
|Advanced||Modify advanced options.||
Other profile configuration categories include: user group, authentication, kernel module, DCUI keyboard, host cache settings, SFCB, resource pools, login banner, SNMP agent, power system, and CIM indication subscriptions.
Use Host Profiles to deploy vDS
VMware vSphere 4:Deployment Methods for the VMware® vNetwork Distributed Switch; this document discusses and suggests the most effective methods of deployment for the vDS, including the usage of Host Profiles.
The document concludes with a nice summary:
- VMware Host Profiles: Technical Overview; Use case 5 details how Host profiles can be used to configure a host to use the vDS.
- VMware vNetwork Distributed Switch: Migration and Conguration. The most complete document. It describes in great detail how to configure a vDS. When it comes to migrating to a vDS, two methods are presented, the second method explains the use of Host Profiles.
Use Case 5: Using Host Profiles to Configure Hosts to Use VMware vNetwork Distributed Switch.
Host Profiles can be used to capture the vNetwork Standard Switch (vSS) and vNetwork Distributed Switch configuration of a Vmware ESX host, and then apply and propagate that configuration to a number of other VMware ESX or ESXi hosts.
Host Profiles is the preferred and easiest method for deploying a Distributed Switch across a large population of hosts. The following use case assumes that you are starting with a population of hosts, each with a single Standard Switch.
Migrate reference host to Distributed Switch.
- Create Distributed Switch (without any associated hosts).
- Create Distributed Virtual Port Groups on Distributed Switch to match existing or required environment.
- Add host to Distributed Switch and migrate vmnics to dvUplinks and Virtual Ports to DV Port Groups.
Delete Standard Switch from host.
At the completion of Step 4, we will have a single host with its networking environment completely migrated to Distributed Switch.
The following three steps allow us to create a host profile of this migrated host and then apply it to a number of hosts in one step (Step 7).
- Create host profile of Reference Host.
- Attach and apply the host profile to the candidate hosts.
- Migrate virtual machine networking for virtual machines and take the hosts out of Maintenance Mode.
Variation on Using Host Profiles for Migration
The previously outlined process can be time consuming for a large number of virtual machines. An alternative method, which reduces the per–virtual machine edit process but requires a reapplication of a modified host profile, is as follows:
- Retain the Standard Switch on each host (and, therefore, the Port Groups) during migration, using Host Profiles. Do not perform Step 4 (so you create a host profile of a host with a Standard Switch and a Distributed Switch and then apply that profile to the hosts).
- Right-click on the Distributed Switch and select Migrate Virtual Machine Networking… and then migrate all virtual machines for each Port Group in one step per Port Group.
- Delete the Standard Switch from the host profile using the edit host profile function (or just delete the Standard Switch from the reference host and create a fresh host profile).
- Reapply this host profile to the hosts in the cluster.
NOTE: Because we already have migrated the virtual adaptors, we would not need to reenter any of the IP addresses.
Use Host Profiles to deploy vStorage policies
The VMware Host Profiles: Technical Overview, page 17.
Use Case 6: Using Host Profiles to Configure Hosts to Use NAS Storage
You can use Host Profiles to prepare your VMware ESX/ESXi hosts to use a newly added NAS storage device.
- Identify the reference host and ensure that it is compliant with the host profile.
Add an NFS-based datastore on the reference host, using the vSphere Client.
Because NFS requires network connectivity to access data stored on remote servers, before configuring NFS you must first configure networking to make sure you have at least one vmknic. To mount an NFS datastore, the Add Storage wizard guides you through the following configuration steps:
- Select the host from the inventory panel.
- Click the Configuration tab and click Storage in the Hardware panel.
- Click Add Storage.
- Select Network File System as the storage type and click Next.
- Enter the server name, the mount point folder name, and the datastore name. Click Next.
- In the Network File System Summary page, review the configuration options and click Finish.
Update the profile from the reference host.
- In the Host Profiles main view, select the profile to update.
- Right-click the profile and select Update Profile from Reference Host.
- <Optional> Review the updated storage change in the host profile to confirm that it was accurately captured. From the Profile Editor, select Profile > Storage configuration. View the default compliance checks.
- Apply the profile to the attached entities.
Manage Answer Files
vSphere Host Profiles Guide, Section “Update Answer files”, page 10.
Check Answer File Status
The answer file status indicates the state of the answer file. The status of an answer file can be complete, incomplete, missing, or unknown.
The answer file status can only be checked when the ost profile is atached to a host.
- In the host profiles view, click Check Answer File.
The Answer File Status for the host profile is updated. The status indicates one of the following states:
|Incomplete||The answer file is missing some of the required user input answers.|
|Complete||The answer file has all of the user input answers needed.|
|Unknown||The host and associated profile exist but the status of the answer file is notknown. This is the initial state of an answer file.|
Update Answer File
You can update or change the user input parameters for the host profiles policies in the answer file.
- Right-click the host entity and select Update Answer File.
- When prompted, enter or change the user input parameter, and click Next.
- Click Update when finished entering changes.
Import Answer File
You can import a previously exported answer file to associate with a host profile.
The imported answer file must be associated with at least one host.
- Right-click the host entity and select Import Answer File.
- Select the answer file to import.
Export Answer File
You can export an answer file so that it can be imported and used by another host profile.
The answer file might contain sensitive information such as passwords and IP addresses. If exported, this information is vulnerable to unauthorized access. During the export process all passwords are removed from the answer file. When the answer file is imported, the password information must be re-entered.
- Right-click the host entity and select Export Answer File.
- Select the location to save the answer file.
Other exam notes
- The Saffageek VCAP5-DCA Objectives http://thesaffageek.co.uk/vcap5-dca-objectives/
- Paul Grevink The VCAP5-DCA diaries http://paulgrevink.wordpress.com/the-vcap5-dca-diaries/
- Edward Grigson VCAP5-DCA notes http://www.vexperienced.co.uk/vcap5-dca/
- Jason Langer VCAP5-DCA notes http://www.virtuallanger.com/vcap-dca-5/
- The Foglite VCAP5-DCA notes http://thefoglite.com/vcap-dca5-objective/
VMware vSphere official documentation
|VMware vSphere Basics Guide||html||epub||mobi|
|vSphere Installation and Setup Guide||html||epub||mobi|
|vSphere Upgrade Guide||html||epub||mobi|
|vCenter Server and Host Management Guide||html||epub||mobi|
|vSphere Virtual Machine Administration Guide||html||epub||mobi|
|vSphere Host Profiles Guide||html||epub||mobi|
|vSphere Networking Guide||html||epub||mobi|
|vSphere Storage Guide||html||epub||mobi|
|vSphere Security Guide||html||epub||mobi|
|vSphere Resource Management Guide||html||epub||mobi|
|vSphere Availability Guide||html||epub||mobi|
|vSphere Monitoring and Performance Guide||html||epub||mobi|
|VMware vSphere Examples and Scenarios Guide||html||epub||mobi|
The information in this article is provided “AS IS” with no warranties, and confers no rights. This article does not represent the thoughts, intentions, plans or strategies of my employer. It is solely my opinion.