Home  /  VMware  /  VCAP5-DCA Objective 5.1 – Implement and Maintain Host Profiles

VCAP5-DCA Objective 5.1 – Implement and Maintain Host Profiles

Written by
, VMware Leave a Comment

Skills and Abilities

  • Use Profile Editor to edit and/or disable policies
  • Create sub-profiles
  • Use Host Profiles to deploy vDS
  • Use Host Profiles to deploy vStorage policies
  • Manage Answer Files

Use Profile Editor to edit and/or disable policies

Official Documentation:

The vSphere Host Profiles Guide, covers the following aspects regarding Host profiles:

  • Creating host profiles
  • Exporting and importing a host profile
  • Editing host profile policies
  • Attaching an entity to a host profile
  • Applying a host profile to an entity attached to the host profile
  • Checking the host profile’s compliance to an entity attached to the host profile
  • Checking and updating the host profile’s answer file

The host profiles feature creates a profile that encapsulates the host configuration and helps to manage the host configuration, especially in environments where an administrator manages more than one host or cluster in vCenter Server.

Host profiles eliminates per-host, manual, or UI-based host configuration and maintains configuration consistency and correctness across the datacenter by using host profile policies. These policies capture the blueprint of a known, validated reference host configuration and use this to configure networking, storage, security, and other settings on multiple hosts or clusters. You can then check a host or cluster against a profile’s configuration for any deviations.

Host Profiles Usage Model

You perform host profiles tasks in a certain workflow order.

You must have an existing vSphere installation with at least one properly configured host.

  1. Set up and configure the host that will be used as the reference host.
    A reference host is the host from which the profile is created.
  2. Create a profile using the designated reference host.
  3. Attach a host or cluster to the profile.
  4. Check the host’s compliance to the reference host’s profile. If all hosts are compliant with the reference host, they are correctly configured.
  5. Apply the host profile of the reference host to other hosts or clusters of hosts.

Using host profiles is only supported for VMware vSphere 4.0 hosts or later. This feature is not supported for VMware Infrastructure 3.5 or earlier hosts. If you have VMware Infrastructure 3.5 or earlier hosts managed by your vCenter Server 4.0 or later, the following problems can occur if you try to use host profiles for those hosts:

  • You cannot create a host profile that uses a VMware Infrastructure 3.5 or earlier host as a reference host.
  • You cannot apply a host profile to any VMware Infrastructure 3.5 or earlier hosts. The compliance check fails.
  • While you can attach a host profile to a mixed cluster that contains VMware Infrastructure 3.5 or earlier hosts, the compliance check for those earlier hosts fails.

As a licensed feature of vSphere, host profiles are only available when the appropriate licensing is in place. If you see errors, ensure that you have the appropriate vSphere licensing for your hosts.

If you want the host profile to use directory services for authentication, the reference host needs to be configured to use a directory service. See the vSphere Security documentation.

Edit a Host Profile

You can view and edit host profile policies, select a policy to be checked for compliance, and change the policy name or description.

Procedure

  1. In the Host Profiles main view, select the profile to edit from the profile list.
  2. Click Edit Host Profile.
  3. (Optional) Change the profile name or description in the fields at the top of the Profile Editor.
  4. Edit the policy.
  5. (Optional) Enable or disable the policy compliance check.
  6. Click OK to close the Profile Editor.

More information:

A good reading on Host Profiles is the  VMware Host Profiles: Technical Overview.

Create sub-profiles

Official Documentation:

vSphere Host Profiles Guide, Section “Edit a policy”, page 10.

Edit a Policy

A policy describes how a specific configuration setting should be applied. The Profile Editor allows you to edit policies belonging to a specific host profile.

On the left side of the Profile Editor, you can expand the host profile. Each host profile is composed of several subprofiles that are designated by functional group to represent configuration instances. Each subprofile contains many policies and compliance checks that describe the configuration that is relevant to the profile.

You can configure certain subprofiles, example policies, and compliance checks.

Each policy consists of one or more options that contains one or more parameters. Each parameter consists of a key and a value. The value can be one of a few basic types, for example integer, string, string array, or integer array.

Sub-Profile Configuration Example Policies and ComplianceChecks Notes
Memory reservation Set memory reservation to a fixed value.
Storage Configure storage options, includingNative Multi-Pathing (NMP), PluggableStorage Architecture (PSA), FCoE andiSCSI adapters, and NFS storage.
  • Use the vSphere CLI to configure or modify the NMP and PSA policies on a reference host first, and then extract the host profile from that host. If you use the Profile Editor to edit the policies, to avoid compliance failures, make sure that you thoroughly understand interrelationships between the NMP and PSA policies and the consequences of changing individual policies. For information on the NMP and PSA, see the vSphere Storage documentation.
  • Setting values for the Initiator IPv6 Address and Initiator IPv6 Prefix options in a host profile with independent hardware iSCSI adapters has no effect on the HBA because no independent iSCSi HBAs have IPv6 support.
Networking Configure virtual switch, port groups,physical NIC speed, security and NICteaming policies, vSphere DistributedSwitch, and vSphere Distributed Switch

uplink port.

 When DHCPv6 is enabled in the networking subprofile,the corresponding ruleset must also bemanually turned on in the firewall subprofile.
Date and Time Configure the time settings and timezoneof server. For the time zone, enter a UTC string. Forexample, “America/Los_Angeles” for UnitedStates Pacific time zone. The default time zone is set to the local time and location of the vSphere Client machine. Network Time Protocol (NTP) should be correctly configured. You can configure the NTP settings on the host’s configuration tab. Click Time Configuration, then Properties at the top right of the panel.
Firewall Enable or disable a ruleset.
Security Add a user or a usergroup and set the rootpassword.
Service Configure settings for a service.
Advanced Modify advanced options.
  • Host Profiles do not check advanced settings if they are the same as the default settings. vCenter Server only copies the advanced configuration settings that have changed and differ from the default values. In addition, compliance checks are limited to only the settings that are copied.
  • Host Profiles does not support the configuration of PCI devices for virtual machine passthrough on the ESXi host.

Other profile configuration categories include: user group, authentication, kernel module, DCUI keyboard, host cache settings, SFCB, resource pools, login banner, SNMP agent, power system, and CIM indication subscriptions.

Use Host Profiles to deploy vDS

Official Documentation:

Use Case 5: Using Host Profiles to Configure Hosts to Use VMware vNetwork Distributed Switch.

Host Profiles can be used to capture the vNetwork Standard Switch (vSS) and vNetwork Distributed Switch configuration of a Vmware ESX host, and then apply and propagate that configuration to a number of other VMware ESX or ESXi hosts.

Host Profiles is the preferred and easiest method for deploying a Distributed Switch across a large population of hosts. The following use case assumes that you are starting with a population of hosts, each with a single Standard Switch.

Migrate reference host to Distributed Switch.

  1. Create Distributed Switch (without any associated hosts).
  2. Create Distributed Virtual Port Groups on Distributed Switch to match existing or required environment.
  3. Add host to Distributed Switch and migrate vmnics to dvUplinks and Virtual Ports to DV Port Groups.
  4. Delete Standard Switch from host.
    At the completion of Step 4, we will have a single host with its networking environment completely migrated to Distributed Switch.
    The following three steps allow us to create a host profile of this migrated host and then apply it to a number of hosts in one step (Step 7). 
  5. Create host profile of Reference Host.
  6. Attach and apply the host profile to the candidate hosts.
  7. Migrate virtual machine networking for virtual machines and take the hosts out of Maintenance Mode.

Variation on Using Host Profiles for Migration

The previously outlined process can be time consuming for a large number of virtual machines. An alternative method, which reduces the per–virtual machine edit process but requires a reapplication of a modified host profile, is as follows:

  1. Retain the Standard Switch on each host (and, therefore, the Port Groups) during migration, using Host Profiles. Do not perform Step 4 (so you create a host profile of a host with a Standard Switch and a Distributed Switch and then apply that profile to the hosts).
  2. Right-click on the Distributed Switch and select Migrate Virtual Machine Networking… and then migrate all virtual machines for each Port Group in one step per Port Group.
  3. Delete the Standard Switch from the host profile using the edit host profile function (or just delete the Standard Switch from the reference host and create a fresh host profile).
  4. Reapply this host profile to the hosts in the cluster.

NOTE: Because we already have migrated the virtual adaptors, we would not need to reenter any of the IP addresses.

Use Host Profiles to deploy vStorage policies

Official Documentation:

The VMware Host Profiles: Technical Overview, page 17.

Use Case 6: Using Host Profiles to Configure Hosts to Use NAS Storage

You can use Host Profiles to prepare your VMware ESX/ESXi hosts to use a newly added NAS storage device.

  1. Identify the reference host and ensure that it is compliant with the host profile.
  2. Add an NFS-based datastore on the reference host, using the vSphere Client.
    1. Because NFS requires network connectivity to access data stored on remote servers, before configuring NFS you must first configure networking to make sure you have at least one vmknic. To mount an NFS datastore, the Add Storage wizard guides you through the following configuration steps:
      1. Select the host from the inventory panel.
      2. Click the Configuration tab and click Storage in the Hardware panel.
      3. Click Add Storage.
      4. Select Network File System as the storage type and click Next.
      5. Enter the server name, the mount point folder name, and the datastore name. Click Next.
      6. In the Network File System Summary page, review the configuration options and click Finish.
  3. Update the profile from the reference host.
    1. In the Host Profiles main view, select the profile to update.
    2. Right-click the profile and select Update Profile from Reference Host.
    3. <Optional> Review the updated storage change in the host profile to confirm that it was accurately captured. From the Profile Editor, select Profile > Storage configuration. View the default compliance checks.
  4. Apply the profile to the attached entities.

Manage Answer Files

Official Documentation:

vSphere Host Profiles Guide, Section “Update Answer files”, page 10.

Check Answer File Status

The answer file status indicates the state of the answer file. The status of an answer file can be complete, incomplete, missing, or unknown.

Prerequisites

The answer file status can only be checked when the ost profile is atached to a host.

Procedure

  • In the host profiles view, click Check Answer File.

The Answer File Status for the host profile is updated. The status indicates one of the following states:

Incomplete The answer file is missing some of the required user input answers.
Complete The answer file has all of the user input answers needed.
Unknown The host and associated profile exist but the status of the answer file is notknown. This is the initial state of an answer file.

Update Answer File

You can update or change the user input parameters for the host profiles policies in the answer file.

Procedure

  1. Right-click the host entity and select Update Answer File.
  2. When prompted, enter or change the user input parameter, and click Next.
  3. Click Update when finished entering changes.

Import Answer File

You can import a previously exported answer file to associate with a host profile.

Prerequisites

The imported answer file must be associated with at least one host.

Procedure

  1. Right-click the host entity and select Import Answer File.
  2. Select the answer file to import.

Export Answer File

You can export an answer file so that it can be imported and used by another host profile.

The answer file might contain sensitive information such as passwords and IP addresses. If exported, this information is vulnerable to unauthorized access. During the export process all passwords are removed from the answer file. When the answer file is imported, the password information must be re-entered. 

Procedure

  1. Right-click the host entity and select Export Answer File.
  2. Select the location to save the answer file.

Other exam notes

VMware vSphere official documentation

VMware vSphere Basics Guide html pdf epub mobi
vSphere Installation and Setup Guide html pdf epub mobi
vSphere Upgrade Guide html pdf epub mobi
vCenter Server and Host Management Guide html pdf epub mobi
vSphere Virtual Machine Administration Guide html pdf epub mobi
vSphere Host Profiles Guide html pdf epub mobi
vSphere Networking Guide html pdf epub mobi
vSphere Storage Guide html pdf epub mobi
vSphere Security Guide html pdf epub mobi
vSphere Resource Management Guide html pdf epub mobi
vSphere Availability Guide html pdf epub mobi
vSphere Monitoring and Performance Guide html pdf epub mobi
vSphere Troubleshooting html pdf epub mobi
VMware vSphere Examples and Scenarios Guide html pdf epub mobi


Related articles:

Disclaimer.
The information in this article is provided “AS IS” with no warranties, and confers no rights. This article does not represent the thoughts, intentions, plans or strategies of my employer. It is solely my opinion.

Marco

Marco works for ViaData as a Senior Technical Consultant. He has over 15 years experience as a system engineer and consultant, specialized in virtualization. VMware VCP4, VCP5-DC & VCP5-DT. VMware vExpert 2013, 2014,2015 & 2016. Microsoft MCSE & MCITP Enterprise Administrator. Veeam VMSP, VMTSP & VMCE.

Copyright © 2009-2020 The virtual world of Marc O'Polo