WilliamLam.com

ESXi configstorecli enhancement in vSphere 8.0 Update 1

by // Leave a Comment

The ESXi configstorecli was introduced back in vSphere 7.0 Update 1 and provides access to the ESXi ConfigStoreĀ which responsible for centrally managing all configurations for an ESXi host instead of relying on different methods including a variety of configuration files, I highly recommend reviewing this refresher article HERE if you have not heard of the configstorecli before. The ESXi ConfigStore is also the underlying infrastructure that powers the new vSphere Configuration Profile feature which is also part of the vSphere Lifecycle Manager (vLCM) solution.

For those who currently or plan to automate ESXi installations using Kickstart, I wrote an article HERE last year on how to start converting some of your existing automation into using the new ESXi configstorecli, which is another article I recommend folks take a look if you have no already.

One of the challenges that I personally found when using configstorecli was purely figuring out the overall schema for the different components, groups and keys that are available. While I have demonstrated how to traverse the configstore in this blog post HERE, I still found experience less than ideal. I would have liked a bit more of an iterative exploration of the configstore itself and rather than showing the entire schema, I could slowly expect each node as configstore is a stored as a JSON document.

[Read more...]

How to replace some of ESXi Kickstart automation with new configstorecli commands?

by // 2 Comments

I had received a question a couple of weeks back from a customer who was already automating their ESXi installation using ESXi Kickstart, also known as ESXi Scripted Installation but they had ran into an issue when migrating the exact same automation to the latest ESXi 7.0 releases.

The method the customer was using to manage their ESXi password policies, which was by updating the /etc/pam.d/passwd file, no longer function as expected and this was a result of the introduction of the ESXi ConfigStore, which I have written about here.

As mentioned in the article, the goal of the ESXi ConfigStore is the following:

The goal of the ConfigStore, initially introduced in ESXi 7.0 Update 1, is to centrally manage all configurations for an ESXi host instead of relying on different methods including a variety of configuration files.

[Read more...]

Introduction to the new ESXi Configuration Store CLI (configstorecli)

by // 10 Comments

I was looking into a customer inquiry this morning and found myself looking at the configstorecli, which is an ESXi Shell CLI that enables access to the new ESXi Configuration Store (ConfigStore). The goal of the ConfigStore, initially introduced in ESXi 7.0 Update 1, is to centrally manage all configurations for an ESXi host instead of relying on different methods including a variety of configuration files. There is actually not much documentation out there for configstorecli, other than this blog post by Duncan and these two VMware KBs (here and here).

While searching online, I ended up clicking Duncan's blog as I figured it probably has the best information and I do recall this topic awhile back on the change in behavior for renaming a standard virtual switch. I started to play with the configstore CLI and what was not immediately clear was how to actually use it, especially identifying some of the parameters it was looking for. I figured I might as well share some of my findings as I explore configstorecli a bit more.

My first observation is that the Config Store is a JSON document store and each configuration is stored as individual JSON documents. Before you can access a specific configuration, you first need to understand the schema. To view the entire schema, run the following command:

configstorecli schema list

Since the output is JSON, you can actually save the contents to a file on your desktop and use any JSON supported tool such as jq to explore further. In the example below, I have loaded an online copy of the configstorecli output from ESXi 7.0 Update 2 using my Chrome browser, which has this JSON Viewer extension installed. The benefit with a visual tool, is that you can easily expand or collapse specific nodes within the JSON document.

[Read more...]