esxcli

Minimum vSphere privileges to install or remove patch from ESXi

04.18.2024 by William Lam // Leave a Comment

I recently got a question from our field inquiring about the minimum vSphere privileges that would be required to either install or remove a patch (VIB/Component) from an ESXi host. The customer was interested in using PowerCLI and specifically the ESXLI interface to automate the installation and removal of a VIB and wanted to create a custom vSphere Role with the minimum privileges, which can be done with vCenter Server or even a standalone ESXi host (properly licensed).

Since I was familiar with the underlying ESXi patch API that is used for these operations, a nice benefit of the vSphere API Reference is that it also lists the specific vSphere Privileges that is required for a given operation and in this case, it is just Host.Config.Patch privilege.

However, when the customer attempted to create a custom vSphere Role with just this privilege and perform the installation operation, they still received an error as shown in the screenshot below, which was a bit cryptic but they had assumed it was still permissions related as full administrative account had worked:

OperationStopped: Response status code does not indicate success: 500 (Internal Server Error)

[Read more...]

Quick Tip - Using ESXCLI to upgrade ESXi 8.x throws MemoryError or Got no data from process

03.04.2024 by William Lam // 28 Comments

Several users in the community have reported running into a memory error issue when attempting to upgrade their standalone ESXi hosts using this ESXCLI trick, which has been possible since ESXi 5.1 back in 2012.

[MemoryError]
Please refer to the log file for more details.

Initially, I was not able to reproduce in my lab environment at work, which was running ESXi 8.0 Update 2, but I still got an error message but it was different:

Got no data from process.
Command "LANG=en_US.UTF-8 /usr/lib/vmware/esxcli-software sources.profile.list -d "https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml" "
еxited with error code: 1

After checking my homelab environment which was also running ESXi 8.0 Update 2, I did see the same MemoryError message as reported by the community when using ESXCLI to list the available ESXi Image Profiles from VMware's online patch repository.

[Read more...]

Quick Tip - New method to mark HDD to SSD in ESXi 7.x and 8.x using ESXCLI

01.04.2024 by William Lam // 3 Comments

I recently helped a colleague who wanted to mark an HDD device in ESXi to show up as an SSD, which may be needed if the storage device was not correctly detected or if you are using Nested ESXi and the underlying storage is not an SSD and you need to mark it as an SSD for use with vSAN OSA or ESA.

The easiest way to accomplish this operation is by using the vSphere UI, but that does require vCenter Server to be up and running, which it was not. Alternatively, you can also perform this operation using ESXCLI and configure an Storage Array-Type Plugin (SATP) claim rules, which had been possible since 2013 but it looks like the old method no longer works in the latest ESXi 7.x and 8.x releases.

Note: If you are configuring this for a Nested ESXi VM, another method is to emulate a virtual SSD as shown in this blog post.

[Read more...]