Since PowerCLI has gotten so powerful, the vSphere Management Assistant (vMA) seems to be obsolete. But it is still a great management tool and indispensable for some monitoring tasks, so it is really worth to keep the opportunities in mind. In this post i want to give a brief introduction about the installation and basic configuration of the new vMA 5.0 delivered with vSphere 5.
First of all for those of you who know nothing about the vMA, it is a virtual appliance provided by VMware that allows to manage the vCenter or ESX Hosts and run scripts without having to authenticate each time. It is a small linux appliance delivered with all necessary tools out of the box.
- Unzip vMA
- Connect to a vCenter Server using vSphere Client
- Select File > Deploy OVF Template
- Click Browse and select the vMA-184.108.40.206-472630_OVF10.ovf
- Accept the license agreement
- Specify name, cluster and datastore
- Select the network mapping (ignore the IP pool warning)
- Use the fixed IP Address Allocation
- Do not enter a IP address at the next step
The vMA should now be deployed to your vSphere cluster and you will end up with a new VM in you inventory. But at this point you can not power on the VM since there is no IP pool configured. If you try to boot the VM will you get an error message like this:
Cannot initialize property 'vami.DNS0.vSphere_Management_Assistant_(vMA)', since network 'VM Network' has no associated IP pool configuration.
To get the vMA started you have to disable the vApp Option:
- Rightclick your vMA in your inventory an select "Edit Settings..."
- Click the Options Tab
- Click vApp Options
- Select "Disable" and confirm the warning
- Click OK to close the window
The vMA is now ready to get powered on. If you are using DNS you should create an appropiate A-Record at this point. I have created an Forward- and Reverse-Lookup Record. Now you can open the console and power on the vMA. After the fsck has finished the vMA asks for the network configuration:
- Select [n] at the IPv6 SLAAC question
- Select [n] at the IPv4 DHCP question
- Enter IP-Address, Netmask, Gateway, DNS Server, Hostname and Proxy (if required)
The next step is to select a password for the vi-admin user. You have to enter a really secure password containing at lease eight characters, one upper case character, one lower case character, one numeral character and a symbol such as %&#. It took me a few trys to find one the system doesn't complain about. After the password has been set the vMA is ready to use. You do not need to login through the Web-Client as this does only support changing the IP-Address configuration. Close the console window and open up a ssh session with putty for example. Login with the vi-admin user and your password.
The vMA is now ready to use.
Configure Active Directory
To manage your vCenter without entering the password everytime or storing the password in vMAs credential store you can join the actice directory domain. In this example i am using the following configuration:
AD IP address: 192.168.222.1
vCenter IP address: 192.168.222.2
vMA IP address: 192.168.222.3
Domain name: lab.virten.net
vMa hostname: vma.lab.virten.net
Prior to join the domain i make sure that forward and revers DNS works:
vi-admin@vma:~> nslookup 192.168.222.3
220.127.116.11.in-addr.arpa name = vma.lab.virten.net.
vi-admin@vma:~> nslookup vma.lab.virten.net
To join the domain you have to sudo and use the domainjoin-cli script:
vi-admin@vma:~> sudo domainjoin-cli join lab.virten.net administrator
- The first password you have to enter is the vi-admin password that has been set during the first boot of the vMA.
- The second password is the password of the domain administrator.
- Restart the vMA after successful domain join:
vi-admin@vma:~> sudo reboot
After the vMA has restarted, login as vi-admin again and run the following command to register the vCenter as target:
vi-admin@vma:~> vifp addserver vc.lab.virten.net --authpolicy adauth --username lab.virten.net\\administrator
vi-admin@vma:~> vifp listservers --long
vc.lab.virten.net vCenter adauth
Set the vCenter as default target:
vi-admin@vma:~> vifptarget --set vc.lab.virten.net
Now you can run commands against your esx hosts, esxtop for example:
vi-admin@vma:~[vc.lab.virten.net]> resxtop --vihost esx01.lab.virten.net