Congratulations to me and my first public blog post – now I can truly say that I am very much into nowadays IT things (though a little bit late, I guess…).
During the days I had a lot of things to do with VMware vSphere. My virtualization journey started due several reasons, which are not that important, but led me to do some hands-on activities on this subject. Despite that I own VMware Certified Professional certification on vSphere, I can truly say that now I have a strong practical knowledge on a quite wide area of subject of this virtualization solution.
But let’s start from simple things… I will share some ESX 4.0 kickstart script, which was done by me for a specific situation. I know that there are lots of examples, blog posts about this ESX kickstart scripts – this will be some kind of backup of the script for my own reference. But who knows, maybe it will also bring some value to someone…
Note: use this script as an example only or modify it appropriately. Replace the information placeholders enclosure with brackets with actual information.
View Code BASH
########################################################## # ESX 4.0 kickstart script # Created by Mindaugas Kiznis (http://mindaugas.kiznis.lt) # Host: [HOSTNAME] # # Because there was no possibility to establish PXE boot, # the installer is loaded from a DVD media. # # When the bootloader menu appears press F2 and replace the # options line with the following to start the kickstart installation: # ks=http://[MEDIAURL]/ks.cfg ksdevice=vmnic0 ip=[IP] netmask=[NETMASK] gateway=[GATEWAY_IP] dns=[DNS_IP] vlanid=[VLAN_ID] initrd=initrd.img ram=512M quiet # ########################################################## # Install media location #install cdrom # The media server here is a web server, that host the content of the # ESX 4.0 install DVD. install url http://[MEDIAURL]/esx4 ########################################################## #Network configuration network --device=vmnic0 --bootproto=static --ip=[IP] --netmask=[NETMASK] --gateway=[GATEWAY_IP] --nameserver=[DNS_SERVER_LIST] --hostname=[HOSTNAME] --addvmportgroup=0 --vlanid=[VLAN_ID] ########################################################## # root Password rootpw --iscrypted [CRYPTED_ROOT_PW] ########################################################## # Authconfig authconfig --enableshadow --enablemd5 ########################################################## # Regional Settings keyboard us #timezone Europe/Vilnius timezone [TIMEZONE] ########################################################## # Firewall settings firewall --allowOutgoing ########################################################## # Enable reboot after script reboot ########################################################## # Boot Config bootloader --location=mbr ########################################################## # Disk Partitioning clearpart --firstdisk --overwritevmfs part '/boot' --fstype=ext3 --size=1280 --onfirstdisk part 'none' --fstype=vmkcore --size=100 --onfirstdisk part 'Storage1' --fstype=vmfs3 --size=19114 --grow --onfirstdisk virtualdisk 'esxconsole' --size=18110 --onvmfs='Storage1' part 'swap' --fstype=swap --size=1600 --onvirtualdisk='esxconsole' part '/home' --fstype=ext3 --size=2000 --onvirtualdisk='esxconsole' part '/opt' --fstype=ext3 --size=2000 --onvirtualdisk='esxconsole' part '/tmp' --fstype=ext3 --size=2000 --onvirtualdisk='esxconsole' part '/vmimages' --fstype=ext3 --size=500 --onvirtualdisk='esxconsole' part '/var' --fstype=ext3 --size=5000 --grow --onvirtualdisk='esxconsole' part '/' --fstype=ext3 --size=5000 --grow --onvirtualdisk='esxconsole' ########################################################## # Accept the EULA accepteula ########################################################## %post --interpreter=bash # Create /var/log directory /bin/mkdir -p /var/log # Initial vSwitch configuration # The NICs are in EtherChannel groups: # * Production traffic group - nic0, nic1, nic2, nic3 # * VMotion / Fault-Tolerance traffic group - nic4, nic5 # Delete default vSwitch and service console interface esxcfg-vswif -d vswif0 esxcfg-vswitch -d vSwitch0 # Create minimal required production traffic virtual switch esxcfg-vswitch -a vSwitch0 esxcfg-vswitch -A "Service Console" vSwitch0 esxcfg-vswitch -A Nexus-Mgmt vSwitch0 esxcfg-vswitch -A Nexus-Control vSwitch0 esxcfg-vswitch -A Nexus-Packet vSwitch0 esxcfg-vswitch -p "Service Console" -v [MGMT_VLAN_ID] vSwitch0 esxcfg-vswitch -p Nexus-Mgmt -v [NEXUS_MGMT_VLAN_ID] vSwitch0 esxcfg-vswitch -p Nexus-Control -v [NEXUS_CNTRL_VLAN_ID] vSwitch0 esxcfg-vswitch -p Nexus-Packet -v [NEXUS_PACKET_VLAN_ID] vSwitch0 esxcfg-vswitch -L vmnic0 vSwitch0 esxcfg-vswitch -L vmnic1 vSwitch0 esxcfg-vswitch -L vmnic2 vSwitch0 esxcfg-vswitch -L vmnic3 vSwitch0 # Create vMotion and Fault-Tolerance virtual switch esxcfg-vswitch -a vSwitch1 esxcfg-vswitch -A vMotion vSwitch1 esxcfg-vswitch -A "Fault-Tolerance" vSwitch1 esxcfg-vswitch -p vMotion -v [VMOTION_VLAN_ID] vSwitch1 esxcfg-vswitch -p "Fault-Tolerance" -v [FT_VLAN_ID] vSwitch1 esxcfg-vswitch -L vmnic4 vSwitch1 esxcfg-vswitch -L vmnic5 vSwitch1 # Set "Route based on ip hash" load-balancing policy on vSwitches. This is required, # because the physical NICs are in a EtherChannel configuration vmware-vim-cmd /hostsvc/net/vswitch_setpolicy --nicteaming-policy=loadbalance_ip vSwitch0 vmware-vim-cmd /hostsvc/net/vswitch_setpolicy --nicteaming-policy=loadbalance_ip vSwitch1 # Create service console interface esxcfg-vswif -a vswif0 -p "Service Console" -i [IP] -n [NETMASK] # Create vmk0 interface for vMotion esxcfg-vmknic -a -i [VMOTION_IP] -n [NETMASK] -p vMotion vmware-vim-cmd hostsvc/vmotion/vnic_set vmk0 # Create vmk1 interface for Fault-Tolerance esxcfg-vmknic -a -i [FT_IP] -n [NETMASK] -p "Fault-Tolerance" vmware-vim-cmd hostsvc/advopt/update FT.Vmknic string vmk1 ########################################################## # Create post config script /bin/cat > /etc/rc3.d/S99postconf <<EOFPOSTCONF #!/bin/bash # Enable Active Directory integration /usr/sbin/esxcfg-auth --enablead --addomain=[AD_DOMAIN] --addc=[DOMAIN_CONTROLLER_IP] # Add default gateway /bin/cat > /etc/sysconfig/network <<EOFNETWORK NETWORKING=yes HOSTNAME=[HOSTNAME] GATEWAY=[GATEWAY_IP] GATEWAYDEV= EOFNETWORK # Set name server /bin/cat > /etc/resolv.conf <<EOFRESOLV nameserver [DNS_IP] nameserver [DNS_IP_2] search [SEARCH_DOMAIN] EOFRESOLV # Disable and reenable the Service Console interface /usr/sbin/esxcfg-vswif -s vswif0 /usr/sbin/esxcfg-vswif -e vswif0 sleep 5 ## NTP Configuration esxcfg-firewall -e ntpClient echo restrict default kod nomodify notrap noquerynopeer > /etc/ntp.conf echo restrict 127.0.0.1 >> /etc/ntp.conf echo server [NTP_SERVER] >> /etc/ntp.conf echo driftfile /var/lib/ntp/drift >> /etc/ntp.conf /sbin/chkconfig ntpd on /usr/sbin/ntpdate [NTP_SERVER] /etc/init.d/ntpd start /sbin/hwclock --systohc # Add esxadmin user # NOTE: keep in mind that this command is executed in a bash script, therefore # the [CRYPT_PW] must contain a crypted and properly escaped password string. /usr/sbin/useradd -p [CRYPT_PW] -m admin # Install Cisco Nexus 1000V VEM # Note: Replace the VIB URL with the actual one (should be downloaded from local Cisco Nexus 1000V VSM) # The VEM VIB must also match the ESX build that is installed using this kickstart script /usr/sbin/esxcfg-firewall --AllowOutgoing cd /tmp /usr/bin/curl http://[NEXUS_VSM_IP]/cisco/vibs/VEM/4.0.0/VEM-4.0.0-patch01/cross_cisco-vem-v110-4.0.4.1.2.0.80-0.4.179-release.vib > vem.vib /usr/sbin/esxupdate -b vem.vib update rm -f vem.vib # Enable services in the firewall /usr/sbin/esxcfg-firewall -e aam /usr/sbin/esxcfg-firewall -e faultTolerance /usr/sbin/esxcfg-firewall -e CIMSLP /usr/sbin/esxcfg-firewall -e ntpClient /usr/sbin/esxcfg-firewall -e VCB /usr/sbin/esxcfg-firewall -e CIMHttpsServer /usr/sbin/esxcfg-firewall -e vpxHeartbeats /usr/sbin/esxcfg-firewall -e sshServer /usr/sbin/esxcfg-firewall -e sshClient /usr/sbin/esxcfg-firewall -e CIMHttpServer /usr/sbin/esxcfg-firewall -e activeDirectorKerberos # Enable TCP outgoing kerberos, there are issues with udp and enable blockOutgoing /usr/sbin/esxcfg-firewall --openport 88,tcp,out,KerberosClientTCP /usr/sbin/esxcfg-firewall --BlockOutgoing # Permit SSH root login (comment out if not necessary) /usr/bin/perl -spi -e 's|PermitRootLogin no|PermitRootLogin yes|' /etc/ssh/sshd_config /sbin/service sshd reload # Create SSH banner cat > /etc/ssh/banner <<EOFBANNER ############################################################################### # !!! WARNING !!! # # Unauthorized access to this system is absolutely forbidden. # ############################################################################### EOFBANNER # Configure log compression /usr/bin/perl -p -i -e 's/nocompress/compress/g' /etc/logrotate.d/vmkernel /usr/bin/perl -p -i -e 's/nocompress/compress/g' /etc/logrotate.d/vmksummary /usr/bin/perl -p -i -e 's/#compress/compress/g' /etc/logrotate.conf # Restart management service /sbin/service mgmt-vmware restart # Reset system to normal boot mode echo "Removing automated post script." rm /etc/rc3.d/S99postconf EOFPOSTCONF chmod +x /etc/rc3.d/S99postconf |
according to this article, now you can boot esx over pxe
http://blog.scottlowe.org/2010/03/02/pxe-booting-vmware-esx-40/
I believe, that it was possible to do that a long time ago and it is, I would say, a normal approach. However, in my case I could not setup a PXE boot environment due to existing quite large infrastructure in which the new ESX hosts were deployed. So, the PXE part was replaced just by booting the vmlinuz and initrd.img from the DVD media and then the kickstart file and all the installation media was served from a HTTP server.
Hey thanks very much for this script I have been building my KS script from the RTFM-ED site, when I found yours today and you have a lot of great things to add to mine. So thank you for taking the time to post this..
Regards,
Richard
Richard, that is nice to hear! Lately I have pretty much to do with various VMware deployments, so if you will have any questions or need assistance – just let me know.