Deep intro to VMware ESX, Part 4
When you have VMware ESX installed, there are several directories and files on your harddisk.
In this deep intro to Vmware ESX I show and explain most of them so that you understand how to use them. Next to that I give you an explanation of most of the commands that you need to know when you logon to the service console.
This file contains a list of devices in the system available to the Service Console. Usually the devices allocated solely to VMs, but physically existing on the system are also shown here in the commented-out ("#") lines. This is an important file for root and administrators.
This file defines the local and remote filesystems which are mounted at ESX Server boot.
This file is for server local customisations required at the server bootup. Potential additions to this file are public/shared vmfs mounts.
This file configures what things are logged and where. Some examples are given below:
- *.crit /dev/tty12
This example logs all log items at level "crit" (critical) or higher to the virtual terminal at tty12. You can see this log by pressing [Alt]-[F12] on the console.
- *.=err /dev/tty11
This example logs all log items at exactly level "err" (error) to the virtual terminal at tty11. You can see this log by pressing [Alt]-[F11] on the console.
- *.=warning /dev/tty10
This example logs all log items at exactly level "warning" to the virtual terminal at tty10. You can see this log by pressing [Alt]-[F10] on the console.
- *.* 192.168.31.3
This example forwards everything (all syslog entries) un-encrypted to another (central) syslog server. Pay attention to that server's security.
This is the main configuration file for log file rotation program. It defines the defaults for log file rotation, log file compression, and time to keep the old log files. Processing the contents of /etc/logrotate.d/ directory is also defined here.
This directory contains instructions service by service for log file rotation, log file compression, and time to keep the old log files. For the three vmk* files, raise "250k" to "4096k", and enable compression.
Here you can change the amount of virtual terminals available on the Service Console. Default is 6, but you can go up to 9. I almost always go :-)
The system default $PS1 is defined here. It is a good idea to change "\W" to "\w" here to always see the full path while logged on the Service Console. This is one of my favourites.
Command "ls" is aliased to "ls --colortty" here. Many admins don't like this colouring. You can comment-out ("#") this line. I always do this one, too.
This directory contains the actual start-up scripts.
This directory contains the K(ill) and S(tart) scripts for the default runlevel 3. The services starting with "S" are started on this runlevel, and the services Starting with "K" are killed, i.e. not started...
This directory contains all the log files. VMware's log files start with letters "vm". The general main log file is "messages".
This directory contains all the SSH daemon configuration files, public and public keys. The defaults are both secure and flexible and rarely need any changing. The only exception is a change to /etc/ssh/sshd_config file if you want to restrict logins for root user.
This directory contains the most important vmkernel configuration files.
A file containing a list of registered VMs on this ESX Server.
This is the main and defaults setting configuration file for xinet daemon. Processing the contents of /etc/xinetd.d/ directory is also defined here.
This directory contains instructions service by service for if and how to start the service. Of the services here, vmware-authd, wu-ftpd, and telnet are most interesting to us. Two of the most interesting parameter lines are "bind =" and "only_from =", which allows limiting service usage.
This file configures the NTP daemon. Usable public NTP servers in Finland are fi.pool.ntp.org, elsewhere in Europe europe.pool.ntp.org. You should always place two to four NTP servers to ntp.conf file. Due to the nature of *.pool.ntp.org, you should just have the same line four times in the configuration file. Check www.pool.ntp.org for a public NTP server close to you. Remember to change the service to autostart at runlevel 3 with command chkconfig --add ntpd.
VMware ESX Server-related Linux commands
There are several commands you should familiarise yourself with. Most of them are listed here. All of them have an online manual page, which you can read with the command "man command-name".
Prints the manual page for a command or a configuration file entered as a parameter to this command.
Does a nice reboot on the system. Does "Force Power Off" for the VMs by default.
Does a nice halt on the system. Does "Force Power Off" for the VMs by default.
Generic command for shutting down or rebooting the system.
Command line disk partitioning program in Linux. It is powerful and has a very simple user interface. Please note, that ext2, and ext3 both use the same partition ID.
On command line, starts fdisk against second available SCSI disk. "sda" is the first SCSI disk, "sdc" is the third SCSI disk etc. VMware ESX Server is installed on /dev/sda, and the external storage is /dev/sdb, and maybe some others too.
Fdisk subcommand, prints the current partition table on current disk.
Fdisk subcommand, deletes an existing partition. Enter the partition number to delete. It is recommended to printout the current partition table before deleting anything.
Fdisk subcommand, creates a new partition. Select partition type (primary, extended, or logical). Almost always you should use the default starting cylinder. For size, enter "+NNNNNm", where NNNNN is the size in megabytes.
Fdisk subcommand, change partition type (id). By default fdisk creates ext2/esx3 type partitions. We might also want sometime to use id "fb", the vmfs type, or some other type.
Fdisk subcommand, writes the current partition table to disk. If you don't get any errors, you don't have to reboot. If you get errors at this point, the new partition table is used only after next system boot.
This command formats a partition for ext2, or ext3 filesystem.
mke2fs -j /dev/sdb1
Formats /dev/sdb1 using ext3 filesystem.
Formats /dev/sdb1 using ext2 filesystem.
Makes a directory.
Creates directory /vmconf for the VM configs.
Edit a file with a bit easier UI that vi.
nano -w /etc/fstab
This is probably the very first file editing command you want/need. "-w" turns word-wrapping off, so you can more easily edit longer lines than about 74 characters.
These commands manually mount/umount CDs, floppies, local partitions, and remote directories to a selected local directory. The local (empty) directory must exist before the mount can succeed. Example mound command would be "mount /dev/sdb5 /vmconf". Permanent mounting is done by editing the /etc/fstab file.
Shows all the active mounts.
Remounts everything specified in /etc/fstab file. This is probably the very mount command you will be entering.
This command does the default mounting of a CD to the default mountpoint. In Service Console the CD is mounted to /mnt/cdrom directory.
Mounts a normal 1440KB floppy (/dev/fd0) to the specified directory.
mount -t iso9660 -o loop /local/w2005srv.iso /mnt/isocd
Mount a CD/DVD ISO image file to the specified directory. This is very useful for testing and other purposes. The mountpoint directory must exist (mkdir /mnt/isocd) before mounting.
Unmount anything mounted to the specified mountpoint. If nothing is mounted, the command does nothing.
Removes files and/or directories.
Moves and/or renames files and/or directories.
This is the RedHat's tool to detect and configure hardware: adding new and removing old. When you run kudzu, or system runs it at bootup, be careful. Kudzu might offer to remove hardware you have dedicated solely to the VMs. Know your hardware and configuration. It might be a good idea to refer to /etc/modules.conf file before running kudzu. A safe action to select in kudzu is "Do nothing". Select it when in doubt.
RedHat-made tool for daemon (service) starting/stopping/restarting/status querying. Syntax is "service daemonname [start|stop|restart|status]". Alternate to this command, which works with all Linuces is to call the script directly, like /etc/init.d/httpd.vmware restart, /etc/init.d/xinetd restart, or /etc/init.d/sshd restart.
Adds a new group to the Service Console. It is recommended to use one non-root group for VM admins and add operator/admin users there. To create that group, enter the following command:
groupadd -g 7777 vmadmins
Create a group with groupid number 7777. This number is an arbitrary number. For practical (not explained here) reasons this number should have four digits.
Adds a new user to the Service Console with status disabled. To create an account for the new admins, enter the following commands:
useradd -c "VMware ESX Server operator" helpdesk
Create a single userid, which will be able to operate all of the VMs.
useradd -g 7777 johndoe
Create a userid, and make groupid 7777 (vmadmins) as its primary group.
useradd -g 7777 -c "Kari Mattsson" mattkar2
Create a userid, and make groupid 7777 (vmadmins) as its primary group.
Changes settings for a user. Usually used for user group manipulation.
usermod -G wheel mattkar2
Changes the password for the userid entered as a parameter for the command. Only root can change the password for other users. They can only change their own password with command "passwd". Userids are disabled by default. They are activated by setting a password for them. An example command for root to set a password is the following command:
Changes the owner user and optionally owner group of a directory, or a file. Optionally this command works recursively with parameter "-R". The assignment parameter is of type "user.group", or just "user". Some examples are given below:
chown -R helpdesk.vmadmins /vmfs /vmconf
Recursively change the user-owner, and the group-owner of specified files/directories to userid.groupid.
chown helpdesk.vmadmins /vmfs/local/*
chown -R root /vmconf/vmware
chown root.vmadmins /etc/modules.conf
Changes the owner group of a directory, or a file. Optionally this command works recursively with parameter "-R". Examples for "chown" apply here, but without the "root." part, as only the group is changed here.
Change special attribute of a directory, or a file. Immutable attribute is set with parameter "-i".
This command is the main command for changing file modes. Like chown, it can do things recursively with parameter "-R". Below are some example commands:
chmod -R 0775 /vmfs /vmconf
chmod u=rwx,g=rwx,o=r /vmfs/freebsd462/*
chmod g+rwx /vmfs/vm007/*
chmod -R u+rwx,g=r,o-rwx /var/log/*
chmod u=rw,g=rw,o=r /etc/modules.conf
chmod 664 /etc/modules.conf
chmod u=rw,g=rw /vmfs/*/*.vmdk
It appears, that this last example works rather nicely. Note, that those VMs which are powered-on, have their .vmdk files locked.
With this 'disk dump' command you can create ISO images and floppy images. You can also use it to create imagefiles of partitions and whole disks. Below are some example commands:
dd if=/dev/cdrom of=/local/suse90pro-dvd1.iso bs=2048
dd if=/dev/cdrom of=/local/w2003srv.iso bs=2048
The above two examples create an ISO image of a CD/DVD. You can safely ignore the error message usually shown at the end of the media.
dd if=/dev/fd0 of=/local/bootfloppy1.img bs=1440k
This command creates a floppy image quickly.
dd if=/dev/fd0 of=/local/bootfloppy2.img bs=512
This might be a bit slower version of the above example.
ConCATenate file from start to standard output (terminal screen by default). Usually takes filename as a parameter.
LiSt files in a directory. -R makes it recursive, and -l shows more information on each item.
Show statistics of a file. This is the most comprehensive directory entry examiner.
Like "cat", but starts from the end of the file (or standard input).
Show selected amount of lines from the start of a file.
Like "head", but start from the end of the file. Practical command to follow what is happening with a log file is command like tail -f /var/log/messages.
Search for a string from standard input or from a file. This is a powerful command.
Find files by name or many of the other attributes. Another very powerful command. Below are some example commands:
find /vmfs -type f -iname *.vmdk
find /vmconf -type f -iname *.vmx
find / -type f -iname *.bak
find . -type d -name sbin
find / -type f -name *
Tape ARchive, a command which combines many files into one for backup purposes. Below are some example commands:
tar -cvjf /local/servcons.tar.bz2 --exclude /proc --exclude /local --exclude /vmfs --exclude /vmconf /
Create a bzip2'ed tar backup file the whole Service Console. Smaller, slower backup.
tar -cvzf /local/servcons.tar.gz --exclude /proc --exclude /local --exclude /vmfs --exclude /vmconf /
Create a gzipped tar backup file the whole Service Console. Faster, bigger backup.
tar -cf /local/vm-configs.tar /vmconf
Create a tar backup file of all files in and under /vmconf directory.
tar -xvzf /local/vm007-config.tar.gz
Extract gzipped tar backup file to current directory.
tar -xvjf /local/vm007-config.tar.bz2 -C /tmp
Extract gzipped tar backup file to /tmp directory.
find / -type f -iname vm007* | tar -cjvf /local/vm007-backup.tar.bz2 -
Find all files starting as 'vm007', and create a compressed backup tar file of them.
These commands compress and decompress files. The recommended and default extension is .bz2. The compression is slower that with gzip, but the files are considerably smaller. Decompression is fast.
These commands compress and decompress files. The recommended and default extension is .gz. The compression is quite fast, and files are quite small. Decompression is fast.
These commands are almost the same, and usually act in a pipe. They are used for file pagination to terminal. Below are some example commands:
zcat /var/log/vmksummary.1.gz | less
This command takes an NTP server as a parameter and synchronises the clock once. This command doesn't work when local NTP daemon is running. Example: ntpdate europe.pool.ntp.org
In deep intro in Vmware ESX part 5 I will explain the most used command completely because it is a long list of options.
This command is named VMFStools.
Your can read Part 3 here: Deep Intro to VMware ESX, Part 3