Saturday, June 1, 2019

notes on accessing vmware esxi remotely

Notes on monitoring ESXI 6

SSH remote access

  1. Generate public/private keys. For more information, see the OpenBSD Reference Manual section in the OpenBSD.

    Note: The preceding link was valid as of June 22, 2016. If you find the link to be broken, provide feedback on the article and a VMware employee will update the article as necessary.

    Notes:
    • These instructions generate two files in ~/.ssh: id_rsa and id_rsa.pub.
    • In ESXi 5.x, the ssh-keygen command is located at /usr/lib/vmware/openssh/bin.
       
  2. On the remote host, store the public key content, id_rsa.pubin ~/.ssh/authorized_keys.

    Notes:
     
    • For ESXi 5.x, 6.0 and 6.5, the authorized_keys is located at: /etc/ssh/keys-<username>/authorized_keys
    • More than one key can be stored in this file.
       
  3. To allow root access, change PermitRootLogin no to PermitRootLogin yes in the /etc/ssh/sshd_config file.
  4. To disable password login, ensure that the ChallengeResponseAuthentication and PasswordAuthentication are set to no.
  5. Reload the service:
     
    • For ESXi, run the command:

      /etc/init.d/SSH restart
       
    • For ESX, run the command:

      service sshd reload

https://kb.vmware.com/s/article/1002866

Accessing process information (ps command)

https://kb.vmware.com/s/article/1010993

  1. Run the minimalized ps command:
    ps -Tcjstv
    The output shows information such PID, command-line used, and state.
  2. To generate output for certain processes and maintain a title row, run this command:

    ps -Tcjstv | egrep "WID|{proc-name}"
  3. The esxcfg-info command can offer some detail on process memory and CPU and is contained in the vm-support dumps. Process information in esxcfg-info is contained in sections called Groups, but the groups can be cumbersome to sift through.
    Grep these groups for information on process memory and CPU with the command:
    esxcfg-info | egrep -A85 "Group Id" | egrep "Group Name|Group Id|Total CPU|Total Memory|Used Time|Parent Id|----Active\.\.\.\." | less
  4. To check for file-system issues, run this command:

    stat –f {filesystem}

    Note:     This checks inode use, from which a runaway process can sometimes be determined (even if you do not know exactly what files are involved).
    To check across all filesystems, run this command:

    stat -f `df | grep -v "Filesystem" | awk '{print $6}'` | egrep "File|Inodes"
  5. To view network connection (socket) details, run this command:

    esxcli network connection list
    Note: For ESXi 5.x and later, run this command:

    esxcli network ip connection list


--30--
Posted by at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)