10 Basics of Linux that apply to managing VMware ESX through the service console

by [Published on 10 Sept. 2009 / Last Updated on 10 Sept. 2009]

How the management of VMware ESX, using the service console OS (COS), is the same as the management of the Linux OS and Linux servers.

Introduction

If you are using the full version of VMware ESX you have the option to manage it, from the command line, using the service console operating system (called the COS). The service console, in VMware ESX, is really a modified version of Red Hat Enterprise Linux. Thus, basic Linux administration knowledge is very valuable when you go to manage VMware ESX from the command line.

On the other hand, if you are using VMware ESXi you likely do not access any CLI console from the server. Two command line options for managing ESXi from the command line are-

  1. The hidden ESXi service console – for information on this tiny Linux console, with very limited features, and how to access it see my article How to access the VMware ESXi Hidden Console.
  2. The VMware remote command line interface (RCLI) – for information on RCLI, see my article; Using VMware’s remote command line interface (RCLI) with VMware ESXi.

Now, here are my 10 basics of Linux administration that apply to managing VMware ESX:

1.      Understanding file structure and navigation are critical

Just like navigating Linux or Windows from the command line, it is critical in ESX that you know how to navigate the file structure. Here are some common Linux & ESX commands you will use to get around:

  • ls – to list out files in a directory, just like the DOS dir command. Although, the DOS dir command actually does work in ESX as well. I prefer the long format of the ls command, ls -l


Figure 1:  the ls, dir, and ls –l commands in VMware ESX

  • cd – change directory
  • rm – to remove files
  • cp – to copy files
  • rename – to rename files
  • pwd – to show the current directory

One of the best Linux commands I ever learned was the command that allows me to find a file anywhere on a filesystem-

find ./ -print | grep {what you are looking for}

Yes, this works great in ESX and it allows me to find the location of log files or executables when they are not in my path or I forget where they are stored. Here is an example of how I used this to find the location of the esxcfg-firewall command:


Figure 2: using the find command

2.      Remote access is usually via SSH when using the CLI

Just as I connect to a Linux server using a SSH client like putty, I also connect to my ESX server. In fact, all the command line examples in this article were done with putty through SSH.

You should know that access to the ESX service console is not allowed, via SSH, for root, by default. To enable it, you need to go to the server’s console, edit /etc/ssh/sshd_config, set PermitRootLogin to yes, save it, and restart the ssh dameon with service sshd restart.

3.      Local user administration is in /etc/passwd

Just as in Linux, it is best practice in ESX to create yourself a local user that can be used to su to the root account when local root privileges are needed (yes, even if you are using vCenter and likely will not use this a lot).

You could edit the /etc/passwd file, sure, but you should, instead, use useradd to add local users from the command line (but this is also easily done in the VI client if you connect directly to an ESX host). You can change passwords using passwd, just like in Linux.

One thing that is different is that you can set just about all of the ESX authorization settings by using esxcfg-auth.

4.      Critical administration commands can be found in

As we learned back in #1 with the find command, the esxcfg-XXXX commands are located in /usr/sbin. These are ESX specific commands that you will need to use if administering the server from CLI.

Here is what they look like:


Figure 3: esxcfg commands located in /usr/sbin

5.      Text file editing with vi and nano is a must

How are you going to edit text files like sshd_config to enable SSH remote access without a text editor? Well, you can’t. You must know how to use one of the Linux / ESX text file editors – vi or nano.

Like whiskey, vi is “an acquired taste” and takes some getting used to. If you are a Linux admin, you already know vi. For those who don’t, I encourage you to use nano as it works much like the Windows notepad.

Here is a look at nano:


Figure 4: Using nano to edit text files in VMware ESX

6.      You will need to patch it with using RPMs but with different tools – rpm and esxupdate

Just like any OS, you will need to patch ESX. In Linux, this is typically done at the command line using rpm. While rpm is available in ESX, you should instead use esxupdate to apply ESX patches.

Still, the concept is the same and the applications are almost identical.

For more information on using esxupdate and patching in ESX see:

7.      Common network tools like ping, ifconfig, traceroute, proper network configuration are all crucial.

Just as in configuring Linux or even Windows from the command line, critical pieces of ESX Server aren’t going to work without the proper network configuration. The easiest way to do that in ESX is to use the VI client but you can do it at the command line using commands like esxcfg-nics, esxcfg-route, esxcfg-vmknic, esxcfg-vswif.

About half of what these commands do is to edit traditional Linux text configuration files like /etc/hosts, /etc/resolv.conf, /etc/sysconfig/network, /etc/vmware/esx.conf.

Just like any Linux host, in ESX you must have an IP address, proper subnet mask, default gateway (if you want to get outside your subnet), DNS servers (unless you are going local), your ESX host name must be able to be resolved as a FQDN, and you must have full network communication. That full network communication can be tested with traditional Linux commands like ping, traceroute, nslookup, and ifconfig

8.      Process administration, at times, is necessary – ps, kill

Just as in Linux, at times, process administration is required. In ESX, you can view running processes with the ps (or process list) command. You can kill processes with the kill command.

Unlike Linux, ESX has some critical processes such as vmware-watchdog, vmware-hostd, vmklogger, and others.

9.      Performance management from the CLI is quickly handled with top and esxtop

Eventually in any OS you will have a performance management issue. You can quickly resolve performance issues in Linux with top. In ESX, top also works but you should, instead, use esxtop.


Figure 5: VMware ESXTOP

For more information on understanding performance statistics with esxtop, see the VMware ESX Resource Management Guide and Interpreting ESXTOP Statistics in the VMware Community.

10.  Getting help with --help and man

And finally, getting help in Linux and in ESX are the same. To learn more about a command you can use that command and add “dash dash help” or “--help" after it. Even better, you can get more instructions using man, which stands for manual pages. For example, if I wanted to learn about esxcfg-firewall, I can just type man esxcfg-firewall and I see a screen like this:


Figure 6: VMware ESX man pages

Conclusion

Some would say “of course VMware ESX service console and Linux are the same, the ESX service console IS LINUX”. That is not exactly true as it is a modified version of Red Hat Enterprise Linux. Plus, what libraries and packages are loaded in it? What extra commands? What commands are removed? There are many differences. Also, the ESX service console Is may still be based on Linux but may be very different from other flavors of Linux like Ubuntu, Suse, or Fedora.

From this article, you learned 10 Linux system administration tasks / commands that you can perform in VMware ESX Server and, trust me, if you are not familiar with Linux already, this basic knowledge will be extremely helpful when you get to the ESX service console and need to, say, find and edit a configuration file.

Featured Links