JohnWoodOpenda
Contributor
Contributor

How to restart an ESX server from a guest OS...

Hi all,

We run a couple of servers on clients sites using ESX5, and using our software the clients have the ability to shutdown the server.  Or, at least they used to in pre-VM days - now it is just local to the guest OS, not the server.

I've scoured the ESX command line tools, and it is great for setting things up and maintaining the network and storage devices, but I can't find anything to do with putting ESX into maintenance mode, or issuing a restart, from a guest Linux OS.

Our guest OSes are setup to automatically start and pause when ESX is starting or shutting down, so instead of issuing a guest OS shutdown or restart, it should be easier to issue an ESX shutdown/restart to have all other guest OSes stop too...

I don't want to give them access to the vSphere client, as that just invites disaster!  Plus, I dare say if we asked some of our customers to go through a 10 step procedure to shutdown using the vSphere client, they'd say "isn't this your job?"!!

Any help would be appreicated!

0 Kudos
8 Replies
iw123
Commander
Commander

Hi,

You could enable tech support if it isn't already then SSH to the host from a linux guest OS.

Thanks

*Please, don't forget the awarding points for "helpful" and/or "correct" answers
0 Kudos
golddiggie
Champion
Champion

I have to ask WHY do you want them to have that level of access to the ESXi5 host server?? IMO, that's also a recipe for disaster. Only properly trained people should have that level of access. If they're not smart/savvy enough to use the vSphere Client software, then they (IMO) don't qualify.

Also, leaving SSH enabled on a host means you'll forever have an alert present on it. Plus, it's not good security practices. You use SSH while you NEED to, then you turn it back off.

IF you really MUST give them the ability to reboot a host server (again, IMO, a colossal bad idea), look into setting up a vMA server in the cluster that they can use to do the job. It will still require several steps to log in and reboot the host server.

BTW, IME, host reboots are few and far between. If this is not the case for you, then I suggest figuring out why (if VMs are not responsive, or they drop off, chances are the host has hardware issues).

Hosted Systems Engineer IV (VMware environment)
Brewing beer again!
0 Kudos
maishsk
Expert
Expert

Another huge +1 to golddiggie's question...

Maish

Maish Saidel-Keesing • @maishsk • http://technodrone.blogspot.com • VMTN Moderator • vExpert • Co-author of VMware vSphere Design
0 Kudos
sparrowangelste
Virtuoso
Virtuoso

you would be better of batch scriptting the shutdown restart of the guest os via batch file/vbscript then to restart the host

--------------------- Sparrowangelstechnology : Vmware lover http://sparrowangelstechnology.blogspot.com
0 Kudos
JohnWoodOpenda
Contributor
Contributor

Hi all,

Thanks for your responses.

Using ssh, as you said, isn't ideal and wouldn't really like to go down that road... but if it's the only way...?

The reason for this is few and far between - basically, if clients have planned power outages, need to move the servers (you'd be surprised!) or for when we don't have internet access and we tell them to reboot it (not happened yet, but only been 6 months ish with a few customers)

Also, it makes them feel like they are in control - only certain users have access (like the MD, FD or Operations Managers) and we log who uses it anyway.

This would make it so much easier than telling them to just push the power button - "it's the one with the lighted half circle with the line out the top. It is on the left hand side and is no where near the hot-swappable disks.  If it's flashing, it's the wrong button - the one you are after is a steady green." 😉

Any other way than SSH?

0 Kudos
golddiggie
Champion
Champion

I would be afraid that those people would just run said script (rebooting the host server) whenever anything went a little sideways. Sort of a catch-all 'fix' for any percieved issues they might be facing. Even if their 'fix' actually causes more issues for them (good luck convincing them to not use it). You need to break them of the old-days habit of rebooting a server either for fix resolution, or as 'normal' practices. The guest VM is one thing, the host is completely different. They really should think of the guest VM the same as the old physical server (same reference). But the physical server should be something they cannot touch.

Would you let them touch your internet/WAN connection hardware, or the network switches that are your infrastructure? IMO, VMware host servers should be seen in the same context.

Hosted Systems Engineer IV (VMware environment)
Brewing beer again!
0 Kudos
Craig_Baltzer
Expert
Expert

https://my.vmware.com/group/vmware/details?downloadGroup=VCLI50U1&productId=229 is the vSphere CLI. There is a Linux version, and it gives you access to a bunch of commands. vicfg-hostops.pl will let you shutdown and/or reboot the ESXi host. Install what you need from that package on one of your VMs, and then use the commands from http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=101319... to do what you need to do. No need to enable ssh, no need to install another VM (i.e. the vMA)

To keep the users from using the userid/password you're using to shutdown the system automatically for other things (i.e. like screwing up your ESXi config), create a separate role which only has Shutdown and Reboot rights. Then assign that role to the userid you create, and apply to the ESXi host.

JohnWoodOpenda
Contributor
Contributor

Hi Graig,

That sounds like it might be exactly what I was after, thanks a lot.  I will get round to testing this sometime this week.

I understand the dangers of giving users general access to reboot/shutdown the servers, but it is their hardware anyway and we only maintain the software side, and the option to reboot is hidden away under a load of user-specific menus.

I didn't think about setting up a role-specific user, so wil also take a look at setting that up too, thanks.

I'll report back and mark answered later.

Cheers!

0 Kudos