Dinny you are simply a star i will give this commands a try sometime tomorrow night UK time as am off now from work and wont be able to do it till tomorrow now.

Thanks again alot.

Have you got a best way of installting the HP Sim?? Havent looked into it yet but wondered if you had a working script which works.

Also does anyone have any suggestions on solarwinds? We use that to monitor our systems. Any suggestion on what i need to install and set to monitor in solarwinds will be helpful.

Thanks

Pleasure,

If you mean the HP Insight Agents - they come supplied with a silent install procedure - it's detailed in the readme.

I would suggest familiarising yourself with doing it manually first - then trying out the silent install script - note - you will also need to customise your snmp settings.

Dinny

Updated "No SAN" code for ESX Update 2 Fix ISO in removehba.sh

Dinny,

I am try to do NIC teaming in kickstart script ... and not sure what the syntax is for the vimsh command. What I want to do is teaming vmnic 3 and vmnic 0 for vSwitch0. which in a NIC teaming do I have option to set failover for particular port group say "VMotion" and "VMKernel"? Thanks.

Cheer,

Hi all,

I need to configure iSCSI in kickstart and so far it does not work ... or at least when I checked using VC GUI the "Software iSCSI client" box never checked. Here is my script:'

/code

1. esxcfg-vswitch -A iSCSI vSwitch0

2. esxcfg-vmknic -a -i 192.168.33.111 -n 255.255.255.0 iSCSI

1. Additional firewall configuration for iSCSI

service mgmt-vmware restart

sleep 20

1. Enable Software iSCSI

esxcfg-swiscsi -e

esxcfg-firewall -e swISCSIClient

/code

Also, dose anyone know how to confiuge software iSCSI with the iqn number? We used NetApp FAS270, and we could hardcode the VMware ESX iqn number to the NetApp iSCSI target and "if I could" scripted to the kickstart that would be great?

Cheers,

You will need to add vmnic3 to vSwitch0 first:

/usr/sbin/esxcfg-vswitch -L vmnic3 vSwitch0

I use the following line for loadbalancing on IP for vSwitch0:

/usr/bin/vimsh -n -e “hostsvc/net/vswitch_setpolicy –nicteaming-policy=loadbalance_ip vSwitch0″

Duncan

My virtualisation blog:

If you find this information useful, please award points for "correct" or "helpful".

Post-build log file and encypted passwords:

I have a working kickstart script, but (as a Windows admin) I'm having trouble getting the post install to write to a log file, so that I can troubleshoot any new additions to the script.

I'd also like to set some user passwords in the script, but can't seem to generate an encrypted password that I can then logon with. Using the following python command: import crypt; print crypt.crypt("password","salt") - it could just be that I'm not clear whether "salt" is the desired password or if I need to be changing "password" to the desired password?

Post-build log file and encypted passwords:

I have a working kickstart script, but (as a Windows admin) I'm having trouble getting the post install to write to a log file, so that I can troubleshoot any new additions to the script.

I'd also like to set some user passwords in the script, but can't seem to generate an encrypted password that I can then logon with. Using the following python command: import crypt; print crypt.crypt("password","salt") - it could just be that I'm not clear whether "salt" is the desired password or if I need to be changing "password" to the desired password?

You might want to take a look at sample KS file - as an example on how to format for post scripting and usernames/passwords...

http://www.rtfm-ed.co.uk/downloads/hp.cfg

Firstly, simply dumping esxcfg- or ESX commands to the end of the %post file will not work. Since the %post is executed at the very end of the install - and the vmkernel is NOT loaded, you will need to have any ESX commands execute AFTER the vmkernel is load (not sure if this makes a difference to logging activity). What I do is at the end of the %post is create some kind of esxpost.sh script file... I then call this by adding to rc.local. If your windows guy its a kin to using runonce on the registry or adding batch file calls to the end of autoexec.bat in Windows3/DOS (Man, that makes me feel soooo old!)

As for users, KS file should not have plain text password (for obivious reasons) I use a method which stores the password in a MD5SUM format. There's an example in the CFG file in the post. There lots of online webpages which allow you try in a password and then click, and it will generate MD5SUM value. Basically, its hash which is different every time even if you try in the same password....

Regards

Mike

have a look at the EDA (). it has a scriptbuilder that's intended to answer exactly those kind of questions!

i usually set user passwords to a default 'welcome' or something and set the age as expired. this forces them to type in a new password at first login.

I should have said I'm using the same approach for post scripting (rc.local). I've seen some references to logging the post-build activity but didn't quite follow where in the script the arguments should be placed.

The encrypted password issue is resolved. I was initially using grub-md5-crypt to generate the passwords, but wasn't able to test them succesfully - because I was using " " instead of ' ' in the useradd -p argument.

Thanks Mike.

For instance, I have tried the following but alI I get in the post_install log file is 'Kickstart'!

%post

exec < /dev/tty3 > /dev/tty3

chvt 3

echo "################################"

echo "# Running Post Configuration #"

echo "################################"

(

echo 'Kickstart'

) 2>&1 | /usr/bin/tee /root/post_install.log

cat > /tmp/esxcfg.sh << EOF

code

Is chvt 3 a marker that also needs to be at the end of the script??

Hi all,

I have a scripted install that included the DNS settings as below:

#################

1. Configure DNS

#################

echo "search domainname.com" > /etc/resolv.conf

echo "nameserver 192.168.100.20" >> /etc/resolv.conf

echo "nameserver 192.168.100.21" >> /etc/resolv.conf

After the installed, I checked the /etc/resolv.conf and it displayed correctly. However, in VC under the "Configuration --> DNS and Routing option. The DNS IP settings did not display under "Preferred DNS Server and Alternate DNS Server". But, the "Search domains" displayed correctly.

Question, Am I using the in-correct syntax? Any suggestion.

PS; I am running ESX 3.5 build 64067 and VC 2.5

Cheers,

I also need to setup the banner/legal disclaimer on the ESX kickstart and not sure where to start? Search the forum came up empty at the moment.

Any suggestion

again, have a look at eda! it's just one click of a button and you have your banner. (

Okay, okay ... I will look at the EDA

Hiya,

I guess that Depping's post sorted out your problem with NIC teaming?

If not perhaps post the part of the script that is failing?

Re your question about a legal notice - something like this will work:

echo "=== 8< === 8< === 8< === 8< === 8< ===" > /etc/issue

echo "|----

|" >> /etc/issue

echo "| This system is for the use of authorized users only. |" >> /etc/issue

echo "| Individuals using this computer system without authority, or in |" >> /etc/issue

echo "| excess of their authority, are subject to having all of their |" >> /etc/issue

echo "| activities on this system monitored and recorded by system |" >> /etc/issue

echo "| personnel. |" >> /etc/issue

echo "| |" >> /etc/issue

echo "| In the course of monitoring individuals improperly using this |" >> /etc/issue

echo "| system, or in the course of system maintenance, the activities |" >> /etc/issue

echo "| of authorized users may also be monitored. |" >> /etc/issue

echo "| |" >> /etc/issue

echo "| Anyone using this system expressly consents to such monitoring |" >> /etc/issue

echo "| and is advised that if such monitoring reveals possible |" >> /etc/issue

echo "| evidence of criminal activity, system personnel may provide the |" >> /etc/issue

echo "| evidence of such monitoring to law enforcement officials. |" >> /etc/issue

echo "|----

|" >> /etc/issue

echo "=== 8< === 8< === 8< === 8< === 8< ===" >> /etc/issue

echo "banner /etc/issue" >> /etc/ssh/sshd_config

Dinny

On a more general point this thread seems to be turning into its own scripting forum.

Perhaps not a bad thing - as individuals interested in scripting get to see the questions via email automatically?

However it does mean that participants never get any vmtn points - which imho is one of the things that makes vmtn so effective.

Perhaps people could post separate questions on the forum (with points available) - then ask the question again on this thread, including a link to the original question.

Then anyone wanting points could get them, and the person posing the question still has direct access to the individuals particularly interested in scripting (even if they don't all get chance to check out every post on the forums too often)?

I know its not perfect - but praps it could work?

What do people think?

Dinny

I do a similier thing to dinny...

Instead what I do is open up port 80, and download my "banner" file from a central location (my UDA). This means if it need adjusting I don't need to edit N of kickstart files - just one banner file...

As for the forum issues. A year ago when scripted installations of ESX and automation became increasing important to people - I asked the VMTN forum guys if we could have a separate forum for just this topic. Unfortunately, they didn't seem to see as a big issue.

So I started this thread in the hope it would become like a "master" thread - that would have a big long list of tips/questions.... It's not ideal... Perhaps a forum admin I should ask again. Bottom line is that if the user base makes this request - it should be approved. After all its a small task to do create a catagory...

Regards

Mike

Indeed,

I too put the bare minimum in my actual kickstart config file - from the initial kickstart file, I just copy a master build script down (from an NFS share in my case) - and I then make 99% of my config changes from the master script itself - so usually I only ever need to make changes to one centrally held build script, regardless of the number of ESX servers I actually build via that script.

Dinny