10 Basics of Linux that apply to managing VMware ESX through the service console

by David Davis posted on September 1, 2009

Introduction

If you are using the full version of VMware ESX you have the option to manage it, from the command line, using the service console operating system (called the COS). The service console, in VMware ESX, is really a modified version of Red Hat Enterprise Linux. Thus, basic Linux administration knowledge is very valuable when you go to manage VMware ESX from the command line.

On the other hand, if you are using VMware ESXi you likely do not access any CLI console from the server. Two command line options for managing ESXi from the command line are-

  1. The hidden ESXi service console – for information on this tiny Linux console, with very limited features, and how to access it see my article How to access the VMware ESXi Hidden Console.
  2. The VMware remote command line interface (RCLI) – for information on RCLI, see my article; Using VMware’s remote command line interface (RCLI) with VMware ESXi.

Now, here are my 10 basics of Linux administration that apply to managing VMware ESX:

Understanding file structure and navigation are critical

Just like navigating Linux or Windows from the command line, it is critical in ESX that you know how to navigate the file structure. Here are some common Linux & ESX commands you will use to get around:

One of the best Linux commands I ever learned was the command that allows me to find a file anywhere on a filesystem-

find ./ -print | grep {what you are looking for}

Yes, this works great in ESX and it allows me to find the location of log files or executables when they are not in my path or I forget where they are stored.

Remote access is usually via SSH when using the CLI

Just as I connect to a Linux server using a SSH client like putty, I also connect to my ESX server. In fact, all the command line examples in this article were done with putty through SSH.

You should know that access to the ESX service console is not allowed, via SSH, for root, by default. To enable it, you need to go to the server’s console, edit /etc/ssh/sshd_config, set PermitRootLogin to yes, save it, and restart the ssh dameon with service sshd restart.

Local user administration is in /etc/passwd

Just as in Linux, it is best practice in ESX to create yourself a local user that can be used to su to the root account when local root privileges are needed (yes, even if you are using vCenter and likely will not use this a lot).

You could edit the /etc/passwd file, sure, but you should, instead, use useradd to add local users from the command line (but this is also easily done in the VI client if you connect directly to an ESX host). You can change passwords using passwd, just like in Linux.

One thing that is different is that you can set just about all of the ESX authorization settings by using esxcfg-auth.

Critical administration commands can be found in

As we learned back in #1 with the find command, the esxcfg-XXXX commands are located in /usr/sbin. These are ESX specific commands that you will need to use if administering the server from CLI.

Text file editing with vi and nano is a must

How are you going to edit text files like sshd_config to enable SSH remote access without a text editor? Well, you can’t. You must know how to use one of the Linux / ESX text file editors – vi or nano.

Like whiskey, vi is “an acquired taste” and takes some getting used to. If you are a Linux admin, you already know vi. For those who don’t, I encourage you to use nano as it works much like the Windows notepad.

You will need to patch it with using RPMs but with different tools – rpm and esxupdate

Just like any OS, you will need to patch ESX. In Linux, this is typically done at the command line using rpm. While rpm is available in ESX, you should instead use esxupdate to apply ESX patches.

Still, the concept is the same and the applications are almost identical.

Common network tools like ping, ifconfig, traceroute, proper network configuration are all crucial.

Just as in configuring Linux or even Windows from the command line, critical pieces of ESX Server aren’t going to work without the proper network configuration. The easiest way to do that in ESX is to use the VI client but you can do it at the command line using commands like esxcfg-nics, esxcfg-route, esxcfg-vmknic, esxcfg-vswif.

About half of what these commands do is to edit traditional Linux text configuration files like /etc/hosts, /etc/resolv.conf, /etc/sysconfig/network, /etc/vmware/esx.conf.

Just like any Linux host, in ESX you must have an IP address, proper subnet mask, default gateway (if you want to get outside your subnet), DNS servers (unless you are going local), your ESX host name must be able to be resolved as a FQDN, and you must have full network communication. That full network communication can be tested with traditional Linux commands like ping, traceroute, nslookup, and ifconfig

Process administration, at times, is necessary – ps, kill

Just as in Linux, at times, process administration is required. In ESX, you can view running processes with the ps (or process list) command. You can kill processes with the kill command.

Unlike Linux, ESX has some critical processes such as vmware-watchdog, vmware-hostd, vmklogger, and others.

Performance management from the CLI is quickly handled with top and esxtop

Eventually in any OS you will have a performance management issue. You can quickly resolve performance issues in Linux with top. In ESX, top also works but you should, instead, use esxtop.

For more information on understanding performance statistics with esxtop, see the VMware ESX Resource Management Guide and Interpreting ESXTOP Statistics in the VMware Community.

Getting help with –help and man

And finally, getting help in Linux and in ESX are the same. To learn more about a command you can use that command and add “dash dash help” or “–help” after it. Even better, you can get more instructions using man, which stands for manual pages.