ESXi 4.1 Kickstart Script for EDA Virtual Appliance

Summary:
This one has been on the back burner for a little while, but I finally got it put together thanks to resources like virtualghettolamw is crazy smartz!
Script:
Everything seems to work fine, the only one I’m not sure of is the enabling the CIMoemProviderEnabled Advanced setting as to whether that works or not.  Let me know if you happen to brave my custom kickstart script made for Dell servers, but can be adjusted for pretty much any setup I think.
   1: # Bind vmnic4 to vSwitch0.  EDA adds vmnic0 automatically
   2: # Active/Passive
   3: esxcfg-vswitch -L vmnic4 vSwitch0
   4: esxcfg-vswitch -X 1 vSwitch0
   5:  
   6: # Add vSwitch1, VMkernel, and bind vmnic1/3
   7: # Active/Passive
   8: # The following configures vSwitch1 as the vmKernel vmotion switch
   9: esxcfg-vswitch -a vSwitch1
  10: esxcfg-vswitch -A VMkernel vSwitch1
  11: esxcfg-vswitch -L vmnic1 vSwitch1
  12: esxcfg-vswitch -L vmnic3 vSwitch1
  13: esxcfg-vswitch -X 1 vSwitch1
  14:  
  15: # Add vSwitch2 and bind vmnic2/5
  16: # Active/Passive
  17: # Created VM Switch
  18: esxcfg-vswitch -a vSwitch2
  19: esxcfg-vswitch -L vmnic2 vSwitch2
  20: esxcfg-vswitch -L vmnic5 vSwitch2
  21: esxcfg-vswitch -X 1 vSwitch2
  22:  
  23: # NTP Configuration
  24: /bin/echo "restrict 127.0.0.1" > /etc/ntp.conf
  25: /bin/echo "restrict default kod nomodify notrap" >> /etc/ntp.conf
  26: /bin/echo "server timeserver1.local" >> /etc/ntp.conf
  27: /bin/echo "server timeserver2.local" >> /etc/ntp.conf
  28: /etc/init.d/ntpd restart
  29:  
  30: # Configures vmk0 as Mgmt Interface
  31: HOSTSVC_FILE=/etc/vmware/hostd/hostsvc.xml
  32:  
  33: /bin/cat > ${HOSTSVC_FILE} << __CREATE_HOST_SVC__
  34: <ConfigRoot>
  35:   <mangementVnics>
  36:     <nic id="0000">vmk0</nic>
  37:   </mangementVnics>
  38:   <mode>normal</mode>
  39:   <service>
  40:     <tsm-ssh>off</tsm-ssh>
  41:   </service>
  42: </ConfigRoot>
  43: __CREATE_HOST_SVC__
  44:  
  45: # Configure vmk1 as vMotion Interface
  46: esxcfg-vmknic -a VMkernel -i ###HOSTIP### -n 255.255.255.0
  47: /bin/vim-cmd hostsvc/net/refresh
  48: /bin/vim-cmd hostsvc/vmotion/vnic_set vmk1
  49:  
  50: # DNS Secondary (replace x.x.x.x w/ IP of another DNS server) 
  51: /bin/echo "nameserver x.x.x.x" >> /etc/resolv.conf
  52:  
  53: # Configure Local Datastore Name to standard
  54: /bin/vim-cmd hostsvc/datastore/rename datastore1 "$(hostname -s)_local"
  55:  
  56: # Configure Syslog to forward to remote syslog server like Splunk
  57: /bin/vim-cmd hostsvc/advopt/update Syslog.Remote.Hostname string x.x.x.x
  58:  
  59: # Configure port to forward Syslogs.
  60: /bin/vim-cmd hostsvc/advopt/update Syslog.Remote.Port int 514
  61:  
  62: # Only needed if local syslog going to be used.
  63: #/bin/vim-cmd hostsvc/advopt/update Syslog.Local.DatastorePath string "[$(hostname -s)_local] /logfiles/hostName.log"
  64:  
  65: # Maps standard NFS Shares (I use these as shared stores for iso and vmtemplates)
  66: esxcfg-nas -a -o linuxserver1 -s /share/STUFF nfs_share
  67: esxcfg-nas -a -o nasdevice1 -s esx_vmtemplates nfs_share_vmtemplates
  68:  
  69: #### Start of Join AD code ####
  70: #Joins to Active Directory (ESX 4.1) Update 1 Code Hashed Out
  71: /bin/cat > /tmp/joinActiveDirectory.py << __JOIN_AD__
  72: import sys,re,os,urllib,urllib2,base64
  73:  
  74: # mob url
  75: url = "https://localhost/mob/?moid=ha-ad-auth&method=joinDomain"
  76:  
  77: # mob login credentials -- use password = "" for build scripting
  78: username = "root"
  79: password = ""
  80:  
  81: # which domain to join, and associated OU
  82: # e.g.
  83: #       "local.com"
  84: #       "local.com/VMware Server OU"
  85: domainname = "local.com/someOU/"
  86:  
  87: # active directory credentials using encoded base64 password
  88: ad_username = "someserviceaccount@local.com"
  89: ### To get an encoded password, use python.  It's not really secure, but better than plain text.
  90: encodedpassword = ""
  91: ad_password = base64.b64decode(encodedpassword)
  92:  
  93: # Unhash for ESXi 4.1 Update 1
  94: ### Create global variables
  95: # global passman,authhandler,opener,req,page,page_content,nonce,headers,cookie,params,e_params
  96:  
  97: # Code to build opener with HTTP Basic Authentication
  98: passman = urllib2.HTTPPasswordMgrWithDefaultRealm()
  99: passman.add_password(None,url,username,password)
 100: authhandler = urllib2.HTTPBasicAuthHandler(passman)
 101: opener = urllib2.build_opener(authhandler)
 102: urllib2.install_opener(opener)
 103:  
 104: # Unhash below for 4.1 Update 1
 105: ### Code to capture required page data and cookie required for post back to meet CSRF requirements  ###
 106: #req = urllib2.Request(url)
 107: #page = urllib2.urlopen(req)
 108: #page_content= page.read()
 109:  
 110: # Unhash below for 4.1 Update 1
 111: ### regex to get the vmware-session-nonce value from the hidden form entry
 112: # reg = re.compile('name="vmware-session-nonce" type="hidden" value="?([^\s^"]+)"')
 113: #nonce = reg.search(page_content).group(1)
 114:  
 115: # Unhash below for 4.1 Update 1
 116: ### Code to join the domain ESXi 4.1U1
 117: #params = {'vmware-session-nonce':nonce,'domainName':domainname,'userName':ad_username,'password':ad_password}
 118: #e_params = urllib.urlencode(params)
 119: #req = urllib2.Request(url, e_params, headers={"Cookie":cookie})
 120: #page = urllib2.urlopen(req).read()
 121:  
 122: #Hash if using 4.1 U1
 123: ### Code to join domain ESX 4.1
 124: params = {'domainName':domainname,'userName':ad_username,'password':ad_password}
 125: e_params = urllib.urlencode(params)
 126: req = urllib2.Request(url,e_params)
 127: page = urllib2.urlopen(req).read()
 128:  
 129: __JOIN_AD__
 130:  
 131: #execute python script to Join AD
 132: /bin/python /tmp/joinActiveDirectory.py
 133:  
 134: #### End AD Join Code ####
 135: # Changes UserVars.CIMoemProviderEnabled to 1.  Required for OMSA VIB to work properly.
 136: esxcfg-advcfg -s 1 /UserVars/CIMoemProviderEnabled 
 137: %firstboot --unsupported --interpreter=busybox --level=9999
 138: # Do Patching in this section
 139:  
 140: #Gets Emulex and OMSA VIB from IIS Server w/ virtual directory pointed to NAS hosted directory
 141: #Applies Emulex then OMSA VIB <-- Must be in this order.
 142: # Maintenance Mode attempted twice before attempting patch because it sometimes fails.
 143: /bin/vim-cmd hostsvc/maintenance_mode_enter
 144: sleep 5
 145: /bin/vim-cmd hostsvc/maintenance_mode_enter
 146:  
 147: # Entries entered twice due to metadata.zip possibly not extracting properly the first time.
 148: /sbin/esxupdate --bundle=http://IISSERVER.local.com/VIBS/Emulex_CIM/elx-esx-4.1.0-emulex-cim-provider-3.2.30.1-offline_bundle-364582.zip update
 149:  
 150: /sbin/esxupdate --bundle=http://IISSERVER.local.com/VIBS/Emulex_CIM/elx-esx-4.1.0-emulex-cim-provider-3.2.30.1-offline_bundle-364582.zip update
 151:  
 152: /sbin/esxupdate --bundle=http://IISSERVER.local.com/VIBS/Dell_OMSA/OM-SrvAdmin-Dell-Web-6.5.0-2247.VIB-ESX41i_A01.zip update
 153:  
 154: /sbin/esxupdate --bundle=http://IISSERVER.local.com/VIBS/Dell_OMSA/OM-SrvAdmin-Dell-Web-6.5.0-2247.VIB-ESX41i_A01.zip update
 155:  
 157:  
 158: /bin/vim-cmd hostsvc/maintenance_mode_exit
 159:  
 160: /sbin/reboot -d 120

Comments

Popular posts from this blog

NSX-T: Release associated invalid node ID from certificate

NSX-T: vCenter and NSX-T Inventory out of Sync (Hosts in vSphere not showing up in NSX-T)

Azure VMware Solution: NSX-T Active/Active T0 Edges...but