Skip to content


How to add a vLAN to VMware vSphere 5, 5.5, or 6, / ESXi virtual machine network

This is a simple step-by-step guide to adding / assigning a vLAN to a vSwitch virtual machine network on VMware ESXi and vSphere 5, 5.5, and 6.  Another way of putting it is adding a port group to a vSwitch.  It is a pretty straight forward process, but if you’ve never done it before it can be a little confusing.  We are going to create a Virtual Machine Port Group (network) that is assigned exclusively to a vLAN ID.  This guide assumes you have already created the vLAN on your switch and configured a trunk port to your virtualized infrastructure.


First, go ahead and log into the vSphere Client.  Once you have done so, navigate to Home > Inventory > Hosts and Clusters (if using vSphere).  If you are logging directly into an ESXi server, you should already be where you need to be immediately upon logging in.  Select your ESXi host in the left column, and then select the Configuration tab.  Once you are on the Configuration page, select Networking.  Select the Properties of the vSwitch you would like your vLAN to be assigned to.  In my case, I’m selecting the properties of vSwitch0.


2016-03-05 10_12_02- - vSphere Client


Now, we need to add a port group exclusive to the vLAN.  Click on Add.

Click Here To Read The Rest

How to monitor a VMware ESXi 5 / 6 host with Check_MK & OMD

Recently I posted a guide detailing how to install OMD (Open Monitoring Distribution) on Ubuntu 14.04. Part of OMD is the Check_MK network monitoring platform. I consider it the best available in the Open Source world. Check_MK supports monitoring VMware ESXi hosts, as well as vSphere servers. It uses the vSphere API to communicate with the host, so it’s able to pull much more data than SNMP. It’s not exactly a very intuitive process to get an ESXi host added to Check_MK, but it’s very easy if you know what to do. The documentation available is sub par, at best. So, I’m going to change that! This guide applies to all versions of ESXi 5 or later. So, ESXi 5, 5.1, 5.5 and 6.

Check_MK is capable of monitoring all sorts of valuable data from an ESXi host. This includes, CPU usage, RAM usage, Datastore usage, Network bandwidth statistics, health sensors and virtual machine power state.

How to add an ESXi 5, 5.1, 5.5 or 6 host to Check MK

Go ahead and log in to your Check_MK web interface. In the Configuration navigation area of the left, click on Host & Service Parameters.

Screen Shot 2015-05-26 at 3.23.21 PM

Click Here To Continue Reading!

How To Enable SSH on VMware ESXi 5 / 5.5 / 6 & All Other Versions

Many necessary administrative functions on ESXi requires SSH access. For example, offline bundles, third party management utilities, backup utilities, and many other tasks require you to log in to the ESXi console, via SSH or physically. This post will guide you through the process of enabling the SSH service, and opening up the firewall to allow access. This process works on all versions of ESXi, including the newer versions such as 5, 5.5, and 6. Lets get started.

Enabling SSH on an ESXi host

There are two steps involved in getting SSH access set up on an ESXi host.

  • Enabling the SSH service
  • Opening port 22 (SSH port) on the firewall

First, log into the VMware vSphere Client. You can login directory to the host, or to a vSphere server, it doesn’t matter. Select the host in the left panel, then navigate to Configuration > Security Profile, once you are there, click on the Properties option to the right of Services.


Now, select SSH, then Options.

Screen Shot 2015-05-19 at 11.34.29 AM

Click Here To Read The Entire Post!

How To Enable SNMP On ESXi 5 / 5.5 / 6 For Remote Monitoring

SNMP isn’t exactly new technology, but it’s pretty reliable and just about every monitoring system out there supports it. There are definitely more in-depth monitoring solutions for ESXi out there, but if you are looking for a quick and dirty monitoring solution for an ESXi host to integrate into a platform you already have, SNMP will do the trick. This post describes how to setup SNMP on ESXi 5, 5.5, and 6. I’m fairly certain it will work on older versions of ESXi as well, but i have not tested that theory.

How to enable SNMP on ESXi 5 / 5.5 / 6

There are a few steps involved in getting SNMP functional on ESXi. They go something like this.

  • Set the SNMP community string
  • Enable the SNMP service
  • Add necessary firewall rules
  • Enable the added firewall rule
  • Restart the SNMP daemon

It’s a pretty straight forward process. Let’s getting started. First, you need to connect to your ESXi host via SSH, If you don’t know how to do this, click here to read my post on how to enable SSH on ESXi. After logging in to your ESXi host via SSH, run the following commands.

#  esxcli system snmp set --communities YOUR_STRING
#  esxcli system snmp set --enable true

You will need to change YOUR_STRING to the name of your SNMP community. Many times this is PUBLIC or PRIVATE, but I suggest you use something different and unique for security purposes.

Screen Shot 2015-05-19 at 11.10.33 AM

Next, we need to add a firewall rule to allow the SNMP inbound port, and then enable it.

Click Here To Read The Entire Tutorial!

How to open up all ports on VMware ESXi 5, 5.1 & 5.5 to specific IP addresses or subnet

It a lab environment, and very limited production scenarios, it’s often very useful to open all ports, TCP and UDP, but only to certain IP addresses, subnets, or IP address ranges. I have found very little info on this specifically, so I thought I would whip up this guide so you know an easy way to open up all ports for specific addresses. This will work on VMware ESXi 5, 5.1 and 5.5 for sure, but it will most likely work for most versions of ESXi, although I have not tested it. Please let me know if the comments if you have luck on non 5.x versions, specifically 4.x and 6.x.

Basically, we are going to create 4 firewall rules, each does the following:

  • Open all UDP ports inbound (ports 1-60,000).
  • Open all UDP ports outbound (ports 1-60,000).
  • Open all TCP ports inbound (ports 1-60,000).
  • Open all TCP ports outbound (ports 1-60,000).

Once that’s done we’ll lock access down to a specific address(s) via the vSphere Client. First, go ahead and SSH into your ESXi host. Once you are at a command prompt you will need to edit /etc/vmware/firewall/service.xml. I prefer nano, but that’s not available on ESXi, so we have to use VI. First, lets make a backup of the file and change permissions so we can edit the file.

# cp /etc/vmware/firewall/service.xml /etc/vmware/firewall/service.xml.bak
# chmod 644 /etc/vmware/firewall/service.xml
# chmod +t /etc/vmware/firewall/service.xml

Now we have a backup of the service.xml file, called service.xml.bak. We have also allowed writes to service.xml and toggled the sticky bit. Lets go ahead and open service.xml with vi.

# vi /etc/vmware/firewall/service.xml

The service.xml file is the main template for firewall rules, specifically pertaining to ports. It is what populates all of the available information on the Security Profile > Firewall tab in the vSphere Client. It is here we are going to add our four rules. If you are unfamiliar with vi, it can be a big confusing. Here are some pointers for you:

  • When you first enter vi, you cannot manipulate any text. to do so, hit the “i” key. This puts you in “insert” mode.
  • Once selecting “i” you can move about freely and add/edit at will.
  • After making all needed changes, press the “ESC” key, the “:” – This puts you in vi command mode.
  • At the “:” prompt, enter “w” (for write) and q (for quit) and then press enter. So it should look like this :wq
  • You have just saved and exited. That’s it. So, lets continue.

Click here to continue reading this tutorial

How to install LSI MegaRAID Storage Manager (MSM) on VMware ESXi 5.5

This morning I got an email from the datacenter that informed me of a loud alarm coming from one of my servers. I knew right away it was the LSI card sounding off due to a hard drive failure. Since I almost always use RAID 10 in critical arrays, I was more annoyed than concerned. So, off to the datacenter I went, new drive in hand. While diagnosing the issues, I realized there is no out-of-the-box way to be notified of a drive failure within ESXi. As far as I could tell, everything was fine, except for an audible alarm I would have never heard.

The RAID card in this particular server is an LSI 9260-8i, however this guide is the same for all of the 92xx series cards, like the 9265-8i, or 9265-16i. VMware includes drivers for these cards, starting in ESXi 5.1 if I remember correctly. However, there is no health data for drives and no management interface for arrays. After a couple google searches, I quickly found that there is a lot of conflicting information and tons of problems that go along with installing the LSI MegaRAID Manager, MSM, on ESXi. I also ran into some problems. So, I thought I would put together a quick, easy, clear guide to save others the hassle of going through what I went through. So, here we go.


How to install MSM on ESXi 5.5

To complete this process, you will have to put your ESXi host into maintenance mode, and you will have to reboot. So make sure your VMs are all shut down before proceeding.

You will need to have the following items:


The process is pretty straight forward. In a nutshell, here are the steps we will take:

  1. Enable SSH on ESXi Host.
  2. Copy LSI SMIS Provider to ESXi Host via WinSCP.
  3. Configure Host and Install SMIS Provider.
  4. Install MegaRAID Storage Manager on VM


Log into your host using the vSphere client, or the web interface, then go to the configuration tab and select Security Profile.


Click here to read the entire tutorial

How to install a nested hypervisor on an ESXi virtual machine without a vSphere server

If you read my blog, you’ve probably noticed I’ve been doing a lot of stuff with hypervisors lately, more specifically setting up OpenStack. I’ve always been a VMware guy. I like the simplicity of ESXi and the intuitiveness of of the interface. Since OpenStack really works best with at least 3 servers, 2 of which don’t do much of anything, I decided to use an ESXi server to install the openstack infrastructure. The controller node and network node do not provide any type of virtualization capabilities, but the compute node(s) do.

ESXi, at least since version 5.1, has supported running 64-bit hypervisor guests, or “nested” hypervisors on any Intel i3 or newer CPU. Specfically, your CPU needs to be one of the following:

  • Intel VT-x or AMD-V for 32-bit nested virtualization
  • Intel EPT or AMD RVI for 64-bit nested virtualizaiton

In my case, my Xeon W5580 has VT-x and EPT support, so I can run 64-bit nested virtual machines.

This will allow you to run any nested hypervisor within an ESXi 5.1 or newer host. I’ve ran Xen, KVM, OpenStack, Proxmox, and ESXi; they all worked great.

How To Enable

The feature, or setting, of the virtual machine that allows the VT-x functionality to be passed through to the guest virtual machine is called HV (as in hypervisor). The problem is you have to be running the new vSphere Web Client to get at the nice little check box to turn this on. The vSphere Desktop Client does not have this functionality and unless you have a license for vSphere server, there is no way to enable HV on a virtual machine using the GUI. However, there is a VERY easy work around for this. You simply add a single line to the .vmx file for the virtual machine you need HV enabled on.

To do this, fire up the vSphere Client, and make sure the host is selected in the left pane. Also, verify the VM is powered OFF.

Screen Shot 2015-04-27 at 5.55.35 PM

Click here to read the entire tutorial!