If you’re managing VMware environments, you might occasionally run into persistent shell warning alerts in your ESXi hosts. Thankfully, you can quickly find and suppress these warnings with a bit of PowerCLI magic.
Check for ESXi Hosts with Shell Warnings
Show the actual advanced settings on all hosts. Log into vCenter using PowerCLI and run this command:
This command immediately disables the shell warnings on selected hosts. No more alerts in GUI!
Command output:
Entity Name Value
------ ---- -----
fs-vsan-05.int.dc5.cz UserVars.SuppressShellWarning 1
Why (Not) Suppress Shell Warnings?
It’s important to note that suppressing shell warnings is only advisable in lab or non-production environments. In production environments, shell warnings provide valuable security reminders. Always keep shell warnings enabled to maintain security awareness unless you’re working in a controlled test environment.
Managing encryption across multiple ESXi hosts can be a bit of a hassle. But don’t worry. I’ve got a simple PowerCLI script that’ll save you time and headaches by quickly retrieving encryption status and recovery keys from your VMware environment.
Why Do You Need This?
Ensuring your ESXi hosts are correctly encrypted is essential for security. Regular checks help prevent surprises later, especially during troubleshooting or audits.
Getting Started
First, make sure you’re connected to your vCenter:
Connect-VIServer -Server
Replace with your vCenter IP or FQDN.
The Script Breakdown
Here’s a quick rundown of the PowerCLI script to verify encryption settings across all ESXi hosts and who Recovery key for each ESXi host. (link to GitHub repository and file tpm_recovery_key_backup.ps1):
Configuring syslog on your ESXi host is essential for centralized logging and efficient monitoring. Having your logs centrally managed simplifies troubleshooting and helps with compliance and security audits. Below you’ll find an easy-to-follow guide for setting up syslog both via the WebUI and CLI. Don’t forget to verify connectivity and regularly check your centralized logs for effective monitoring.
Configure Syslog Service (vmsyslogd) on ESXi for Remote Logging
1. Configure Syslog Using the vSphere Client
Log in to the vSphere Client and select your ESXi host.
Navigate to the Configure tab.
Under System, click on Advanced System Settings.
Click Edit to modify settings.
Filter for Syslog.global.logHost.
Enter your syslog server details in the format tcp://hostname:514 or udp://hostname:514 in my case udp://10.20.55.44:514 or with DNS name udp://syslog:514
Click OK to apply the changes.
2. Open Firewall Ports for Syslog Traffic
Enable Syslog in Firewall Rules:
Still under the Configure tab, go to Networking > Firewall > Ougoing connections.
Click EDIT….
Filter for syslog
Click on Checkboxand Click OK.
Now you should see “syslog” in outgoing firewall rules.
3. Verify Connectivity to the Syslog Server
Test Network Connection:
Access the ESXi Shell or use SSH to connect to your ESXi host.
When troubleshooting ESXi network and Syslog server connectivity issues, knowing the right tools can save you hours of frustration. Whether it’s an unresponsive syslog server, blocked TCP/UDP ports, this guide will help you diagnose and fix common connectivity issues quickly.
Key Troubleshooting Tools for ESXi Network Connectivity
Step 1: Verify Basic Network Connectivity
Before checking anything else, confirm that the ESXi host can communicate with the syslog server at a basic network level.
Standard ICMP ping test:
ping <destination-IP>
VMkernel-specific ping (useful for vMotion, NFS, etc.):
vmkping <destination-IP>
or specify which vmkernel should be used as ongoing interface for ping
vmkping -I vmk0 <destination-IP>
If these fail, the issue is likely a network routing problem or an upstream firewall blocking traffic.
Step 2: Check TCP/UDP Port Connectivity (netcat)
Even if the server is reachable, the syslog port might be blocked or not listening. Netcat helps determine if a specific TCP or UDP port is reachable.
⚠️ Note: Be aware that netcat doesn’t display an error message when a connection fails—only a successful connection is reported.
Use Cases
Test TCP Port Connectivity:
nc -z <destination-ip> <destination-port>
Test UDP Port Connectivity:
nc -zu <destination-ip> <destination-port>
Step 3: Analyze ESXi Network Connections and Interface Statistics
ESXi provides tools to inspect active network connections and adapter performance.
Check active TCP/UDP connections:
esxcli network ip connection list|grep <port>
If the syslog connection isn’t listed, ESXi isn’t attempting to send logs—double-check your syslog configuration in vSphere.
Check NIC statistics for errors and dropped packets:
esxcli network nic stats get -n <vmnicX>
Persistent errors here could indicate network congestion or misconfigurations.
Final Thoughts: Diagnosing Syslog Connectivity Efficiently
Troubleshooting network issues between an ESXi host and a syslog server doesn’t have to be a headache. Using these tools, you can pinpoint the problem—whether it’s a blocked port, misconfiguration, or network adapter issue—and resolve it efficiently.
In VMware ESXi, managing physical network interfaces (vmnics) is essential for troubleshooting, maintenance, or reconfiguration. There are times when you need to disable or re-enable a network interface without relying on the network team to shut down a switch port or physically unplugging the cable in the server room. Fortunately, this can be done quickly using the esxcli command-line tool.
Checking Available Network Interfaces
First login via SSH or directly on server console.
Before shutting down a vmnic, it’s good practice to list all available interfaces and check their status:
esxcli network nic list
This command will display a list of vmnics along with their link state, driver, and speed.
Shutting Down a vmnic Interface
To disable a specific vmnic, use the following command:
esxcli network nic down -n vmnicX
Replace vmnicX with the actual interface name (e.g., vmnic5).
Bringing a vmnic Interface Back Up
If you need to enable the interface again, run:
esxcli network nic up -n vmnicX
This will bring the network interface back online.
Use Cases
Test network failover scenarios.
Identify and isolate network issues by disabling a suspected faulty NIC.
Temporarily disable a NIC to measure the impact on network performance and verify load balancing efficiency.
Test how virtual machines respond when a specific network path goes down.
Shut down a vmnic that is connected to an untrusted VLAN or an incorrectly configured network.
Test different network configurations without permanently altering physical connections.
By using esxcli, you can manage network interfaces efficiently.
Renaming or reordering vmnics on an ESXi host can be useful in various scenarios, such as standardizing network configurations or aligning network interface names across multiple hosts. This guide will show you how to achieve this using the ESXi command line.
Listing Current vmnic Aliases
Before making changes, it is essential to check the current vmnic assignments. You can do this with the following command:
localcli --plugin-dir /usr/lib/vmware/esxcli/int/ deviceInternal alias list
This command will return a list of all existing vmnic aliases and their corresponding bus addresses.
Bus type Bus address Alias
-------- ------------------- -----
pci m01000300 vmhba0
pci m01000b00 vmnic0
pci p0000:00:07.1 vmhba1
pci m02001300 vmnic1
logical pci#m01000300#0 vmhba0
logical pci#p0000:00:07.1#0 vmhba1
logical pci#p0000:00:07.1#1 vmhba64
logical pci#m02001300#0 vmnic1
logical pci#m01000b00#0 vmnic0
When a nic is controlled by a native driver, then there are actually two aliases associated with the device: a pci alias for the pci device and a logical alias for the uplink logical device.
[root@fs-vsan-05:~] localcli --plugin-dir /usr/lib/vmware/esxcli/int deviceInternal alias list | grep vmnic1
When the logical alias is present, then both the pci alias and logical alias need to be renamed !
Changing a vmnic Name
Make sure you have console access before starting the upcoming steps.
To change the name of a specific vmnic, use the following commands. Replace vmnic5 with the desired new alias and update the bus-address accordingly.
localcli --plugin-dir /usr/lib/vmware/esxcli/int deviceInternal alias store --bus-type pci --alias vmnic5 --bus-address m02001300
localcli --plugin-dir /usr/lib/vmware/esxcli/int deviceInternal alias store --bus-type logical --alias vmnic5 --bus-address pci#m02001300#0
Once the commands have been executed, you need to reboot the ESXi host for the changes to take effect.
reboot
Having Some Fun with vmnic Naming
If you want to experiment and see how ESXi handles long vmnic names, you can try something fun like this:
localcli --plugin-dir /usr/lib/vmware/esxcli/int deviceInternal alias store --bus-type pci --alias vmnic1234567890 --bus-address m02001300
localcli --plugin-dir /usr/lib/vmware/esxcli/int deviceInternal alias store --bus-type logical --alias vmnic1234567890 --bus-address pci#m02001300#0
reboot
While ESXi generally follows a strict naming convention, pushing its limits can be an interesting experiment!
Conclusion
Renaming vmnics in ESXi via the command line is a straightforward process that requires just a few commands and a reboot. Whether you’re restructuring network configurations or just having a bit of fun, these steps will help you modify your ESXi network interfaces with ease.
Ever wanted to spruce up that default login screen on your ESXi host or have some fun with your DCUI? Then you’re in the right place! In this post, I’ll walk through using the Annotations.WelcomeMessage advanced setting to display a custom welcome message on your ESXi host. Best of all, I’ll share a neat PowerShell function to make it easy.
Why Customize the Welcome Message?
Personalization: Display a personal greeting, instructions, or a quick reminder for anyone logging into the ESXi console.
Useful Info: Share contact details or support info in case someone needs to know who to call if something breaks.
Fun Factor: It’s always nice to see something other than “Welcome to VMware ESXi” from time to time at least in homelab.
Security: Display security/legal warning.
The Advanced Setting: Annotations.WelcomeMessage
Annotations.WelcomeMessage is an advanced ESXi host parameter. It’s where you store the text you want displayed in DCUI on the default console screen (replacing some default text, similar to screenshot below).
(virtual ESXi)
PowerShell Script: Set-WelcomeMessage Function
Here is the star of the show—my simple PowerShell function that taps into VMware’s PowerCLI to set Annotations.WelcomeMessage on your ESXi host. It even shows you the old message before setting the new one.
Function Set-WelcomeMessage {
<#
.SYNOPSIS
This function retrieves the vCenter version and build number.
Based on https://knowledge.broadcom.com/external/article/315410/
.NOTES
File Name : set_welcome_message.ps1
Author : Stanislav Musil
Prerequisite : PowerShell
Website : https://vpxd.dc5.cz/index.php/category/blog/
X (Twitter) : https://www.x.com/stmusil
.DESCRIPTION
The script is a function that takes a single parameter, the vCenter server name. Retrieves the version and build number.
To use the function, you can dot-source the script and then call the function.
Windows: . .\set_welcome_message.ps1
Mac/Linux: . ./set_welcome_message.ps1
.EXAMPLE
Set-WelcomeMessage -Hostname "ESXi.example.com" -WelcomeMessage "Welcome to {{hostname}"
#>
param (
[string]$HostName,
[string]$WelcomeMessage
)
# Ensure PowerCLI module is imported
if (-not (Get-Module -Name VMware.VimAutomation.Core -ErrorAction SilentlyContinue)) {
Import-Module VMware.VimAutomation.Core
}`
# Define the target host and the parameter values
$ESXihost = Get-VMHost -Name $HostName
$paramName = "Annotations.WelcomeMessage"
$current = Get-AdvancedSetting -Entity $ESXihost -Name $paramName
Write-Host "Current Weclome message:" $current.Value
# Set the advanced parameter
Get-AdvancedSetting -Entity $ESXihost -Name $paramName | Set-AdvancedSetting -Value $WelcomeMessage -Confirm:$false
# Verify the change
$updatedSetting = Get-AdvancedSetting -Entity $ESXihost -Name $paramName
Write-Output "New $paramName value on $ESXihost : $($updatedSetting.Value)"
}
How to Run It
1. Dot-source the script (so the function is recognized):
On Windows:
. .\set_welcome_message.ps1
On Mac/Linux:
. ./set_welcome_message.ps1
2. Execute the function:
Set-WelcomeMessage -Hostname "ESXi.example.com" -WelcomeMessage "Welcome to my ESXi host!"
3. That’s it! Now when you check the DCUI over iDRAC/IPMI/iLO etc.. or on directly on console screen, you’ll see your brand-new custom text.
Customizing your ESXi’s welcome message is quick, easy, and surprisingly fun. Whether you’re adding a helpful notice or just a silly greeting, a personal touch goes a long way. Give it a try, and see if your team notices!
If you are working with VMware environments, particularly with vCenter Server, it’s important to keep track of the version and build number of your vCenter instances. This script/function, Get-vCenterVersion, is designed to help you retrieve these details effortlessly. Here, we’ll break down my script, explaining each section, and provide examples of how to use it.
Overview of the Script
The Get-vCenterVersion function is a PowerShell script that retrieves the version and build number of a specified vCenter Server. It compares the build number against a predefined mapping to provide detailed information about the vCenter version, release date, and other associated details. This can be extremely useful for maintaining and upgrading your VMware infrastructure.
You can find the full script linked at the end of this article. 🙂
Sections of the Script
Script Header and Metadata
<#
.SYNOPSIS
This function retrieves the vCenter version and build number.
Based on https://knowledge.broadcom.com/external/article?legacyId=2143838
.NOTES
File Name : get-vcenter-version.ps1
Author : Stanislav Musil
Prerequisite : PowerShell
Website : https://vpxd.dc5.cz/index.php/category/blog/
X (Twitter) : https://www.x.com/stmusil
.DESCRIPTION
The script is a function that takes a single parameter, the vCenter server name. Retrieves the version and build number.
To use the function, you can dot-source the script and then call the function.
Windows: . .\get-vcenter-version.ps1
Mac/Linux: . ./get-vcenter-version.ps1
.EXAMPLE
Get-vCenterVersion -vCenterServer "vCenter.DC5.cz"
or
Get-vCenterVersion
#>
This section provides a summary of what the script does, including the author’s information, and usage instructions. It also includes an example of how to invoke the function. This is a standard way to document PowerShell scripts and makes it easier for others to understand and use your script.
Here, the script defines a parameter $vCenterServer, which is not mandatory. If the user does not provide a value, the script will use the default vCenter Server from the global environment variable $global:DefaultVIServer.
vCenter Version Mappings
$vCenterVersionMappings = @{
"24026615"="vCenter Server 7.0 Update 3r","17.06.2024","7.0.3.02000","24026615","24026615"
"23788036"="vCenter Server 7.0 Update 3q","21.05.2024","7.0.3.01900","23788036","23788036"
...
}
This dictionary (hashtable) contains a mapping of vCenter Server build numbers to their corresponding versions, release dates, and other details. This is the core of the script, enabling it to look up detailed information based on the build number.
The script retrieves the version and build number from the provided or default vCenter Server. If the build number exists in the predefined mappings, the script retrieves the corresponding details.
The script constructs a custom PowerShell object to output the details in a structured format. This makes it easy to further process or display the information.
Upgrade Check
if ($vCenterServerBuild -lt $greatestKey) {
Write-Host "vCenter upgrade possible. `n" -ForegroundColor Red
} elseif ($vCenterServerBuild -eq $greatestKey) {
Write-Host "Latest version/ up to date. `n" -ForegroundColor Green
} else {
Write-Host "Update this script, looks like it's outdated. `n" -ForegroundColor Magenta
}
Finally, the script compares the retrieved build number with the highest build number in the mapping to determine if an upgrade is available, if the system is up to date, or if the script itself needs updating.
Example Usage
Example 1: Retrieve vCenter Version with Default Server
If you are already connected to a vCenter Server and set it as the default ($global:DefaultVIServer), you can simply run:
Get-vCenterVersion
Example 2: Specify a vCenter Server
To retrieve the version for a specific vCenter Server, provide the server’s name:
This will output detailed information about the vCenter Server, including its version, build number, and release date. If the vCenter Server is not on the latest version, the script will suggest that an upgrade is possible.
My homelab:
Conclusion
The Get-vCenterVersion script is a powercli function for anyone managing VMware vCenter Servers. By automating the retrieval and checking of vCenter versions, it helps ensure that your infrastructure is always up to date and secure. Whether you’re managing a single vCenter Server or multiple instances, this script can save you time and reduce the risk of version mismatches.
Feel free to customize the script to fit your environment, and remember to keep the version mapping updated as new vCenter Server versions are released!
Yesterday’s VMUGCZ event in Prague was a fantastic success, bringing together professionals and enthusiasts for a day filled with insightful sessions, engaging discussions, and valuable networking opportunities.
Agenda:
Welcome by VMUGCZ Leaders The event began with a warm welcome from the VMUGCZ leaders, setting the stage for an exciting day ahead. They provided an overview of the agenda, highlighting the key topics and sessions that attendees could look forward to.
Keynote: VCF, AI, and Other Things Joe Baguley from Broadcom kicked off the keynote with a deep dive into VMware Cloud Foundation (VCF), the evolving role of AI, and other emerging technologies. His presentation was followed by a lively Q&A session led by Vlastimil Horák from VMware by Broadcom, allowing attendees to ask questions and engage directly with the experts.
Understanding NSX in VCF: Best Practices for VCF Networking Karel Novak from VMware by Broadcom delivered a detailed session on understanding NSX within VCF. He shared best practices for optimizing VCF networking, providing practical insights and solutions for common challenges.
Coffee Break and Social Networking The first coffee break offered a chance for attendees to mingle, discuss the morning sessions, and network with peers and industry experts. It was a great opportunity to build connections and share ideas.
The Future is Here: ExaGrid Tiered Backup Storage Piotr Łukasiewicz from ExaGrid Systems introduced the latest innovations in tiered backup storage. His presentation highlighted the benefits of ExaGrid’s solutions, emphasizing how they can enhance data protection and recovery strategies.
Ootbi by Object First – Best Storage for Veeam Walter Berends from ObjectFirst discussed the optimal storage solutions for Veeam, focusing on the features and advantages of Ootbi by Object First. His insights were particularly valuable for those looking to improve their data storage and management practices.
Lunch Break A delicious lunch provided a welcome break and another opportunity for attendees to network and discuss the day’s topics in a more informal setting.
Google Cloud VMware Engine: AI-Assisted Automation for Your Workloads Agnieszka Koziorowska from Google presented on the integration of AI-assisted automation with VMware workloads on Google Cloud. Her session showcased practical applications and the significant benefits of this advanced technology.
AI for Accident Analysis and 3D Reconstruction Enrico Pittini and Pavel Kučera from DataVision demonstrated the use of AI for accident analysis and 3D reconstruction. Their presentation highlighted real-world use cases and the technological advancements driving these innovations.
Coffee Break and Social Networking Another coffee break allowed attendees to relax and continue their networking conversations, exchanging thoughts on the afternoon sessions.
Before Calling in the Backups Boris Mittelmann from Veeam discussed the importance of preparedness in backup management. He shared strategies and best practices to ensure effective and efficient backup processes.
VCF aka Virtuální Cloudová Fantazie A community session led by Martin Dimitrov, Libor Junek, and Josef Zach explored the capabilities of VMware Cloud Foundation. Titled “Virtuální Cloudová Fantazie” this session provided info from real-life VCF deployment.
Roundtable with VMUG Leaders and Speakers The roundtable discussion offered an interactive platform for VMUG leaders and speakers to engage with the audience. Attendees had the chance to ask questions, share insights, and discuss various topics in an open forum.
Social Networking: Grill, Beer, and Hockey The event concluded with a relaxed social networking session featuring a grill, beer, and watching the Hockey World Championship on big screen. (Czech Republic vs. USA. [1:0] ) It was a fun and enjoyable end to a day packed with learning and networking.
Overall, the VMUGCZ event in Prague was a resounding success, offering valuable insights, practical knowledge, and plenty of opportunities for professional growth and connection. Check out some photos from the event below!
Joe Baguley (VMware by Broadcom) Keynote
Karel Novak (VMware by Broadcom)
Piotr Lukasiewicz (ExaGrid Systems)
Martin Stetka (Object First)
Walter Berends (Object First)
Google Cloud
Pavel Kučera (DataVision)
Boris Mittelman (Veeam)
Libor Junek, Josef Zach, Martin Dimitrov (community session)