Please be aware – this script is untested.
Please be aware – this script does not prevent LUN loading at boot time – be extremely careful!
As promised, this is the 17-page kickstart script that is hardware agnostic. As such, I’m linking it here but will go through it step by step below.
Let’s start:
This is pretty standard stuff:
############################################################################################## # ks-oldworld.cfg # # Author: leo.raikhman@unsw.edu.au # Last update: 19 August 2008 # # CHANGE HISTORY # # 1.0 Leo Raikhman Initial release. # 1.1 Leo Raikhman Added scli + lputil installation # 1.2 Leo Raikhman Added distinction between cciss drives and Dell sda drives # # TO DO LIST # * Configure updates from central server before completion # * Automatic updating of system firmware # ############################################################################################# cdrom rootpw --iscrypted $1$rWQqFKKO$q9q4hhn4mdDHBnWnF6S2R. bootloader --location=mbr timezone Australia/Sydney skipx install text network --device eth0 --bootproto dhcp lang en_US langsupport --default en_US keyboard us mouse none reboot firewall --disabled ## We are going include ignoredisk and disk_map autogenerated files here %include /tmp/ignoredisk %include /tmp/disk_map # Licensing: accept the EULA (End User License Agreement) and use VirtualCenter served licenses vmaccepteula vmlicense --mode=server --server=27000@192.168.0.30 --edition=esxFull --features=vsmp,backup %packages grub @base
What we do now, is we establish what type of disk we have and format it accordingly based on whether it is a Compaq SmartArray or a Dell standard mptscsi disk
%pre
SYSLOG=./fchba.out
IGNOREDISK=/tmp/ignoredisk
TESTSTATEMENT=$(grep -e QLogic -e Emulex $SYSLOG)
touch $IGNOREDISK
if [ -n "$TESTSTATEMENT" ] ; then
for i in $(grep -e QLogic -e Emulex $SYSLOG | grep scsi | cut -d " " -f 1 | sed 's/<.>//'); do DISKS=$DISKS" "$(grep "$i" $SYSLOG | grep Attach | cut -d " " -f 4) ; done
DISKS=$(echo $DISKS|sed 's/ s/,s/g')
echo "ignoredisk --drives="$DISKS > $IGNOREDISK
fi
if lsmod | grep cciss ; then
cat > /tmp/disk_map << DISK_MAP1
clearpart --all --initlabel --drives=cciss/c0d0
part /boot --fstype ext3 --size=100 --ondisk=cciss/c0d0 --asprimary
part / --fstype ext3 --size=1800 --grow --maxsize=5000 --ondisk=cciss/c0d0 --asprimary
part swap --size=544 --grow --maxsize=544 --ondisk=cciss/c0d0 --asprimary
part /var --fstype ext3 --size=4096 --ondisk=cciss/c0d0
part /opt --fstype ext3 --size=2048 --ondisk=cciss/c0d0
part /tmp --fstype ext3 --size=1024 --ondisk=cciss/c0d0
part /home --fstype ext3 --size=1024 --ondisk=cciss/c0d0
part None --fstype vmkcore --size 110 --ondisk=cciss/c0d0
part None --fstype vmfs3 --size 1 --grow --ondisk=cciss/c0d0
DISK_MAP1
else
cat > /tmp/disk_map << DISK_MAP2
clearpart --all --initlabel --drives=sda
part /boot --fstype ext3 --size=100 --ondisk=sda --asprimary
part / --fstype ext3 --size=1800 --grow --maxsize=5000 --ondisk=sda --asprimary
part swap --size=544 --grow --maxsize=544 --ondisk=sda --asprimary
part /var --fstype ext3 --size=4096 --ondisk=sda
part /opt --fstype ext3 --size=2048 --ondisk=sda
part /tmp --fstype ext3 --size=1024 --ondisk=sda
part /home --fstype ext3 --size=1024 --ondisk=sda
part None --fstype vmkcore --size 110 --ondisk=sda
part None --fstype vmfs3 --size 1 --grow --ondisk=sda
DISK_MAP2
fi
%post
cat > /etc/rc.d/rc3.d/S11servercfg << EOF
Fairly self explanatory below, just read the comment tags
##########################
# Configure ESX Firewall #
##########################
/usr/sbin/esxcfg-firewall -e ntpClient
/usr/sbin/esxcfg-firewall -e snmpd
/usr/sbin/esxcfg-firewall -e sshClient
/usr/sbin/esxcfg-firewall -e activeDirectorKerberos
/usr/sbin/esxcfg-firewall -o 1311,tcp,in,ManageRequest
/usr/sbin/esxcfg-firewall -o 514,udp,out,syslog
#################################
# Configure Command Queue Depth #
#################################
if grep "QLogic" /etc/vmware/esx.conf ; then
/usr/sbin/esxcfg-module -s ql2xmaxqdepth=128 qla2300_707_vmw
fi
if grep "Emulex" /etc/vmware/esx.conf ; then
/usr/sbin/esxcfg-module -s "lpfc0_lun_queue_depth=128 lpfc1_lun_queue_depth=128 lpfc2_lun_queue_depth=128 lpfc3_lun_queue_depth=128 lpfc4_lun_queue_depth=128 lpfc5_lun_queue_depth=128" lpfc_740
fi
/usr/sbin/esxcfg-advcfg -s 128 /Disk/SchedNumReqOutstanding
/usr/sbin/esxcfg-advcfg -s 1 /Disk/UseLunReset
/usr/sbin/esxcfg-advcfg -s 0 /Disk/UseDeviceReset
/usr/sbin/esxcfg-boot -b
#############################
# Configure log compression #
#############################
perl -p -i -e 's/nocompress/compress/g' /etc/logrotate.d/vmkernel
perl -p -i -e 's/nocompress/compress/g' /etc/logrotate.d/vmksummary
perl -p -i -e 's/#compress/compress/g' /etc/logrotate.conf
##########################################################
# Require "su" users to be members of unix group "wheel" #
##########################################################
cat > /etc/pam.d/su << PAMDSU
#%PAM-1.0
auth sufficient /lib/security/\$ISA/pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient /lib/security/\$ISA/pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
auth required /lib/security/\$ISA/pam_wheel.so use_uid
auth required /lib/security/\$ISA/pam_stack.so service=system-auth
account required /lib/security/\$ISA/pam_stack.so service=system-auth
password required /lib/security/\$ISA/pam_stack.so service=system-auth
session required /lib/security/\$ISA/pam_stack.so service=system-auth
session optional /lib/security/\$ISA/pam_xauth.so
PAMDSU
##############################################################################################
# Require "sudo" users to be members of unix group "wheel" and all attempts to log to syslog #
##############################################################################################
cat > /etc/sudoers << SUDO
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#
# Host alias specification
# User alias specification
# Cmnd alias specification
# Defaults specification
Defaults syslog=local2
# User privilege specification
root ALL=(ALL) ALL
# Uncomment to allow people in group wheel to run all commands
%wheel ALL=(ALL) ALL
# Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
# Samples
# %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users localhost=/sbin/shutdown -h now
SUDO
##################################################################################
# Configure syslog for "sudo" logging and to send syslogs to remote destinations #
##################################################################################
cat >> /etc/syslog.conf << SYSLOG
#send all authentication commands to syslog
local2.* /var/log/messages
#send all syslog events to virtualcenter.test.com.au
*.* @virtualcenter.test.com.au
SYSLOG
##################################################
# Configure secure permissions on critical files #
##################################################
chmod 700 /etc/snmp/snmpd.conf
chmod 600 /etc/grub.conf
#################
# Configure DNS #
#################
echo "search test.com.au" > /etc/resolv.conf
echo "nameserver 149.171.96.2" >> /etc/resolv.conf
echo "nameserver 149.171.192.2" >> /etc/resolv.conf
#################
# Configure NTP #
#################
# Add servers to step-tickers
echo "ntp.unsw.edu.au" > /etc/ntp/step-tickers
echo "ntp2.unsw.edu.au" >> /etc/ntp/step-tickers
echo "restrict 127.0.0.1" > /etc/ntp.conf
echo "restrict default kod nomodify notrap" >> /etc/ntp.conf
echo "server ntp.unsw.edu.au" >> /etc/ntp.conf
echo "server ntp2.unsw.edu.au" >> /etc/ntp.conf
echo "driftfile /var/lib/ntp/drift" >> /etc/ntp.conf
chkconfig ntpd on
service ntpd restart
hwclock --systohc
###############################
# Configure AD Authentication #
###############################
/usr/sbin/esxcfg-auth --enablead --addomain=ad.test.com.au --addc=192.168.1.6
/usr/sbin/esxcfg-auth --enablekrb5 --krb5realm=ad.test.com.au --krb5kdc=192.168.1.6 --krb5adminserver=192.168.1.6
echo "auth sufficient /lib/security/pam_unix_auth.so shadow nullok" >> /etc/pam.d/vmware-authd
cat > /etc/krb5.conf << KRB5
# Autogenerated by /usr/sbin/esxcfg-auth
[domain_realm]
.ad.test.com.au = AD.TEST.COM.AU
ad.test.com.au = AD.TEST.COM.AU
[libdefaults]
default_realm = AD.TEST.COM.AU
[realms]
AD.TEST.COM.AU = {
admin_server = 192.168.1.6:749
default_domain = ad.test.com.au
kdc = 192.168.1.6:88
kdc = 192.168.1.7:88
kdc = 192.168.1.8:88
kdc = 192.168.1.12:88
kdc = 192.168.1.17:88
}
KRB5
This is the interesting bit, because here I pump out DMI information and based on said information, I configure networking. In this case, I assign vSwitches and PortGroups based on platform. The other thing you may notice below is a perl substitution command to change the teaming policy to 2 NICs. This is because in ESX 3.5, when more than 1 NIC is added to a vSwitch, the extra NICs are configured as standby adapters.
Currently, this setup only requires two active NICs per switch so that is what we do below:
########################
# Configure Networking #
########################
dmidecode > /root/system-info
if grep "PowerEdge 6950" /root/system-info ; then
#Creating vSwitches
/usr/sbin/esxcfg-vswitch -a vSwitch1
/usr/sbin/esxcfg-vswitch -L vmnic2 vSwitch0
/usr/sbin/esxcfg-vswitch -L vmnic3 vSwitch1
/usr/sbin/esxcfg-vswitch -L vmnic1 vSwitch1
#Creating VMotion Interface
/usr/sbin/esxcfg-vswitch -A "VMotion" vSwitch0
#Info gathered from esx.conf using: cat /etc/vmware/esx.conf | grep portgroup | grep name | grep VLAN | awk -F"=" '{ print \$2 }' | sed 's/ "/\/usr\/sbin\/esxcfg-vswitch -A "/g' | sed 's/\$/ vSwitch1/g'
#Creating VLANs
/usr/sbin/esxcfg-vswitch -A "VLAN 526 SAN management network" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 527" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 528 LIBRARY" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 531 Trirega Production" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 551" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 552" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 553 AntiVirSrv_Pr" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 554 AntiVirMngt" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 555 COMMS" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 557 ITSM_TOOL" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 560 Pox_Link" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 561 CU Services" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 562 CU_services_2" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 567 SAN" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 580 CU_Service_Ma" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 589" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 591" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 593 NSS_A" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 594" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 596" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 597 NSS_D" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 624 RGWBSRV_C" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 660" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 661" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 663" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 669 ITS Email Services Support" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 672" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 673" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 674" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 675" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 700 ITS_DMZ_SUPPO" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 701 Asia_IdmDbSrv" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1100 ITS Workgroup Servers" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1101 ITS_INFRASTR" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1102 UNSW_Public" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1104 ME Integration Testing" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1105 ME Shared Services" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1106 NSS_FWFailOverS" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1107 AD_Core_Infra" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1108 WSUS_AV" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1111 UNSW_INFRA_SR" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1112 UNSW_Pub_SRVS" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1500 GSBME_WORKGRP" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1501 HR_WORKGRP" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1502 MED_WORKGRP" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1503 CFO_WORKGRP" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1504 Optometry" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1505 FacilitiesSrv" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 2000 Asia_IdmDbSpt" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 2001 Public_Spt" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 2002 EI_ISS_SRV_Su" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 2003 Ent_ADSrvSup" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 2004 Management Zone" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1506 CSE_WORKGRP" vSwitch1
#Info gathered from esx.conf using: for i in \`cat /etc/vmware/esx.conf | grep vlanId | awk -F"= " '{print \$2}' | grep -v ""0"" | sed 's/"//g'\`; do echo " /usr/sbin/esxcfg-vswitch -p \`cat /etc/vmware/esx.conf | grep name | grep \$i | head -n1 | awk -F"= " '{print \$2}'\` -v \$i vSwitch1" >> /root/vlans ; done
#Configuring VLAN IDs
/usr/sbin/esxcfg-vswitch -p "VLAN 526 SAN management network" -v 526 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 527" -v 527 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 528 LIBRARY" -v 528 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 531 Trirega Production" -v 531 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 551" -v 551 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 552" -v 552 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 553 AntiVirSrv_Pr" -v 553 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 554 AntiVirMngt" -v 554 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 555 COMMS" -v 555 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 557 ITSM_TOOL" -v 557 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 560 Pox_Link" -v 560 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 561 CU Services" -v 561 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 562 CU_services_2" -v 562 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 567 SAN" -v 567 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 580 CU_Service_Ma" -v 580 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 589" -v 589 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 591" -v 591 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 593 NSS_A" -v 593 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 594" -v 594 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 596" -v 596 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 597 NSS_D" -v 597 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 624 RGWBSRV_C" -v 624 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 660" -v 660 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 661" -v 661 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 663" -v 663 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 669 ITS Email Services Support" -v 669 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 672" -v 672 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 673" -v 673 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 674" -v 674 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 675" -v 675 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 700 ITS_DMZ_SUPPO" -v 700 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 701 Asia_IdmDbSrv" -v 701 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1100 ITS Workgroup Servers" -v 1100 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1101 ITS_INFRASTR" -v 1101 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1102 UNSW_Public" -v 1102 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1104 ME Integration Testing" -v 1104 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1105 ME Shared Services" -v 1105 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1106 NSS_FWFailOverS" -v 1106 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1107 AD_Core_Infra" -v 1107 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1108 WSUS_AV" -v 1108 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1111 UNSW_INFRA_SR" -v 1111 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1112 UNSW_Pub_SRVS" -v 1112 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1500 GSBME_WORKGRP" -v 1500 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1501 HR_WORKGRP" -v 1501 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1502 MED_WORKGRP" -v 1502 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1503 CFO_WORKGRP" -v 1503 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1504 Optometry" -v 1504 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1505 FacilitiesSrv" -v 1505 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 2000 Asia_IdmDbSpt" -v 2000 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 2001 Public_Spt" -v 2001 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 2002 EI_ISS_SRV_Su" -v 2002 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 2003 Ent_ADSrvSup" -v 2003 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 2004 Management Zone" -v 2004 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1506 CSE_WORKGRP" -v 1506 vSwitch1
#Configuring teaming policy
perl -p -i -e 's/teamPolicy\/maxActive = "."/teamPolicy\/maxActive = "2"/g' /etc/vmware/esx.conf
fi
if grep "ProLiant DL585 G1" /root/system-info ; then
#Creating vSwitches
/usr/sbin/esxcfg-vswitch -a vSwitch1
/usr/sbin/esxcfg-vswitch -a vSwitch2
/usr/sbin/esxcfg-vswitch -L vmnic1 vSwitch1
/usr/sbin/esxcfg-vswitch -L vmnic2 vSwitch2
/usr/sbin/esxcfg-vswitch -L vmnic3 vSwitch2
#Creating VMotion Interface
/usr/sbin/esxcfg-vswitch -A "VMotion" vSwitch1
#Info gathered from esx.conf using: cat /etc/vmware/esx.conf | grep portgroup | grep name | grep VLAN | awk -F"=" '{ print \$2 }' | sed 's/ "/\/usr\/sbin\/esxcfg-vswitch -A "/g' | sed 's/\$/ vSwitch2/g'
#Creating VLANs
/usr/sbin/esxcfg-vswitch -A "VLAN 1500 GSBME_WORKGRP" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 675" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 594" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 674" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 672" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 661" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 551" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 552" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 663" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 673" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 591" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 596" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 531 Trirega Production" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 593 NSS_A" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 1501 HR_WORKGRP" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 597 NSS_D" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 1102 UNSW_Public" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 2004 Management Zone" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 1104 ME Integration Testing" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 1105 ME Shared Services" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 589" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 1502 MED_WORKGRP" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 1100 ITS Workgroup Servers" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 527" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 1503 CFO_WORKGRP" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 555 COMMS" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 1504 Optometry" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 561 CU Services" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 528 LIBRARY" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 669 ITS Email Services Support" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 560 Pox_Link" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 526 SAN management network" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 1107 AD_Core_Infra" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 1108 WSUS_AV" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 553 AntiVirSrv_Pr" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 554 AntiVirMngt" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 660" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 557 ITSM_TOOL" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 567 SAN" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 614 RGWBSRV_C" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 700 ITS_DMZ_SUPPO" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 701 Asia_IdmDbSrv" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 1101 ITS_INFRASTR" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 1106 NSS_FWFailOverS" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 1111 UNSW_INFRA_SR" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 1112 UNSW_Pub_SRVS" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 1505 FacilitiesSrv" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 2000 Asia_IdmDbSpt" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 2001 Public_Spt" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 2002 EI_ISS_SRV_Su" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 2003 Ent_ADSrvSup" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 580 CU_Service_Ma" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 562 CU_services_2" vSwitch2
/usr/sbin/esxcfg-vswitch -A "VLAN 1506 CSE_WORKGRP" vSwitch2
#Info gathered from esx.conf using: for i in \`cat /etc/vmware/esx.conf | grep vlanId | awk -F"= " '{print \$2}' | grep -v ""0"" | sed 's/"//g'\`; do echo " /usr/sbin/esxcfg-vswitch -p \`cat /etc/vmware/esx.conf | grep name | grep \$i | head -n1 | awk -F"= " '{print \$2}'\` -v \$i vSwitch1" >> /root/vlans ; done
#Configuring VLAN IDs
/usr/sbin/esxcfg-vswitch -p "VLAN 1500 GSBME_WORKGRP" -v 1500 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 675" -v 675 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 594" -v 594 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 674" -v 674 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 672" -v 672 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 661" -v 661 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 551" -v 551 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 552" -v 552 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 663" -v 663 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 673" -v 673 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 591" -v 591 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 596" -v 596 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 531 Trirega Production" -v 531 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 593 NSS_A" -v 593 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 1501 HR_WORKGRP" -v 1501 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 597 NSS_D" -v 597 vSwitch2
/usr/sbin/esxcfg-vswitch -p "Advanced Micro Devices [AMD]: Unknown device 1102" -v 1102 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 2004 Management Zone" -v 2004 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 1104 ME Integration Testing" -v 1104 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 1105 ME Shared Services" -v 1105 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 589" -v 589 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 1502 MED_WORKGRP" -v 1502 vSwitch2
/usr/sbin/esxcfg-vswitch -p "Advanced Micro Devices [AMD]: Unknown device 1100" -v 1100 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 527" -v 527 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 1503 CFO_WORKGRP" -v 1503 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 555 COMMS" -v 555 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 1504 Optometry" -v 1504 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 561 CU Services" -v 561 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 528 LIBRARY" -v 528 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 669 ITS Email Services Support" -v 669 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 560 Pox_Link" -v 560 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 526 SAN management network" -v 526 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 1107 AD_Core_Infra" -v 1107 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 1108 WSUS_AV" -v 1108 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 553 AntiVirSrv_Pr" -v 553 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 554 AntiVirMngt" -v 554 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 660" -v 660 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 557 ITSM_TOOL" -v 557 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 567 SAN" -v 567 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 614 RGWBSRV_C" -v 614 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 700 ITS_DMZ_SUPPO" -v 700 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 701 Asia_IdmDbSrv" -v 701 vSwitch2
/usr/sbin/esxcfg-vswitch -p "Advanced Micro Devices [AMD]: Unknown device 1101" -v 1101 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 1106 NSS_FWFailOverS" -v 1106 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 1111 UNSW_INFRA_SR" -v 1111 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 1112 UNSW_Pub_SRVS" -v 1112 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 1505 FacilitiesSrv" -v 1505 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 2000 Asia_IdmDbSpt" -v 2000 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 2001 Public_Spt" -v 2001 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 2002 EI_ISS_SRV_Su" -v 2002 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 2003 Ent_ADSrvSup" -v 2003 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 580 CU_Service_Ma" -v 580 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 562 CU_services_2" -v 562 vSwitch2
/usr/sbin/esxcfg-vswitch -p "VLAN 1506 CSE_WORKGRP" -v 1506 vSwitch2
#Configuring teaming policy
perl -p -i -e 's/teamPolicy\/maxActive = "."/teamPolicy\/maxActive = "2"/g' /etc/vmware/esx.conf
fi
if grep "ProLiant DL380 G4" /root/system-info ; then
#Creating vSwitches
/usr/sbin/esxcfg-vswitch -a vSwitch1
/usr/sbin/esxcfg-vswitch -L vmnic1 vSwitch1
#Creating VMotion Interface
/usr/sbin/esxcfg-vswitch -A "VMotion" vSwitch0
#Info gathered from esx.conf using: cat /etc/vmware/esx.conf | grep portgroup | grep name | grep VLAN | awk -F"=" '{ print \$2 }' | sed 's/ "/\/usr\/sbin\/esxcfg-vswitch -A "/g' | sed 's/\$/ vSwitch1/g'
#Creating VLANs
/usr/sbin/esxcfg-vswitch -A "VLAN 526 SAN management network" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 527" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 528 LIBRARY" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 528" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 531 Trirega Production" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 551" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 552" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 553 AntiVirSrv_Pr" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 554 AntiVirMngt" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 555 COMMS" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 557 ITSM_TOOL" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 560 Pox_Link" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 561 CU Services" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 562 CU_services_2" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 567 SAN" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 580 CU_Service_Ma" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 589" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 591" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 593 NSS_A" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 594" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 596" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 597 NSS_D" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 614 RGWBSRV_C" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 660" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 661" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 663" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 669 ITS Email Services Support" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 672" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 673" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 674" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 675" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 700 ITS_DMZ_SUPPO" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 701 Asia_IdmDbSrv" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1100 ITS Workgroup Servers" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1101 ITS_INFRASTR" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1102 UNSW_Public" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1104 ME Integration Testing" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1105 ME Shared Services" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1106 NSS_FWFailOverS" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1107 AD_Core_Infra" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1108 WSUS_AV" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1111 UNSW_INFRA_SR" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1112 UNSW_Pub_SRVS" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1500 GSBME_WORKGRP" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1501 HR_WORKGRP" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1502 MED_WORKGRP" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1503 CFO_WORKGRP" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1504 Optometry" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 1505 FacilitiesSrv" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 2000 Asia_IdmDbSpt" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 2001 Public_Spt" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 2002 EI_ISS_SRV_Su" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 2003 Ent_ADSrvSup" vSwitch1
/usr/sbin/esxcfg-vswitch -A "VLAN 2004 Management Zone" vSwitch1
#Info gathered from esx.conf using: for i in \`cat /etc/vmware/esx.conf | grep vlanId | awk -F"= " '{print \$2}' | grep -v ""0"" | sed 's/"//g'\`; do echo " /usr/sbin/esxcfg-vswitch -p \`cat /etc/vmware/esx.conf | grep name | grep \$i | head -n1 | awk -F"= " '{print \$2}'\` -v \$i vSwitch1" >> /root/vlans ; done
#Configuring VLAN IDs
/usr/sbin/esxcfg-vswitch -p "VLAN 526 SAN management network" -v 526 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 527" -v 527 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 528 LIBRARY" -v 528 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 528 LIBRARY" -v 528 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 531 Trirega Production" -v 531 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 551" -v 551 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 552" -v 552 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 553 AntiVirSrv_Pr" -v 553 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 554 AntiVirMngt" -v 554 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 555 COMMS" -v 555 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 561 CU Services" -v 561 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 562 CU_services_2" -v 562 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 567 SAN" -v 567 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 580 CU_Service_Ma" -v 580 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 589" -v 589 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 591" -v 591 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 593 NSS_A" -v 593 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 594" -v 594 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 596" -v 596 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 597 NSS_D" -v 597 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 614 RGWBSRV_C" -v 614 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 660" -v 660 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 661" -v 661 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 663" -v 663 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 669 ITS Email Services Support" -v 669 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 672" -v 672 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 673" -v 673 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 674" -v 674 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 675" -v 675 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 700 ITS_DMZ_SUPPO" -v 700 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 701 Asia_IdmDbSrv" -v 701 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1100 ITS Workgroup Servers" -v 1100 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1101 ITS_INFRASTR" -v 1101 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1102 UNSW_Public" -v 1102 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1104 ME Integration Testing" -v 1104 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1105 ME Shared Services" -v 1105 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1106 NSS_FWFailOverS" -v 1106 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1107 AD_Core_Infra" -v 1107 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1108 WSUS_AV" -v 1108 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1111 UNSW_INFRA_SR" -v 1111 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1112 UNSW_Pub_SRVS" -v 1112 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1500 GSBME_WORKGRP" -v 1500 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1501 HR_WORKGRP" -v 1501 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1502 MED_WORKGRP" -v 1502 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1503 CFO_WORKGRP" -v 1503 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1504 Optometry" -v 1504 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 1505 FacilitiesSrv" -v 1505 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 2000 Asia_IdmDbSpt" -v 2000 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 2001 Public_Spt" -v 2001 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 2002 EI_ISS_SRV_Su" -v 2002 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 2003 Ent_ADSrvSup" -v 2003 vSwitch1
/usr/sbin/esxcfg-vswitch -p "VLAN 2004 Management Zone" -v 2004 vSwitch1
#Configuring teaming policy
perl -p -i -e 's/teamPolicy\/maxActive = "."/teamPolicy\/maxActive = "2"/g' /etc/vmware/esx.conf
fi
Here I configure hostnames based on serial numbers of the machine.
################################# # Configuring hostnames and IPs # ################################# echo "NETWORKING=yes" > /etc/sysconfig/network echo "GATEWAYDEV=vswif0" >> /etc/sysconfig/network if grep -i "8LFST1S" /root/system-info ; then /usr/sbin/esxcfg-vswif -i 192.168.0.19 -n 255.255.255.0 -p "Service Console" vswif0 /usr/sbin/esxcfg-vmknic -i 192.168.0.199 -n 255.255.255.0 -p "VMotion" /usr/sbin/esxcfg-vswif -E perl -p -i -e 's/localhost.localdomain/esx1.test.com.au/g' /etc/vmware/esx.conf echo "192.168.0.19 esx1.test.com.au esx1" >> /etc/hosts echo "HOSTNAME=esx1.test.com.au" >> /etc/sysconfig/network fi if grep -i "9LFST1S" /root/system-info ; then /usr/sbin/esxcfg-vswif -i 192.168.0.20 -n 255.255.255.0 -p "Service Console" vswif0 /usr/sbin/esxcfg-vmknic -i 192.168.0.200 -n 255.255.255.0 -p "VMotion" /usr/sbin/esxcfg-vswif -E perl -p -i -e 's/localhost.localdomain/esx2.test.com.au/g' /etc/vmware/esx.conf echo "192.168.0.20 esx2.test.com.au esx2" >> /etc/hosts echo "HOSTNAME=esx2.test.com.au" >> /etc/sysconfig/network fi if grep -i "hrksmlkb5g" /root/system-info ; then /usr/sbin/esxcfg-vswif -i 192.168.0.21 -n 255.255.255.0 -p "Service Console" vswif0 /usr/sbin/esxcfg-vmknic -i 192.168.0.201 -n 255.255.255.0 -p "VMotion" /usr/sbin/esxcfg-vswif -E perl -p -i -e 's/localhost.localdomain/esx3.test.com.au/g' /etc/vmware/esx.conf echo "192.168.0.21 esx3.test.com.au esx3" >> /etc/hosts echo "HOSTNAME=esx3.test.com.au" >> /etc/sysconfig/network fi if grep -i "HS5EMLKB5H" /root/system-info ; then /usr/sbin/esxcfg-vswif -i 192.168.0.22 -n 255.255.255.0 -p "Service Console" vswif0 /usr/sbin/esxcfg-vmknic -i 192.168.0.202 -n 255.255.255.0 -p "VMotion" /usr/sbin/esxcfg-vswif -E perl -p -i -e 's/localhost.localdomain/esx4.test.com.au/g' /etc/vmware/esx.conf echo "192.168.0.22 esx4.test.com.au esx4" >> /etc/hosts echo "HOSTNAME=esx4.test.com.au" >> /etc/sysconfig/network fi if grep -i "HJBHMLKB4S" /root/system-info ; then /usr/sbin/esxcfg-vswif -i 192.168.0.23 -n 255.255.255.0 -p "Service Console" vswif0 /usr/sbin/esxcfg-vmknic -i 192.168.0.203 -n 255.255.255.0 -p "VMotion" /usr/sbin/esxcfg-vswif -E perl -p -i -e 's/localhost.localdomain/esx6.test.com.au/g' /etc/vmware/esx.conf echo "192.168.0.23 esx6.test.com.au esx6" >> /etc/hosts echo "HOSTNAME=esx6.test.com.au" >> /etc/sysconfig/network fi if grep -i "HM00MLKB72" /root/system-info ; then /usr/sbin/esxcfg-vswif -i 192.168.0.25 -n 255.255.255.0 -p "Service Console" vswif0 /usr/sbin/esxcfg-vmknic -i 192.168.0.205 -n 255.255.255.0 -p "VMotion" /usr/sbin/esxcfg-vswif -E perl -p -i -e 's/localhost.localdomain/esx8.test.com.au/g' /etc/vmware/esx.conf echo "192.168.0.25 esx8.test.com.au esx8" >> /etc/hosts echo "HOSTNAME=esx8.test.com.au" >> /etc/sysconfig/network fi if grep -i "HZ3YPGK16P" /root/system-info ; then /usr/sbin/esxcfg-vswif -i 192.168.0.29 -n 255.255.255.0 -p "Service Console" vswif0 /usr/sbin/esxcfg-vmknic -i 192.168.0.206 -n 255.255.255.0 -p "VMotion" /usr/sbin/esxcfg-vswif -E perl -p -i -e 's/localhost.localdomain/esx9.test.com.au/g' /etc/vmware/esx.conf echo "192.168.0.29 esx9.test.com.au esx9" >> /etc/hosts echo "HOSTNAME=esx9.test.com.au" >> /etc/sysconfig/network fi if grep -i "AUB43400MD" /root/system-info ; then /usr/sbin/esxcfg-vswif -i 192.168.0.27 -n 255.255.255.0 -p "Service Console" vswif0 /usr/sbin/esxcfg-vmknic -i 192.168.0.207 -n 255.255.255.0 -p "VMotion" /usr/sbin/esxcfg-vswif -E perl -p -i -e 's/localhost.localdomain/esx10.test.com.au/g' /etc/vmware/esx.conf echo "192.168.0.27 esx10.test.com.au esx10" >> /etc/hosts echo "HOSTNAME=esx10.test.com.au" >> /etc/sysconfig/network fi if grep -i "AUB537086L" /root/system-info ; then /usr/sbin/esxcfg-vswif -i 192.168.0.28 -n 255.255.255.0 -p "Service Console" vswif0 /usr/sbin/esxcfg-vmknic -i 192.168.0.208 -n 255.255.255.0 -p "VMotion" /usr/sbin/esxcfg-vswif -E perl -p -i -e 's/localhost.localdomain/esx11.test.com.au/g' /etc/vmware/esx.conf echo "192.168.0.28 esx11.test.com.au esx11" >> /etc/hosts echo "HOSTNAME=esx11.test.com.au" >> /etc/sysconfig/network fi if grep -i "AUB44902R6" /root/system-info ; then /usr/sbin/esxcfg-vswif -i 192.168.0.26 -n 255.255.255.0 -p "Service Console" vswif0 /usr/sbin/esxcfg-vmknic -i 192.168.0.209 -n 255.255.255.0 -p "VMotion" /usr/sbin/esxcfg-vswif -E perl -p -i -e 's/localhost.localdomain/esx12.test.com.au/g' /etc/vmware/esx.conf echo "192.168.0.26 esx12.test.com.au esx12" >> /etc/hosts echo "HOSTNAME=esx12.test.com.au" >> /etc/sysconfig/network fi esxcfg-route -a default 192.168.0.1 echo "GATEWAY=192.168.0.1" >> /etc/sysconfig/network service network restart service mgmt-vmware restart sleep 120 cat > /etc/vmware/hostd/hostsvc.xml << HOSTSVC normal VMotion HOSTSVC perl -i -pe 'chomp if eof' /etc/vmware/hostd/hostsvc.xml /usr/sbin/esxcfg-advcfg -s 1 /Migrate/Enabled
In the following section, using lwp, I install Dell OpenManage, HP Insight Manager Agents, lputil, scli and Navisphere Agent on every relevant server
############################### # Configuring Dell OpenManage # ############################### if grep -i "PowerEdge 6950" /root/system-info ; then mkdir /tmp/omsa_script esxcfg-firewall --allowOutgoing lwp-download http://ris-server.test.com.au/esx/esx350/DellManage/OMSA541.iso /tmp/omsa_script/OMSA541.iso esxcfg-firewall --blockOutgoing mkdir /mnt/omsa_script mount /tmp/omsa_script/OMSA541.iso /mnt/omsa_script -o loop /mnt/omsa_script/linux/supportscripts/srvadmin-install.sh -b -w -r -s umount /mnt/omsa_script rmdir /mnt/omsa_script fi ############################################ # Configuring HP Insight Management Agents # ############################################ if grep -i "ProLiant" /root/system-info ; then mkdir /tmp/omsa_script esxcfg-firewall --allowOutgoing lwp-download http://ris-server.test.com.au/esx/esx350/HPInsight/hpmgmt-8.1.0-vmware3x.tgz /tmp/omsa_script/hpmgmt-8.1.0-vmware3x.tgz lwp-download http://ris-server.test.com.au/esx/esx350/HPInsight/hpmgmt.conf /tmp/omsa_script/hpmgmt.conf esxcfg-firewall --blockOutgoing cd /tmp/omsa_script/ tar xzvf hpmgmt-8.1.0-vmware3x.tgz cd hpmgmt/810 sh /tmp/omsa_script/hpmgmt/810/installvm810.sh --silent --inputfile /tmp/omsa_script/hpmgmt.conf cd /root rm -fr /mnt/omsa_script fi sed -i "s/rocommunity.*/rocommunity PUBLIC/g" /etc/snmp/snmpd.conf sed -i "s/trapcommunity.*/trapcommunity PUBLIC/g" /etc/snmp/snmpd.conf sed -i "s/trapsink.*/trapsink infpwsm003.ad.test.com.au/g" /etc/snmp/snmpd.conf service snmpd restart ############################# # Configuring EMC Navispere # ############################# if grep -i grep "esx.*.test.com.au" /etc/vmware/esx.conf ; then mkdir /tmp/omsa_script esxcfg-firewall --allowOutgoing lwp-download http://ris-server.test.com.au/esx/esx350/Navisphere/NAVIAGNTCLI_LINUX_V26.zip /tmp/omsa_script/NAVIAGNTCLI_LINUX_V26.zip esxcfg-firewall --blockOutgoing cd /tmp/omsa_script/ unzip NAVIAGNTCLI_LINUX_V26.zip rpm -Uvh *.rpm port_list="6389,tcp,in,NaviCLI 6389,tcp,out,NaviCLI 6390,tcp,in,NaviCLI 6391,tcp,in,NaviCLI 6392,tcp,in,NaviCLI 443,tcp,out,NaviCLI 2163,tcp,out,NaviCLI" for port in \$port_list ; do /usr/sbin/esxcfg-firewall -o \$port ; done cd /root rm -fr /mnt/omsa_script esxcfg-firewall --allowOutgoing lwp-download http://ris-server.test.com.au/esx/esx350/Navisphere/agent.config /etc/Navisphere/agent.config esxcfg-firewall --blockOutgoing service naviagent start fi ############################################################ # Install Emulex LPUtil and QLogic SCLI for HBA Management # ############################################################ if grep -i grep "esx.*.test.com.au" /etc/vmware/esx.conf ; then mkdir /tmp/omsa_script esxcfg-firewall --allowOutgoing lwp-download http://ris-server.test.com.au/esx/esx350/HBA/scli-1.7.0-13.i386.rpm /tmp/omsa_script/scli-1.7.0-13.i386.rpm lwp-download http://ris-server.test.com.au/esx/esx350/HBA/lpfcutil-7.4.0.13-1.tgz /tmp/omsa_script/lpfcutil-7.4.0.13-1.tgz esxcfg-firewall --blockOutgoing cd /tmp/omsa_script/ rpm -Uvh *.rpm tar xzvf lpfcutil-7.4.0.13-1.tgz sh Install.sh cd /root rm -fr /mnt/omsa_script fi
The rest is default stuff you would have seen in my scripts before:
######################################### # Making sure the script runs only once # ######################################### mv /etc/rc.d/rc3.d/S11servercfg /root/leo-setup.sh rm -f /root/system-info EOF ######################################## # Making sure the script is executable # ######################################## /bin/chmod a+x /etc/rc.d/rc3.d/S11servercfg
All done
Cheers
on Aug 20th, 2008 at 9:59 am
[...] can use it via ks.cfg kickstart scripts to modify your servers based on hardware IDs – watch for my 17-page kickstart to demonstrate this [...]
on Sep 10th, 2008 at 10:20 pm
Very cool script!
Just a question, how does your silent installation for the hpmgmt package look like?
Regards,
Andreas
on Sep 11th, 2008 at 4:34 pm
Hi Andreas,
Here it is:
# HP ProLiant Support software input file
#
# If you wish to have a custom configuration of System Management
# passwords or SNMP, modify the values and/or uncomment the lines below.
# Changing the values here can be useful in deploying multiple servers
# with the same custom configuration.
export CMASILENT=”YES”
export CMANOSTARTINSTALL=”hpasmd”
# export CMALOCALHOSTRWCOMMSTR – SNMP read/write community string for local
# host access.
# ex. export CMALOCALHOSTRWCOMMSTR=private
# export CMALOCALHOSTROCOMMSTR – SNMP read-only community string for local host
# access.
# ex. export CMALOCALHOSTROCOMMSTR=public
#export CMALOCALHOSTRWCOMMSTR=
#export CMALOCALHOSTROCOMMSTR=
# export CMAMGMTSTATIONRWIPORDNS – IP address or DNS host name of a system with
# read/write access to server as a management station.
# ex. export CMAMGMTSTATIONRWIPORDNS=192.168.1.1
# export CMAMGMTSTATIONRWCOMMSTR – SNMP read/write community string for a system
# with read/write access that serves as a management station.
# ex. export CMAMGMTSTATIONRWCOMMSTR=private
#export CMAMGMTSTATIONRWIPORDNS=
#export CMAMGMTSTATIONRWCOMMSTR=
# export CMAMGMTSTATIONROIPORDNS – IP address or DNS host name of a system with
# read-only access to server as a management station.
# ex. export CMAMGMTSTATIONROIPORDNS=192.168.1.1
# export CMAMGMTSTATIONROCOMMSTR – SNMP read/write community string for a system
# with read-only access that serves as a management station.
# ex. export CMAMGMTSTATIONROCOMMSTR=private
#export CMAMGMTSTATIONROIPORDNS=
#export CMAMGMTSTATIONROCOMMSTR=
# export CMADEFTRAPCOMMSTR – Default SNMP community string for traps.
# ex. export CMADEFTRAPCOMMSTR=private
# export CMATRAPDESTINATIONCOMMSTR – SNMP destination trap community string.
# ex. export CMATRAPDESTINATIONCOMMSTR=private
# export CMATRAPDESTINATIONIPORDNS – IP address or DNS hostname of a server to
# send SNMP traps.
# ex. export CMATRAPDESTINATIONIPORDNS=10.0.0.1
#export CMADEFTRAPCOMMSTR=
#export CMATRAPDESTINATIONCOMMSTR=
#export CMATRAPDESTINATIONIPORDNS=
# export CMASYSCONTACT & export CMASYSLOCATION – System contact and location information
# Must be in double quotes if contains spaces.
# ex. export CMASYSCONTACT=”Joe Smith”
# ex. export CMASYSLOCATION=”1234 Smith Lane, Building Admin #5″
#export CMASYSCONTACT=
#export CMASYSLOCATION=
# export CMAAGENTEXCLUDESTR – Agent exclusion on startup
# ex. export CMAAGENTEXCLUDESTR=”cmaeventd cmaperfd”
#export CMAAGENTEXCLUDESTR=
# For accessing the System Management Homepage, the port for hpim service
# (2381) should be enabled in the firewall. Default is to enable this port.
# Set export ENABLEHPIMPORT=N if you don’t want to enable the port for hpim
# service
# N = No
# Y = Yes
export ENABLEHPIMPORT=Y
# For allowing discovery by the System Inisght Manager, the port
# (2301) should be enabled in the firewall. Default is to enable this port.
# Set export ENABLEHP_SIMPORT=N if you don’t want to enable the port 2301
# N = No
# Y = Yes
export ENABLEHP_SIMPORT=Y
# For the Insight Manager agents to communicate properly with HP Systems
# Insight Manager, the snmpd service should be enabled in the firewall.
# Default is to enable this service.
# Set export ENABLESNMPSERVICE=N if you don’t want to enable snmpd service
# N = No
# Y = Yes
export ENABLESNMPSERVICE=Y
# For adding the HP Systems Insight Manager Certificate in SMH, the port [280]
# should be enabled in the firewall.
# Default is to enable this port.
# Set export ENABLESIMCERTPORT=N if you don’t want to enable the port [280]
# N = No
# Y = Yes
export ENABLESIMCERTPORT=Y
on Oct 1st, 2008 at 8:16 pm
Thanks, very useful information !!!
on Oct 3rd, 2008 at 5:30 am
Have you tried setting the vmservconmem setting using this script and ESX 3.5? I cannot get it to set for the life of me and wondered if you had any experiences with it?
on Oct 3rd, 2008 at 12:58 pm
Hi Mike,
I have not, but let me do a little investigation.
Cheers,
Leo
on Nov 12th, 2008 at 8:59 am
thanks, great info…couple of extra script that I found handy
#########################################
# Change the amount of RAM allocated to the Service Console #
#########################################
cp /etc/vmware/esx.conf /etc/vmware/esx.conf.ORIG
perl -spi -e ’s|/boot/memSize = \”272\”|/boot/memSize = \”800\”|’ /etc/vmware/esx.conf
cp /etc/grub.conf /etc/grub.conf.ORIG
esxcfg-boot -g
esxcfg-boot -b
###################################
# VMware have this in their security hardening guide #
###################################
cat > /etc/vmware/hostd/authorization.xml << AUTHORIZATION
ha-folder-root
10
false
true
-1
root
ha-folder-root
11
false
true
-1
admin
12
AUTHORIZATION
################################################
# NFS Advance Configuration setup based on NetApp NFS best practise #
#Can’t get this to work using the kickstart script but when used manually #
#via SC works fine, if someone got it working, let us know #
################################################
/usr/bin/vmware-vim-cmd hostsvc/advopt/update NFS”.”HeartbeatFrequency int 12
/usr/bin/vmware-vim-cmd hostsvc/advopt/update NFS”.”HeartbeatMaxFailures int 10
/usr/bin/vmware-vim-cmd hostsvc/advopt/update NFS”.”MaxVolumes int 30
on Mar 9th, 2009 at 11:15 pm
I don’t suppose you’ve had any call to install IBM Director in an automated way with any of your kickstart builds have you? I’m just using your kickstart to try and craft something of my own, but we use IBM kit, of which I have had no experience with their manglement tools yet.
Many thanks for sharing all this BTW! Has saved me much time.
on Mar 10th, 2009 at 6:55 pm
Hi Nicola,
No I’m sorry, I’ve never dealt with automated installations on IBM boxes
on Mar 12th, 2009 at 3:38 am
Leo,
This is great!! Was going through the text file you linked and I am finding it is different then the one you have explained on the web.
The web has:
## We are going include ignoredisk and disk_map autogenerated files here
%include /tmp/ignoredisk
%include /tmp/disk_map
<>
SYSLOG=./fchba.out
IGNOREDISK=/tmp/ignoredisk
TESTSTATEMENT=$(grep -e QLogic -e Emulex $SYSLOG)
touch $IGNOREDISK
if [ -n "$TESTSTATEMENT" ] ; then
for i in $(grep -e QLogic -e Emulex $SYSLOG | grep scsi | cut -d ” ” -f 1 | sed ’s///’); do DISKS=$DISKS” “$(grep “$i” $SYSLOG | grep Attach | cut -d ” ” -f 4) ; done
DISKS=$(echo $DISKS|sed ’s/ s/,s/g’)
echo “ignoredisk –drives=”$DISKS > $IGNOREDISK
fi
The text file has:
# ignoredisk .drives=sdb,sdc,sdd,sde,sdf,sdg,sdh,sdi,sdj,sdk,sdl
## We are going to wipe anything on the first (ccsis/sda) disk here!
%include /tmp/disk_map
I can cut and paste from one to the other fine, just wondering what fchba.out is? Is this something that exists during a kickstart/install and not afterward?
Thanks.
on Mar 12th, 2009 at 3:15 pm
Hi John,
That basically outputs the install syslog to a a file called fchba.out – happens during installation.
I’ll have to replace the file in the link as it’s a bit clunky, it’s better to use a customized ISO that doesn’t load HBA drivers on boot.
Cheers,
Leo
on May 23rd, 2009 at 10:32 pm
[...] ESX 3.5 Kickstart script – part 3 | Leo's Ramblings (tags: esx vmware sysadmin kickstart linux) [...]
on Jun 9th, 2009 at 11:19 am
[...] ESX node installs are now as close to fully automated as I want to make them, using Leo’s Ramblings as a starting [...]
on Aug 28th, 2009 at 6:20 am
[...] Thanks to Leo’s ESX 3.5 Kickstart script – part 3. [...]
on Oct 14th, 2009 at 3:45 am
I was wondering whether your scripts would work on esx 4.0 I know that VICFG commands are the rage now but where would you use one rather than the other ie esxcfg
Thankyou