While recently updating my article, it reminded me an old by who initially identified a way to add an ESXi host to vCenter using python and the. The approach was very neat but was not 100% automated as it required some user interaction with the vSphere MOB to identify certain API properties before one could potentially script it within a kickstart installation. I decided to revisit this problem as it was something I had investigated awhile back. There are numerous ways on getting something like this to work in your environment, but it all boils down to your constraints, naming convention and provisioning process.

1. Github-for-mac Hai Eseguito Git Update-server-info Errore Su Una

If you have a well defined environment and utilizing a good naming structure and can easily identify which vCenter a given ESX(i) host should be managed from, then this can easily be integrated into your existing kickstart with minor tweaks. This script was tested on vCenter 4.1 Update 1 and ESXi 4.1 and 4.1 Update1.

UPDATE : Updated the IP Address extraction to use gethostbyname and added proper logout logic after joining vCenter. UPDATE : I have provided a download link to the joinvCenter.py script below as there have been some funky formatting issues when displaying the script. For ESXi 5.x hosts, you will need to ensure httpClient is enabled (disabled by default) on the ESXi firewall else it will not be able to connect to your vCenter Server.

Please refer below for the instructions. There are a few steps that are necessary before we get started and a recommended one for those that have security concerns around this solution. Step 1 - You will need to extract some information from the vCenter server in which you would like your ESX(i) hosts to join.

You will need to generate an inventory path to the vCenter cluster which will take the form of: datacenter-name/host/cluster-name, this will automatically locate the managed object ID of your vCenter cluster which is required as part of the host add process. This was a manual process in Justin's original solution. In this example, I have a datacenter called ' Primp-Skunkworks' and a cluster under that datacenter called ' Primp-Skunkworks-Cluster', the inventory path will look like the following: 'Primp-Skunkworks/host/ Primp-Skunkworks-Cluster ' You will need this value to populate a variable in the script which will be described a little bit later Step 2 - As you may have guessed, to add an ESX(i) host to vCenter, you will need to connect to vCenter server and use an account that has the permission to add a host. It is recommended that you do not use or expose any administrative accounts for this as the credentials are stored within the script unencrypted.

A work around is to create a service account whether that is a local account or an Active Directory account with only the permission to add an ESX(i) host to a vCenter cluster. You will create a new role, in this example I call it ' JoinvCenter' and you just need to provide the Host-Inventory-Add host to cluster privilege. Once you have created the role, you will need to assign this role to the service account user either globally in vCenter if you want to add to multiple cluster or a given datacenter/cluster.

Now that we have the pre-requisites satisfied, we will need to populate a few variables within the script which will be used in your%post section of ESX(i) kickstart configuration file. This variable defines the name of your vCenter server, please provide the FQDN: This variable define the vCenter cluster path which was generated earlier: These variables define the server account credentials used to add an ESX(i) host to vCenter. You will need to run the following command to encode the selected password. You will need access to a system with python interpreter to run the following command: python -c 'import base64; print base64.b64encode('MySuperDuperSecretPasswordYo')' Note: This does not encrypt your password but obfuscate it slightly so that you are not storing the password in plain text. If a user has access to the encoded hash, it is trivial to decode it. These variables define the ESX(i) root credentials which is required as part of the vCenter add process.

If you do not want to store these in plain text, you will also need to encode them using the command in previous section: We are now all done and ready to move forward with the actual script which will be included in your kickstart configuration. As a sanity check, you can run this script manually on an existing ESX(i) host to ensure that the process works before testing in kickstart. For ESXi 5.x hosts, ensure httpClient firewall ruleset is enabled by following ESXCLI command: esxcli network firewall ruleset set -e true -r httpClient You should also ensure this is the very last script to execute as I ran into a race condition while the root password was being updated automatically from the default 999. scripts. To ensure this is the very last script, set the -level to something like 9999 in your%firstboot stanza Download: To aide in troubleshooting, the script also outputs the details to syslog and on ESX(i), it will be stored in /var/log/messages and you can just search for the string ' GHETTO-JOIN-VC'. If everything is successful, after%firstboot section has completed, you should be able to see an ESX(i) host join vCenter and the following in the logs. Tips: You should only see ' Success' messages, if you see any ' Failed' messages, something went wrong.

If you are still running into issues, make sure your ESX(i) host has it's hostname configured with FQDN and you should see an error on your vCenter server if it fails to whether it's due to hostname and/or credentials. You can also redirect the output of the script to local VMFS volume for post-troubleshooting. Depending on your provision process and how you determine which ESX(i) host should join which vCenter/cluster, you can easily add logic in the main kickstart configuration file to automatically determine or extract from a configuration file and dynamically update joinvCenter.py script prior to execution. I would like to thank and VMTN user for their contributions on the python snippets that were used in the script.

FYI - I am sure the python code could be cleaner but I will leave that as an exercise for those more adept to python. My python-fu is not very strong 😉. Funny that you post this today. Over the weekend I did some automation around PXE installation with kickstart and was thinking that connecting to VC was the one missing piece. I really like the idea of a bare bones user account. Instead of the somewhat hacky python script I was thinking about using ‘wget’ to for example download ruby and rbvmomi to do this ‘the proper way’.

Alternatively I was thinking of just posting an event on a RabbitMQ server using a small python script where the ESX announces its IP. A proper (and more powerful) rbvmomi script could then pick the rest up from there. @Christian, You may be able to get ruby/rbvmomi running on classic ESX, but with ESXi, it probably won’t work in the Busybox Console. At a minimum you’ll probably need a statically linked ruby binary to encapsulate all it’s dependencies. The latter solution is probably the best option and it’s actually one that VMware uses with it’s Auto Deploy appliance which does exactly that after pre-provision.

It does “call back” to Auto Deploy and from there the system uses the APIs to join it to specific vCenter & apply a host profile. ESXi has netcat starting with 4.1 which you can build a dumb client to periodically call back to a server and then perform advanced operations using any SDK available whether that is VI Java, Perl, PowerCLI, etc. On any platform (Windows/Linux) The possibilities are pretty much endless. Hello William, Amazing post! I’m trying to run this script manually from an ESXi 4.1u1 host to test it out and make sure it’s working before putting it into a kickstart script. I keep getting “Failed to retrieve MOB data” error message from the error log. When I go to the MOB listed from a browser and use the AD account created and assigned the permissions from above I can access the URL just fine.

I’m not sure where to go from here. I’ve worked with your Active Directory connection script and that one works swimmingly.

I am trying to setup an automated install of ESXi hosts using the kickstart script and the jointovCenter python script from here. Everything works great and ESXi auto-installs with the kickstart script and then after%firstboot it runs this script, or if i run it manually with # python joinvCenter.py from the service console. In the logs it lists out all of the syslog messages generated from the script saying it successfully joined vCenter but it does not actually join and I see no signs of life from vCenter or in the vCenter logs. VCenter does not appear to do anything, like sending out the agent etc.

Does anyone know why it would not be joining the host to the vCenter cluster? I am at a dead end here since all of the logs show success when running the script. @Mike, I had some free time and took a look at this. There were a few things that would cause some issues which hopefully is now all resolved: 1) There were some odd formatting issues on the blog, I’ve uploaded the script to vGhetto Repository so you can just download it (link above) 2) Starting with ESXi 5.x, you need to enable httpClient ruleset on the ESXi Firewall, this is what most folks have ran into from what I can tell. Once the rule is enabled, it’ll be able to connect to your vCenter Server.

Go ahead and give it another try. @Mike44, I had some free time and took a look at this. There were a few things that would cause some issues which hopefully is now all resolved: 1) There were some odd formatting issues on the blog, I’ve uploaded the script to vGhetto Repository so you can just download it (link above) 2) Starting with ESXi 5.x, you need to enable httpClient ruleset on the ESXi Firewall, this is what most folks have ran into from what I can tell. Once the rule is enabled, it’ll be able to connect to your vCenter Server.

Go ahead and give it another try. I am trying to add this script to my kickstart process and am not having much luck. I am having similar issues to Rucking and Christoph but my tags all seem to be in the proper case for the xml argument. When I check the log everything states that is worked successfully but I don’t see the host add in vcenter. I see the user account connect to vcenter for a second and then it disconnets but nothing even shows up in the tasks. If I change any parameters I can see that it fails in the log and if I use the MOB web interface I can add the host with no problems. Any thoughts?

Ok I have experimented a little bit with this. It will work if you simple give it as cluster name “YourDatacenterName/host” with no cluster name beyond that But you will have to change the code to look for “group-h”, not “domain-c” Then you need to change the method used to call Vcenter from “addHost” to “addStandaloneHost” Last but not least, the parameter “asConnected” does not exist in that function; you have to use “addConnected” instead. In fact you can quite easily find this info by going to using your browser.

Then input your DC name and navigate from there. Tested and working on ESXi 5.5U2 with latest VCSA. As I found, it was not only on ESXi version, but also vCenter version. If you upgrade to VCSA 6.5, the scripts cannot work. The scripts were for python 2.

But in VCSA 6.5, you need use https to access it. Here is the solutions: a.

Add ssl in the import part. “import sys,re,os,urllib,urllib2,base64,syslog,socket,ssl” b.

Add Disable SSL certificate part after the url. # Disabling SSL certificate verification context = ssl.createdefaultcontext context.checkhostname = False context.verifymode = ssl.CERTNONE. I’m looking at this script for adding ESX 6.5U1 hosts in to VCSA 6.5 U1. I’m getting this error: SyntaxError: invalid syntax : vi joinvCenter.py : python joinvCenter.py File “joinvCenter.py”, line 44 except IOError, e: ^ SyntaxError: invalid syntax The other thing I’ve noticed with using the python -c “import base64; print base64.b64encode(‘MySuperDuperSecretPasswordYo’)” Is that sees passwords with special character such as VMware1!

Github-for-mac Hai Eseguito Git Update-server-info Errore Su Una

As escape text. I’m not sure if there’s a work around for that as the ‘singlequotes’ are already present – and that usually prevents that problem on the bash command-line I’m running the script manually rather than invoking it from kickstart for testing purposes – and I’ve run esxcli network firewall ruleset set -e true -r httpClient – the script was downloaded from Github Cheers Michelle.