Post VMware configuration: Understanding the VMware management interface

IT reseller takeaway: Systems integrators and value-added resellers will learn how to configure VMware ESX Server tasks and use the enableSSL script to generate certificates in this excerpt from Virtualization: From the Desktop to the Enterprise.

Working with the management interface

Now that you've confirmed and tested basic ESX Server functionality, let's move onto configuring the system to host virtual machines. You'll conduct post-configuration tasks through the MUI. In a nutshell, the MUI is ESX Server's primary front-end management tool and is delivered by an Apache-powered Web page. Because it requires a Web browser to function, be sure to turn off any pop-up stoppers you may have running. Failing to allow pop-ups from the ESX Server will result in you not being able to see VMware ESX Server's configuration windows. In addition, you'll need to be able to contact the ESX Server via its host name from your workstation, so configure DNS or edit your local host file for name resolution. We'll cover five main postconfiguration tasks:

• Customizing the MUI port number
• Configuring initial MUI configuration settings
• Creating the VMFS swap file
• Assigning network cards
• Constructing virtual switches

Understanding MUI and SSL

You can configure ESX Server to use a certificate from your certificate authority or continue to use the one ESX Server generates for itself during the install. If after installing ESX Server you find it necessary to change the host name of the system, you should recreate the system's SSL certificate to avoid getting SSL security alerts while accessing the administrative interface of ESX Server from your Web browser. An SSL alert proclaims that the name on the security certificate is invalid. This occurs because the host's name isn't the same as the one on the certificate. If you didn't supply an FQDN during the install, you'll find that the name on the certificate is localhost.localdomain. You can manually reconfigure ESX Server, or you can use the enableSSL script provided by VMware to generate another self-signed certificate with the correct host name. You can download the enableSSL script from the VMware site.

To use VMware's script, you need to follow these steps:

1. Create a file with Vi, and name it enableSSL.pl: vi enableSSL.pl

2. Type the text from the enableSSL.pl script into enableSSL.pl, and save it.

3. Rename the old SSL directory: mv /etc/vmware-mui/ssl /etc/vmware-mui/ssl-old

4. Run the script you just created: perl enableSSL.pl localhost root <root_password>

5. Verify that the new SSL directory was created: ls /etc/vmware-mui/ssl

6. Restart the Apache daemon: service httpd.vmware restart

7. When all proves to function, delete the old directory: rmdir -R /etc/vmware-mui/ssl-old

Test your new SSL certificate by browsing to your host's MUI. View the certificate, and verify its name is the same as the host's.

TABLE OF CONTENTS

• Introduction: Installing and deploying VMs on enterprise servers
• Installing Microsoft Virtual Server
• Installing VMware GSX Server for Windows
• Installing VMware GSX Server for Linux
• Installing the VMware management interface
• Working with the VMware virtual machine console
• Changing GSX Server's remote console port number
• Installing VMware ESX Server
• Verifiying and viewing configuration files
• Using Linux survival commands
• Working with the management interface
• Configuring the ESX Server installation: Troubleshooting an ESX Server installation
• Configuring the ESX Server installation: A smooth ESX Server installation