The Settings which we have configured so far in “How to Build a VSphere Environment” lab or will configure later.its lot of manual stuff and take days, if your have lots of ESXi host in your environment.it is very Labouries task for an administrator and its very difficult to maintain the compliance.i know what you are thinking right know “IS there is any way to automate these tasks?”, “Well Yes”, thanks to VMWare they have host profile feature which perform standard configuration across the VMWARE infrastructure. but there is only one problem, you must have “vSphere Enterprise Plus license” to get this feature.
How host Profile works?
host profile capture the settings of 1 of the ESXi host in the environment as a template and then use this host as a reference to implement exactly the same settings on the reset of the ESXi hosts. A few setting cannot be the same such as IP, MAC address and some others. in order to configure such type of settings host profile use Answer file method.
In this Lab we will perform following tasks
- Create Profile
- Attach Host/Cluster for Compliance
- Check Compliance
- Apply Host Profile
From VSphere classic Client-> Click “Home”
In “Management” Section-> Click On “host Profiles”
Click “Create Profile”
i have a master host (esxi-1-rg.vmlab.com). Which will be use as “Reference host”.
Select your “Reference” host -> Click “Next”
Enter the “Profile name” and “description” -> Click “Next”
Review the configuration summary- Click “Finish”
2-Attach a Host/Cluster for Compliance
“Attach” Host/Cluster to the “created profile”
It is good practice to first attach one host and check the compliance then apply to the reset of the hosts. But in my case, I selected all hosts.
“Host and Cluster” tab-> Verify the attached hosts against your host profile.
Select your “host” and check the “compliance”
As you can see below. all of my hosts are “noncompliance” against our “attached profile”. Select a host and see which settings are noncompliance in “compliance failure section”.
4-Apply Host Profile
Now select the hosts -> Click “Apply Profile”
You will get this error.
Select the Datacenter-> hosts -> select all the host -> “Enter Maintenance mode”
Now All hosts are in maintenance mode.
Go back to host profile section and click “Apply Profile”
It will ask you series of step for each server which cannot be the same such as IP/MAC. I put an example of a single hosts (esxi-2-rg.vmlab.com). all below are mandatory step. Leave all other as default and click next.
In this section you provide the vmkernel IP of ISCSI at esxi-2-rg.vmlab.com -> Click “Next”
Provide the “administration” user and password for domain joining -> Click “Next”
It will show you following configuration task will be performed on this host in order to meet the compliance -> Click “finish”
If you got following error while apply profile (Skip the below steps if you successfully compliance the hosts without this error)
To fix the above error as per VMWare KB article (2058525)
Select your master profile which we created earlier from (esxi-1-rg.vmlab.com)-> Right click-> Enable/disable profile configuration.
Uncheck the “Device Alias configuration” as highlighted-> Click “Ok”
Now Select your host -> right click -> check “Profile Compliance” again.
Now “apply the profile” to the selected hosts.
It will check and tell you following setting need to done in order to meet the compliance, please review-> Click “Finish”.
After spend some time, finally I got the “compliance green boxes” as shown below
Now exit your ESXi host/hosts from “maintenance mode”.