This section lists the specific options you can use with the SoS utility.

SoS Utility Help Options

Use these options to see information about the SoS utility itself.

Option

Description

--help

-h

Provides a summary of the available SoS utility options

--version

-v

Provides the SoS utility's version number.

SoS Utility Generic Options

These are generic options for the SoS utility.

Note:

For generic options related to log collection, see Collect Logs for Your Cloud Foundation System.

Option

Description

--ceip-tagging-get

Returns setting for the VMware CEIP program. For information about the program, see Configuring Customer Experience Improvement Program.

--ceip-tagging-set

Enrolls your deployment in the CEIP program.

--configure-sftp

Configures SFTP for logs.

--debug-mode

Runs the SoS utility in debug mode.

--domain-name DOMAINNAME

Specify the name of the workload domain name on which the SoS operation is to be performed.

To run the operation on all domains, specify --domain-name ALL .

Note:

If you omit the --domain-name flag and domain name, the SoS operation is performed only on the management domain.

--force

Allows SoS operations to be formed while workflows are running.

Note:

It is recommended that you do not use this option.

--history

Displays the last 20 SoS operations performed.

--ondemand-service

Include this flag to execute commands on all ESXi hosts in a domain.

Warning:

Contact VMware support before using this option.

--ondemand-service-json JSON file path

Include this flag to execute commands in the JSON format on all ESXi hosts in a domain. For example, /opt/vmware/sddc-support/<JSON file name>

--setup-json SETUPJSON

Custom setup-json file for log collection.

SoS prepares the inventory automatically based on the environment where it is running. If you want to collect logs for a pre-defined set of components, you can create a setup.json file and pass the file as input to SoS. A sample JSON file is available on the SDDC Manager VM in the /opt/vmware/sddc-support/ directory.

--skip-known-host-check

Skips the specified check for SSL thumbprint for host in the known host.

--zip

Creates a zipped TAR file for the output.

SoS Utility Options for Health Check

These SoS commands are used for checking the health status of various components or services, including connectivity, compute, storage, database, domains, and networks.

A green status indicates that the health is normal, yellow provides a warning that attention might be required, and red (critical) indicates that the component needs immediate attention.

Option

Description

--certificate-health

Verifies that the component certificates are valid (within the expiry date).

--connectivity-health

Performs a connectivity health check to inspect whether the different components of the system such as the ESXi hosts, Virtual Center Servers, Inventory Service VMs, Log Insight VM, NSX Manager VMs, PSC VMs, SDDC Manager VM can be pinged.

--composability-infra-health

Performs an API connectivity health check of the composable infrastructure. If no composable infrastructure exists, this flag is ignored. If found, the utility checks connectivity status through the composable infrastructure API, such as Redfish.

--compute-health

Performs a compute health check.

--general-health

Verifies ESXi entries across all sources, checks the Postgres DB operational status for hosts, checks ESXi for error dumps, and gets NSX Manager and cluster status.

--get-host-ips

Returns server information.

--get-inventory-info

Returns in a tabular format inventory details for the specified Cloud Foundation component, such as Platform Services ControllervCenter Server NSX, and ESXi. Optionally, add the flag --domain name ALL to return all details.

--health-check

Performs all available health checks.

--ntp-health

Verifies whether the time on the components is synchronized with the NTP server in the SDDC Manager VM. It also ensures that the hardware and software timestamp of ESXi hosts are within 5 minutes of the SDDC Manager VM.

--password-health

Returns the status of all current passwords, such as Last Changed Date, Expiry Date, and so on.

--services-health

Performs a services health check to confirm whether services within the Inventory Service VM and within SDDC Manager (like Lifecycle Management Server) are running.

--storage-health

Performs a check on the vSAN disk health of the ESXi hosts and vCenter clusters. Also runs Proactive vSAN tests to verify the ability to create VMs within the vSAN disks.

SoS Utility Options for vSAN Stretched Clusters

Use these options to prepare a cluster for inclusion in a vSAN stretched cluster. See How to prepare a VMware Cloud Foundation 3.x cluster for inclusion in a VSAN stretched cluster.

Note:

These options are only available starting with VMware Cloud Foundation 3.5.1.

Option

Description

--show-clusters

Shows all domains and clusters.

--show-free-hosts

Shows all free hosts.

--stretch-vsan

Adds hosts to a domain/cluster. Used with --sc-domain --sc-cluster --esxi-license-key --sc-hosts. For example, --stretch-vsan --sc-domain MGMT --sc-cluster SDDC-Cluster1 --esxi-license-key XXXXX-XXXXX-XXXXX-XXXXX-XXXXX --sc-hosts esxi-8.vrack.vsphere.local, where XXXXX-XXXXX-XXXXX-XXXXX-XXXXX is a valid ESXi license key.

--reconfigure-nsxcontrollers

Reconfigures the NSX Controllers for the specified domain/cluster. For example, --reconfigure-nsxcontrollers --sc-domain MGMT --sc-cluster SDDC-Cluster1.

--sc-domain SCDOMAIN

Specify the domain, SCDOMAIN, to use for stretched vSAN.

--sc-cluster SCCLUSTER

Specify the cluster, SCCLUSTER, to use for stretched vSAN.

--sc-hosts SCHOSTS [SCHOSTS ...]

Specify the hosts, SCHOSTS, to use for stretched vSAN.

--esxi-license-key ESXILICENSEKEY

Specify the license key, ESXILICENSEKEY, to use for ESXi hosts.

SoS Utility Options for Fixing vSAN Partitions

Use these options to clean up vSAN partitions on one or more ESXi hosts. These options can be run only from the SDDC Manager VM

Option

Description

--cleanup-vsan

Cleans up vSAN Partitions in ESXi hosts. Optionally, you can specify the ESXi hosts, by IP address, to run the vSAN cleanup. Use commas (with no spaces) to separate multiple IP addresses.

SoS Utility Options for Managing ESXi Hosts

Use these options to clean up and manage ESXi hosts, including enabling SSH, cleaning up dirty hosts, and locking down hosts.

Option

Description

--cleanup-decommissioned-host

Performs clean-up on the specified, decommissioned ESXi hosts by passing the JSON.

For example: --cleanup-decommissioned-host /opt/vmware/sddc-support/decommissioned_host_cleanup_sample.json

--cleanup-host

Performs clean-up on all or specified dirty ESXi hosts.

  • To clean up all dirty hosts, include ALL: --cleanup-host ALL.

  • To specify multiple dirty hosts, separate the IP addresses with a comma: --cleanup-host 10.0.0.4,10.0.0.5,10.0.0.6.

Note:

A dirty host is a host that has been removed from a cluster in a workload domain. A dirty host cannot be assigned to another workload domain until it is cleaned up.

--disable-lockdown-esxi

Disables lockdown mode on ESXi nodes in the specified domains.

  • To disable lockdown on ESXi nodes in a specific domain, include the flag --domain-name DOMAINNAME.

  • To disable lockdown on ESXi nodes in all domains, include the flag --domain-name ALL.

Note:

If you do not specify domain, this command affects only the MGMT domain by default.

--enable-lockdown-esxi

Enables lockdown mode on ESXi nodes in the specified domains.

  • To enable lockdown on ESXi nodes in a specific domain, include the flag --domain-name DOMAINNAME.

  • To enable lockdown on ESXi nodes in all domains, include the flag --domain-name ALL.

Note:

If you do not specify domain, this command affects only the MGMT domain by default.

--disable-ssh-esxi

Disables SSH on ESXi nodes in the specified domains.

  • To disable SSH on ESXi nodes in a specific domain, include the flag --domain-name DOMAINNAME.

  • To disable SSH on ESXi nodes in all domains, include the flag --domain-name ALL.

Note:

If you do not specify domain, this command affects only the MGMT domain by default.

--enable-ssh-esxi

Enables SSH on ESXi nodes in the specified domains.

  • To enable SSH on ESXi nodes in a specific domain, include the flag --domain-name DOMAINNAME.

  • To enable SSH on ESXi nodes in all domains, include the flag --domain-name ALL.

Note:

If you do not specify domain, this command affects only the MGMT domain by default.

SoS Utility Options for vRealize Suite Lifecycle Manager

Use these options to redeploy vRealize Suite Lifecycle Manager and monitor the redeployment.

Note:

You should only redeploy vRealize Suite Lifecycle Manager when directed to do so by VMware Support.

Option

Description

--vrslcm-redeploy

Redeploys vRealize Suite Lifecycle Manager. Provides a taskID for the operation.

--get-vrslcm-redeploy-task-status <taskID>

Returns vRealize Suite Lifecycle Manager redeployment status for the specified taskID.