Host Profiles ensure all hosts in the cluster have the same configuration.

About this task

Procedure

  1. Log in to the Management vCenter Server by using the vSphere Web Client.
    1. Open a Web browser and go to https://mgmt01vc01.sfo01.rainpole.local/vsphere-client.
    2. Log in using the following credentials.

      Setting

      Value

      User name

      administrator@vsphere.local

      Password

      vsphere_admin_password

  2. Create a Host Profile from mgmt01esx01.sfo01.rainpole.local.
    1. In the Navigator, select Hosts and Clusters and expand the mgmt01vc01.sfo01.rainpole.local tree.
    2. Right-click mgmt01esx01.sfo01.rainpole.local and choose Host Profiles > Extract Host Profile.
    3. In the Extract Host Profile window, enter SFO01-Mgmt01 as the name of the host profile and click Next.
    4. On the Ready to complete page, click Finish.
  3. Attach the Host Profile to the management cluster.
    1. In the Navigator, select Hosts and Clusters and expand the mgmt01vc01.sfo01.rainpole.local tree.
    2. Right-click the SFO01-Mgmt01 cluster, and choose Host Profiles > Attach Host Profile.
    3. In the Attach Host Profile window, click SFO01-Mgmt01, select the Skip Host Customization box, and click Finish.
  4. Create Host Customizations for the hosts in the management cluster.
    1. Click on the Home icon and choose Policies and Profiles from the drop down menu.
    2. In the Navigator, click Host Profiles.
    3. Right-click SFO01-Mgmt01 and choose Export Host Customizations. Click Save.
    4. Choose a safe place to store the SFO01-Mgmt01_host_customizations.csv that is generated.
    5. Open the file with Excel.
    6. Edit the Excel file to include the following values.

      ESXi Host

      Active Directory Configuration Password

      Active Directory Configuration Username

      NetStack Instance defaultTcpipStack->DNS configuration

      Name for this host

      mgmt01esx01.sfo01.rainpole.local

      ad_admin_password

      ad_admin_acct@sfo01.rainpole.local

      mgmt01esx01

      mgmt01esx02.sfo01.rainpole.local

      ad_admin_password

      ad_admin_acct@sfo01.rainpole.local

      mgmt01esx02

      mgmt01esx03.sfo01.rainpole.local

      ad_admin_password

      ad_admin_acct@sfo01.rainpole.local

      mgmt01esx03

      mgmt01esx04.sfo01.rainpole.local

      ad_admin_password

      ad_admin_acct@sfo01.rainpole.local

      mgmt01esx04

      ESXi Host

      Host virtual NIC vDS-Mgmt:vDS-Mgmt-Management:management->IP address settings Host IPv4 address

      Host virtual NIC vDS-Mgmt:vDS-Mgmt-Management:management->IP address settings SubnetMask

      mgmt01esx01.sfo01.rainpole.local

      172.16.11.101

      255.255.255.0

      mgmt01esx02.sfo01.rainpole.local

      172.16.11.102

      255.255.255.0

      mgmt01esx03.sfo01.rainpole.local

      172.16.11.103

      255.255.255.0

      mgmt01esx04.sfo01.rainpole.local

      172.16.11.104

      255.255.255.0

      ESXi Host

      Host virtual NIC vDS-Mgmt:vDS-Mgmt-NFS:<UNRESOLVED>->IP address settings Host IPv4 address

      Host virtual NIC vDS-Mgmt:vDS-Mgmt-NFS:<UNRESOLVED>->IP address settingsSubnetMask

      mgmt01esx01.sfo01.rainpole.local

      172.16.15.101

      255.255.255.0

      mgmt01esx02.sfo01.rainpole.local

      172.16.15.102

      255.255.255.0

      mgmt01esx03.sfo01.rainpole.local

      172.16.15.103

      255.255.255.0

      mgmt01esx04.sfo01.rainpole.local

      172.16.15.104

      255.255.255.0

      ESXi Host

      Host virtual NIC vDS-Mgmt:vDS-Mgmt-VR:vSphereReplication,vSphereReplicationNFC->IP address settingsHost IPv4 address

      Host virtual NIC vDS-Mgmt:vDS-Mgmt-VR:vSphereReplication,vSphereReplicationNFC->IP address settingsSubnetMask

      mgmt01esx01.sfo01.rainpole.local

      172.16.16.101

      255.255.255.0

      mgmt01esx02.sfo01.rainpole.local

      172.16.16.102

      255.255.255.0

      mgmt01esx03.sfo01.rainpole.local

      172.16.16.103

      255.255.255.0

      mgmt01esx04.sfo01.rainpole.local

      172.16.16.104

      255.255.255.0

      ESXi Host

      Host virtual NIC vDS-Mgmt:vDS-Mgmt-VSAN:vsan->IP address settings Host IPv4 address

      Host virtual NIC vDS-Mgmt:vDS-Mgmt-VSAN:vsan->IP address settings SubnetMask

      mgmt01esx01.sfo01.rainpole.local

      172.16.13.101

      255.255.255.0

      mgmt01esx02.sfo01.rainpole.local

      172.16.13.102

      255.255.255.0

      mgmt01esx03.sfo01.rainpole.local

      172.16.13.103

      255.255.255.0

      mgmt01esx04.sfo01.rainpole.local

      172.16.13.104

      255.255.255.0

      ESXi Host

      Host virtual NIC vDS-Mgmt:vDS-Mgmt-vMotion:vmotion->IP address settings Host IPv4 address

      Host virtual NIC vDS-Mgmt:vDS-Mgmt-vMotion:vmotion->IP address settings SubnetMask

      mgmt01esx01.sfo01.rainpole.local

      172.16.12.101

      255.255.255.0

      mgmt01esx02.sfo01.rainpole.local

      172.16.12.102

      255.255.255.0

      mgmt01esx03.sfo01.rainpole.local

      172.16.12.103

      255.255.255.0

      mgmt01esx04.sfo01.rainpole.local

      172.16.12.104

      255.255.255.0

    7. When you have updated the Excel file, save it in the CSV file format and close Excel.
    8. Click the Configure tab.
    9. Click the Edit Host Customizations button.
    10. On the Select hosts page, click Next.
    11. On the Customize hosts page, click the Browse button to find the customization CSV file where it was stored, and then click Finish.
  5. Remediate the hosts in the management cluster.
    1. On the Policies and Profiles page, click SFO01-Mgmt01, click the Monitor tab, and then click the Compliance tab.
    2. Click SFO01-Mgmt01 in the Host/Cluster column and click Check Host Profile Compliance. This compliance test will show that the first host is Compliant, but the other hosts are Not Compliant.
    3. Click on each of the non-compliant hosts, click Remediate Hosts Based on its Host Profile, and then click Finish on the wizard that appears.

      All hosts should show a Compliant status in the Host Compliance column.

  6. Schedule nightly compliance checks.
    1. On the Policies and Profiles page, click SFO01-Mgmt01, click the Monitor tab, and then click the Scheduled Tasks subtab.
    2. Click Schedule a New Task then click Check Host Profile Compliance.
    3. In the Check Host Profile Compliance (scheduled) window click Scheduling Options.
    4. Enter SFO01-Mgmt01 Complance Check in the Task Name field.
    5. Click the Change button on the Configured Scheduler line.
    6. In the Configure Scheduler window select Setup a recurring schedule for this action and change the Start time to 10:00 PM and click OK.
    7. Click OK in the Check Host Profile Compliance (scheduled) window.