您可以將匯出的 ESXi 主機和 vCenter Server 資訊匯入 vSphere Trust Authority 叢集中,以便 Trust Authority 叢集知道它可以證明哪些主機。
必要條件
程序
結果
範例: 將受信任主機資訊匯入至 Trust Authority 叢集
此範例顯示如何使用 PowerCLI 將受信任叢集的 vCenter Server 主體資訊和受信任主機資訊檔案匯入至 Trust Authority 叢集。假設您以 Trust Authority 管理員身分連線至 Trust Authority 叢集的 vCenter Server。下表顯示了所使用的範例元件和值。
| 元件 | 值 |
|---|---|
變數 $vTA |
Get-TrustAuthorityCluster 'vTA Cluster1' |
| Trust Authority 叢集的 vCenter Server | 192.168.210.22 |
| Trust Authority 叢集名稱 | vTA Cluster1 (已啟用) vTA Cluster2 (已停用) |
| 主體資訊檔案 | C:\vta\principal.json |
| TPM 憑證檔案 | C:\vta\cacert.cer |
| ESXi 主機基礎映像檔案 | C:\vta\image.tgz |
| Trust Authority 管理員 | [email protected] |
PS C:\Users\Administrator> Disconnect-VIServer -server * -Confirm:$false PS C:\Users\Administrator> Connect-VIServer -server 192.168.210.22 -User [email protected] -Password 'VMware1!' Name Port User ---- ---- ---- 192.168.210.22 443 VSPHERE.LOCAL\trustedadmin PS C:\Users\Administrator> Get-TrustAuthorityCluster Name State Id ---- ----- -- vTA Cluster1 Enabled TrustAuthorityCluster-domain-c8 vTA Cluster2 Disabled TrustAuthorityCluster-domain-c26 PS C:\Users\Administrator> $vTA = Get-TrustAuthorityCluster 'vTA Cluster1' PS C:\Users\Administrator.CORP> New-TrustAuthorityPrincipal -TrustAuthorityCluster $vTA -FilePath C:\vta\principal.json Name Domain Type TrustAuthorityClusterId ---- ------ ---- ----------------------- vpxd-de207929-0601-43ef-9616-47d0cee0302f vsphere.local STS_USER TrustAuthorityCluster-domain-c8 PS C:\Users\Administrator.CORP> Get-TrustAuthorityPrincipal -TrustAuthorityCluster $vTA Name Domain Type TrustAuthorityClusterId ---- ------ ---- ----------------------- vpxd-de207929-0601-43ef-9616-47d0cee0302f vsphere.local STS_USER TrustAuthorityCluster-domain-c8 PS C:\Users\Administrator.CORP> New-TrustAuthorityTpm2CACertificate -TrustAuthorityCluster $vTA -FilePath C:\vta\cacert.cer TrustAuthorityClusterId Name Health ----------------------- ---- ------ TrustAuthorityCluster-domain-c8 52BDB7B4B2F55C925C047257DED4588A7767D961 Ok PS C:\Users\Administrator.CORP> New-TrustAuthorityVMHostBaseImage -TrustAuthorityCluster $vTA -FilePath C:\vta\image.tgz TrustAuthorityClusterId VMHostVersion Health ----------------------- ------------- ------ TrustAuthorityCluster-domain-c8 ESXi 7.0.0-0.0.14828939 Ok
