將 vSphere Trust Authority 叢集資訊匯入至受信任的叢集後,受信任主機會透過 Trust Authority 叢集啟動證明程序。
必要條件
程序
結果
受信任叢集中的 ESXi 受信任主機會透過 Trust Authority 叢集啟動證明程序。
範例: 將 Trust Authority 叢集資訊匯入至受信任的主機
此範例顯示如何將 Trust Authority 叢集服務資訊匯入至受信任叢集。下表顯示了所使用的範例元件和值。
元件 | 值 |
---|---|
受信任叢集的 vCenter Server | 192.168.110.22 |
Trust Authority 管理員 | [email protected] |
受信任叢集名稱 | 受信任叢集 |
Trust Authority 叢集中的 ESXi 主機 | 192.168.210.51 和 192.168.210.52 |
變數 $TC |
Get-TrustedCluster -Name 'Trusted Cluster' |
PS C:\Users\Administrator.CORP> Disconnect-VIServer -server * -Confirm:$false PS C:\Users\Administrator.CORP> Connect-VIServer -server 192.168.110.22 -User [email protected] -Password 'VMware1!' Name Port User ---- ---- ---- 192.168.110.22 443 VSPHERE.LOCAL\trustedadmin PS C:\Users\Administrator.CORP> Get-TrustedCluster Name State Id ---- ----- -- Trusted Cluster Disabled TrustedCluster-domain-c8 PS C:\Users\Administrator.CORP> $TC = Get-TrustedCluster -Name 'Trusted Cluster' PS C:\Users\Administrator.CORP> $TC Name State Id ---- ----- -- Trusted Cluster Disabled TrustedCluster-domain-c8 PS C:\Users\Administrator.CORP> Import-TrustAuthorityServicesInfo -FilePath C:\vta\clsettings.json Confirmation Importing the TrustAuthorityServicesInfo into Server '192.168.110.22'. Do you want to proceed? [Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): y ServiceAddress ServicePort ServiceGroup -------------- ----------- ------------ 192.168.210.51 443 host-13:86f7ab6c-ad6f-4606-... 192.168.210.52 443 host-16:86f7ab6c-ad6f-4606-... 192.168.210.51 443 host-13:86f7ab6c-ad6f-4606-... 192.168.210.52 443 host-16:86f7ab6c-ad6f-4606-... PS C:\Users\Administrator.CORP> Set-TrustedCluster -TrustedCluster $TC -State Enabled Confirmation Setting TrustedCluster 'Trusted Cluster' with new TrustedState 'Enabled'. Do you want to proceed? [Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): Name State Id ---- ----- -- Trusted Cluster Enabled TrustedCluster-domain-c8 PS C:\Users\Administrator.CORP> $TC = Get-TrustedCluster -Name 'Trusted Cluster' PS C:\Users\Administrator.CORP> $tc.AttestationServiceInfo ServiceAddress ServicePort ServiceGroup -------------- ----------- ------------ 192.168.210.51 443 host-13:dc825986-73d2-463c-... 192.168.210.52 443 host-16:dc825986-73d2-463c-... PS C:\Users\Administrator.CORP> $tc.KeyProviderServiceInfo ServiceAddress ServicePort ServiceGroup -------------- ----------- ------------ 192.168.210.51 443 host-13:dc825986-73d2-463c-... 192.168.210.52 443 host-16:dc825986-73d2-463c-...
下一步
繼續使用 vSphere Client為受信任的主機設定受信任金鑰提供者或使用命令列為受信任的主機設定受信任金鑰提供者。