Automated Deployment of ESX Hosts Part III

This is Part III of a multi-part blog. If you haven’t read Part I or II I recommend that you do before continuing.

In Part II we developed a standard build for our hosts that we are going to use to build our automated build script.  Keep in mind the information I provided in my standard build is not all inclusive and is limited for the demostration of building the script.

First we will start with the kickstart portion of the script.  The kickstart is what configures the basic part of the installation that you would normally do manually from the CD.  The ESX 3.5 kickstart is a modified version of anaconda.

In the begining of our script we have the Regional Settings that we need to set. Below are the regional settings for my installation.

# Regional Settings
keyboard us
lang en_US
langsupport --default en_US
timezone --utc America/New_York

Next we have some important installation settings. Part of the installtion section is the location of our ESX installations. In my script I have included some samples. cdrom, ftp, & http. I have chosen http for my installation so I did not comment http out. I personally prefer http because it can be much less problematic than ftp or nfs.


# Installatition settings
skipx
mouse none
firewall --disabled

# Authentication
auth –enableshadow –enablemd5

# Unencrypted root password: password
rootpw –iscrypted $1$5a17$In5zYe6YsCty76AycpGaf/

#Reboot Server after finished
reboot

#install ESX3.5U3 do not perform upgrade
install

#Location of installation medium
#cdrom
#url –url ftp://192.168.12.200/esx/esx353/
url –url http://192.168.12.200/esx/esx353/

In this next secition we are going to be configuring out hard disk drive partitions and boot loader options. You’ll notice that my disk drive is cciss/c0d0. This is because I will be installing on HP hardware with HP SCSI controllers. If I were to script this for IBM, DELL, or other servers I would typically utilize sda for my drive.


# Bootloader options
bootloader --driveorder=cciss/c0d0 --location=mbr

# Partitioning – This area is where you define your partitioning scheme
clearpart –all –initlabel –drives=cciss/c0d0
part /boot –fstype ext3 –size 100 –ondisk=cciss/c0d0 –asprimary
part swap –size 1600 –ondisk=cciss/c0d0 –asprimary
part / –fstype ext3 –size 10240 –ondisk=cciss/c0d0 –asprimary
part /var –fstype ext3 –size 8192 –ondisk=cciss/c0d0
part /tmp –fstype ext3 –size 4096 –ondisk=cciss/c0d0
part /opt –fstype ext3 –size 5120 –ondisk=cciss/c0d0
part /home –fstype ext3 –size 5120 –ondisk=cciss/c0d0
part None –fstype vmkcore –size 100 –ondisk=cciss/c0d0
part None –fstype vmfs3 –size 1 –grow –ondisk=cciss/c0d0

In this next secition we are configuring the networking settings for our Service Console. I recommend always using nic0(eth0) (vmnic0) for the Service Console and always perform your automated installation over this network interface. It is possible to do an automated installation over a different network interface but requires additional scritping to properly allcoate the interfaces.


# Network Configurations for service console. This will be applied to the Network interface that the kickstart is performed on. We are also choosing to not create a default portgroup.
network --device eth0 --bootproto static --ip 192.168.10.100 --netmask 255.255.255.0 --gateway 192.168.10.1 --nameserver 192.168.5.30 --hostname vmware1.sidtest.local --addvmportgroup=0

# VMWare License options
#Accept VMware License Agreement
vmaccepteula
#Configure host to talkt o license server
vmlicense –mode=server –server=27000@vcenter.sidtest.local –edition=esxFull –features=backup,vsmp

%vmlicense_text

%packages
@base

%post

That completes the kickstart portion of our script.

Everything beyong the %post portion of the kickstart is our post installation script.  The post installtion script is run on the first boot of the server.  A post installation script can contain bash, perl and other scripting but for simplicity I will be using bash scripts executing ESX and some other commands for my post installation part of the script.

I will start my Post Installation script off with the netowork configuration for the host.

#!/bin/sh
###### Configure Networking##########
###Setup vSwitch0######
echo Adding vmnic2 to vSwitch0 >> /var/log/post_install.log
esxcfg-vswitch -L vmnic2 vSwitch0

######### Add PortGroup for VMotion vmkernel adapter #########
echo Creating VMotion Portgroup
esxcfg-vswitch -A “VMotion” vSwitch0

## Tag VLAN to VMkernel ##
esxcfg-vswitch -p VMotion -v 301 vSwitch1

## Creating VMKnic and Assigning VMkernel IP and Gateway ##
echo Assigning VMKernel IP and Gateway – Please Wait
echo Assigning VMKernel IP and Gateway – Please Wait >> /var/log/post_install.log
esxcfg-vmknic -a -i 192.168.12.100 -n 255.255.250.0 “VMotion”
esxcfg-route 192.168.12.1

## Restart the Managment service so vimsh will notice changes to vSwitch0 ##
service network restart
sleep 300
service mgmt-vmware restart

## Enable vmkernel on vmk0 for vmotion ##
echo Enabling vMotion on VMkernel interface – Please Wait
echo Enabling vMotion on VMkernel interface >> /var/log/post_install.log
vmware-vim-cmd hostsvc/vmotion/vnic_set vmk0 >> /var/log/post_install.log

## Set both vmnic0 and vmnic2 to active for vSwitch0 ##
echo Confgiuring both vmnic0 and vmnic2 to be active for vSwitch0
echo Confgiuring both vmnic0 and vmnic2 to be active for vSwitch0 >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –nicorderpolicy-active=vmnic0,vmnic2 vSwitch0 >> /var/log/post_install.log

## Configure NIC Priority Order for VMkernel and Service Console ##
echo Configuring NIC Priority for SC and VMkernel – Please Wait
echo Configuring NIC Priority for SC and VMkernel >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/portgroup_set –nicorderpolicy-active=vmnic0 –nicorderpolicy-standby=vmnic2 vSwitch0 “Service Console” >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/portgroup_set –nicorderpolicy-active=vmnic2 –nicorderpolicy-standby=vmnic0 vSwitch0 “VMotion” >> /var/log/post_install.log

## Reject Forged Transmits and Mac Address Changes for vSwitch0 ##
echo Rejecting Forged Transmits and MAC Address CHanges for vSwitch0
echo Rejecting Forged Transmits and MAC Address CHanges for vSwitch0 >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –securepolicy-forgedxmit=false vSwitch0 >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –securepolicy-macchange=false vSwitch0 >> /var/log/post_install.log

## Reject Forged Transmits and Mac Address Changes for Service Console PortGroup ##
echo Rejecting Forged Transmits and MAC Address CHanges for Service Console PortGroup
echo Rejecting Forged Transmits and MAC Address CHanges for Service Console PortGroup >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/portgroup_set –securepolicy-forgedxmit=flase vSwitch0 “Service Console” >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/portgroup_set –securepolicy-macchange=false vSwitch0 “Service Console” >> /var/log/post_install.log

## Reject Forged Transmits and Mac Address Changes for VMotion Portgroup ##
echo Rejecting Forged Transmits and MAC Address CHanges for VMotion PortGroup
echo Rejecting Forged Transmits and MAC Address CHanges for VMotion PortGroup >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/portgroup_set –securepolicy-forgedxmit=flase vSwitch0 “VMotion” >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/portgroup_set –securepolicy-macchange=false vSwitch0 “VMotion” >> /var/log/post_install.log

echo Settings for vSwitch0 complete
echo Settings for vSwitch0 complete >> /var/log/post_install.log

####### Setup vSwitch1 #######
echo Configuring settings for vSwitch1 - Please Wait
echo Configuring settings for vSwitch1 - Please Wait >> /var/log/post_install.log
## Creating vSwitch1, assigning vmnics, creating portgroups and assigning vlans ##
echo Creating vSwitch1
echo Creating vSwitch1 >> /var/log/post_install.log
esxcfg-vswitch -a vSwitch1
echo Adding vmnic5, and vmnic7 to vSwitch1
echo Adding vmnic5, and vmnic7 to vSwitch1 >> /var/log/post_install.log
esxcfg-vswitch -L vmnic5 vSwitch1
esxcfg-vswitch -L vmnic7 vSwitch1

 

echo Creating PortGroups on vSwitch1
echo Creating PortGroups on vSwitch1 >> /var/log/post_install.log
esxcfg-vswitch -A "VLAN2" vSwitch1
esxcfg-vswitch -A "VLAN15" vSwitch1
esxcfg-vswitch -A "VLAN150" vSwitch1
esxcfg-vswitch -A "VLAN151" vSwitch1
esxcfg-vswitch -A "VLAN152" vSwitch1

 

echo Adding vlan assignments to PortGroups on vSwitch1
echo Adding vlan assignments to PortGroups on vSwitch1 >> /var/log/post_install.log
esxcfg-vswitch -p VLAN2 -v 2 vSwitch1
esxcfg-vswitch -p VLAN15 -v 15 vSwitch1
esxcfg-vswitch -p VLAN150 -v 150 vSwitch1
esxcfg-vswitch -p VLAN151 -v 151 vSwitch1
esxcfg-vswitch -p VLAN152 -v 152 vSwitch1

 

## Restart the Managment service so vimsh will notice changes to vSwitch1
service mgmt-vmware restart
## Wait 4 minutes for the hostd-vmdb service to fully start running it can take awhile for it to fully load and vimsh to work ##
echo Sleeping for 4 minutes - Please Wait
sleep 240
## Setting all vmnics to active for vSwitch1 ##
echo Confgiuring all vmnics to be active for vSwitch1
echo Confgiuring all vmnics be active for vSwitch1 >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/vswitch_setpolicy --nicorderpolicy-active=vmnic5,vmnic7 vSwitch1 >> /var/log/post_install.log
## Reject Forged Transmits and Mac Address Changes for vSwitch1 ##
echo Rejecting Forged Transmits and MAC Address CHanges for vSwitch1
echo Rejecting Forged Transmits and MAC Address CHanges for vSwitch1 >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/vswitch_setpolicy --securepolicy-forgedxmit=false vSwitch1 >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/vswitch_setpolicy --securepolicy-macchange=false vSwitch1 >> /var/log/post_install.log
echo Settings for vSwitch1 complete
echo Settings for vSwitch1 complete >> /var/log/post_install.log
 echo Configuring settings for vSwitch2 - Please Wait
echo Configuring settings for vSwitch2 - Please Wait >> /var/log/post_install.log

## Creating vSwitch2, assigning vmnics, creating portgroups and assigning vlans ##
echo Creating vSwitch2
echo Creating vSwitch2 >> /var/log/post_install.log
esxcfg-vswitch -a vSwitch2

echo Adding vmnic4, vmnic6 to vSwitch2
echo Adding vmnic4, vmnic6 to vSwitch2 >> /var/log/post_install.log
esxcfg-vswitch -L vmnic6 vSwitch2
esxcfg-vswitch -L vmnic4 vSwitch2

echo Creating PortGroups on vSwitch2
echo Creating PortGroups on vSwitch2 >> /var/log/post_install.log
esxcfg-vswitch -A “VLAN200” vSwitch2
esxcfg-vswitch -A “VLAN201” vSwitch2
esxcfg-vswitch -A “VLAN203” vSwitch2

echo Adding vlan assignments to PortGroups on vSwitch2
echo Adding vlan assignments to PortGroups on vSwitch2 >> /var/log/post_install.log
esxcfg-vswitch -p VLAN200 -v 200 vSwitch2
esxcfg-vswitch -p VLAN201 -v 201 vSwitch2
esxcfg-vswitch -p VLAN203 -v 203 vSwitch2

## Restart the Managment service so vimsh will notice changes to vSwitch2 ##
service mgmt-vmware restart

## Wait 4 minutes for the hostd-vmdb service to fully start running it can take awhile for it to fully load and vimsh to work ##
echo Sleeping for 4 minutes – Please Wait
sleep 240

## Setting all vmnics to active for vSwitch2 ##
echo Confgiuring all vmnics to be active for vSwitch2
echo Confgiuring all vmnics be active for vSwitch2 >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –nicorderpolicy-active=vmnic4,vmnic6 vSwitch2 >> /var/log/post_install.log

## Reject Forged Transmits and Mac Address Changes for vSwitch2 ##
echo Rejecting Forged Transmits and MAC Address CHanges for vSwitch2
echo Rejecting Forged Transmits and MAC Address CHanges for vSwitch2 >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –securepolicy-forgedxmit=false vSwitch2 >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –securepolicy-macchange=false vSwitch2 >> /var/log/post_install.log

echo Settings for vSwitch2 complete
echo Settings for vSwitch2 complete >> /var/log/post_install.log

echo Configuring settings for vSwitch3 – Please Wait
echo Configuring settings for vSwitch3 – Please Wait >> /var/log/post_install.log

## Creating vSwitch3, assigning vmnics, creating portgroups and assigning vlans ##
echo Creating vSwitch3
echo Creating vSwitch3 >> /var/log/post_install.log
esxcfg-vswitch -a vSwitch3

echo Adding vmnic1 and vmnic3 to vSwitch3
echo Adding vmnic10and vmnic3 to vSwitch3 >> /var/log/post_install.log
esxcfg-vswitch -L vmnic1 vSwitch3
esxcfg-vswitch -L vmnic3 vSwitch3

echo Creating PortGroups on vSwitch3
echo Creating PortGroups on vSwitch3 >> /var/log/post_install.log
esxcfg-vswitch -A “VLAN400” vSwitch3
esxcfg-vswitch -A “VLAN401” vSwitch3

echo Adding vlan assignments to PortGroups on vSwitch3
echo Adding vlan assignments to PortGroups on vSwitch3 >> /var/log/post_install.log
esxcfg-vswitch -p VLAN400 -v 400 vSwitch3
esxcfg-vswitch -p VLAN401 -v 401 vSwitch3

## Restart the Managment service so vimsh will notice changes to vSwitch3 ##
service mgmt-vmware restart

## Wait 4 minutes for the hostd-vmdb service to fully start running it can take awhile for it to fully load and vimsh to work ##
echo Sleeping for 4 minutes – Please Wait
sleep 240

## Setting all vmnics to active for vSwitch3 ##
echo Confgiuring all vmnics to be active for vSwitch3
echo Confgiuring all vmnics be active for vSwitch3 >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –nicorderpolicy-active=vmnic1,vmnic3 vSwitch3 >> /var/log/post_install.log

## Reject Forged Transmits and Mac Address Changes for vSwitch3 ##
echo Rejecting Forged Transmits and MAC Address CHanges for vSwitch3
echo Rejecting Forged Transmits and MAC Address CHanges for vSwitch3 >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –securepolicy-forgedxmit=false vSwitch3 >> /var/log/post_install.log
vmware-vim-cmd hostsvc/net/vswitch_setpolicy –securepolicy-macchange=false vSwitch3 >> /var/log/post_install.log

echo Settings for vSwitch3 complete
echo Settings for vSwitch3 complete >> /var/log/post_install.log 

Next I will configure the firewall rules to allow all the services I need to communicate in/out of the ESX host.

echo Configuring Firewall Rules - Please Wait
echo Configuring Firewall Rules >> /var/log/post_install.log

esxcfg-firewall -o 2381,tcp,in,hpim
esxcfg-firewall -o 2381,tcp,out,hpim
esxcfg-firewall -o 88,tcp,out,KerberosClient
esxcfg-firewall -o 6389,tcp,in,Naviagent
esxcfg-firewall -o 88,udp,out,
esxcfg-firewall -o 464,tcp,out,KerberosPasswordChange
esxcfg-firewall -e smbClient
esxcfg-firewall -e sshClient
esxcfg-firewall -e ntpClient
esxcfg-firewall -e CIMHttpServer
esxcfg-firewall -e snmpd
echo Configuring Firewall rules complete
echo Configuring Firewall rules complete >> /var/log/post_install.log

Here we are going to configure our DNS Servers 

echo Configuring DNS Servers - Please Wait
echo Configuring DNS Servers >> /var/log/post_install.log
echo Making backup of /etc/resolv.conf
echo Making backup of /etc/resolv.conf >> /var/log/post_install.log
cp /etc/resolv.conf /etc/resolv.conf.bak
echo nameserver 192.168.5.20 > /etc/resolv.conf
echo nameserver 192.168.5.21 >> /etc/resolv.conf

echo DNS Server configuration complete
echo DNS Server configuration complete >> /var/log/post_install.log

Now we will configure our NTP Settings.

echo configuring NTP Settings - Please Wait
echo configuring NTP Settings >> /var/log/post_install.log
echo Making backup of /etc/ntp.conf
echo Making backup of /etc/ntp.conf >> /var/log/post_install.log
cp /etc/ntp.conf /etc/ntp.conf.bak
echo restrict default kod nomodify notrap noquery nopeer > /etc/ntp.conf
echo restrict 127.0.0.1 >> /etc/ntp.conf
echo server 192.168.5.30 >> /etc/ntp.conf
echo server 192.168.5.31 >> /etc/ntp.conf
echo server 192.168.5.32 >> /etc/ntp.conf
echo driftfile /var/lib/ntp/drift >> /etc/ntp.conf
echo broadcastdelay 0.008 >> /etc/ntp.conf
echo Making backup of /etc/ntp/step-tickers
echo Making backup of /etc/ntp/step-tickers >> /var/log/post_install.log
cp /etc/ntp/step-tickers /etc/ntp/step-tickers.bak
echo server 192.168.5.30 > /etc/ntp/step-tickers
echo server 192.168.5.31 > /etc/ntp/step-tickers
echo server 192.168.5.32 > /etc/ntp/step-tickers
chkconfig --level 345 ntpd on
hwclock --systohc
service ntpd start >> /var/log/post_install.log
echo NTP settings complete
echo NTP settings complete >> /var/log/post_install.log
echo Restarting VMware Management Service
echo Restarting VMware Management Service >> /var/log/post_install.log
echo Sleeping for 4 minutes - Please Wait
service mgmt-vmware restart >> /var/log/post_install.log
sleep 240
echo VMware management Service restarted
echo VMware management Service restarted >> /var/log/post_install.log

Now I will set the service consoel memory to 800Mb

echo Setting Service Console Memory to 800Mb
echo Setting Service Console Memory to 800Mb >> /var/log/post_install.log

sed -i 's/memSize = "272"/memSize = "800"/g' /etc/vmware/esx.conf
esxcfg-boot -g
esxcfg-boot -b
echo Service Console Memory assigned to 800Mb complete
echo Service Console Memory assigned to 800Mb complete >> /var/log/post_install.log

Now we will configure AD integration for service console logins

echo Configuring PAM AD Integration
echo Configuring PAM AD Integration >> /var/log/post_install.log
esxcfg-auth --enablead --addomain=hq.nt.newyorklife.com --addc=hq.nt.newyorklife.com >> /var/log/post_install.log
echo Backing up /etc/krb5.conf
echo Backing up /etc/krb5.conf >> /var/log/post_install.log
cp /etc/krb5.conf /etc/krb5.conf.bak
echo Creating /etc/krb5.conf
echo [domain_realm] > /etc/krb5.conf
echo sidtest.local = sidtest.local >> /etc/krb5.conf
echo .sidtest.local = sidtest.local >> /etc/krb5.conf
echo [libdefaults] >> /etc/krb5.conf
echo default_realm = sidtest.local >> /etc/krb5.conf
echo [realms] >> /etc/krb5.conf
echo sidtest.local = { >> /etc/krb5.conf
echo admin_server = sidtest.local:464 >> /etc/krb5.conf
echo default_domain = sidtest.local >> /etc/krb5.conf
echo kdc = dc1.sidtest.local:88 >> /etc/krb5.conf
echo kdc = dc2.sidtest.local:88 >> /etc/krb5.conf
echo } >> /etc/krb5.conf
echo Finished Configuring PAM AD Integration
echo Finished Configuring PAM AD Integration >> /var/log/post_install.log
echo Adding authorized Active Directory users - Please Wait
echo Adding authorized Active Directory users >> /var/log/post_install.log
useradd -m ssmith -g wheel -G adm
useradd -m jbower -g wheel -G adm
useradd -m cobrian -g wheel -G adm
useradd -m talmeda -g wheel -G adm
useradd -m t01bo3L -g wheel -G adm
useradd -m t44bblk -g wheel -G adm
echo Autorized Active Directory Users added
echo Autorized Active Directory Users added >> /var/log/post_install.log

 

Now we will prevent root login from the physical console

 

echo Preventing root form loggin on to console
echo Preventing root form loggin on to console >> /var/log/post_install.log
echo Backing up /etc/securetty
echo Backing up /etc/securetty >> /var/log/post_install.log
mv /etc/securetty /etc/securetty.bak
touch /etc/securetty
echo Preventing root form loggin on to console complete
echo Preventing root form loggin on to console complete >> /var/log/post_install.log

Here we will set our local password policy for all local accounts

echo Setting local password policy
echo Setting local password policy >> /var/log/post_install.log
echo Setting maximum number of days to keep a password
esxcfg-auth --passmaxdays=90
echo Setitng password minimum days between changes
esxcfg-auth --passmindays=1
echo Setting Password warning time befor change required
esxcfg-auth --passwarnage=14
echo Setting local password policy complete
echo Setting local password policy complete>> /var/log/post_install.log

Now let’s set the Message of Day and Welcome.js message

echo COnfiguring MOTD login banner – Please Wait
echo COnfiguring MOTD login banner >> /var/log/post_install.log

echo “

Warning!!! This computer system is private and may be accessed only
by authorized users. Data and programs in this system are confidential
and proprietary to the system owner and may not be accessed without
authorization. Unauthorized users or users who exceed their authorized
level of access are subject to disciplinary action, up to and including
termination and are subject to prosecution under state or federal law.
Activity on this computer system is logged.

” > /etc/motd

echo MOTD Login Banner COnfiguration Complete
echo MOTD Login Banner COnfiguration Complete >> /var/log/post_install.log

echo COnfiguring /usr/lib/vmware/hostd/docroot/en/welcomeRes.js banner – Please Wait
echo COnfiguring /usr/lib/vmware/hostd/docroot/en/welcomeRes.js banner >> /var/log/post_install.log

echo Backing up existing WelcomeRes.js
echo Backing up existing WelcomeRes.js >> /var/log/post_install.log
mv /usr/lib/vmware/hostd/docroot/en/welcomeRes.js /usr/lib/vmware/hostd/docroot/en/welcomeRes.js.bak

esxcfg-firewall –allowOutGoing
sleep 20

cd /tmp

lwp-download http://192.168.12.200/welcomeRes.js

cp /tmp/welcomeRes.js /usr/lib/vmware/hostd/docroot/en/welcomeRes.js

esxcfg-firewall –blockOutGoing
sleep 20

echo COnfiguring /usr/lib/vmware/hostd/docroot/en/welcomeRes.js banner Complete
echo COnfiguring /usr/lib/vmware/hostd/docroot/en/welcomeRes.js banner Complete >> /var/log/post_install.log

Last but not least we will install the EMC Naviagent and the HP SIM agent

echo Permorming the installation of the EMC NaviAgentCli
echo Permorming the installation of the EMC NaviAgentCli >> /var/log/post_install.log

echo Downloading the EMC NaviAgentCli – Please Wait
echo Downloading the EMC NaviAgentCli – Please Wait >> /var/log/post_install.log
esxcfg-firewall –allowOutGoing
sleep 20

cd /tmp
lwp-download http://192.168.12.200/naviagentcli-6.19.4.7.0-1.noarch.rpm

esxcfg-firewall –blockOutGoing
sleep 20

echo Installing the EMC NaviAgentCli – Please wait
echo Installing the EMC NaviAgentCli – Please wait >> /var/log/post_install.log
rpm -ivh naviagentcli-6.19.4.7.0-1.noarch.rpm
sleep 20
/etc/init.d/naviagent start

echo Permorming the installation of the EMC NaviAgentCli Complete
echo Permorming the installation of the EMC NaviAgentCli Complete >> /var/log/post_install.log

echo Permorming the installation of the HP SIM Agent ver 7.9.1
echo Permorming the installation of the HP SIM Agent ver 7.9.1 >> /var/log/post_install.log

echo Downloading the HP SIM Agent – Please Wait
echo Downloading the HP SIM Agent – Please Wait >> /var/log/post_install.log
esxcfg-firewall –allowOutGoing
sleep 20

cd /tmp
lwp-download http://192.168.12.200/NYL/hpmgmt-7.9.1-vmware3x.tgz

esxcfg-firewall –blockOutGoing
sleep 20

echo Building HP SIM Answer File – Please wait
echo Building HP SIM Abswer File – Please Wait >> /var/log/post_install.log

echo export CMASILENT=”YES” > /tmp/sidtest_AF.conf
echo export CMANOSTARTINSTALL=”hpasmd” >> /tmp/sidtest_AF.conf
echo export ENABLEHPIMPORT=Y >> /tmp/sidtest.conf
echo export ENABLESNMPSERVICE=Y >> /tmp/sidtest_AF.conf
echo export ENABLESIMCERTPORT=Y >> /tmp/sidtest_AF.conf

echo Installing the HP SIM Agent – Please wait
echo Installing the HP SIM Agent – Please wait >> /var/log/post_install.log
tar xvfz /tmp/hpmgmt-7.9.1-vmware3x.tgz
cd /tmp/hpmgmt/791/
./installvm791.sh –silent –inputfile /tmp/sidtest_AF.conf
sleep 60
echo Installing the HP SIM Agent – Complete
echo Installing the HP SIM Agent – Complete >> /var/log/post_install.log

echo Configuring SNMPd.conf – Please wait
echo Configuring SNMPD.conf – Please wait >> /var/log/post_install.log

echo Making a backup of /etc/snmp/snmpd.conf
echo Making a backup of /etc/snmp/snmpd.conf >> /var/log/post_install.log

mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak

echo dlmod cmaX /usr/lib/libcmaX.so > /etc/snmp/snmpd.conf
echo rocommunity hrasmidep 127.0.0.1 >> /etc/snmp/snmpd.conf
echo rocommunity hrasmidep 172.31.44.12 >> /etc/snmp/snmpd.conf
echo rocommunity hrasmidep 172.28.137.14 >> /etc/snmp/snmpd.conf
echo trapcommunity hrasmidep >> /etc/snmp/snmpd.conf
echo trapsink 172.31.44.12 hrasmidep >> /etc/snmp/snmpd.conf
echo trapsink 172.28.137.14 hrasmidep >> /etc/snmp/snmpd.conf
echo syscontact root@localhost >> /etc/snmp/snmpd.conf
echo syslocation CNJ >> /etc/snmp/snmpd.conf
echo dlmod SNMPESX /usr/lib/vmware/snmp/libSNMPESX.so >> /etc/snmp/snmpd.conf

echo Configuring SNMPD.conf – Complete
echo Configuring SNMPD.conf – Complete >> /var/log/post_install.log

echo Permorming the installation of the HP SIM Agent ver 7.9.1 Complete
echo Permorming the installation of the HP SIM Agent ver 7.9.1 Complete >> /var/log/post_install.log

echo Recording Build Script data to host > /etc/build_info
echo Built using Sid_Smith_kickstart_test_script_v1_0.cfg >> /etc/build_info
echo Script Version 1.0 >> /etc/build_info
echo ESX 3.5 Update 3 >> /etc/build_info


######## Installationa and Configuration is finished ######
echo Your server is now installed and configured.  Please review the installation
echo log file at /var/log/post_install.log to verify that there are no errors. Your
echo server will now entered into maintenace mode and will reboot.  Please follow the
echo remaining steps in your automated deployment documentation. 
echo          
echo     Script developed by: Sid Smith
##########
sleep 30
##### Put Server in Maintenance Mode #####
echo Server will now enter maintenance mode
echo Server will now enter maintenance mode >> /var/log/post_install.log
vmware-vim-cmd /hostsvc/maintenance_mode_enter >> /var.log.post_install.log
EOF1
###Make esxcfg.sh eXcutable
chmod +x /tmp/esxcfg.sh

###Backup original rc.local file
cp /etc/rc.d/rc.local /etc/rc.d/rc.local.bak

###Make esxcfg.sh run from rc.local and make rc.local reset itself
cat >> /etc/rc.d/rc.local <<EOF
cd /tmp
/tmp/esxcfg.sh
mv -f /etc/rc.d/rc.local.bak /etc/rc.d/rc.local
shutdown -r now
EOF

It’s important to remember that you should always use a linux compatible editor to edit your script.  If you have been using Notepad remember to open change and save your script in a linux compatible editor before trying to run.  In the next and final part to this blog we will go throuigh deployment options and perform a test deployment of this script.

 I have also included the script as an attachment to this post below:

ESX Automated Deployment Script

*Please excuse some of the formatting in this post.  I am still getting use to the interface and had some issues with the formatting.

4 Replies to “Automated Deployment of ESX Hosts Part III”

  1. very detailed. can you help me trouble shoot the following. ftp auto installation esx4. get to 95%, then aborts. script is everything else, my last resort was modifying isolinux.cfg

    95% complete-making the initial ramdisk
    error: unable to regenerate initrd, system in unknown state. please
    check log files for errors and correct before rebooting

    error: failed to update /boot/trouble.
    error: /usr/sbin/esxcfg-boot failed, examine /var/log/vmware/esxcfg-boot

    95% complete-writing GRUB to the master boot record
    97% complete-boot setup
    No.
    installation aborted

    [Errno 2] no such file or directory: ‘/mnt/sysimage/boot/initrd.img’
    see /var/log/esx_install.log

    press to reboot

Leave a Reply