Sep 1

Just attended a session that did a decent overview of the vMA.

MA6580 Bridge the ESX/ESXi Management Gap Using the vSphere Management Assistant (vMA) – Tips & Tricks Included.

With ESX classic no longer something we should be using, we need a way to really manage ESXi. vMA is a VM that you can download from VMware. It is built on centos and contains the vsphere cli as well as the sdk. There is quite a community of people developing scripts for use on it. The VM is also supported by VMware.

From the session there was one site that caught my eye. William Lam has apparently written some excellent scripts for the vMA. A security hardening script and health check script. The session explained the security hardening script has every setting from the security document from VMware.

vMA 4.1 was recently release and you can update to this later version from inside your vMA 4.0 using vima-update. You’ll need to use sudo of course.

vMA can assist you with collecting logs from your ESXi hosts.

Here are some vMA best practices collected from the session.
1. Put vMA on a management network.
2. Use static ip and FQDN and DNS.
3. Enabled NTP using UTC, ESXi only uses UTC.
4. Use vMA to connect to vCLI.
5. Limit use of resxtop, resxtop should be used for real time troubleshooting not monitoring.
6. Cleanup local accounts left behind when using new vMA or destroying it.

I will have to make sure my co-workers look over the slides once they are available.