Upgrade ESXi to 6.5 using the CLI

Here’s an easy three step procedure to update your ESXi to the latest build using the CLI.

Step1- SSH into your ESXi host and modify the firewall:

esxcli network firewall ruleset set -e true -r httpClient

Step2- List latest available packages:

esxcli software sources profile list -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml | grep -i ESXi-6.5

Step3- Select latest, install and reboot:

esxcli software profile update -p ESXi-6.5.0-4564106-standard -d http://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml

Note I had to run Step3 twice on some hosts.

Redirect to HTTPS

sudo vim /etc/apache2/sites-enabled/000-default.conf

ServerAdmin [email protected]
DocumentRoot /var/www/html/
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://www.titantechcorp.com

sudo vim /etc/apache2/sites-available/default-ssl.conf

ServerAdmin [email protected]
ServerName titantechcorp.com
ServerAlias www.titantechcorp.com
DocumentRoot /var/www/html/wordpress/

Upgrade ESXi to 6.5 from a USB Drive

Here’s an easy three step process to update your ESXi host to the latest build using a USB Flash Drive.

Step1- Download latest ISO VMware vSphere Hypervisor(ESXi) 6.5 ISO
https://my.vmware.com/en/group/vmware/evalcenter?p=free-esxi6

Step2- Download and run Rufus
https://rufus.akeo.ie/

Step3- Click the CD icon and point to the ISO you downloaded, leave everything else default and click start
(Note you may get a popup requesting to replace the menu, to avoid issues with the USB key not booting you’ll need to click Yes to download the updated file.)

I have performed this method on versions 5.5 and 6

Boot DBAN from a USB Flash Drive

Here’s a two step process to easily create a bootable DBAN USB dive to permanently erase a hardrive.

Step1- Download the latest ISO from DBAN:
http://www.dban.org/

Step2- Download and run the “Universal USB Installer”, select DBAN from the drop down list:
https://www.pendrivelinux.com/universal-usb-installer-easy-as-1-2-3/

Reference:
https://www.pendrivelinux.com/install-dban-to-a-usb-flash-drive-using-windows/

Postfix send error

Symptom is no email is being received
tail /var/mail/root contains the following error:
Diagnostic-Code: X-Postfix; unknown user:

When you install postfix if your hostname includes your domain then Postfix thinks its receiving mail for the domain, to fix:
vim /etc/postfix/main.cf
remove [yourdomain.com] from mydestination section

restart postfix and retest
postfix stop
postfix start

Reference:
http://stackoverflow.com/questions/32877196/postfix-thinks-the-system-email-is-local

How to manage an ESXi host from OSX

If you need to manage ESXi hosts using your MAC, with “ESXi Embedded Host Client” you can manage it through the browser!
Simply, SSH into your ESXi host and run the following commands, no need to reboot:

esxcli software vib install -v http://download3.vmware.com/software/vmw-tools/esxui/esxui-signed-4493986.vib

esxcli software vib install -v http://download3.vmware.com/software/vmw-tools/esxui/VMware-Remote-Console-9.0.0-MacOS.vib

Reference:
https://labs.vmware.com/flings/esxi-embedded-host-client

Upgrade to ESXi 6.0 Update 2

While upgrading to ESXi 6.0 Update 2 you receive:

VIB VMware_bootbank_esx-base_6.0.0-2.34.3620759 requires vsan >= 6.0.0-2.34, but the requirement cannot be satisfied within the ImageProfile.

Run:

esxcli software profile update -p ESXi-6.0.0-20160302001-standard -d /vmfs/volumes/datastore1/updates/update-from-esxi6.0-6.0_update02.zip

Determine the build number and the latest update applied by running the command:

vmware -vl

Reference:
https://my.vmware.com/group/vmware/patch#search
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2144595

AWS SSH Tricks

Here some simple steps for creating an additional user and copying their public ssh key:

Download private key, secure file:
chmod 600 myPrivateKey.pem

Publish .pem private key to OSX keychain:
ssh-add -K myPrivateKey.pem

Copy publickey to server
scp myPublicKey.pub [email protected]:~

Create user, move key to
sudo adduser [new user] sudo
sudo mv myPublicKey.pub /home/[new user]/

Switch to su [new user]
mkdir ~/.ssh
chmod 700 ~/.ssh
sudo cat myPublicKey.pub >> ~/.ssh/authorized_keys

If errors you may need to take ownership:
sudo chown -R [new user]:[new user] /home/[new user]/.ssh/authorized_keys

Check key and logon:
cat authorized_keys
ssh [~.amazonaws.com]

Secure files:
chmod 600 ~/.ssh/authorized_keys

Copy files and directorys to AWS server:
scp -r * [ip]:~/temp/

Also use this to add pub direct:
cat myPublicKey.pub | ssh user@[ip] “cat >> ~/.ssh/authorized_keys”

Reference:
https://help.ubuntu.com/community/SSH/OpenSSH/Keys
https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys–2
http://blogs.aws.amazon.com/security/post/Tx3N8GFK85UN1G6/Securely-connect-to-Linux-instances-running-in-a-private-Amazon-VPC

Upgrade ESXi 5.x to 6

How to update ESXi 5.x to the latest build of 6

Sign into VMware and start the trial for VMware vSphere:
https://my.vmware.com/group/vmware/evalcenter?p=vsphere6

Use VMware Software Manager to download VMware-ESXi-6.0.0-2494585-depot.zip
http://www.vmware.com/products/software-manager/

Using vSphere Client upload to local datastore, enable SSH, enter maintenance mode and run the following command:

esxcli software profile update -d /vmfs/volumes/datastore1/updates/VMware-ESXi-6.0.0-2494585-depot.zip -p ESXi-6.0.0-2494585-standard

Reboot and verify version 6.0.0, 2494585

vmware -vl

Download and apply latest patches:
https://www.vmware.com/patchmgr/findPatch.portal

esxcli software vib update -d /vmfs/volumes/datastore1/updates/ESXi600-201504001.zip

Reboot and verify version 6.0.0, 2615704

Reference:

http://www.vladan.fr/easily-upgrade-esxi-5-x-to-the-latest-esxi-5-5-update-1-via-cli/
http://www.v-front.de/2015/03/vsphere-6-is-ga-ultimate-guide-to.html

Cisco ASDM “Unable to launch device manager”

Seems every time theres a Java update ASDM breaks…

A simple fix is to access via Firefox https://(your IP) and run the ASDM through the browser. Once you successfully connect you will have a new shortcut on the desktop for the ASDM, fixed!

If for some reason you don’t have the shortcut, open Control Panel->Java Control Panel and under Temporary Internet Files select View, click ASDM and on the top toolbar there a button to create a shortcut on your desktop.

Note: don’t bother with IE11 as the quantity of hoops you need to jump through to get it to work will just drive you nuts.

Reference:
https://supportforums.cisco.com/discussion/12077481/unable-launch-device-manager-asdm-issue