Thu Sep 29 13:03:32 +07 2022

Some stuff related VMware and SSL certificates

Certificates are located in /etc/vmware/ssl
rui.key is the private key            mod 400
rui.crt is the certificate + the CA   mod 644

The private key is installed once for all
The certificate is generated/installed by ~on/letsencrypt/install_cert_virtual

After installing the new certificates, restart the management agents:
/etc/init.d/hostd restart
/etc/initt.d/vpxa restart

If that does not work, try to restart the agent manually from the console.
Or try the command dcui from an ssh connection.

I have not tried the solutions below.

See also https://www.nakivo.com/blog/how-to-restart-management-agents-on-a-vmware-esxi-host/

4. Use this command as an alternative, to restart all management
agents on the ESXi host.

services.sh restart &tail -f /var/log/jumpstart-stdout.log

The progress of the VMware agents restart is displayed in the console
output.  VMware restart management agents with services.sh

5. You can also try to reset the management network on a VMkernel
interface:

esxcli network ip interface set -e false -i vmk0; esxcli network ip interface set -e true -i vmk0

The vmk0 interface is used by default on ESXi. If you have a different
name for the management network interface, use the appropriate
interface name in the command.

This complex command consists of two basic commands separated by ;
(semicolon). The vmk0 management network interface is disabled by the
first part of the command. When this part is executed successfully and
vmk0 is down, then the second part of the command is executed to
enable the vmk0 interface. As a result, the ESXi management network
interface is restarted.

The authorized_keys file for root is in
/etc/ssh/keys_root/authorized_keys

It can be used from ufo
sudo ssh -i /root/.ssh/id_rsa_virtual root@virtualX

Crontab for root is in
/var/spool/cron/crontab/root

Posted by Olivier | Permanent link