Host Profiles ensure all hosts in the cluster have the same configuration.

1

Log in to vCenter Server by using the vSphere Web Client.

a

Open a Web browser and go to https://mgmt01vc51.lax01.rainpole.local/vsphere-client.

b

Log in using the following credentials.

Setting

Value

User name

administrator@vsphere.local

Password

vsphere_admin_password

2

Create a Host Profile from mgmt01esx51.lax01.rainpole.local

a

In the Navigator, select Hosts and Clusters and expand the mgmt01vc51.lax01.rainpole.local tree.

b

Right-click the ESXi host mgmt01esx51.lax01.rainpole.local and choose Host Profiles > Extract Host Profile.

c

In the Extract Host Profile window, enter LAX01-Mgmt01 for the Name and click Next.

d

In the Ready to complete page, click Finish.

3

Attach the Host Profile to the management cluster.

a

In the Navigator, select Hosts and Clusters and expand the mgm01vc51.lax01.rainpole.local tree.

b

Right-click on the LAX01-Mgmt01 cluster and choose Host Profiles > Attach Host Profile.

c

In the Attach Host Profile window, click the LAX01-Mgmt01 Host Profile, select the Skip Host Customization checkbox and click Finish.

4

Create a Host Customizations profile for the hosts in the management cluster.

a

In the Navigator, select Policies and Profiles.

b

Click Host Profiles, then right click LAX01-Mgmt01 and choose Export Host Customizations.

c

Click Save.

d

Choose a file location to save the LAX01-Mgmt01_host_customizations.csv file.

e

Open the LAX01-Mgmt01_host_customizations.csv in Excel.

f

Edit the Excel file to include the following values.

ESXi Host

Active Directory Configuration Password

Active Directory Configuration Username

NetStack Instance defaultTcpipStack->DNS configuration

Name for this host

mgmt01esx51.lax01.rainpole.local

ad_admin_password

ad_admin_acct@lax01.rainpole.local

mgmt01esx51

mgmt01esx52.lax01.rainpole.local

ad_admin_password

ad_admin_acct@lax01.rainpole.local

mgmt01esx52

mgmt01esx53.lax01.rainpole.local

ad_admin_password

ad_admin_acct@lax01.rainpole.local

mgmt01esx53

mgmt01esx54.lax01.rainpole.local

ad_admin_password

ad_admin_acct@lax01.rainpole.local

mgmt01esx54

ESXi Host

Host virtual NIC vDS-Mgmt:vDS-Mgmt-Management:management->IP address settings

Host IPv4 address

Host virtual NIC vDS-Mgmt:vDS-Mgmt-Management:management->IP address settings

SubnetMask

mgmt01esx51.lax01.rainpole.local

172.17.11.101

255.255.255.0

mgmt01esx52.lax01.rainpole.local

172.17.11.102

255.255.255.0

mgmt01esx53.lax01.rainpole.local

172.17.11.103

255.255.255.0

mgmt01esx54.lax01.rainpole.local

172.17.11.104

255.255.255.0

ESXi Host

Host virtual NIC vDS-Mgmt:vDS-Mgmt-NFS:<UNRESOLVED>->IP address settings

Host IPv4 address

Host virtual NIC vDS-Mgmt:vDS-Mgmt-NFS:<UNRESOLVED>->IP address settings

SubnetMask

mgmt01esx51.lax01.rainpole.local

172.17.15.101

255.255.255.0

mgmt01esx52.lax01.rainpole.local

172.17.15.102

255.255.255.0

mgmt01esx53.lax01.rainpole.local

172.17.15.103

255.255.255.0

mgmt01esx54.lax01.rainpole.local

172.17.15.104

255.255.255.0

ESXi Host

Host virtual NIC vDS-Mgmt:vDS-Mgmt-VR:vSphereReplication,vSphereReplicationNFC->IP address settings

Host IPv4 address

Host virtual NIC vDS-Mgmt:vDS-Mgmt-VR:vSphereReplication,vSphereReplicationNFC->IP address settings

SubnetMask

mgmt01esx51.lax01.rainpole.local

172.17.16.101

255.255.255.0

mgmt01esx52.lax01.rainpole.local

172.17.16.102

255.255.255.0

mgmt01esx53.lax01.rainpole.local

172.17.16.103

255.255.255.0

mgmt01esx54.lax01.rainpole.local

172.17.16.104

255.255.255.0

ESXi Host

Host virtual NIC vDS-Mgmt:vDS-Mgmt-VSAN:vsan->IP address settings

Host IPv4 address

Host virtual NIC vDS-Mgmt:vDS-Mgmt-VSAN:vsan->IP address settings

SubnetMask

mgmt01esx51.lax01.rainpole.local

172.17.13.101

255.255.255.0

mgmt01esx52.lax01.rainpole.local

172.17.13.102

255.255.255.0

mgmt01esx53.lax01.rainpole.local

172.17.13.103

255.255.255.0

mgmt01esx54.lax01.rainpole.local

172.17.13.104

255.255.255.0

ESXi Host

Host virtual NIC vDS-Mgmt:vDS-Mgmt-vMotion:vmotion->IP address settings

Host IPv4 address

Host virtual NIC vDS-Mgmt:vDS-Mgmt-vMotion:vmotion->IP address settings

SubnetMask

mgmt01esx51.lax01.rainpole.local

172.17.12.101

255.255.255.0

mgmt01esx52.lax01.rainpole.local

172.17.12.102

255.255.255.0

mgmt01esx53.lax01.rainpole.local

172.17.12.103

255.255.255.0

mgmt01esx54.lax01.rainpole.local

172.17.12.104

255.255.255.0

g

When you have updated the Excel file, save it in the CSV file format and close Excel.

h

Click the Configure tab.

i

Click the Edit Host Customizations button.

j

In the Edit Host Customizaions window select all hosts and click Next.

k

Click the Browse button to use a customization file, locate the LAX01-Mgmt01_host_customizations.csv file saved earlier and select it and click Open then click Finish.

5

Remediate the hosts in the management cluster

a

Click the Monitor tab and click Compliance.

b

Select LAX01-Mgmt01 and click the Check Host Profile Compliance button.

c

Select mgmt01esx52.lax01.rainpole.local, click the Remediate host based on its host profile button, and click Finish on the Ready to complete window.

d

Select mgmt01esx53.lax01.rainpole.local, click the Remediate host based on its host profile button, and click Finish on the Ready to complete window.

e

Select mgmt01esx54.lax01.rainpole.local, click the Remediate host based on its host profile button, and click Finish on the Ready to complete window.

All hosts should show a Compliant status in the Host Compliance column.

6

Schedule nightly compliance checks.

a

On the Policies and Profiles page, click LAX01-Mgmt01, click the Monitor tab, and then click the Scheduled Tasks subtab.

b

Click Schedule a New Task then click Check Host Profile Compliance.

c

In the Check Host Profile Compliance (scheduled) window click Scheduling Options.

d

Enter LAX01-Mgmt01 Complance Check in the Task Name field.

e

Click the Change button on the Configured Scheduler line.

f

In the Configure Scheduler window select Setup a recurring schedule for this action and change the Start time to 10:00 PM and click OK.

g

Click OK in the Check Host Profile Compliance (scheduled) window.