Video Training Tiplet: Adding an ESXi 4.1 Host to vCenter Server and Configuring Lockdown Mode

Going through a vCenter upgrade to 4.1, and need a quick tiplet? How about this one on adding an ESXi 4.1 Host to vCenter Server. You’ll learn how to accomplish the task, as well as how to verify that the ESX server you’re adding is indeed the correct ESX server.  At the same time you'll learn about setting Lockdown Mode on that host, a great solution for restricting configurations to only the vCenter Server console.   Transcript: Hey, this is Greg Shields with another Windows IT Pro Video Training Tiplet, this time on Adding an ESXi version 4.1 host to vCenter Server and also configuring Lockdown Mode. Now if you’ve already gone through the process of installing ESXi onto a server somewhere, you’ll see I have already done that here, the next step is to add that ESXi host into a vCenter Server somewhere. That vCenter Server provides the mechanism to manage that ESXi instance across all the ESX servers you have. Now, obviously, in order to do this you need to have a vCenter infrastructure. You have to install vCenter Server. I’ve done that here to the server vcenter.company.pri. You also need to create a Datacenter. That Datacenter ends up becoming the boundary of administration, and I’ve done that here by creating Our DataCenter. Now adding a host into that Datacenter is relatively easy, you right-click and choose Add Host. Its at this point that we create that connection between vCenter Server and that ESX host. We do that here by putting in the hostname or the IP address. In my case, that’s 192.168.0.28, and then the username and password. Remember that we’re connecting in to an ESX host here. So our username starts with root, and then whatever password we entered in when we finished the post-installation configuration of that ESXi host. If I click the Next button here, you’ll see that we get a security alert that says that vCenter Server is unable to verify the authenticity of the host we’re attempting to connect to, and the SHA1 thumbprint of the certif

Greg Shields

September 3, 2010

4 Min Read
ITPro Today logo in a gray background | ITPro Today

Going through a vCenter upgrade to 4.1, and need a quick tiplet? How about this one on adding an ESXi 4.1 Host to vCenter Server. You’ll learn how to accomplish the task, as well as how to verify that the ESX server you’re adding is indeed the correct ESX server.  At the same time you'll learn about setting Lockdown Mode on that host, a great solution for restricting configurations to only the vCenter Server console.

 

Transcript:

Hey, this is Greg Shields with another Windows IT Pro Video Training Tiplet, this time on Adding an ESXi version 4.1 host to vCenter Server and also configuring Lockdown Mode. Now if you’ve already gone through the process of installing ESXi onto a server somewhere, you’ll see I have already done that here, the next step is to add that ESXi host into a vCenter Server somewhere. That vCenter Server provides the mechanism to manage that ESXi instance across all the ESX servers you have.

Now, obviously, in order to do this you need to have a vCenter infrastructure. You have to install vCenter Server. I’ve done that here to the server vcenter.company.pri. You also need to create a Datacenter. That Datacenter ends up becoming the boundary of administration, and I’ve done that here by creating Our DataCenter. Now adding a host into that Datacenter is relatively easy, you right-click and choose Add Host.

Its at this point that we create that connection between vCenter Server and that ESX host. We do that here by putting in the hostname or the IP address. In my case, that’s 192.168.0.28, and then the username and password. Remember that we’re connecting in to an ESX host here. So our username starts with root, and then whatever password we entered in when we finished the post-installation configuration of that ESXi host.

If I click the Next button here, you’ll see that we get a security alert that says that vCenter Server is unable to verify the authenticity of the host we’re attempting to connect to, and the SHA1 thumbprint of the certificate is this. Now, a lot of us just click Yes here to assume that we trust this host, but this is a little bit of a security feature that allows us to indeed verify that we do have the right host that we’re looking for.

Let me actually go ahead and bring up this ESXi host that we were looking at before. If I hit F2 to go ahead and customize the system, and then enter in my username and password – root and whatever that password is – you’ll notice that among the different options that are available to me is this link called View Support Information. You’ll notice also under View Support Information I have that SSL thumbprint that is associated with this server. The thing that you’ll want to do is verify that this SSL thumbprint is the same thumbprint that you’re receiving as you try to add that ESX host into vCenter. If the two are the same, we know that we can trust this host.

We have a couple of different selections here also, we have a host summary screen (that really doesn’t tell us that much). We can assign a license here as well. If we have an existing license, we can assign an existing license to this host. Or add a new license here if we have a license key for it. We get those license keys off of VMware.com. If its an eval license, you’ll see we also have an expiration for that host. In this case, its 9/26/2010.

Now the next screen is where we identify whether we want to turn on Lockdown Mode or not. And you can turn it on later if you don’t want to turn it on at this point. But Lockdown Mode is essentially the mechanism by which you tell vCenter Server that its going to be the only location where you’re going to do management of ESX. You won’t actually be able to do management of those ESX hosts on those hosts if you turn on Lockdown Mode. Now this is a great thing if you’re in a high security environment or if you want to make sure that all of your administrators do all of their management inside of vCenter Server and not on the ESX host.

I’m going to click the checkbox here to enable Lockdown Mode, and then identify that I want to put this ESX host into Our DataCenter. Once I’m through, I hit Ready to Complete and Finish, and it will go through the process of adding this host into vCenter Server.

And if you liked this tip, come on back to WindowsITPro.com for more great Video Training Tiplets. Thanks for watching.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like