Tag Archives: host profiles

VCAP-DCA Study notes 5.1 – Implement and Maintain Host Profiles

Host Profiles are a new feature to vSphere 4 but are only available to Enterprise+ licencees. As my company haven’t yet found a need for Enterprise+ features I’d not really worked with them before so this section was new to me. Interestingly the main reference given in the blueprint is the Datacenter Administration Guide which has very little about host profiles. The ESX/ESXi configuration guides have a small section on host profiles but not much, so the best reference is probably the VMware Host Profiles – Technical Overview whitepaper.

Skills and Abilities

  • Use Profile Editor to edit and/or disable policies
  • Create sub‐profiles
  • Use Host Profiles to deploy vDS

Tools & learning resources

Host Profiles (VCP revision)

Basically host profiles are the equivalent of Microsoft’s Group Policy, but for VMware hosts.

  • Two primary uses
    • Ease deployment challenges (faster, more consistent)
    • Ongoing configuration control and audit reporting
  • Policy options (determining how a configuration setting is applied)
    • Use a fixed configuration
    • Ask the user how to configure it
    • Use an intelligent policy (using one or multiple criterion)
    • Disregard a setting
  • Works in a similar fashion to Update Manager;
  1. Create a baseline from a reference host.
  2. Attach the host profile to the hosts or clusters you want to configure
  3. Remediate (configure) the hosts or clusters
  4. Review compliance status
  • Unlike VUM it can’t remediate all the hosts in a cluster automatically (it won’t put them into maintenance mode for you etc). You can attach a profile to the cluster but you have to apply to each host manually (this is largely because the host profile may require user input).
  • Can only be used on vSphere hosts (not VI 3.x)
  • Must be created using a reference host, or imported from a previously created host profile.
  • Can be exported (in VMware Profile Format, *.vcf, which is XML content).  Host Profiles are not shared using vCentre Linked Mode, you have to export/import to other vCentre instances.
    NOTE: Administrator passwords aren’t exported as a security measure.
  • An ESX reference host can be applied to either ESX or ESXi. An ESXi reference host can ONLY be applied to another ESXi host.
  • When updating a host using a host profile you have to manually put the host in maintenance mode first. This is a significant issue for some people (although if you’re licenced for host profiles you’ve also got licences for vMotion and DRS so moving VMs off the host is potentially easier). Note that you need to enter maintenance mode even for trivial settings such as setting the time, timezone etc. Any setting which normally requires a reboot (changing service console memory for example) will still need a reboot.
  • You must have both host profile privileges (create, delete, edit etc) AND privileges to configure the area in question (Networking, Storage etc) for the operation to be allowed.

REAL WORLD: When building a new ESX/ESXi host it will have a 60 day eval period with all features enabled so even if you don’t have Enterprise+ licencing you can use host profiles for initial configuration.

Continue reading VCAP-DCA Study notes 5.1 – Implement and Maintain Host Profiles