vSphere ESXi 7.0 Host Installation - Paiet/Tech-Journal-for-Everything GitHub Wiki
Make sure the host meets the minimum hardware configurations supported by ESXi7.0:
Hardware and System Resources
To install or upgrade ESXi, your hardware and system resources must meet the following requirements:
For a list of supported platforms, see the VMware Compatibility Guide:
https://www.vmware.com/resources/compatibility/search.php
- ESXi 7.0 requires a host machine with at least two CPU cores - ESXi 7.0 supports 64-bit x86 processors released after September 2006 - ESXi 7.0 requires the NX/XD bit to be enabled for the CPU in the BIOS - ESXi 7.0 requires a minimum of 4 GB of physical RAM. It is recommended to provide at least 8 GB of RAM to run virtual machines in typical production environments. - ESXi 7.0 requires one or more Gigabit or faster Ethernet controllers. - ESXi 7.0 requires a boot disk of at least 8 GB for USB or SD devices, and 32 GB for other device types such as HDD, SSD, or NVMe. A boot device must not be shared between ESXi hosts.
SCSI disk or a local, non-network, RAID LUN with unpartitioned space for the virtual machines.
To support 64-bit virtual machines, support for hardware virtualization (Intel VT-x or AMD RVI) must be enabled on x64 CPUs.
For Serial ATA (SATA), a disk connected through supported SAS controllers or supported on-board SATA controllers. SATA disks are considered remote, not local. These disks are not used as a scratch partition by default because they are seen as remote.
NOTE: You cannot connect a SATA CD-ROM device to a virtual machine on an ESXi 7.0 host. To use the SATA CD-ROM device, you must use IDE emulation mode.
What are the ESXi Booting Requirements?
vSphere 7.0 supports booting ESXi hosts from the Unified Extensible Firmware Interface (UEFI). With UEFI, you can boot systems from hard drives, CD-ROM drives, or USB media.
Starting with vSphere 6.7, VMware Auto Deploy supports network booting and provisioning of ESXi hosts with UEFI. ESXi can boot from a disk larger than 2 TB if the system firmware and the firmware on any add-in card that you are using support it.
What are the Storage Requirements for ESXi 7.0 Installation or Upgrade?
Installing ESXi 7.0 requires a boot device that is a minimum of 8 GB for USB or SD devices, and 32 GB for other device types. Upgrading to ESXi 7.0 requires a boot device that is a minimum of 4 GB. When booting from a local disk, SAN or iSCSI LUN, a 32 GB disk is required to allow for the creation of system storage volumes, which include a boot partition, boot banks, and a VMFS-L based ESX-OSData volume. The ESX-OSData volume takes on the role of the legacy /scratch partition, VM-tools, and core dump destination.
The recommended ESXi 7.0 install options are the following:
-
An 8 GB USB or SD and an additional 32 GB local disk. The ESXi boot partitions reside on the USB or SD and the ESX-OSData volume resides on the local disk.
-
A local disk with a minimum of 32 GB. The disk contains the boot partitions and ESX-OSData volume.
-
A local disk of 142 GB or larger. The disk contains the boot partitions, ESX-OSData volume, and VMFS datastore.
The ESXi 7.0 system storage volumes can occupy up to 138 GB of disk space. A VMFS datastore is only created if the local disk device has at least 4 GB additional free space. To share a boot device with a local VMFS datastore, you need to use a local disk of 142 GB or larger.
If a local disk cannot be found, then ESXi 7.0 operates in degraded mode where certain functionality is disabled and the /scratch partition is on the RAM disk, linked to /tmp. You can reconfigure /scratch to use a separate disk or LUN.
NOTE: For best performance and memory optimization, do not run ESXi in degraded mode.
The upgrade process to ESXi 7.0 repartitions the boot device and consolidates the original core dump, locker, and scratch partitions into the ESX-OSData volume.
NOTE: Rollback to an earlier version of ESXi is not possible due to the repartitioning process of the boot device. To use an earlier version of ESXi after upgrading to version 7.0, you must create a backup of the boot device before the upgrade, and restore the ESXi boot device from the backup.
Due to the I/O sensitivity of USB and SD devices, the installer only creates a VMFS-L locker partition on these devices to store VM-tools and core dump files. When installing or upgrading on USB or SD devices, the installer attempts to allocate an ESX-OSData region on an available local disk. A datastore is used for /scratch, if there is no available space. If no local disk or datastore is found, /scratch is placed on the RAM disk. After the installation or upgrade, reconfigure /scratch to use a persistent datastore or add a new disk for system storage volumes.
To reconfigure /scratch, see Set the Scratch Partition from the vSphere Web Client:
Although an 8 GB USB or SD device is sufficient for a minimal installation, you should use a larger device. The additional space is used for an expanded core dump file and the extra flash cells of a high-quality USB flash drive can prolong the life of the boot media. Use a 32 GB or larger high-quality USB flash drive. See Knowledge Base article http://kb.vmware.com/kb/2004784
In Auto Deploy installations, the installer attempts to allocate a scratch region on an available local disk or datastore. If no local disk or datastore is found, the /scratch partition is placed on the RAM disk. Reconfigure /scratch to use a persistent datastore after the installation.
For environments that boot from a SAN or use Auto Deploy, the ESX-OSData volume for each ESXi host must be set up on a separate SAN LUN. However, if /scratch is configured not to use ESX-OSData, you do not need to allocate a separate LUN for /scratch for each host. You can co-locate the scratch regions for multiple ESXi hosts onto a single LUN. The number of hosts assigned to any single LUN should be weighed against the LUN size and the I/O behavior of the virtual machines.
ESXi 7.0 Installation on M.2 and other Non-USB Low-end Flash Media
Unlike USB flash devices, the ESXi installer creates system storage volumes and a VMFS datastore on M.2 and other non-USB low-end flash media. If you deploy a virtual machine or migrate a virtual machine to this boot device datastore, the boot device can be worn out quickly depending on the endurance of the flash device and the characteristics of the workload. As even read-only workloads can cause problems on low-end flash devices, you should install ESXi only on high-endurance flash media.
Incoming and Outgoing Firewall Ports for ESXi Hosts: https://ports.vmware.com/
Recommended Minimum Size and Rotation Configuration for hostd, vpxa, and fdm Logs:
Log Max Log Size Rotations to Preserve Min Disk Space Required
Management Agent 10 MB 10 100 MB (hostd)
VirtualCenter Agent (vpxa) 5 MB 10 50 MB
vSphere HA agent (Fault Domain Manager, fdm) 5 MB 10 50 MB
The following guest operating systems and Web browser versions are supported for the VMware Host Client:
Supported Browsers Mac OS Windows Linux
Google Chrome 50+ 50+ 50+
Mozilla Firefox 45+ 45+ 45+
Internet Explorer N/A 11+ N/A
Microsoft Edge N/A 38+ N/A
Safari 9.0+ N/A N/A
ESXi Passwords and Account Lockout:
For ESXi hosts, you have to use a password with predefined requirements. You can change the required length and character class requirement or allow pass phrases using the Security.PasswordQualityControl advanced option.
You can also set the number of passwords to remember for each user using the Security.PasswordHistory advanced option.
ESXi uses the Linux PAM module pam_passwdqc for password management and control.
ESXi Passwords:
ESXi enforces password requirements for access from the Direct Console User Interface, the ESXi Shell, SSH, or the VMware Host Client.
By default, you have to include a mix of characters from four character classes:
- lowercase letters
- uppercase letters
- numbers
- special characters (such as underscore or dash)
By default, password length is more than 7 and less than 40
Passwords cannot contain a dictionary word or part of a dictionary word
NOTE: An uppercase character that begins a password does not count toward the number of character classes used. A number that ends a password does not count toward the number of character classes used.
ESXi Pass Phrase:
You can also use a pass phrase; however, pass phrases are disabled by default.
You can change this default or other settings, by using the Security.PasswordQualityControl advanced option from the vSphere Client.
NOTE: For legacy hosts, changing the /etc/pamd/passwd file is still supported, but changing the file is deprecated for future releases. Use the Security.PasswordQualityControl advanced option instead.
Changing Default Password Restrictions:
You can change the default restriction on passwords or pass phrases by using the Security.PasswordQualityControl advanced option for your ESXi host
ESXi Account Lockout Behavior:
Starting with vSphere 6.0, account locking is supported for access through SSH and through the vSphere Web Services SDK. The Direct Console Interface (DCUI) and the ESXi Shell do not support account lockout. By default, a maximum of five failed attempts is allowed before the account is locked. The account is unlocked after fifteen minutes by default.
Configuring Login Behavior:
You can configure the login behavior for your ESXi host with the following advanced options:
Security.AccountLockFailures - Maximum number of failed login attempts before a user's account is locked. Zero disables account locking.
Security.AccountUnlockTime - Number of seconds that a user is locked out.
Security.PasswordHistory - Number of passwords to remember for each user. Zero disables password history.
Required Information for ESXi Installation: https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.esxi.install.doc/GUID-4CBEADFB-FBBD-49B6-A39C-FC810ECC1E49.html