Save to My DOJO
Regularly backing up an ESXi host’s configuration, should be part of your recovery strategy. Doing this, allows you to quickly restore a host to a known working configuration using PowerCLI, vSphere CLI, or ESXi shell commands.
In a couple of previous posts, namely The perils of enabling DirectPath I/O on ESXi and How to roll back to a previous ESXi version, I wrote on how the configuration of an ESXi host is backed up automatically to a file called state.tgz at 1 hour intervals using a script triggered via a cron job.
What’s new to this post, is the ability to export state.tgz using one-liner commands. Better still, you can put together a script that backs up the configuration of one or more ESXi hosts. You can then automate the process using either the Windows job scheduler or perhaps a cron job running on Linux. The only issue with automating the process is how one handles passwords, more so if the root password is different for every host or frequently change.
Restoring a host’s configuration is very easy as we shall see.
Even though I’m targeting ESXi 6.5, the procedure equally applies to earlier releases of ESXi going back to version 4.0. However, do refer to the ESXi release’s documentation to verify command line functionality.
If you don’t have PowerCLI installed, head here and download it. Once installed, make sure to run PowerCLI as an administrator.
To back up the host’s configuration, use the Get-VMHostFirmware cmdlet. In the example shown next, I backed up the configuration for host 192.168.29.10 to the c:\esxi_backups folder on my laptop. Note that you must first establish a connection to the host using the Connect-VIServer cmdlet.
Connect-VIServer 192.168.28.10 -user root -password <password> Get-VMHostFirmware -vmhost 192.168.28.10 -BackupConfiguration -DestinationPath c:\esxi_backups
Set-VMHost -VMHost 192.168.28.10 -State Maintenance
When ESXi is in maintenance mode, use the Set-VMHostFirmware PowerCLI command to restore the host’s configuration from a previous backup.
Note 1: The host will reboot automatically after running the command, so make sure to power off or migrate any VMs hosted on it.
Note 2: The build number and UUID of the host you’re restoring to, must match those backed up. The UUID check can be skipped by adding the -force parameter to the Set-VMHost cmdlet. The cmdlet fails to run if there’s a mismatch in the build number. Always make sure you restore to the correct host to safeguard the integrity of your environment.
Set-VMHost -VMHost 192.168.28.10 -State Maintenance Set-VMHostFirmware -vmhost 192.168.28.10 -Restore -SourcePath C:\esxi_backups\configBundle-192.168.28.10.tgz -HostUser root -HostPassword <password>
Using the ESX Command Line
ESXi’s vim-cmd allows you to backup and restore the host’s configuration directly from shell. To do this, enable SSH on the host and use putty to log in as root. Once you’re in, run the following two commands in the given order. You are given a URL which you’ll use to download the TGZ bundle from the host using a standard browser. Note that you need the replace the * character in the URL with the IP address of the ESXi host. I am not quite sure why the IP address of the host is not included from the start.
vim-cmd hostsvc/firmware/sync_config vim-cmd hostsvc/firmware/backup_config
Just like the PowerCLI method, you must first put the host in maintenance mode before you’re able to restore from a configuration backup file. To do this, we’re still using vim-cmd. You also need to copy the backup file to a folder on the ESXi host using something like WinSCP. The host will then reboot to complete the restore process.
vim-cmd hostsvc/maintenance_mode_enter vim-cmd hostsvc/firmware/restore_config /tmp/configBundle-esx-pn1.vsphere65.local.tgz
Using the vSphere CLI
You can download the latest version of vSphere CLI from here. On Windows machines, CLI commands consisting of Perl script are run from the default location C:\Program Files (x86)\VMware\VMware vSphere CLI\bin. Since we’re dealing with Perl scripts, one must also install a Perl interpreter. The ones suggested by VMware can be downloaded from here or here.
For this post, I chose to download the Strawberry release. Note, after installing Strawberry, you must add c:\strawberry\c\bin to %path% on Windows to avoid running into missing DLL issues like what’s shown next. To this just open an administrative prompt and type path=%path%;c:\strawberry\c\bin. The change will only persist for the current command session. If you want the path change to stick, go to System Properties and edit it by clicking on the Environment Variables button in Windows.
The Perl script we need to run is called vicfg–cfgbackup. This is used to carry out both backup and restore operations. To back up the configuration of ESXi, follow the procedure described next.
- Open an administrative command prompt.
- Run cd \”Program Files (x86)\VMware\VMware vSphere CLI\bin”.
- Run vicfg-cfgbackup.pl –server=<host IP address> –username=root -s <backup filename>.
- Type in the ESXi’s root password.
To restore back from a specific configuration backup file, follow the same procedure only this time replacing the -s parameter with -l. The next screenshot illustrates the process. You’ll be warned that the host will reboot. Typing yes, completes the restore process.
vicfg-cfgbackup.pl --server=192.168.16.69 --username=root -l c:\esxi_backups\16_69_esxiconfig.tgz
Backing up the configuration of ESXi pays, in the long run, more so if you do this on a frequent basis. Scheduled backups allow you to restore to the latest known working configuration. You can easily learn about what’s being backed up and/or restored by uncompressing the backup and examining the contents. Keep uncompressing until you end up with the /etc folder and examine the contents. This will give you an idea of when a restore might come in handy. So, for instance, the passwd file hints at the possibility of recovering from a forgotten root password if you have a very recent backup.
That’s it for today. If you found this post useful, or have any feedback on what’s been discussed drop me a comment below.
[the_ad id=”4738″][thrive_leads id=’18673′]
Not a DOJO Member yet?
Join thousands of other IT pros and receive a weekly roundup email with the latest content & updates!