Save to My DOJO
Regularly backing up an ESXi host’s configuration, should be part of your recovery strategy. Doing this, allows you to quickly restore a host to a known working configuration using PowerCLI, vSphere CLI, or ESXi shell commands.
In a couple of previous posts, namely The perils of enabling DirectPath I/O on ESXi and How to roll back to a previous ESXi version, I wrote on how the configuration of an ESXi host is backed up automatically to a file called state.tgz at 1 hour intervals using a script triggered via a cron job.
What’s new to this post, is the ability to export state.tgz using one-liner commands. Better still, you can put together a script that backs up the configuration of one or more ESXi hosts. You can then automate the esxi backup process using either the Windows job scheduler or perhaps a cron job running on Linux. The only issue with automating the VMware esxi process is how one handles passwords, more so if the root password is different for every host or frequently change.
Restoring a host’s configuration is very easy as we shall see.
Even though I’m targeting ESXi 6.5, the backup esxi procedure equally applies to earlier releases of ESXi going back to version 4.0. However, do refer to the ESXi release’s documentation to verify esxi command line functionality.
If you don’t have PowerCLI installed, head here and download it. Once installed, make sure to run PowerCLI as an administrator.
To back up the host’s configuration, use the Get-VMHostFirmware cmdlet. In the example shown next, I backed up the esxi configuration for host 192.168.29.10 to the c:\esxi_backups folder on my laptop. Note that you must first establish a connection to the host using the Connect-VIServer cmdlet.
Connect-VIServer 192.168.28.10 -user root -password <password>
Get-VMHostFirmware –vmhost 192.168.28.10 -BackupConfiguration -DestinationPath c:\esxi_backups
Using PowerCLI to backup the configuration of an ESXi host
Set-VMHost -VMHost 192.168.28.10 -State Maintenance
Use the Set-VMHost PowerCLI cmdlet to put a host in maintenance mode
When ESXi is in maintenance mode, use the Set-VMHostFirmware PowerCLI command to restore the host’s configuration from a previous backup configuration.
Note 1: The host will reboot automatically after running the command, so make sure to power off or migrate any VMs hosted on it.
Note 2: The build number and UUID of the host you’re restoring to, must match those backed up. The UUID check can be skipped by adding the -force parameter to the Set-VMHost cmdlet. The cmdlet fails to run if there’s a mismatch in the build number. Always make sure you restore to the correct host to safeguard the integrity of your environment, i.e., to avoid any mismatch with the esxi build numbers.
Set-VMHost -VMHost 192.168.28.10 -State Maintenance
Set-VMHostFirmware -vmhost 192.168.28.10 -Restore -SourcePath C:\esxi_backups\configBundle-192.168.28.10.tgz -HostUser root -HostPassword <password>
Restoring the configuration of a host using PowerCLI
ESXi’s vim-cmd allows you to backup and restore the host’s configuration directly from shell. To do this, enable SSH on the host and use putty to log in as root. Once you’re in, run the following two commands in the given order. You are given a URL which you’ll use to download the TGZ bundle from the host using a standard browser. Note that you need the replace the * character in the URL with the IP address of the ESXi host. I am not quite sure why the IP address of the host is not included from the start.
Using vim-cmd from the ESXi command line to backup the host’s configuration
Just like the PowerCLI method, you must first put the esxi host in maintenance mode before you’re able to restore from a configuration backup file. To do this, we’re still using vim-cmd. You also need to copy the backup file to a folder on the ESXi host using something like WinSCP. The host will then reboot to complete the esxi backup and restore process.
vim-cmd hostsvc/firmware/restore_config /tmp/configBundle-esx-pn1.vsphere65.local.tgz
You can download the latest version of vSphere CLI from here. On Windows machines, CLI commands consisting of Perl script are run from the default location C:\Program Files (x86)\VMware\VMware vSphere CLI\bin. Since we’re dealing with Perl scripts, one must also install a Perl interpreter. The ones suggested by VMware can be downloaded from here or here.
vSphere CLI consists of a series of Perl scripts. A Perl interpreter needs to be installed prior to installing vSphere CLI
For this post, I chose to download the Strawberry release. Note, after installing Strawberry, you must add c:\strawberry\c\bin to %path% on Windows to avoid running into missing DLL issues like what’s shown next. To this just open an administrative prompt and type path=%path%;c:\strawberry\c\bin. The change will only persist for the current esxi command line session. If you want the path change to stick, go to System Properties and edit it by clicking on the Environment Variables button in Windows.
Perl installations require you to modify the path environment variable to include the DLL folder which would otherwise result in the type of error shown
Modifying the path environment variable to include the path to the Perl’s interpreter DLL folder
The Perl script we need to run is called vicfg–cfgbackup. This is used to carry out both backup and restore operations. To back up the configuration of ESXi, follow the procedure described next.
- Open an administrative command prompt.
- Run cd \”Program Files (x86)\VMware\VMware vSphere CLI\bin”.
- Run vicfg-cfgbackup.pl –server=<host IP address> –username=root -s <backup filename>.
- Type in the ESXi’s root password.
Using vicfg-cfgbackup to back up an ESXi’s configuration
To restore back from a specific configuration backup file, follow the same esxi backup procedure only this time replacing the -s parameter with -l. The next screenshot illustrates the process. You’ll be warned that the host will reboot. Typing yes, completes the restore process.
vicfg-cfgbackup.pl –server=192.168.16.69 –username=root -l c:\esxi_backups\16_69_esxiconfig.tgz
The vicfg-cfgbackup command is used for both backups and restores
Backing up the configuration of ESXi pays, in the long run, more so if you do this on a frequent basis. Scheduled backups allow you to restore to the latest known working configuration. You can easily learn about what’s being backed up and/or restored by uncompressing the esxi backup and examining the contents. Keep uncompressing until you end up with the /etc folder and examine the contents. This will give you an idea of when a restore might come in handy. So, for instance, the passwd file hints at the possibility of recovering from a forgotten root password if you have a very recent esxi backup.
That’s it for today. If you found this post useful, or have any feedback on what’s been discussed drop me a comment below.
Not a DOJO Member yet?
Join thousands of other IT pros and receive a weekly roundup email with the latest content & updates!