3 ESXi Backup Methods using the Command-Line

Regularly backing up an ESXi host’s configuration, should be part of your recovery strategy. Doing this, allows you to quickly restore a host to a known working configuration using PowerCLI, vSphere CLI, or ESXi shell commands.

In a couple of previous posts, namely The perils of enabling DirectPath I/O on ESXi and How to roll back to a previous ESXi version, I wrote on how the configuration of an ESXi host is backed up automatically to a file called state.tgz at 1 hour intervals using a script triggered via a cron job.

What’s new to this post, is the ability to export state.tgz using one-liner commands. Better still, you can put together a script that backs up the configuration of one or more ESXi hosts. You can then automate the process using either the Windows job scheduler or perhaps a cron job running on Linux. The only issue with automating the process is how one handles passwords, more so if the root password is different for every host or frequently change.

Restoring a host’s configuration is very easy as we shall see.

Even though I’m targeting ESXi 6.5, the procedure equally applies to earlier releases of ESXi going back to version 4.0. However, do refer to the ESXi release’s documentation to verify command line functionality.

 

Using PowerCLI


If you don’t have PowerCLI installed, head here and download it. Once installed, make sure to run PowerCLI as an administrator.

 

Backup

To back up the host’s configuration, use the Get-VMHostFirmware cmdlet. In the example shown next, I backed up the configuration for host 192.168.29.10 to the c:\esxi_backups folder on my laptop. Note that you must first establish a connection to the host using the Connect-VIServer cmdlet.

Connect-VIServer 192.168.28.10 -user root -password <password>
Get-VMHostFirmware -vmhost 192.168.28.10 -BackupConfiguration -DestinationPath c:\esxi_backups
Using PowerCLI to backup the configuration of an ESXi host

Using PowerCLI to backup the configuration of an ESXi host

 

Restore

Restoring back the host’s configuration from the backup file involves one extra step. The host must first be put in maintenance mode, using the Set-VMHost cmdlet like so.

Set-VMHost -VMHost 192.168.28.10 -State Maintenance
Use the Set-VMHost PowerCLI cmdlet to put a host in maintenance mode

Use the Set-VMHost PowerCLI cmdlet to put a host in maintenance mode

 

When ESXi is in maintenance mode, use the Set-VMHostFirmware PowerCLI command to restore the host’s configuration from a previous backup.

Note 1: The host will reboot automatically after running the command, so make sure to power off or migrate any VMs hosted on it.

Note 2: The build number and UUID of the host you’re restoring to, must match those backed up. The UUID check can be skipped by adding the -force parameter to the Set-VMHost cmdlet. The cmdlet fails to run if there’s a mismatch in the build number. Always make sure you restore to the correct host to safeguard the integrity of your environment.

Set-VMHost -VMHost 192.168.28.10 -State Maintenance
Set-VMHostFirmware -vmhost 192.168.28.10 -Restore -SourcePath C:\esxi_backups\configBundle-192.168.28.10.tgz -HostUser root -HostPassword <password>
Restoring the configuration of a host using PowerCLI

Restoring the configuration of a host using PowerCLI

 

Using the ESX Command Line


ESXi’s vim-cmd allows you to backup and restore the host’s configuration directly from shell. To do this, enable SSH on the host and use putty to log in as root. Once you’re in, run the following two commands in the given order. You are given a URL which you’ll use to download the TGZ bundle from the host using a standard browser. Note that you need the replace the * character in the URL with the IP address of the ESXi host. I am not quite sure why the IP address of the host is not included from the start.

vim-cmd hostsvc/firmware/sync_config
vim-cmd hostsvc/firmware/backup_config
Using vim-cmd from the ESXi command line to backup the host's configuration

Using vim-cmd from the ESXi command line to backup the host’s configuration

 

Just like the PowerCLI method, you must first put the host in maintenance mode before you’re able to restore from a configuration backup file. To do this, we’re still using vim-cmd. You also need to copy the backup file to a folder on the ESXi host using something like WinSCP. The host will then reboot to complete the restore process.

vim-cmd hostsvc/maintenance_mode_enter
vim-cmd hostsvc/firmware/restore_config /tmp/configBundle-esx-pn1.vsphere65.local.tgz

 

Using the vSphere CLI


You can download the latest version of vSphere CLI from here. On Windows machines, CLI commands consisting of Perl script are run from the default location C:\Program Files (x86)\VMware\VMware vSphere CLI\bin. Since we’re dealing with Perl scripts, one must also install a Perl interpreter. The ones suggested by VMware can be downloaded from here or here.

vSphere CLI consists of a series of Perl scripts. A Perl interpreter needs to be installed prior to installing vSphere CLI

vSphere CLI consists of a series of Perl scripts. A Perl interpreter needs to be installed prior to installing vSphere CLI

 

For this post, I chose to download the Strawberry release. Note, after installing Strawberry, you must add c:\strawberry\c\bin to %path% on Windows to avoid running into missing DLL issues like what’s shown next. To this just open an administrative prompt and type path=%path%;c:\strawberry\c\bin. The change will only persist for the current command session. If you want the path change to stick, go to System Properties and edit it by clicking on the Environment Variables button in Windows.

Most Perl installations require that you modify the path environment variable to include the DLL folder which would otherwise result in the type of errors shown

Perl installations require you to modify the path environment variable to include the DLL folder which would otherwise result in the type of error shown

 

Modifying the path environment variable to include the path to the Perl's interpreter DLL folder

Modifying the path environment variable to include the path to the Perl’s interpreter DLL folder

 

The Perl script we need to run is called vicfgcfgbackup. This is used to carry out both backup and restore operations. To back up the configuration of ESXi, follow the procedure described next.

  1. Open an administrative command prompt.
  2. Run cd \”Program Files (x86)\VMware\VMware vSphere CLI\bin”.
  3. Run vicfg-cfgbackup.pl –server=<host IP address> –username=root -s <backup filename>.
  4. Type in the ESXi’s root password.
Using vicfg-cfgbackup to back up an ESXi's configuration

Using vicfg-cfgbackup to back up an ESXi’s configuration

 

To restore back from a specific configuration backup file, follow the same procedure only this time replacing the -s parameter with -l. The next screenshot illustrates the process. You’ll be warned that the host will reboot. Typing yes, completes the restore process.

vicfg-cfgbackup.pl --server=192.168.16.69 --username=root -l c:\esxi_backups\16_69_esxiconfig.tgz
The vicfg-cfgbackup command is used for both backups and restores

The vicfg-cfgbackup command is used for both backups and restores

 

Conclusion


Backing up the configuration of ESXi pays, in the long run, more so if you do this on a frequent basis. Scheduled backups allow you to restore to the latest known working configuration. You can easily learn about what’s being backed up and/or restored by uncompressing the backup and examining the contents. Keep uncompressing until you end up with the /etc folder and examine the contents. This will give you an idea of when a restore might come in handy. So, for instance, the passwd file hints at the possibility of recovering from a forgotten root password if you have a very recent backup.

2017-12-20 10_47_14-esxi_backups

 

That’s it for today. If you found this post useful, or have any feedback on what’s been discussed drop me a comment below.

[the_ad id=”4738″][thrive_leads id=’18673′]

Share this post

Not a DOJO Member yet?

Join thousands of other IT pros and receive a weekly roundup email with the latest content & updates!

Leave a comment

Your email address will not be published. Required fields are marked *