The vMA (vSphere Management Assistant) is a virtual appliance provided by VMware that allows to manage vCenter Server or ESX Hosts and run scripts. You can also use it to run script periodically with cron. It is a small linux appliance delivered with all necessary tools out of the box. I usually deploy a vMA on each platform. This post describes how to prepare scripts to be used with cron and how to create cronjobs. The process is very similar on all vMA versions from vSphere 4.0 to vSphere 5.5.

Add Hosts with vi‐fastpass

To run commands without authentication you have to add your servers to vi-fastpass. You can add ESXi hosts or the vCenter Server (or both). Use vifp addserver interactive, or with all required parameters. This configuration is persistent between reboots.

vi-admin@vma:~> vifp addserver esx1.virten.local --username root --password 'vmware' vi-admin@vma:~> vifp addserver esx2.virten.local --username root --password 'vmware' vi-admin@vma:~> vifp addserver esx3.virten.local --username root --password 'vmware' vi-admin@vma:~> vifp addserver vcsa.virten.local --username root --password 'vmware'

Use vifp listservers to see a list of all configured targets.

vi-admin@vma:~> vifp listservers esx1.virten.local ESXi esx2.virten.local ESXi esx3.virten.local ESXi vcsa.virten.local vCenter

Prepare Scripts

Using vi-fastpass authentication in scripts is very simple. Just use the libraries provided by VMware. This little snippet runs something against all targets:

#!/usr/bin/perl -w use VMware::VIRuntime; use VMware::VmaTargetLib; my $service_content; my @targets = VmaTargetLib::enumerate_targets(); foreach my $target(@targets) { $target->login(); $service_content = Vim::get_service_content(); #do something $target->logout(); }

You can find other sample scripts at /opt/vmware/vma/samples/perl on your vMA:

vi-admin@vma:~> ls -l /opt/vmware/vma/samples/perl total 24 -r--r--r-- 1 root root 2660 Jul 15 2013 README -r-xr-xr-x 1 root root 9023 Jul 15 2013 bulkAddServers.pl -r-xr-xr-x 1 root root 1282 Jul 15 2013 listTargets.pl -r-xr-xr-x 1 root root 2452 Jul 15 2013 mcli.pl

An use case could be the esxcfg-perf.pl script by virtuallyGhetto. I modified this script to send performance metrics from ESXi hosts to resource monitoring tool like graphite or munin.

Create Cronjobs

To run the script periodically, you have to create a cron job. I usually run these jobs with the vi-admin user. The cronjob syntax is simple:

* * * * * command | | | | | | | | | ----- Day of week (0 - 7) (Sunday=0 or 7) | | | ------- Month (1 - 12) | | --------- Day of month (1 - 31) | ----------- Hour (0 - 23) ------------- Minute (0 - 59)

You also have to specify LD_LIBRARY_PATH in the crontab, or you will get an error message. In this example I am goging to create a cronjob that will run my script every 5 minutes:

Open Crontab edit mode. This will open the vi editor. vi-admin@vma:~> crontab -e Press i to enter insert mode and add your cronjobs. LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/vmware/vma/lib64:/opt/vmware/vma/lib */5 * * * * /home/vi-admin/scripts/esxi-perf.pl Press <ESC> : w q <ENTER> to install the crontab.

Troubleshooting

When a cronjob fails or produces output, you can find the output at /var/mail/vi-admin. It will display a shell warning when something happend:

You have new mail in /var/mail/vi-admin

You get one of the following error messages:

Can't load '/usr/lib/perl5/site_perl/5.10.0/libvmatargetlib_perl.so' for module vmatargetlib_perl: libtypes.so: cannot open shared object file: No such file or directory at /usr/lib/perl5/5.10.0/x86_64-linux-thread-multi/DynaLoader.pm line 203.

at /usr/lib/perl5/site_perl/5.10.0/VMware/VmaTargetLib.pm line 10

Compilation failed in require at /usr/lib/perl5/site_perl/5.10.0/VMware/VIFPLib.pm line 9.

BEGIN failed--compilation aborted at /usr/lib/perl5/site_perl/5.10.0/VMware/VIFPLib.pm line 9.

Compilation failed in require at /home/vi-admin/graphite/esxi-perf-graphite.pl line 5.

BEGIN failed--compilation aborted at /home/vi-admin/graphite/esxi-perf-graphite.pl line 5.

The script fails due to missing libraries. Verify that you've set LD_LIBRARY_PATH in your crontab correctly:

LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/vmware/vma/lib64:/opt/vmware/vma/lib

You get the following error messages:

"Server version unavailable at 'https://[host]:443/sdk/vimService.wsdl' at /usr/lib/perl5/5.10.0/VMware/VICommon.pm line 545."

This message is caused by a failed SSL verification. If you do not have valid SSL certificates, Disable SSL Verification in your script:

# Disable SSL Verification export PERL_LWP_SSL_VERIFY_HOSTNAME=0

When trying to edit the crontab, you get the following error message

vi-admin@vma:~> crontab -e

-bash: /usr/bin/crontab: Permission denied

This happens since vMA 5.5 where, for security purposes, the vi-admin user is not allowed to create cronjobs. Use sudo chmod +rx /usr/bin/crontab to make it executable for everyone (or add the vi-admin user to the trusted group) and add vi-admin to /etc/cron.allow.

vi-admin@vma:~> ll /usr/bin/crontab -rwsr-x--- 1 root trusted 40432 Apr 2 2013 /usr/bin/crontab vi-admin@vma:~> sudo chmod +rx /usr/bin/crontab vi-admin@vma:~> ll /usr/bin/crontab -rwsr-xr-x 1 root trusted 40432 Apr 2 2013 /usr/bin/crontab