salt.modules.vsphere

Manage VMware vCenter servers and ESXi hosts.

New in version 2015.8.4.

Dependencies

  • pyVmomi Python Module
  • ESXCLI

pyVmomi

PyVmomi can be installed via pip:

pip install pyVmomi

Note

Version 6.0 of pyVmomi has some problems with SSL error handling on certain versions of Python. If using version 6.0 of pyVmomi, Python 2.6, Python 2.7.9, or newer must be present. This is due to an upstream dependency in pyVmomi 6.0 that is not supported in Python versions 2.7 to 2.7.8. If the version of Python is not in the supported range, you will need to install an earlier version of pyVmomi. See Issue #29537 for more information.

Based on the note above, to install an earlier version of pyVmomi than the version currently listed in PyPi, run the following:

pip install pyVmomi==5.5.0.2014.1.1

The 5.5.0.2014.1.1 is a known stable version that this original vSphere Execution Module was developed against.

ESXCLI

Currently, about a third of the functions used in the vSphere Execution Module require the ESXCLI package be installed on the machine running the Proxy Minion process.

The ESXCLI package is also referred to as the VMware vSphere CLI, or vCLI. VMware provides vCLI package installation instructions for vSphere 5.5 and vSphere 6.0.

Once all of the required dependencies are in place and the vCLI package is installed, you can check to see if you can connect to your ESXi host or vCenter server by running the following command:

esxcli -s <host-location> -u <username> -p <password> system syslog config get

If the connection was successful, ESXCLI was successfully installed on your system. You should see output related to the ESXi host's syslog configuration.

Note

Be aware that some functionality in this execution module may depend on the type of license attached to a vCenter Server or ESXi host(s).

For example, certain services are only available to manipulate service state or policies with a VMware vSphere Enterprise or Enterprise Plus license, while others are available with a Standard license. The ntpd service is restricted to an Enterprise Plus license, while ssh is available via the Standard license.

Please see the vSphere Comparison page for more information.

About

This execution module was designed to be able to handle connections both to a vCenter Server, as well as to an ESXi host. It utilizes the pyVmomi Python library and the ESXCLI package to run remote execution functions against either the defined vCenter server or the ESXi host.

Whether or not the function runs against a vCenter Server or an ESXi host depends entirely upon the arguments passed into the function. Each function requires a host location, username, and password. If the credentials provided apply to a vCenter Server, then the function will be run against the vCenter Server. For example, when listing hosts using vCenter credentials, you'll get a list of hosts associated with that vCenter Server:

# salt my-minion vsphere.list_hosts <vcenter-ip> <vcenter-user> <vcenter-password>
my-minion:
- esxi-1.example.com
- esxi-2.example.com

However, some functions should be used against ESXi hosts, not vCenter Servers. Functionality such as getting a host's coredump network configuration should be performed against a host and not a vCenter server. If the authentication information you're using is against a vCenter server and not an ESXi host, you can provide the host name that is associated with the vCenter server in the command, as a list, using the host_names or esxi_host kwarg. For example:

# salt my-minion vsphere.get_coredump_network_config <vcenter-ip> <vcenter-user>         <vcenter-password> esxi_hosts='[esxi-1.example.com, esxi-2.example.com]'
my-minion:
----------
    esxi-1.example.com:
        ----------
        Coredump Config:
            ----------
            enabled:
                False
    esxi-2.example.com:
        ----------
        Coredump Config:
            ----------
            enabled:
                True
            host_vnic:
                vmk0
            ip:
                coredump-location.example.com
            port:
                6500

You can also use these functions against an ESXi host directly by establishing a connection to an ESXi host using the host's location, username, and password. If ESXi connection credentials are used instead of vCenter credentials, the host_names and esxi_hosts arguments are not needed.

# salt my-minion vsphere.get_coredump_network_config esxi-1.example.com root <host-password>
local:
----------
    10.4.28.150:
        ----------
        Coredump Config:
            ----------
            enabled:
                True
            host_vnic:
                vmk0
            ip:
                coredump-location.example.com
            port:
                6500
salt.modules.vsphere.add_host_to_dvs(host, username, password, vmknic_name, vmnic_name, dvs_name, portgroup_name, protocol=None, port=None, host_names=None)

Adds an ESXi host to a vSphere Distributed Virtual Switch DOES NOT migrate the ESXi's physical and virtual NICs to the switch (yet) (please don't remove the commented code)

salt.modules.vsphere.coredump_network_enable(host, username, password, enabled, protocol=None, port=None, esxi_hosts=None)

Enable or disable ESXi core dump collection. Returns True if coredump is enabled and returns False if core dump is not enabled. If there was an error, the error will be the value printed in the Error key dictionary for the given host.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
enabled
Python True or False to enable or disable coredumps.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
esxi_hosts
If host is a vCenter host, then use esxi_hosts to execute this function on a list of one or more ESXi machines.

CLI Example:

# Used for ESXi host connection information
salt '*' vsphere.coredump_network_enable my.esxi.host root bad-password True

# Used for connecting to a vCenter Server
salt '*' vsphere.coredump_network_enable my.vcenter.location root bad-password True             esxi_hosts='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.enable_firewall_ruleset(host, username, password, ruleset_enable, ruleset_name, protocol=None, port=None, esxi_hosts=None)

Enable or disable an ESXi firewall rule set.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
ruleset_enable
True to enable the ruleset, false to disable.
ruleset_name
Name of ruleset to target.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
esxi_hosts
If host is a vCenter host, then use esxi_hosts to execute this function on a list of one or more ESXi machines.
Returns:A standard cmd.run_all dictionary, per host.

CLI Example:

# Used for ESXi host connection information
salt '*' vsphere.enable_firewall_ruleset my.esxi.host root bad-password True 'syslog'

# Used for connecting to a vCenter Server
salt '*' vsphere.enable_firewall_ruleset my.vcenter.location root bad-password True 'syslog'             esxi_hosts='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.esxcli_cmd(host, username, password, cmd_str, protocol=None, port=None, esxi_hosts=None)

Run an ESXCLI command directly on the host or list of hosts.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
cmd_str

The ESXCLI command to run. Note: This should not include the -s, -u, -p, -h, --protocol, or --portnumber arguments that are

frequently passed when using a bare ESXCLI command from the command line. Those arguments are handled by this function via the other args and kwargs.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
esxi_hosts
If host is a vCenter host, then use esxi_hosts to execute this function on a list of one or more ESXi machines.

CLI Example:

# Used for ESXi host connection information
salt '*' vsphere.esxcli_cmd my.esxi.host root bad-password             'system coredump network get'

# Used for connecting to a vCenter Server
salt '*' vsphere.esxcli_cmd my.vcenter.location root bad-password             'system coredump network get' esxi_hosts='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.get_coredump_network_config(host, username, password, protocol=None, port=None, esxi_hosts=None)

Retrieve information on ESXi or vCenter network dump collection and format it into a dictionary.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
esxi_hosts
If host is a vCenter host, then use esxi_hosts to execute this function on a list of one or more ESXi machines.
Returns:A dictionary with the network configuration, or, if getting the network config failed, a an error message retrieved from the standard cmd.run_all dictionary, per host.

CLI Example:

# Used for ESXi host connection information
salt '*' vsphere.get_coredump_network_config my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.get_coredump_network_config my.vcenter.location root bad-password             esxi_hosts='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.get_firewall_status(host, username, password, protocol=None, port=None, esxi_hosts=None)

Show status of all firewall rule sets.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
esxi_hosts
If host is a vCenter host, then use esxi_hosts to execute this function on a list of one or more ESXi machines.
Returns:Nested dictionary with two toplevel keys rulesets and success success will be True or False depending on query success rulesets will list the rulesets and their statuses if success was true, per host.

CLI Example:

# Used for ESXi host connection information
salt '*' vsphere.get_firewall_status my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.get_firewall_status my.vcenter.location root bad-password             esxi_hosts='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.get_host_datetime(host, username, password, protocol=None, port=None, host_names=None)

Get the date/time information for a given host or list of host_names.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter the hosts for which to get date/time information.

If host_names is not provided, the date/time information will be retrieved for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.get_host_datetime my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.get_host_datetime my.vcenter.location root bad-password         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.get_ntp_config(host, username, password, protocol=None, port=None, host_names=None)

Get the NTP configuration information for a given host or list of host_names.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter the hosts for which to get ntp configuration information.

If host_names is not provided, the NTP configuration will be retrieved for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.get_ntp_config my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.get_ntp_config my.vcenter.location root bad-password         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.get_service_policy(host, username, password, service_name, protocol=None, port=None, host_names=None)

Get the service name's policy for a given host or list of hosts.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
service_name
The name of the service for which to retrieve the policy. Supported service names are:
  • DCUI
  • TSM
  • SSH
  • lbtd
  • lsassd
  • lwiod
  • netlogond
  • ntpd
  • sfcbd-watchdog
  • snmpd
  • vprobed
  • vpxa
  • xorg
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter the hosts for which to get service policy information.

If host_names is not provided, the service policy information will be retrieved for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.get_service_policy my.esxi.host root bad-password 'ssh'

# Used for connecting to a vCenter Server
salt '*' vsphere.get_service_policy my.vcenter.location root bad-password 'ntpd'         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.get_service_running(host, username, password, service_name, protocol=None, port=None, host_names=None)

Get the service name's running state for a given host or list of hosts.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
service_name
The name of the service for which to retrieve the policy. Supported service names are:
  • DCUI
  • TSM
  • SSH
  • lbtd
  • lsassd
  • lwiod
  • netlogond
  • ntpd
  • sfcbd-watchdog
  • snmpd
  • vprobed
  • vpxa
  • xorg
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter the hosts for which to get the service's running state.

If host_names is not provided, the service's running state will be retrieved for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.get_service_running my.esxi.host root bad-password 'ssh'

# Used for connecting to a vCenter Server
salt '*' vsphere.get_service_running my.vcenter.location root bad-password 'ntpd'         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.get_ssh_key(host, username, password, protocol=None, port=None, certificate_verify=False)

Retrieve the authorized_keys entry for root. This function only works for ESXi, not vCenter.

Parameters:
  • host -- The location of the ESXi Host
  • username -- Username to connect as
  • password -- Password for the ESXi web endpoint
  • protocol -- defaults to https, can be http if ssl is disabled on ESXi
  • port -- defaults to 443 for https
  • certificate_verify -- If true require that the SSL connection present a valid certificate
Returns:

True if upload is successful

CLI Example:

salt '*' vsphere.get_ssh_key my.esxi.host root bad-password certificate_verify=True
salt.modules.vsphere.get_syslog_config(host, username, password, protocol=None, port=None, esxi_hosts=None)

Retrieve the syslog configuration.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
esxi_hosts
If host is a vCenter host, then use esxi_hosts to execute this function on a list of one or more ESXi machines.
Returns:Dictionary with keys and values corresponding to the syslog configuration, per host.

CLI Example:

# Used for ESXi host connection information
salt '*' vsphere.get_syslog_config my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.get_syslog_config my.vcenter.location root bad-password             esxi_hosts='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.get_vmotion_enabled(host, username, password, protocol=None, port=None, host_names=None)

Get the VMotion enabled status for a given host or a list of host_names. Returns True if VMotion is enabled, False if it is not enabled.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter which hosts to check if VMotion is enabled.

If host_names is not provided, the VMotion status will be retrieved for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.get_vmotion_enabled my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.get_vmotion_enabled my.vcenter.location root bad-password         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.get_vsan_eligible_disks(host, username, password, protocol=None, port=None, host_names=None)

Returns a list of VSAN-eligible disks for a given host or list of host_names.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter which hosts to check if any VSAN-eligible disks are available.

If host_names is not provided, the VSAN-eligible disks will be retrieved for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.get_vsan_eligible_disks my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.get_vsan_eligible_disks my.vcenter.location root bad-password         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.get_vsan_enabled(host, username, password, protocol=None, port=None, host_names=None)

Get the VSAN enabled status for a given host or a list of host_names. Returns True if VSAN is enabled, False if it is not enabled, and None if a VSAN Host Config is unset, per host.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter which hosts to check if VSAN enabled.

If host_names is not provided, the VSAN status will be retrieved for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.get_vsan_enabled my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.get_vsan_enabled my.vcenter.location root bad-password         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.list_clusters(host, username, password, protocol=None, port=None)

Returns a list of clusters for the the specified host.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
salt '*' vsphere.list_clusters 1.2.3.4 root bad-password
salt.modules.vsphere.list_datacenters(host, username, password, protocol=None, port=None)

Returns a list of datacenters for the the specified host.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
salt '*' vsphere.list_datacenters 1.2.3.4 root bad-password
salt.modules.vsphere.list_datastore_clusters(host, username, password, protocol=None, port=None)

Returns a list of datastore clusters for the the specified host.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
salt '*' vsphere.list_datastore_clusters 1.2.3.4 root bad-password
salt.modules.vsphere.list_datastores(host, username, password, protocol=None, port=None)

Returns a list of datastores for the the specified host.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
salt '*' vsphere.list_datastores 1.2.3.4 root bad-password
salt.modules.vsphere.list_dvs(host, username, password, protocol=None, port=None)

Returns a list of distributed virtual switches for the the specified host.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
salt '*' vsphere.list_dvs 1.2.3.4 root bad-password
salt.modules.vsphere.list_folders(host, username, password, protocol=None, port=None)

Returns a list of folders for the the specified host.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
salt '*' vsphere.list_folders 1.2.3.4 root bad-password
salt.modules.vsphere.list_hosts(host, username, password, protocol=None, port=None)

Returns a list of hosts for the the specified VMware environment.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
salt '*' vsphere.list_hosts 1.2.3.4 root bad-password
salt.modules.vsphere.list_networks(host, username, password, protocol=None, port=None)

Returns a list of networks for the the specified host.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
salt '*' vsphere.list_networks 1.2.3.4 root bad-password
salt.modules.vsphere.list_non_ssds(host, username, password, protocol=None, port=None, host_names=None)

Returns a list of Non-SSD disks for the given host or list of host_names.

Note

In the pyVmomi StorageSystem, ScsiDisks may, or may not have an ssd attribute. This attribute indicates if the ScsiDisk is SSD backed. As this option is optional, if a relevant disk in the StorageSystem does not have ssd = true, it will end up in the non_ssds list here.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter the hosts for which to retrieve Non-SSD disks.

If host_names is not provided, Non-SSD disks will be retrieved for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.list_non_ssds my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.list_non_ssds my.vcenter.location root bad-password         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.list_resourcepools(host, username, password, protocol=None, port=None)

Returns a list of resource pools for the the specified host.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
salt '*' vsphere.list_resourcepools 1.2.3.4 root bad-password
salt.modules.vsphere.list_ssds(host, username, password, protocol=None, port=None, host_names=None)

Returns a list of SSDs for the given host or list of host_names.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter the hosts for which to retrieve SSDs.

If host_names is not provided, SSDs will be retrieved for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.list_ssds my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.list_ssds my.vcenter.location root bad-password         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.list_vapps(host, username, password, protocol=None, port=None)

Returns a list of vApps for the the specified host.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
salt '*' vsphere.list_vapps 1.2.3.4 root bad-password
salt.modules.vsphere.list_vms(host, username, password, protocol=None, port=None)

Returns a list of VMs for the the specified host.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
salt '*' vsphere.list_vms 1.2.3.4 root bad-password
salt.modules.vsphere.reset_syslog_config(host, username, password, protocol=None, port=None, syslog_config=None, esxi_hosts=None)

Reset the syslog service to its default settings.

Valid syslog_config values are logdir, loghost, logdir-unique, default-rotate, default-size, default-timeout, or all for all of these.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
syslog_config
List of parameters to reset, provided as a comma-delimited string, or 'all' to reset all syslog configuration parameters. Required.
esxi_hosts
If host is a vCenter host, then use esxi_hosts to execute this function on a list of one or more ESXi machines.
Returns:Dictionary with a top-level key of 'success' which indicates if all the parameters were reset, and individual keys for each parameter indicating which succeeded or failed, per host.

CLI Example:

syslog_config can be passed as a quoted, comma-separated string, e.g.

# Used for ESXi host connection information
salt '*' vsphere.reset_syslog_config my.esxi.host root bad-password             syslog_config='logdir,loghost'

# Used for connecting to a vCenter Server
salt '*' vsphere.reset_syslog_config my.vcenter.location root bad-password             syslog_config='logdir,loghost' esxi_hosts='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.service_restart(host, username, password, service_name, protocol=None, port=None, host_names=None)

Restart the named service for the given host or list of hosts.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
service_name
The name of the service for which to set the policy. Supported service names are:
  • DCUI
  • TSM
  • SSH
  • lbtd
  • lsassd
  • lwiod
  • netlogond
  • ntpd
  • sfcbd-watchdog
  • snmpd
  • vprobed
  • vpxa
  • xorg
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter the hosts for which to restart the service.

If host_names is not provided, the service will be restarted for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.service_restart my.esxi.host root bad-password 'ntpd'

# Used for connecting to a vCenter Server
salt '*' vsphere.service_restart my.vcenter.location root bad-password 'ntpd'         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.service_start(host, username, password, service_name, protocol=None, port=None, host_names=None)

Start the named service for the given host or list of hosts.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
service_name
The name of the service for which to set the policy. Supported service names are:
  • DCUI
  • TSM
  • SSH
  • lbtd
  • lsassd
  • lwiod
  • netlogond
  • ntpd
  • sfcbd-watchdog
  • snmpd
  • vprobed
  • vpxa
  • xorg
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter the hosts for which to start the service.

If host_names is not provided, the service will be started for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.service_start my.esxi.host root bad-password 'ntpd'

# Used for connecting to a vCenter Server
salt '*' vsphere.service_start my.vcenter.location root bad-password 'ntpd'         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.service_stop(host, username, password, service_name, protocol=None, port=None, host_names=None)

Stop the named service for the given host or list of hosts.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
service_name
The name of the service for which to set the policy. Supported service names are:
  • DCUI
  • TSM
  • SSH
  • lbtd
  • lsassd
  • lwiod
  • netlogond
  • ntpd
  • sfcbd-watchdog
  • snmpd
  • vprobed
  • vpxa
  • xorg
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter the hosts for which to stop the service.

If host_names is not provided, the service will be stopped for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.service_stop my.esxi.host root bad-password 'ssh'

# Used for connecting to a vCenter Server
salt '*' vsphere.service_stop my.vcenter.location root bad-password 'ssh'         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.set_coredump_network_config(host, username, password, dump_ip, protocol=None, port=None, host_vnic='vmk0', dump_port=6500, esxi_hosts=None)

Set the network parameters for a network coredump collection. Note that ESXi requires that the dumps first be enabled (see coredump_network_enable) before these parameters may be set.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
dump_ip
IP address of host that will accept the dump.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
esxi_hosts
If host is a vCenter host, then use esxi_hosts to execute this function on a list of one or more ESXi machines.
host_vnic
Host VNic port through which to communicate. Defaults to vmk0.
dump_port
TCP port to use for the dump, defaults to 6500.
Returns:A standard cmd.run_all dictionary with a success key added, per host. success will be True if the set succeeded, False otherwise.

CLI Example:

# Used for ESXi host connection information
salt '*' vsphere.set_coredump_network_config my.esxi.host root bad-password 'dump_ip.host.com'

# Used for connecting to a vCenter Server
salt '*' vsphere.set_coredump_network_config my.vcenter.location root bad-password 'dump_ip.host.com'             esxi_hosts='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.set_ntp_config(host, username, password, ntp_servers, protocol=None, port=None, host_names=None)

Set NTP configuration for a given host of list of host_names.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
ntp_servers
A list of servers that should be added to and configured for the specified host's NTP configuration.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter which hosts to configure ntp servers.

If host_names is not provided, the NTP servers will be configured for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.ntp_configure my.esxi.host root bad-password '[192.174.1.100, 192.174.1.200]'

# Used for connecting to a vCenter Server
salt '*' vsphere.ntp_configure my.vcenter.location root bad-password '[192.174.1.100, 192.174.1.200]'         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.set_service_policy(host, username, password, service_name, service_policy, protocol=None, port=None, host_names=None)

Set the service name's policy for a given host or list of hosts.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
service_name
The name of the service for which to set the policy. Supported service names are:
  • DCUI
  • TSM
  • SSH
  • lbtd
  • lsassd
  • lwiod
  • netlogond
  • ntpd
  • sfcbd-watchdog
  • snmpd
  • vprobed
  • vpxa
  • xorg
service_policy
The policy to set for the service. For example, 'automatic'.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter the hosts for which to set the service policy.

If host_names is not provided, the service policy information will be retrieved for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.set_service_policy my.esxi.host root bad-password 'ntpd' 'automatic'

# Used for connecting to a vCenter Server
salt '*' vsphere.set_service_policy my.vcenter.location root bad-password 'ntpd' 'automatic'         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.set_syslog_config(host, username, password, syslog_config, config_value, protocol=None, port=None, firewall=True, reset_service=True, esxi_hosts=None)

Set the specified syslog configuration parameter. By default, this function will reset the syslog service after the configuration is set.

host
ESXi or vCenter host to connect to.
username
User to connect as, usually root.
password
Password to connect with.
syslog_config

Name of parameter to set (corresponds to the command line switch for esxcli without the double dashes (--))

Valid syslog_config values are logdir, loghost, default-rotate`, ``default-size, default-timeout, and logdir-unique.

config_value

Value for the above parameter. For loghost, URLs or IP addresses to use for logging. Multiple log servers can be specified by listing them, comma-separated, but without spaces before or after commas.

(reference: https://blogs.vmware.com/vsphere/2012/04/configuring-multiple-syslog-servers-for-esxi-5.html)

protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
firewall
Enable the firewall rule set for syslog. Defaults to True.
reset_service
After a successful parameter set, reset the service. Defaults to True.
esxi_hosts
If host is a vCenter host, then use esxi_hosts to execute this function on a list of one or more ESXi machines.
Returns:Dictionary with a top-level key of 'success' which indicates if all the parameters were reset, and individual keys for each parameter indicating which succeeded or failed, per host.

CLI Example:

# Used for ESXi host connection information
salt '*' vsphere.set_syslog_config my.esxi.host root bad-password             loghost ssl://localhost:5432,tcp://10.1.0.1:1514

# Used for connecting to a vCenter Server
salt '*' vsphere.set_syslog_config my.vcenter.location root bad-password             loghost ssl://localhost:5432,tcp://10.1.0.1:1514             esxi_hosts='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.syslog_service_reload(host, username, password, protocol=None, port=None, esxi_hosts=None)

Reload the syslog service so it will pick up any changes.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
esxi_hosts
If host is a vCenter host, then use esxi_hosts to execute this function on a list of one or more ESXi machines.
Returns:A standard cmd.run_all dictionary. This dictionary will at least have a retcode key. If retcode is 0 the command was successful.

CLI Example:

# Used for ESXi host connection information
salt '*' vsphere.syslog_service_reload my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.syslog_service_reload my.vcenter.location root bad-password             esxi_hosts='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.system_info(host, username, password, protocol=None, port=None)

Return system information about a VMware environment.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.

CLI Example:

salt '*' vsphere.system_info 1.2.3.4 root bad-password
salt.modules.vsphere.update_host_datetime(host, username, password, protocol=None, port=None, host_names=None)

Update the date/time on the given host or list of host_names. This function should be used with caution since network delays and execution delays can result in time skews.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter which hosts should update their date/time.

If host_names is not provided, the date/time will be updated for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.update_date_time my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.update_date_time my.vcenter.location root bad-password         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.update_host_password(host, username, password, new_password, protocol=None, port=None)

Update the password for a given host.

Note

Currently only works with connections to ESXi hosts. Does not work with vCenter servers.

host
The location of the ESXi host.
username
The username used to login to the ESXi host, such as root.
password
The password used to login to the ESXi host.
new_password
The new password that will be updated for the provided username on the ESXi host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.

CLI Example:

salt '*' vsphere.update_host_password my.esxi.host root original-bad-password new-bad-password
salt.modules.vsphere.upload_ssh_key(host, username, password, ssh_key=None, ssh_key_file=None, protocol=None, port=None, certificate_verify=False)

Upload an ssh key for root to an ESXi host via http PUT. This function only works for ESXi, not vCenter. Only one ssh key can be uploaded for root. Uploading a second key will replace any existing key.

Parameters:
  • host -- The location of the ESXi Host
  • username -- Username to connect as
  • password -- Password for the ESXi web endpoint
  • ssh_key -- Public SSH key, will be added to authorized_keys on ESXi
  • ssh_key_file -- File containing the SSH key. Use 'ssh_key' or ssh_key_file, but not both.
  • protocol -- defaults to https, can be http if ssl is disabled on ESXi
  • port -- defaults to 443 for https
  • certificate_verify -- If true require that the SSL connection present a valid certificate
Returns:

Dictionary with a 'status' key, True if upload is successful. If upload is unsuccessful, 'status' key will be False and an 'Error' key will have an informative message.

CLI Example:

salt '*' vsphere.upload_ssh_key my.esxi.host root bad-password ssh_key_file='/etc/salt/my_keys/my_key.pub'
salt.modules.vsphere.vmotion_disable(host, username, password, protocol=None, port=None, host_names=None)

Disable vMotion for a given host or list of host_names.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter which hosts should disable VMotion.

If host_names is not provided, VMotion will be disabled for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.vmotion_disable my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.vmotion_disable my.vcenter.location root bad-password         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.vmotion_enable(host, username, password, protocol=None, port=None, host_names=None, device='vmk0')

Enable vMotion for a given host or list of host_names.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter which hosts should enable VMotion.

If host_names is not provided, VMotion will be enabled for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

device
The device that uniquely identifies the VirtualNic that will be used for VMotion for each host. Defaults to vmk0.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.vmotion_enable my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.vmotion_enable my.vcenter.location root bad-password         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.vsan_add_disks(host, username, password, protocol=None, port=None, host_names=None)

Add any VSAN-eligible disks to the VSAN System for the given host or list of host_names.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter which hosts need to add any VSAN-eligible disks to the host's VSAN system.

If host_names is not provided, VSAN-eligible disks will be added to the hosts's VSAN system for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.vsan_add_disks my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.vsan_add_disks my.vcenter.location root bad-password         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.vsan_disable(host, username, password, protocol=None, port=None, host_names=None)

Disable VSAN for a given host or list of host_names.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter which hosts should disable VSAN.

If host_names is not provided, VSAN will be disabled for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.vsan_disable my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.vsan_disable my.vcenter.location root bad-password         host_names='[esxi-1.host.com, esxi-2.host.com]'
salt.modules.vsphere.vsan_enable(host, username, password, protocol=None, port=None, host_names=None)

Enable VSAN for a given host or list of host_names.

host
The location of the host.
username
The username used to login to the host, such as root.
password
The password used to login to the host.
protocol
Optionally set to alternate protocol if the host is not using the default protocol. Default protocol is https.
port
Optionally set to alternate port if the host is not using the default port. Default port is 443.
host_names

List of ESXi host names. When the host, username, and password credentials are provided for a vCenter Server, the host_names argument is required to tell vCenter which hosts should enable VSAN.

If host_names is not provided, VSAN will be enabled for the host location instead. This is useful for when service instance connection information is used for a single ESXi host.

CLI Example:

# Used for single ESXi host connection information
salt '*' vsphere.vsan_enable my.esxi.host root bad-password

# Used for connecting to a vCenter Server
salt '*' vsphere.vsan_enable my.vcenter.location root bad-password         host_names='[esxi-1.host.com, esxi-2.host.com]'