ESXi The Purpose Built Bare Metal Hypervisor

VMware ESXi is the industry-leading, purpose-built bare-metal hypervisor. ESXi installs directly onto your physical server enabling it to be partitioned into multiple logical servers referred to as virtual machines. 

Customers can use ESXi with either the free vSphere Hypervisor or as part of a paid vSphere edition.

vSphere ESXi Hypervisor Features

Improved Reliability and Security

The ESXi bare-metal hypervisor’s management functionality is built into the VMkernel, reducing the footprint to 150 MB. This gives it a very small attack surface for malware and over-the-network threats, improving reliability and security.

Streamlined Deployment and Configuration

With few configuration options and simple deployment and configuration, the ESXi architecture makes it easy to maintain a consistent virtual infrastructure.

Reduced Management Overhead

vSphere ESXi uses an agentless approach to hardware monitoring and system management with an API-based partner integration model. Management tasks are on remote command lines with the vSphere Command Line Interface (vCLI) and Power CLI, which uses Windows PowerShell cmdlets and scripts for automated management.

Simplified Hypervisor Patching and Updating

Fewer patches mean smaller maintenance windows and fewer scheduled maintenance windows.

Technical Details

Improved Security

Improved role-based access and control eliminates the dependency on a shared root account. Users and groups can be assigned full administrative privileges. There's no need to share access or a common super user account in order to perform administrative tasks.


Extensive Logging and Auditing

vSphere ESXi logs all user activity from both the Shell and the Direct Console User Interface under the user's account. This logging ensures user accountability and makes it easy to audit user activity. 



VMware vSphere live migration allows you to move an entire virtual machine from one physical server to another, without downtime. Customers can migrate live virtual machines across clusters, distributed switches, vCenters and over long distances of up to 100 ms RTT. 


Virtual Machine Capabilities

  • Virtual machines running on vSphere ESXi come with support for the following features and capabilities: 
  • Virtual machines can support up to 128 virtual CPUs.
  • Virtual machines can support up to 4 TB of RAM.
  • New xHCI controller supports USB 3.0 devices.
  • New Advanced Host Controller Interface (AHCI) supports up to 120 devices per virtual machine.
  • Maximum VMDK size is 62 TB.
  • Guest OS Storage Reclamation returns disk space to the storage pool when it's de-allocated from within the guest OS.
  • Improve CPU virtualization by exposing more information about the host CPU architecture to virtual machines. This improved CPU exposure allows for better debugging, tuning and troubleshooting of operating systems and applications within the virtual machine.
  • Increased CPU efficiency through support of Large Receive Offload (LRO) that aggregates incoming TCP packets into a larger single packet.

Active Directory Integration

You can join vSphere ESXi hosts to your Active Directory domain. Once added, Active Directory handles user authentication and removes the need to create local user accounts on each host. 

Centralized Management of Host Image and Configuration via Auto Deploy

  • Combining the features of host profiles, Image Builder and PXE, VMware vSphere Auto Deploy simplifies host installation and upgrade. The Auto Deploy library centrally stores all vSphere host images. Administrators can automatically provision new hosts based on user-defined rules and host rebuilds are as simple as a reboot. 

Stateless Firewall

vSphere ESXi features a service-oriented and stateless firewall, which you can configure using the vSphere client or at the command line with ESXCLI. The firewall engine allows administrators to define port rules for services. Additionally, you can specify IP ranges or individual IP addresses that can connect to host services.


Management of VMware ESXi is done via APIs. This allows for an “agent-less” approach to hardware monitoring and system management. VMware also provides remote command lines, such as the vSphere Command Line Interface (vCLI) and PowerCLI, to provide command and scripting capabilities in a more controlled manner. These remote command line sets include a variety of commands for configuration, diagnostics and troubleshooting. For low-level diagnostics and the initial configuration, menu-driven and command line interfaces are available on the local console of the server. 


Patching and updating of vSphere hosts running ESXi allows flexibility and control. During the patching process, only the specific modules being updated are changed, letting the administrator preserve any previous updates to other components. Whether installed on disk or embedded flash memory, ESXi employs a “dual-image” approach where both the updated image as well as the previous image are both present. When a patch is installed, the new image is copied to the host and the boot loader modified to use the new image. If there is a problem with the update, or if the administrator wishes to revert to the prior image, the host is simply rebooted again, at which time the administrator can interrupt the boot process by simultaneously holding the “shift” and “R” key to instruct the host to use the image that was in place prior to the update.



Various deployment methods are supported. ESXi Installer, scripted installations and network based installation use PXE.  These scripts run locally on the vSphere host and can perform various tasks such as configuring the host’s virtual networking and joining it to VMware vCenter Server


vSphere ESXi supports installing to a local hard disk, FC, iSCSI, or FCoE LUN, USB/SD as well as network boot via PXE. Refer to the vSphere Hardware Compatibility List (HCL) for supported storage adapters that have been qualified for ESXi.



The Common Information Model (CIM) is an open standard that defines a framework for agent-less, standards-based monitoring of hardware resources for vSphere hosts running the ESXi architecture. This framework consists of a CIM object manager, often called a CIM broker, and a set of CIM providers. 

CIM providers are used as the mechanism to provide management access to device drivers and underlying hardware.Hardware vendors, including server manufacturers and specific hardware device vendors, can write providers to provide monitoring and management of their particular devices.


VMware also writes providers that implement monitoring of server hardware storage infrastructure, and virtualization-specific resources. These providers run inside the vSphere host and hence are designed to be extremely lightweight and focused on specific management tasks. The CIM broker takes information from all CIM providers and presents it to the outside world via standard APIs, such as WS-MAN and CIM-XML. Any software tool that understands one of these APIs, such as HP SIM or Dell OpenManage, can read this information and hence monitor the hardware of the vSphere host. 


One consumer of the CIM information is VMware vCenter Server. Through the vSphere Client or the Web Client, you can view the hardware status of any vSphere host in your environment, thus providing a single view of the physical and virtual health of your systems. You can also set vCenter Server alarms to be triggered on certain hardware events, such as temperature or power failure and warning states. 

vSphere also exposes hardware status information via SNMP for other management tools that rely upon that standard. SNMP Traps are available from both the vSphere host and vCenter Server. 


Systems management and backup products integrate with vSphere via the vSphere APIs. The API-based partner integration model significantly reduces management overhead by eliminating the need to install and manage agents in the COS. 

VMware has worked extensively with our ecosystem to transition all partner products to the API-based integration model of the ESXi hypervisor. As a result, the majority of systems management and backup vendors in the VMware ecosystem support ESXi today.



Logging is important for both troubleshooting and compliance. vSphere exposes logs from all system components using industry-standard syslog format, with the ability to send logs to a central logging server. Persistent logging onto a file on a local datastore accessible to the vSphere host is done for you automatically if a suitable datastore is available. 

Keeping the vSphere host in synch with an accurate time source is very important for ensuring log accuracy and is required for compliance. It is also important if you are using the host to maintain accurate time on the guest virtual machines. vSphere hosts have built-in NTP capabilities for synchronizing with NTP timeservers. 


Although day-to-day operations are done via vCenter Server, there are instances when you need to work with the vSphere host directly, such as configuration backup and log file access. To control access to the host, you can configure the vSphere hosts to join an Active Directory domain, and any user trying to access the host will automatically be authenticated against the centralized user directory. You can also have local users defined and managed on a host-by-host basis and configured using the vSphere Client, vCLI or PowerCLI. This second method can be used either in place of, or in addition to, the Active Directory integration.


You can also create local roles, similar to vCenter roles, which define what the user is authorized to do on the host. For instance, a user can be granted read-only access, which only allows them to view host information, or they can be granted Administrator access, which allows them to both view and modify host configuration. If the host is integrated with Active Directory, local roles can also be granted to AD users and groups.


The only user defined by default on the system is the root user. The initial root password is typically set interactively via the Direct Console User Interface (DCUI) or as a part of an automated installation. It can be changed afterwards using the vSphere Client, vCLI or PowerCLI.


With vSphere, users can be assigned administrative privileges where they will automatically get full shell access. With full shell access, privileged admin users no longer need to “su” to root in order to run privileged commands.


With vSphere, all host activity, from both the Shell and the DCUI, are now logged under the account of the logged in user. This ensures user accountability, making it easy to monitor and audit activity on the host. 


Direct Console User Interface (DCUI)

The DCUI is the menu-driven interface available at the console of the physical server on which ESXi is installed or embedded. Its main purpose is to perform initial configuration of the host (IP address, hostname, root password) and diagnostics. 

The DCUI has several diagnostic menu items that allow administrators to:

  • Restart all management agents, including
    • hostd
    • vpxa
    • vpxa
  • Reset configuration settings, such as,
    • Fix a misconfigured vSphere Distributed Switch
    • Reset all configurations to factory defaults
  • Enable the ESXi Shell for troubleshooting, including,
    • Local access (on the console of the host)
    • Remote access (ssh-based)

vSphere Command Line Interface

The vCLI has numerous commands for troubleshooting, including:

  • esxcli
  • vmkfstools
  • vmware-cmd
  • resxtop

ESXi Shell

The ESXi Shell is a local console for advanced technical support. In addition to being available on the local console of a host, it can also be accessed remotely through SSH. Access to the ESXi Shell is controlled in the following ways: 

  • Both local and remote ESXi Shell access can be enabled and disabled separately in both the DCUI as well as vCenter Server.
  • ESXi Shell may be used by any authorized user, not just root. Users become authorized when they are granted the Administrator role on a host (including through AD membership in a privileged group). 
  • All commands issued in ESXi Shell are logged, allowing for a full audit trail. If a syslog server is configured, then this audit trail is automatically included in the remote logging. 
  • A timeout can be configured for ESXi Shell (both local and remote), so that after being enabled, it will automatically be disabled after the configured time. 


Automate Daily Operations with Scripting Tools

To automate the management of VMware vSphere hosts, VMware has created easy-to-use scripting tools for managing day-to-day operations. You can write scripts with the same functionality as the vSphere client to automate manual tasks, allowing you to manage small-to large-scale environments efficiently. These tools work well with vSphere hosts using the VMware ESXi architecture, allowing you to easily administer vSphere environments.


VMware vSphere PowerCLI

VMware vSphere PowerCLI is a powerful command line tool for automating all aspects of vSphere management, including host, network, storage, VM, guest OS and more. PowerCLI is distributed as a Windows PowerShell snap-in and includes more than 150 PowerShell cmdlets, along with documentation and samples. PowerCLI seamlessly blends the vSphere platform with Windows and .NET, which means you can use PowerCLI by itself or within many different third-party tools.


VMware vSphere Command Line Interface

VMware vSphere Command Line Interface (vCLI) is a set of command-line utilities that help you provision, configure and maintain your vSphere hosts. The vCLI command set allows you to run common system administration commands against vSphere hosts from any machine with network access to those hosts. You can also run most vCLI commands against a vCenter Server system and target any vSphere host that the VMware vCenter Server system manages. There are commands that can completely automate the initial configuration of a vSphere host and others that provide troubleshooting and diagnostic capabilities. VMware provides vCLI packages for installation on both Windows and Linux systems.


Both PowerCLI and vCLI are built on the same interface as the vSphere Client. They can be pointed directly at an individual vSphere host or they can be pointed at vCenter. When pointed at a host, they can execute commands directly on the host, similar to how a command might be traditionally run from the COS. Local authentication is required in this case. Alternatively, when communicating through vCenter, the vCLI and PowerCLI commands benefit from the same authentication (e.g. Active Directory), roles and privileges, and event logging as vSphere Client interactions. This provides for a much more secure and audit-able management framework.


Visit the VMware Development Center to learn more about Power CLI and vCLI


vSphere ESXi is a bare-metal hypervisor that installs directly on top of your physical server and partitions it into multiple virtual machines.

What type of hardware is required to run vSphere with the ESXi architecture?

The ESXi hypervisor architecture is certified on over 1,000 server systems and can run off certified USB keys on certain models. In general, new hardware systems supported by ESX will also be supported by ESXi, but please search the hardware compatibility lists for information about a specific hardware system.

What operating systems can I run on vSphere with the ESXi architecture?

VMware offers the broadest operating system support of any virtualization vendor. Please search the guest operating system compatibility list for a full list of supported guest operating systems.

Can I run virtual machines created by Microsoft Virtual Server, Microsoft Virtual PC or VMware Server on VMware vSphere?

Yes. You can use the free VMware vCenter Converter to import virtual machines that were created using VMware vCenter Server, Microsoft Virtual Server or Microsoft Virtual PC version 7 or higher. vCenter Converter also supports conversions from sources such as physical machines and certain third-party disk image formats.

How can I evaluate VMware vSphere?

The simplest way to evaluate vSphere is to download and install the free VMware vSphere Hypervisor Edition. Alternatively you can leverage the vSphere evaluations.

How can I patch my vSphere host when using vSphere ESXi?

VMware vSphere Update Manager will update hosts running ESXi. An update utility is also provided for environments where vSphere Update Manager is not present. Note: vSphere Update Manager is not available for the free vSphere Hypervisor.

Does vSphere maintain log files or integrate with syslog when using the ESXi architecture?

Yes, using the ESXi architecture you can generate log files. You can configure vSphere hosts to send logs to a file on a datastore as well as to a syslog server. For more information see the ESXi Management page.

What is the ESXi Shell?

The ESXi Shell is a command-line based interface for diagnosis and repair of a vSphere host running ESXi. The ESXi Shell can be enabled and disabled through the DCUI or through vCenter Server, and can also be accessed remotely via SSH. For more information, see the ESXi Management page.

Is SSH supported on ESXi?

Yes. SSH access to the ESXi Shell is supported.

How do I run esxtop on a vSphere host?

"esxtop" can be run directly within the ESXi Shell or by using the vCLI command "resxtop".

How do I monitor the hardware on vSphere host when using the ESXi hypervisor architecture?

vSphere supports both CIM APIs and SNMP v2/v3 for enabling hardware monitoring without installing agents. Hardware can be monitored via the vCenter console and via the major hardware monitoring tools from OEM vendors. See the ESXi Management page for more details.

How do I upgrade to ESXi or the latest version of vSphere?

Please visit the vSphere Upgrade Center.




  • Technical minimum: single socket with two cores
  • Recommended minimum: dual 1 GbE network adapters


  • Technical minimum: 4 GB
  • Recommended minimum: 8 GB


  • Technical minimum: single 1 GbE network adapter
  • Recommended minimum: dual 1 GbE network adapters

Local Storage (SATA/SAS)

  • Technical minimum: Single 4 GB drive
  • Recommended minimum: redundant drives

Shared Storage

  • NFS, iSCSI, Native Fibre Channel, or FCoE for virtual machine storage


  • Number of cores per physical CPU: No limit
  • Number of physical CPUs per host: No limit
  • Number of logical CPUs per host: 480
  • Maximum vCPUs per virtual machine:
  • Maximum Memory: 6 TB
  • Operating System Support: Industry leader of supported operating systems. See a complete list of supported versions
See All

Upgrading to VMware vSphere or vSphere with Operations Management Editions

Moving up to a paid vSphere or vSphere with Operations Management Edition lets you further optimize your IT infrastructure. You'll be able to:

  • Pool compute and storage resources across multiple physical hosts
  • Have centralized management of multiple hosts through VMware vCenter Server
  • Deliver improved service levels and operational efficiency
  • Perform live migration of virtual machines
  • Take advantage of automatic load balancing, business continuity, and advanced backup and restore capabilities for your virtual machines
  • Obtain critical performance monitoring and capacity management capabilities through vSphere with Operations Management

Visit the vSphere with Operations Management Walkthrough for more details.