VMware ESXi is the industry-leading, purpose-built bare-metal hypervisor. ESXi installs directly onto your physical server enabling it to be partitioned into multiple logical servers referred to as virtual machines.
The ESXi bare-metal hypervisor’s management functionality is built into the VMkernel, reducing the footprint to 150 MB. This gives it a very small attack surface for malware and over-the-network threats, improving reliability and security.
With few configuration options and simple deployment and configuration, the ESXi architecture makes it easy to maintain a consistent virtual infrastructure.
vSphere ESXi uses an agentless approach to hardware monitoring and system management with an API-based partner integration model. Management tasks are on remote command lines with the vSphere Command Line Interface (vCLI) and Power CLI, which uses Windows PowerShell cmdlets and scripts for automated management.
Fewer patches mean smaller maintenance windows and fewer scheduled maintenance windows.
Improved role-based access and control eliminates the dependency on a shared root account. Users and groups can be assigned full administrative privileges. There's no need to share access or a common super user account in order to perform administrative tasks.
Extensive Logging and Auditing
vSphere ESXi logs all user activity from both the Shell and the Direct Console User Interface under the user's account. This logging ensures user accountability and makes it easy to audit user activity.
VMware vSphere live migration allows you to move an entire virtual machine from one physical server to another, without downtime. Customers can migrate live virtual machines across clusters, distributed switches, vCenters and over long distances of up to 100 ms RTT.
Virtual Machine Capabilities
Active Directory Integration
You can join vSphere ESXi hosts to your Active Directory domain. Once added, Active Directory handles user authentication and removes the need to create local user accounts on each host.
Centralized Management of Host Image and Configuration via Auto Deploy
vSphere ESXi features a service-oriented and stateless firewall, which you can configure using the vSphere client or at the command line with ESXCLI. The firewall engine allows administrators to define port rules for services. Additionally, you can specify IP ranges or individual IP addresses that can connect to host services.
Management of VMware ESXi is done via APIs. This allows for an “agent-less” approach to hardware monitoring and system management. VMware also provides remote command lines, such as the vSphere Command Line Interface (vCLI) and PowerCLI, to provide command and scripting capabilities in a more controlled manner. These remote command line sets include a variety of commands for configuration, diagnostics and troubleshooting. For low-level diagnostics and the initial configuration, menu-driven and command line interfaces are available on the local console of the server.
Patching and updating of vSphere hosts running ESXi allows flexibility and control. During the patching process, only the specific modules being updated are changed, letting the administrator preserve any previous updates to other components. Whether installed on disk or embedded flash memory, ESXi employs a “dual-image” approach where both the updated image as well as the previous image are both present. When a patch is installed, the new image is copied to the host and the boot loader modified to use the new image. If there is a problem with the update, or if the administrator wishes to revert to the prior image, the host is simply rebooted again, at which time the administrator can interrupt the boot process by simultaneously holding the “shift” and “R” key to instruct the host to use the image that was in place prior to the update.
Various deployment methods are supported. ESXi Installer, scripted installations and network based installation use PXE. These scripts run locally on the vSphere host and can perform various tasks such as configuring the host’s virtual networking and joining it to VMware vCenter Server
vSphere ESXi supports installing to a local hard disk, FC, iSCSI, or FCoE LUN, USB/SD as well as network boot via PXE. Refer to the vSphere Hardware Compatibility List (HCL) for supported storage adapters that have been qualified for ESXi.
The Common Information Model (CIM) is an open standard that defines a framework for agent-less, standards-based monitoring of hardware resources for vSphere hosts running the ESXi architecture. This framework consists of a CIM object manager, often called a CIM broker, and a set of CIM providers.
CIM providers are used as the mechanism to provide management access to device drivers and underlying hardware.Hardware vendors, including server manufacturers and specific hardware device vendors, can write providers to provide monitoring and management of their particular devices.
VMware also writes providers that implement monitoring of server hardware storage infrastructure, and virtualization-specific resources. These providers run inside the vSphere host and hence are designed to be extremely lightweight and focused on specific management tasks. The CIM broker takes information from all CIM providers and presents it to the outside world via standard APIs, such as WS-MAN and CIM-XML. Any software tool that understands one of these APIs, such as HP SIM or Dell OpenManage, can read this information and hence monitor the hardware of the vSphere host.
One consumer of the CIM information is VMware vCenter Server. Through the vSphere Client or the Web Client, you can view the hardware status of any vSphere host in your environment, thus providing a single view of the physical and virtual health of your systems. You can also set vCenter Server alarms to be triggered on certain hardware events, such as temperature or power failure and warning states.
vSphere also exposes hardware status information via SNMP for other management tools that rely upon that standard. SNMP Traps are available from both the vSphere host and vCenter Server.
Systems management and backup products integrate with vSphere via the vSphere APIs. The API-based partner integration model significantly reduces management overhead by eliminating the need to install and manage agents in the COS.
VMware has worked extensively with our ecosystem to transition all partner products to the API-based integration model of the ESXi hypervisor. As a result, the majority of systems management and backup vendors in the VMware ecosystem support ESXi today.
Logging is important for both troubleshooting and compliance. vSphere exposes logs from all system components using industry-standard syslog format, with the ability to send logs to a central logging server. Persistent logging onto a file on a local datastore accessible to the vSphere host is done for you automatically if a suitable datastore is available.
Keeping the vSphere host in synch with an accurate time source is very important for ensuring log accuracy and is required for compliance. It is also important if you are using the host to maintain accurate time on the guest virtual machines. vSphere hosts have built-in NTP capabilities for synchronizing with NTP timeservers.
Although day-to-day operations are done via vCenter Server, there are instances when you need to work with the vSphere host directly, such as configuration backup and log file access. To control access to the host, you can configure the vSphere hosts to join an Active Directory domain, and any user trying to access the host will automatically be authenticated against the centralized user directory. You can also have local users defined and managed on a host-by-host basis and configured using the vSphere Client, vCLI or PowerCLI. This second method can be used either in place of, or in addition to, the Active Directory integration.
You can also create local roles, similar to vCenter roles, which define what the user is authorized to do on the host. For instance, a user can be granted read-only access, which only allows them to view host information, or they can be granted Administrator access, which allows them to both view and modify host configuration. If the host is integrated with Active Directory, local roles can also be granted to AD users and groups.
The only user defined by default on the system is the root user. The initial root password is typically set interactively via the Direct Console User Interface (DCUI) or as a part of an automated installation. It can be changed afterwards using the vSphere Client, vCLI or PowerCLI.
With vSphere, users can be assigned administrative privileges where they will automatically get full shell access. With full shell access, privileged admin users no longer need to “su” to root in order to run privileged commands.
With vSphere, all host activity, from both the Shell and the DCUI, are now logged under the account of the logged in user. This ensures user accountability, making it easy to monitor and audit activity on the host.
Direct Console User Interface (DCUI)
The DCUI is the menu-driven interface available at the console of the physical server on which ESXi is installed or embedded. Its main purpose is to perform initial configuration of the host (IP address, hostname, root password) and diagnostics.
The DCUI has several diagnostic menu items that allow administrators to:
vSphere Command Line Interface
The vCLI has numerous commands for troubleshooting, including:
The ESXi Shell is a local console for advanced technical support. In addition to being available on the local console of a host, it can also be accessed remotely through SSH. Access to the ESXi Shell is controlled in the following ways:
Automate Daily Operations with Scripting Tools
To automate the management of VMware vSphere hosts, VMware has created easy-to-use scripting tools for managing day-to-day operations. You can write scripts with the same functionality as the vSphere client to automate manual tasks, allowing you to manage small-to large-scale environments efficiently. These tools work well with vSphere hosts using the VMware ESXi architecture, allowing you to easily administer vSphere environments.
VMware vSphere PowerCLI
VMware vSphere PowerCLI is a powerful command line tool for automating all aspects of vSphere management, including host, network, storage, VM, guest OS and more. PowerCLI is distributed as a Windows PowerShell snap-in and includes more than 150 PowerShell cmdlets, along with documentation and samples. PowerCLI seamlessly blends the vSphere platform with Windows and .NET, which means you can use PowerCLI by itself or within many different third-party tools.
VMware vSphere Command Line Interface
VMware vSphere Command Line Interface (vCLI) is a set of command-line utilities that help you provision, configure and maintain your vSphere hosts. The vCLI command set allows you to run common system administration commands against vSphere hosts from any machine with network access to those hosts. You can also run most vCLI commands against a vCenter Server system and target any vSphere host that the VMware vCenter Server system manages. There are commands that can completely automate the initial configuration of a vSphere host and others that provide troubleshooting and diagnostic capabilities. VMware provides vCLI packages for installation on both Windows and Linux systems.
Both PowerCLI and vCLI are built on the same interface as the vSphere Client. They can be pointed directly at an individual vSphere host or they can be pointed at vCenter. When pointed at a host, they can execute commands directly on the host, similar to how a command might be traditionally run from the COS. Local authentication is required in this case. Alternatively, when communicating through vCenter, the vCLI and PowerCLI commands benefit from the same authentication (e.g. Active Directory), roles and privileges, and event logging as vSphere Client interactions. This provides for a much more secure and audit-able management framework.
The ESXi hypervisor architecture is certified on over 1,000 server systems and can run off certified USB keys on certain models. In general, new hardware systems supported by ESX will also be supported by ESXi, but please search the hardware compatibility lists for information about a specific hardware system.
VMware offers the broadest operating system support of any virtualization vendor. Please search the guest operating system compatibility list for a full list of supported guest operating systems.
Can I run virtual machines created by Microsoft Virtual Server, Microsoft Virtual PC or VMware Server on VMware vSphere?
Yes. You can use the free VMware vCenter Converter to import virtual machines that were created using VMware vCenter Server, Microsoft Virtual Server or Microsoft Virtual PC version 7 or higher. vCenter Converter also supports conversions from sources such as physical machines and certain third-party disk image formats.
The simplest way to evaluate vSphere is to download and install the free VMware vSphere Hypervisor Edition. Alternatively you can leverage the vSphere evaluations.
Yes, using the ESXi architecture you can generate log files. You can configure vSphere hosts to send logs to a file on a datastore as well as to a syslog server. For more information see the ESXi Management page.
The ESXi Shell is a command-line based interface for diagnosis and repair of a vSphere host running ESXi. The ESXi Shell can be enabled and disabled through the DCUI or through vCenter Server, and can also be accessed remotely via SSH. For more information, see the ESXi Management page.
vSphere supports both CIM APIs and SNMP v2/v3 for enabling hardware monitoring without installing agents. Hardware can be monitored via the vCenter console and via the major hardware monitoring tools from OEM vendors. See the ESXi Management page for more details.
Please visit the
Moving up to a paid vSphere or vSphere with Operations Management Edition lets you further optimize your IT infrastructure. You'll be able to:
Visit the vSphere with Operations Management Walkthrough for more details.