Host Profiles is an advanced capability of VMware vSphere that provides for configuration and compliance checking of multiple VMware ESXi hosts. Although a profile can be attached directly to a single host in vCenter Server, typically, a profile is attached to a vSphere cluster, where all the hosts have the same hardware, storage, and networking configurations. The latest release of vSphere includes several enhancements to Host Profiles. This post goes into a little more depth on two different sources of configuration settings for a host.
While Host Profiles focuses on configuring identical settings across multiple hosts, certain items must be unique for each host. These unique items are known as customizations; in the past, we also referred to them as answer files.
Administrators initially configure a reference host to meet business requirements and then extract the entire configuration into a new profile which can be subsequently edited or updated as requirements change. These settings are applied to other hosts in the cluster through the process of remediation, and hosts that are not able to meet all the profile requirements are flagged as non-compliant.
In a very basic scenario, it is possible to forego customizations that require administrator input. This is the case if hosts are using DHCP for network identity – IP address and hostname – and there are no specific business requirements for setting unique root passwords per host.
But for most customers, static IP addresses are desirable in the datacenter, at least for IP storage and perhaps for vMotion or other VMkernel interfaces. Security guidelines may require all hosts to have unique root credentials, and there are other configurable items in a profile that also need to be specified per host. In general, when an attribute in Host Profiles is set to prompt for “user specified” input, that item will need to be configured per-host through customizations.
The following image gives some examples of settings on a host that will require customization:
When these customizations are missing, the profile will not be compliant – for many reasons. For example, shared datastores cannot be mounted if the appropriate VMkernel IP address is not configured.
Host customizations can be provided by vSphere administrators through a wizard during the remediation process, or they can be uploaded in bulk via CSV file – a new feature of vSphere 6.5.
Once the host customizations have been provided and stored on vCenter Server, the associated profile can be remediated to become compliant.
Host customization data is stored on vCenter Server, and will be deleted if a host is removed from inventory. This is an important behavior to be aware of, as sometimes hosts are removed and re-added to vCenter Server as part of troubleshooting or during a major rolling upgrade.
And finally, be aware that these host customizations apply to both stateful hosts using traditional on-disk installation, as well as statelesshosts that are booted from the network with Auto Deploy.