Host profiles
vCenter has a feature that is called Host Profiles. This feature creates a profile that captures a pre-configured and validated reference host configuration and helps a system administrator manage the host configurations in a cluster. Host Profiles provide an automated and centrally managed mechanism for host configuration and configuration compliance. Host Profiles enable the configuration to be treated as a managed object, which has a catalog of parameters to configure; networking, storage, security, and other host-level parameters. These Host Profiles can be applied to individual hosts, a cluster, or all the hosts and clusters associated to a host profile.
As more VMware Cloud Foundation for Classic - Automated hosts are deployed by the IBM Cloud® for VMware Solutions automation that deployed the original cluster, there are less configuration drift than with manual methods of adding hosts. However, system administrator actions can make the hosts configuration different. For example, more NFS storage is added or extra VLANs are added. The use of host profiles to validate the configuration of a new host by checking compliance of this host against an existing host is a valid use case of this tool within IBM Cloud.
To add more hosts to a cluster in your VCF for Classic - Automated instances, see Adding ESXi servers to VCF for Classic - Automated instances.
- For instances deployed at, or upgraded to, V2.1 or later, newly deployed ESXi servers and clusters are patched with recent, but not necessarily the most recent ESXi updates from VMware®.
- You're responsible for all other updates to VMware components, including ensuring that newly deployed ESXi servers and clusters have all the most recent updates you require.
We advise that after a new host is added into the cluster, that it is placed in Maintenance Mode so that it can be reviewed for compliance drift and remediated before you host any workloads.
The following sequence is required to check compliance:
- Create a Host Profile from an existing host.
- Attach the new host to the Host Profile.
- Check the compliance of the new host with the Host Profile.
- Review compliance failures and remediate, if needed.
Creating a host profile from an existing host
- From the vSphere Web Client Home, click Policies and Profiles.
- Click Host Profiles and navigate to the Host Profiles view.
- Click the Extract Profile from a Host icon.
- Select an existing host that acts as the reference host and click Next.
- Enter the name and enter a description for the new profile and click Next.
- Review the summary information for the new profile and click Finish.
The new profile appears in the profile list.
Attaching the new host to the host profile
- From the Profile List in the Host Profiles main view, select the Host Profile that was previously created to be applied to the new host.
- Click the Attach/Detach a host profile to hosts and clusters icon.
- Select the new host from the expanded list and click Attach.
- The new host is added to the Attached Entities list.
- Click Next and then click Finish.
Checking the compliance of the new host with the host profile
-
Go to the host profile that was previously completed.
-
Click Check Host Profile Compliance.
On the Objects tab, the compliance status is updated as
Compliant, Unknown
orNon-compliant
. A noncompliant status indicates a discovered and specific inconsistency between the profile and the new host.
Reviewing compliance failures and remediation
- To see more detail on compliance failures, select the Host Profile from the Objects tab that is used in the compliance check.
- To see specific details on which parameters differ between the host that failed compliance and the Host Profile, click the Monitor tab and select the Compliance view.
- Expand the object hierarchy and select the failing host.
- The differing parameters are displayed in the Compliance window, under the hierarchy.
- Review the parameters and understand why the new host can vary from the reference host. For parameters where the compliance isn't acceptable, remediate before you move the new host from maintenance mode. For example, where configuration drift is caused by system administrator action.