Matt's Life Bytes
Matthew Sullivan's Thoughts on Security & Tech

TAG | esx

Oct/11

25

Clone ESXi Server Instances Easily

The Problem

Cloning ESXi servers sucks.  Trust me, I do it 4-5 times a year.

You see, multiple times a year I find myself setting up a “master” ESXi server, then needing to clone it over and over to give it out to students for classes, or to teams for our Cyber Defense Competitions.  This process is tedious and ridiculously time consuming.  Here’s why:

  1. ESXi instances don’t follow the hardware MAC addresses by default.  Once installed, the MAC addresses are dictated to the NICs by the ESXi OS settings, meaning that when you clone a box, those MAC addresses are going to collide.  There’s a setting to disable this, but in my experience it often automatically resets after a cloning, meaning I have to re-enter the setting by hand.
  2. ESXi Virtual Machines don’t like moving around.  If you clone an ESXi server you can be guaranteed that everything will explode, because the VMs won’t re-generate new MAC addresses automatically.  Every VM on each cloned box needs to have a new one set manually… EVERY… SINGLE… TIME.  And it sucks.
  3. Each instance has to have its management IP and DNS entries changed by hand after cloning, otherwise conflicts will abound.

Well, I’ve finally had enough.  After wading through pages and pages of busybox/ash shell documentation, I’ve produced two scripts which do all of the above for you.

The Solution

These scripts are only tested on ESXi 5.0; you are using them at your own risk with no warranty!

Also I’m assuming you roughly know what you are doing.  If this is your first spin with ESXi you’ll probably feel overwhelmed by what’s coming.  You’ve been warned.

  • Create your “master” ESXi image. Install everything, get your settings right, and get your VMs all good to go.
  • Set all VMs to use manual MAC addresses and enter something.  It doesn’t matter what you choose, as long as it starts with “00:50:56:”.  This address will auto-regenerate upon cloning anyway.
  • Use wget to grab my scripts.  Alternatively, you can SCP/SFTP them up to your ESXi server, but SSH access will need to be enabled.
    cd /vmfs/volumes/datastore1 (or whatever your datastore path is)
    wget http://www.mattslifebytes.com/files/ESXi/Provisioning/provision.sh
    wget http://www.mattslifebytes.com/files/ESXi/Provisioning/macgenerate.sh
    chmod +x provision.sh macgenerate.sh
  • Use vi to modify provision.sh to your needs.  Some options are located in the top of the file.
  • Shut down your ESXi host and use Clonezilla (or whatever your favorite imaging suite might be) to clone the “master” to new slave hosts
  • This is important: when the clone is done, unplug networking before rebooting.  Why?  Every instance of ESXi will be attempting to use the master’s MAC address, and your network will explode.
  • Unplugged networking yet?  No?  GO DO IT!
  • Now boot the new clones up.   On each, you’ll need to log in via the support console (Alt+F1), then cd /vmfs/volumes/datastore1 (or whatever your datastore path is).
  • Now execute the script with no arguments, and you’ll be presented with a very rudimentary help menu.
  • When you are ready to fly, just execute the script by doing:
    ./provision.sh <desired IP suffix> <desired DNS uniqueness>
    (For more understanding about these options, have a look at the help menu and inside the settings area of provision.sh)
  • Once the script is finished your ESXi slave host will reboot.  Once it has reloaded, you can safely plug networking back in.

That’s it!  If you simply grab the scripts and follow this little tutorial you’ll be cloning ESXi servers like a champ in no time at all.  If you find this useful or have questions, feel free to hit me up via e-mail or the comment section (though the comment section is largely ignored by me).

· · · · · ·

Theme Design by devolux.nh2.me