Manage ESXi Hosts Without vCenter using VMware Pallas
Manage ESXi Hosts Without vCenter using VMware Pallas
For many, there may exist a use case for being able to manage ESXi hosts without vCenter Server. This can certainly be the case with certain remote edge environment scenarios where vCenter connectivity from the ESXi hosts may not be possible. Recently, I saw a blurb about a new VMware Fling that I was excited to try out for myself called VMware Pallas. It is a brand new fling that allows you to have centralized management of ESXi hosts. It also allows for some pretty creative and utlity-type network connections. Let’s take a look at how to manage ESXi hosts without vCenter using VMware Pallas. We will look at what VMware Pallas is exactly, how you install it, and how you can use it for ESXi host management.
What is VMware Pallas?
As stated by the VMware Fling page for Pallas, the goal of the VMware Pallas Fling is to provide management ability of ESXi hosts that cannot be managed by vCenter due to firewall or other network challenges. In the Fling use case that is presented, there are three scenarios that VMware Pallas can help with. They are as follows:
Your ESXi hosts are running inside a private network, but you need to manage them in the public network.
Your ESXi hosts are not connected using persistent, permanent wired connections, but rather are connected through WiFi or a mobile network. An example of ESXi hosts that may be connected in this way may include hosts that are located on an oil rig as a case in point.
Another use case involves IoT. You may have virtualized edge devices with ESXi running on on an edge device and you need remote management capabilities on the ESXi server (patching creating new VMs, etc).
How Does VMware Pallas Work?
VMware Pallas makes use of what they call a “dominate-agent” VM that provides remote management ability on the ESXi host. The dominate-agent VM communicates with ESXi using the ESXi SDK for workload VM management. No direct connection between the workload vm and the domainte agent is made by default.
The dominate agent VM talks to the Pallas Manager using the MQTT protocol and does not allow any inbound traffic. In the case the ESXi server contains no hard wired network connection, a pluggable network device (USB WiFi card, 3G/4G/5G sim card or other network device that provides network connectivity) will be used to establish remote management connectivity. The USB device is simply passed through to the dominate-agent VM.
Requirements
The requirements are very basic – ESXi 6.0 or higher.
Manage ESXi Hosts Without vCenter using VMware Pallas
Let’s take a look at getting the VMware Pallas solution up and running. First of all, you will need to download the PallasManager-0.5.0.0.ova file from the VMware Pallas Fling site.
Also, you can download the pallas_agent_ubuntu.ova appliance from the site as well. This is the dominate agent VM. Alternatively, you can load your own Linux VM and install the Pallas agent bundle.
Below, I am not going through all the screenshots of the Pallas Manager install. It is a straightforward OVA deployment that we are all familiar with.
The customize template step is the step to pay attention to as you will set your credentials and network configuration for your appliance here.
Same for the Pallas_agent_ubuntu OVA deployment.
After you have deployed both appliances, there is just a small amount of configuration that you will need to do. You will need to edit the file /etc/vmware/pallas_agent/pallas_agent.conf to set your ESXi host, credentials, Pallas Manager address, and credentials.
To get your MQTT Password, you will look in the file application.properties.
On the agent VM, enable and start the agent.service.
After logging into your Pallas Manager, you should see that you have a host approval waiting on you under the Host Management section. Click the Approve button.
The host is now approved.
Now that we have a host approved, you can see the host showing up in the dashboard, along with the running VMs displaying on the host. If you notice at the bottom, you also have the Tasks and Alarms available to you.
If you click the name of your ESXi host under Host Management, it will take you to the overview of the host. You will see the health, hardware, VMs, Alarms, and other general information displayed. Additionally, you have an Actions menu. Under this menu, there is a Power, Create VM, and Update action you can perform.
You can choose to Create New virtual machine under this menu. You will note, you have to have a template uploaded to use for the new VM deployment. I suspect this will be extended to look like the more normal listing of deployments when you choose Create VM in future releases.
Under templates management, this is where you can upload a new VM template for deployment.
Using VMware Pallas, you can even perform centralized patch management of your ESXi hosts. It is pretty cool. You have to upload the patch bundle to Pallas, however, once you do that, you simply choose the host to apply to and update it.
The upload patch dialog box.
Video of VMware Pallas in Action
If you want to see a video of VMware Pallas in action, there is an official video from VMware posted on the Flings site here:
Wrapping Up
The ability to manage ESXi Hosts without vCenter using VMware Pallas is a very interesting concept. It satisfies many use cases especially in edge environments where there are constraints against connecting to vCenter due to firewall and other issues. It will be extremely interesting to see how this project develops and what additional features may be added for managing standalone ESXi hosts with this new tool.