Discovering VMware ESX and ESXi hosts

Unpatched VMware vSphere known problems

Unpatched versions of VMware vSphere have known problems when scanned by various tools. We strongly recommend that you apply the appropriate patches to affected systems. There is more information on this issue on the following Configipedia link.

VMware ESX and ESXi

VMware ESX and ESXi are bare-metal embedded hypervisors, built on a Linux kernel, and run directly on server hardware without requiring an underlying operating system. VMware ESXi is a smaller footprint version of VMware ESX. In VMware ESX and ESXi versions before 3.5.0 the Linux environment was available through an ssh connection, with the introduction of version 3.5.0 the ssh capability must be enabled by the user. Discovery using the web services API (introduced with VMware ESX version 3.0.2) is the preferred method of discovering VMware ESX and ESXi.

ESX and ESXi 3.0 and onwards are classified as hypervisors. Previous versions are classified as Linux hosts.

VMware vCenter

VMware vCenter Server provides centralized management of VMware vSphere (ESX and ESXi) virtual machines. BMC Atrium Discovery uses the VMware vSphere API to communicate via a proxy with VMware vCenter to discover VMware ESX and ESXi hosts.

VMware vSphere API

VMware vSphere is a virtual infrastructure management suite. BMC Atrium Discovery uses the vSphere API to communicate directly with VMware ESX and ESXi hosts where no VMware vCenter credentials are available.

Discovered versions

VMware ESX and ESXi discovery uses version 2.5 of the vSphere API. This supports discovery of the following versions and later:

  • ESX 3.5
  • ESXi 3.5
  • vCenter Server 4.0
  • VirtualCenter 2.5

Discovering VMware ESX and ESXi hosts

Discovery of VMware ESX and ESXi hosts is performed in the following way.

  1. A scan of an IP address detects the following:
    1. Port 902 is open and responds to a vSphere API call with a message from the VMware Authentication Daemon.
    2. Port 443 (HTTPS) is open.
  2. If VMware vCenter credentials are defined, then discovery attempts to connect to vCenter on port 443 with a request to discover the target. vCenter then uses vSphere API calls to attempt discovery of the target. If this is successful then the ESX/ESXi host is discovered. There may be multiple vCenter credentials deployed for vCenter servers on the network. These are tried in turn until the host is discovered or the credentials are exhausted.
  3. If unsuccessful, discovery attempts to make direct vSphere API calls to the target. This requires vSphere credentials and again, each is tried in turn until the host is discovered or the credentials are exhausted.
  4. If vSphere is unsuccessful, and port 22 or an alternative ssh port is configured, an ssh discovery is attempted.

The following screen shows a discovered VMware ESX host.
Shows a VMware ESX host page.

Was this page helpful? Yes No Submitting... Thank you