How to back up and restore the ESXi host configuration

27 października 2023

ESXi Command Line

Backing up ESXi host configuration data

  1. To synchronize the configuration changed with persistent storage, run this ommand:
    # vim-cmd hostsvc/firmware/sync_config
  2. To back-up the configuration data for the ESXi host, run this command:
    # vim-cmd hostsvc/firmware/backup_config

Note: The command will output a URL (http://<host_fqdn_orIP>/downloads/123456/configBundle-xx.xx.xx.xx.tgz) from where you can download the backup file, either by opening it in a web brower or using other means like wget.

  1. From a web browser navigate to http://<host_fqdn_orIP>/downloads/123456/configBundle-xx.xx.xx.xx.tgz

In this example the IP address of the host is 192.168.0.81

The backup file will be in the /downloads directory (default to browser or choose to download to a specific directory) as configBundle-HostFQDN.tgz

Note: To restore the configuration the destination ESXi host must be the same build as the ESXi host configuration data. The host build can be obtained using the command vmware -vl.

Restoring ESXi host configuration data

  1. The configBundle-HostFQDN.tgz should be renamed as configBundle.tgz before initiating the restore command.
  2. Put the host into maintenance mode by running the below command:
    # vim-cmd hostsvc/maintenance_mode_enter
  3. Copy the backup configuration file to the ESXi host or an available datastore.
  4. Reboot the host. This step is required, otherwise the restore workflow might not finish completely
  5. Once ESXi has rebooted, move the config bundle file to /tmp/configBundle.tgz.

Then run this command to restore the ESXi host configuration:
# vim-cmd hostsvc/firmware/restore_config 0

Note:  Add a 1 to force an override of the UUID mismatch.
For example: # vim-cmd hostsvc/firmware/restore_config 1

  • Executing this command will initiate an automatic reboot of the host after command completion.
  • However, starting from vSphere 7.0 U2, the configuration could be encrypted using TPMs and in which case, the -force option will not work if the host got changed. We need the same TPM that was used on the host during backup, to restore. In other words, 
    from vSphere 7.0U2, the override will not work if the host has TPM enabled.

vSphere CLI

Backing up ESXi host configuration data

Run this command to backup the ESXi configuration:                                                                                      
# vicfg-cfgbackup –server=ESXi_host_IP_address –username=root -s output_file_name                                                                           

For example:                                                                                                                                                     
vicfg-cfgbackup –server=10.0.0.1 –username=root -s ESXi_test1_backup.tgz

In vSphere CLI for Windows:

  1. Navigate to C:\Program Files\VMware\VMware vSphere CLI\bin
  2. Run this command to backup the ESXi configuration:

# vicfg-cfgbackup.pl –server=ESXi_host_IP_address –username=root -s output_file_name

For example:

# vicfg-cfgbackup.pl –server=10.0.0.1 –username=root -s ESXi_test1_backup.tgz

Notes:

  • Use the –password=root_password option to skip the password prompt.
  • A backup text file is saved in the current working directory where you run the vicfg-cfgbackup script.


Restoring ESXi host configuration data

Restoring the host configuration restores the state of the ESXi along with any vSphere standard switch networking configuration. 

Note: When restoring configuration data, the build number of the host must match the build number of the host on backup file and UUID (can be obtained using the command „esxcfg-info -u”) of the host should match the UUID of the host on backup file. Use the -f option (force) to override the UUID mismatch. However, starting from vSphere 7.0 U2, the configuration could be encrypted using TPMs and in which case, the -force option will not work if the host got changed. We need the same TPM that was used on the host during backup, to restore. In other words, 
from vSphere 7.0U2, the override will not work if the host has TPM enabled.

In vSphere CLI

 To restore the configuration data for an ESXi host using the vSphere CLI:

  1. Put the host that you want to restore maintenance mode.
  2. Reboot the host. Otherwise the workflow triggered by vicfg-cfgbackup command might not finish completely.
  3. Log in to a server where the vCLI is installed.
  4. Run the vicfg-cfgbackup script with the -l flag to load the host configuration from the specified backup file:

vSphere CLI# vicfg-cfgbackup –server=ESXi_host_IP_address –username=root -l backup_file

For example:# vicfg-cfgbackup –server=10.0.0.1 –username=root -l ESXi_test1_backup.txt

 vSphere CLI for Windows:# vicfg-cfgbackup.pl –server=ESXi_host_IP_address –username=root -l backup_file

For example:# vicfg-cfgbackup.pl –server=10.0.0.1 –username=root -l ESXi_test1_backup.txt

Note: Bypass the confirmation to proceed with the -q option.

To restore an ESXi host to the stock configuration settings, run the command:# vicfg-cfgbackup –server=ESXi_host_IP_address –username=root -r 

For example:# vicfg-cfgbackup –server=10.0.0.1 –username=root -r

Note: ESXi host should be rebooted for the configuration changes to take effect.

In vSphere PowerCLI

Backing up the ESXi host configuration data

# Get-VMHostFirmware -VMHost ESXi_host_IP_address -BackupConfiguration -DestinationPath output_directory

 

For ESXi 6.7, see Reset the System Configuration

For example:# Get-VMHostFirmware -VMHost 10.0.0.1 -BackupConfiguration -DestinationPath C:\Downloads

Note: A backup file is saved in the directory specified with the -DestinationPath option.


Restoring the ESXi host configuration data

Note: When restoring configuration data, the build number of the host must match the build number of the host on backup file and UUID (can be obtained using the command esxcfg-info -u) of the host should match the UUID of the host on backup file. Use the -force option to override the UUID mismatch. However, starting from vSphere 7.0 U2, the configuration could be encrypted using TPMs and in which case, the -force option will not work if the host got changed. We need the same TPM that was used on the host during backup, to restore. In other words, 
from vSphere 7.0U2, the override will not work if the host has TPM enabled.

  1. Put the host into maintenance mode by running the command:# Set-VMHost -VMHost ESXi_host_IP_address -State 'Maintenance’
  1. Reboot the host. This step is required, otherwise step 3 might not finish completely and needs to be repeated:# Restart-VMHost -VMHost ESXi_host_IP_address -Confirm:$false
  2. Restore the configuration from the backup bundle by running the command:# Set-VMHostFirmware -VMHost ESXi_host_IP_address -Restore -SourcePath backup_file -HostUser username -HostPassword password

For example:# Set-VMHostFirmware -VMHost 10.0.0.1 -Restore -SourcePath c:\bundleToRestore.tgz -HostUser root -HostPassword exampleRootPassword

Related Information

Note: The information about virtual machines is not stored in the config backup and the virtual machines must be re-inventoried from the datastore browser after a config backup restore. Also, bootbank information is not stored in a config backup. If needed, this must be backed up and downloaded separately in a compressed tar file.