Verifying the profile compliance of an ESXi host
Once you have the ESXi hosts associated (attached) with a Host Profile of your choice, the host can be checked for compliance. The compliance check is done in the vCenter server.
In this section, you will learn how to check an ESXi host for compliance against an associated Host Profile.
How to do it…
The following procedure will guide you through the steps required to check an ESXi host for compliance:
- Connect to the vCenter server using the vSphere Web Client.
- Go to the vCenter Inventory Home tab and navigate to Rules and Profiles | Host Profiles.
- Click on the Host Profile, to bring up the Host Profile specific page.
- Navigate to Monitor | Compliance to see a list of ESXi hosts attached to the profile and their compliance status. If the compliance status of a host is Unknown, then it means it hasn't been checked for compliance yet:
- Select the host and click on the Check Host Profile Compliance icon, to start the compliance check:
- You should see a Check Host Profile Compliance task completed successfully in the Recent Tasks pane and the Host Compliance column should now indicate whether the host is compliant or non-compliant.
How it works…
Checking a host for compliance against an associated Host Profile will compare the host configuration with the configuration settings in the Host Profile. If any of the configuration policy/settings in the Host Profile are not present on the host, the host is tagged as non-compliant. Non-compliant hosts can be remediated to meet the configuration requirements.
You could also create a scheduled task to periodically run a Host Profile's compliance check on the hosts or the cluster attached to a Host Profile. This is done by selecting a Host Profile and then navigating to the Manage | Scheduled Tasks tab and creating a new scheduled task as shown in the following screenshot:
