Useful Linux Commands for ESXi

By | February 24, 2014

ESX has long had its roots in the Linux OS. Depending on the version, and who you ask, ESXi contains traces of RHEL, SLES, CentOS 3.9 and CentOS 5.3. With every release ESXi takes another step away from “standard” Linux, but the heart is still based on ld and glibc. This means Linux commands core to a standard bash shell still work. vSphere 5.x also ships with the “Swiss army knife of embedded Linux”, BusyBox, installed.

The following is a list of useful Linux tools that come standard on ESXi, how to use them, and further reading on the complex tools:

File and Directory Basics

These are the basic commands for navigation and file management

#Copy fileA  to fileB
cp fileA fileB 

#Move fileA to fileB, can also be used to rename files
mv fileA fileB

#Delete fileA
rm fileA

#Present Working Directory, also know as "."

#Change Directory directoryName
cd directoryName

#Change Directory to the parent directory ("..")
cd ..

#List Directory

#List Directory including details and hidden files
ls -la

#Make Directory directoryName
mkdir directoryName

#Delete Directory directoryName, must be empty
rmdir directoryName

#Delete Directory and all contents
rmdir -rf directoryName

Viewing Files

There are several ways to print a file’s contents to the console depending on the files length, how much you want to see, and how you want to navigate the file.

#Print a file to the console
cat fileName

#Print a file to the console on screen-full at a time
more fileName

#View a file with a complex viewer that can move forward and back
less fileName

#Print a variable to the console
echo varName

#Print the first 10 lines of a file to the console
head fileName

#Print the first X lines of a file to the console
head -n X fileName

#Print the last 10 lines of a file to the console
tail fileName

#Print the last X lines of a file to the console
tail -n X fileName

#Print new lines that are appended to a file to the console as they are appended
tail -f fileName 

The vi Editor

vi is a powerful text editor that has been included in almost every Unix and Linux variation of the past 30 years. Users edit files in vi using two different modes, Command Mode, and Insert Mode. vi starts in Command Mode and to interactively edit a file you need to enter Insert Mode by pressing “i”. You can return to Command Mode by pressing “escape”

Once you have finished editing the file, press “escape” to enter Command Mode and press “:” and a prompt is displayed at the bottom of the screen. To exit without saving type “q!” and press enter. to save and exit type “wq” and press enter.

When you are in the file you can move the cursor with the arrow keys.

The are a large number of command in Command Mode that I will not cover here. If you would like to know more check out Colorado State University’s “Basic vi Commands”.

Joining Commands with Pipe

In bash shell you can can feed the output of a command to a second command on the same line using the “|” (pronounced “pipe”) character. This is called a “pipeline”. Common uses of a pipeline are routing output with the tee command and searching with the grep command.

The tee command routes output from once source to two destinations, a file and the standard output console. Think of it like a “T” crossroads.

#Send the ouput of the command "esxcli network firewall ruleset list" to a file named "rules.txt" and the console window
esxcli network firewall ruleset list | tee rules.txt

The grep command is a powerful search function that takes regular expressions as arguments.

#Return only the firewall rules containing the string "ssh"
esxcli network firewall ruleset list | grep ssh

File Permissions and Ownership

File and directory permissions and ownership are both “ch” change commands, chmod and chown.

chmod uses a series of 9 bits, converted to three decimals, to set permissions. Three bits represent a maximum value of 7 (111) and a minimum value of 0 (000). The first bit in the triple (the “4” bit) represents read, the second bit (the “2” bit) represents write, and the third bit (the “1” bit) represents execute. The following table shows all combinations:

# Permission rwx
7 full 111
6 read and write 110
5 read and execute 101
4 read only 100
3 write and execute 011
2 write only 010
1 execute only 001
0 none 000

There are three triples for the full permission set, the first is the owner, the second is the group, the third is everyone.

#setting the full permission for owner, read for group, and none for everyone on the file test.xml
chmod 740 test.xml

chown is used to set the owner and/or group for a file.

#setting the owner of the file "test.xml" to root
chown root test.xml

#setting the group of the file "test.xml" to groupA
chown :groupA test.xml

#setting the owner of the file "test.xml" to root and the group to groupA
chown root:groupA test.xml

Tarballs and Compression

The tar command was originally used as a backup command. It takes a collection of files and appends them one after another in one large file. This is a minor but important difference from how a directory works. Tar also does not actually compress the files. It relies on the gzip engine for compression, however over the years the functionality has been built in.

Files are usually distributed with the extension .tar.gz. These files have first been “tarred” together and then zipped.

#uncompress and untar a compressed tarball named test.tar.gz to a directory named "./test"
tar -xvzf test.tar.gz

Process Management

How to list processes and send them signals.

#list all processes by id, group id, and name

#send process number 500 the TERM signal
kill -15 500

#send process number 500 the KILL signal
kill -9 500

#send process number 500 the "Hang UP" signal, this is used to reset daemons like httpd
kill -HUP 500

Disk Free

#list the free space on mounted volumes in a human readable format
df -h

Network Diagnostic Tools

ESXi contains limited implementations of the standard network troubleshooting tools ping, traceroute, and nslookup.

#check connectivity to addressA
ping addressA

#display list of hops to addressA
traceroute addressA

#return ip address of a host with name hostnameA
nslookup hostnameA

Power Tools: sed and awk

ESXi’s BusyBox install contains two of the most powerful and deceptively named tools on Linux, sed and awk. Both tools were invented by Bell Labs in the 70s and several books have been written about each.

sed stands for Stream Editor. It is commonly used for substitutions and filters in pipelines using regular expressions. The better than average Wikipedia article contains a good guide on how to use it.

#number each line of a file (number on left, right-aligned)
sed = filename | sed 'N; s/^/     /; s/ *\(.\{6,\}\)\n/\1  /'

#add commas to numeric strings, changing "1234567" to "1,234,567"
sed -e :a -e 's/\(.*[0-9]\)\([0-9]\{3\}\)/\1,\2/;ta'

#delete all trailing blank lines at end of file
sed -e :a -e '/^\n*$/{$d;N;ba' -e '}'

Awk is an Turing Complete1 structured programming language that laid the groundwork for what eventually became perl. ESXi does not contain perl however awk is almost as good. There is even an awk port of Tetris. More information can be found at the  Bell Labs awk website.

#print number of lines in a file
awk 'END { print NR }'

#print the total number of lines containing the word "test"
awk '/test/ { n++ }; END { print n+0 }'

#print the line containing the largest numeric first field.
awk '$1 > max { max=$1; maxline=$0 }; END { print max, maxline }'

Saving The Best for Last: python

The bad news is ESXi contains the bare minimum of Linux commands. The good news is that it contains a full implementation of python 2.6.8, my personal favorite scripting language. Pretty much any tool you can think of can be written with python. Just remember the core of PEP20, the Zen of python:

Beautiful is better than ugly. 
Explicit is better than implicit. 
Simple is better than complex. 
Complex is better than complicated. 
Flat is better than nested. 
Sparse is better than dense. 
Readability counts. 
Special cases aren't special enough to break the rules. 
Although practicality beats purity. 
Errors should never pass silently. 
Unless explicitly silenced. 
In the face of ambiguity, refuse the temptation to guess. 
There should be one-- and preferably only one --obvious way to do it. 
Although that way may not be obvious at first unless you're Dutch. 
Now is better than never. 
Although never is often better than *right* now. 
If the implementation is hard to explain, it's a bad idea. 
If the implementation is easy to explain, it may be a good idea. 
Namespaces are one honking great idea -- let's do more of those!

Learn more about python for free at

1A Turing Complete language can theoretically be used to solve any computational problem.