VMware vSphere SDKs and Tools 8.0

8.0 7.0 6.7 6.5

Checking the Compliance Against the Desired State

Before applying a desired state on a cluster, you can scan all hosts in the cluster against the desired state and check the cluster compliance against the desired state. Before applying a desired state on a standalone host, you can scan the host and check its compliance against the desired state.
To check the compliance of all hosts in a cluster or of the single standalone host:
  • For a cluster,
    use the
    POST https://
    <vcenter_ip_address_or_fqdn>
    /api/esx/settings/clusters/
    <cluster_id>
    /software?action=scan&vmw-task=true
     request
    .
  • For a standalone host,
    use the
    POST https://
    <vcenter_ip_address_or_fqdn>
    /api/esx/settings/hosts/
    <host_id>
    /software?action=scan&vmw-task=true
    request
    .
Pass as an parameter the cluster or the host identifier. The method compares the desired state against the current state of each host in the cluster or of the single host and as a result calculates the compliance.
You can retrieve the cluster or the standalone host compliance status by
using the
GET https://
<vcenter_ip_address_or_fqdn>
/api/esx/settings/clusters/
<cluster_id>
/software/compliance
 or
GET https://
<vcenter_ip_address_or_fqdn>
/api/esx/settings/hosts/
<host_id>
/software/compliance
 requests and passing the cluster or standalone host ID as path parameter. As a result, you receive a
ClusterComliance
 or
HostCompliance
 JSON object that contains the following information
:
  • The overall cluster compliance status regarding the target version of the components described within the cluster desired state.
  • The impact of applying the desired state on the cluster in case the cluster is non-compliant.
  • A list of all compliant hosts in the cluster.
  • A list of the incompatible hosts in the cluster.
  • A list of the non-compliant hosts in the cluster.
  • A list of the unavailable hosts which cannot be checked for compliance against the desired state.
  • The compliance status of each host in the cluster.
  • The notifications returned by the compliance check operation.
  • The time that the compliance check takes.
  • The ID of the committed draft for which the compliance check is performed.
    If the
    commit
     property of the cluster or host compliance data structure is unset
    , the compliance check is run against a draft software specification.
  • The compliance overall stage status of the cluster or the standalone host and is relevant when the compliance status of the cluster or the standalone host is
    NON_COMPLIANT
    .
  • The compliance of the OEM add-on on the standalone host with respect to the add-on in the desired state.
  • The compliance of the base image on the standalone host with respect to the base image in the desired state.
  • The compliance of all effective components and all components present on the standalone host in respect to the components in the desired state.
  • The compliance of all DPU devices on the standalone host with respect to the desired state.
  • The compliance of the hardware support on the standalone host with respect to the hardware support defined in the target state.
A cluster or a standalone host can have one of the following compliance statuses regarding the target versions:
  • COMPLIANT
    . The target versions of the components described in the desired state of the cluster or the standalone host are the same as the versions of the components currently present on the hosts in the cluster or on the standalone host.
  • NON_COMPLIANT
    . The desired state of the cluster or the standalone host describes components with higher versions than the versions of the components currently present on the hosts in the cluster or on the standalone host. Non-compliant clusters or hosts are those clusters or hosts which have orphaned VIBs, or components on the hosts that are not present in the desired state specification.
  • INCOMPATIBLE
    . One or more hosts in the cluster or in the standalone host have components with higher versions than the components described in the desired state specification.
  • UNAVAILABLE
    . The current state of one or more hosts in the cluster or of the standalone host cannot be retrieved and as a result the compliance check cannot be performed.
You can check the compliance impact of applying the desired state on a non-compliant cluster or a standalone host by
using the
impact
 property of the respective compliance data structure which contains the
ComplianceImpact
 data structure
. Use it to retrieve information about the steps you must take to remediate the cluster or the standalone host successfully. You might need to reboot a host or put a host into maintenance mode to remediate the cluster or the standalone host successfully.

Content feedback and comments