03 December, 2012

Disabling HotAdd/Hotplug in Virtual Machines

The Hotadd/ Hotplug feature introduced in ESX(i) 4 gives VM users (with OS administrator rights) the possibility to "eject" hardware inside the VM. By doing this it removes the hardware inside the VM aswel as from the VM configuration. Hardware that can be "ejected" which can cause a serious issue on the functionality of the VM are network cards SCSI adapters and virtual disks.
There is a VMware kb article on this "issue" KB: 1012225

The kb article gives a work-a-round solution by disabling the Hotplug capability of the VM. This can be done by: using the vSphere client or by editing the .vmx file of your VM. This will disable all Hotplug capability except CPU and Memory.
Editing the .vmx file can only be done when the VM is powered off, but you can do it more easy by using a PowerCLI script. Example below (Script provided by Massimiliano Giarda).

Although this is a quick solution to the problem, there is also a alternative way of preventing "accidental" removal of hardware. You can change the appropriate setting in the Windows registry, but as this setting is in the SYSTEM part, you will need to change the registry upon every boot / reboot of the VM. At best it is done by running it as (part of) the computer startup script.

Below the registry setting to disable harddisk eject:

:: Disable eject hard disk
:: Original value: 6
reg.exe add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\PCI\VEN_1000&DEV_0054&SUBSYS_197615AD&REV_01\4&1f16fef7&0&00A8" /v Capabilities /t REG_DWORD /d 2 /f

Below the registry setting to disable network card eject:

:: Disable eject network card
:: Original value: 6
reg.exe add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\PCI\VEN_8086&DEV_100F&SUBSYS_075015AD&REV_01\4&3ad87e0a&0&0088" /v Capabilities /t REG_DWORD /d 2 /f

No comments:

Post a Comment