Virtualization Pro

Aug 11 2008   1:59PM GMT

VMware working on patch for ESXi API exploit

Kutz Profile: Akutz

Although VMware’s ESXi hypervisor is free under the VMware Infrastructure (VI) base license, it’s not without limitations.

Only some of the application programming interface (API) method calls that are typically shipped with the VI SDK are available. It’s impossible, for example, to power on and off a virtual machine directly with Java or C#, the VI Toolkit (for Windows), the VI Perl Toolkit, or any other scripting toolkit or programming language that leverages the VI SDK. Full functionality is restricted to the VI client. I believe that this is VMware’s attempt to prevent third parties from developing management solutions for ESXi and selling them at lower cost than VMware’s VirtualCenter.

Despite these restrictions, I recently discovered a workaround that allows full access to the API. The method to circumvent VMware’s lockdowns will not be discussed here because it is unintentional and violates section 3.3 part 4 of the ESXi EULA:

You may not … create, develop, license, install, use, or deploy third party software or services to circumvent, enable, modify or provide access, permissions or rights which violate the technical restrictions of the Software.

VMware has been notified and is currently working on a patch to resolve this issue. Remember that in the interim, this method or any other means used to gain full access to the API in the free version of ESXi violates the EULA and should not be used.

That said, it’s still pretty cool 🙂

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: