Recently we were requested to install CA signed certificates on our ESX hosts to pass a security audit.
The thought of doing this manually bored me! so I wrote the following script – which recursively puts each host into maintenance, installs new certificate, then reboots the host, takes it out of maintenance and tests the certificate! The script also produces a detailed log file.
Continue readingWe recently realized the free space value on a single datastore in our VMware datastore cluster wasn’t matching the value of free space we were seeing on the backing device sitting on your VPLEX arrays. Not even close, as a matter of fact the underlying VLPEX distributed volume was fully utilized.
This clearly suggested something was going wrong with the deleted block unmap process.
To troubleshoot I jumped on a ESX host which has access to the particular datastore and run some esxcli cmds.
Continue readingIf you ever need to delete multiple volume snapshots from a NetApp HCI / Solidfire storage array, you will quickly realize there isn’t an efficient way of doing this using the UI – unfortunately you can’t delete multiple snapshots at the same time and each delete request requires a confirmation. Plus if you have a lot of volume snapshots, you will need to search for the snapshot you want to delete every time.
Using PowerShell simplifies the whole process.
First generate a snapshot report using following script.
connect-sfcluster CLUSTER IP
Get-SFSnapshot | select Name, SnapshotID, CreateTime, ExpirationTime, VolumeID, VolumeName | Export-Csv c:\temp\all-snapshots.csv
Sort the resulting CSV file (all-snapshots.csv) by VolumeName then by CreateTime – and highlight the rows including snapshots you want to delete. Then remove all the other rows. Finally remove all columns except the SnapshotID column and save as a new CSV (snapshots-to-delete.csv).
Now run the following script pointing at the new CSV file to delete the snapshots in one go.
$oldsnaps = (Import-Csv 'c:\temp\snapshots-to-delete.csv').SnapshotID
foreach ($snap in $oldsnaps){
Remove-SFSnapshot -SnapshotID $snap -Confirm:$False
}
For more info on how to install the SolidFire PowerShell module and other programmatic approaches to managing NetApp HCI storage – visit my other blog post.
This is a script which will allow you to enable the Hot Add vCPU and Memory feature on all or a sub set of your VMs.
IMPORTANT NOTE – the script will recursively power off each VM defined in CSV (unless Hot Add is already enabled), apply the config then power each VM back on. So make sure you run this script in an outage window.
When creating the CSV, make sure to include the header row – Name.
The script will also generate a log file.
Continue readingI’ve got a new version of this script at this link.
This is a simple script which will allow you to enable the Hot Add vCPU and Memory feature on all or a sub set of your VMs.
IMPORTANT NOTE – the script will recursively power off each VM defined in CSV, apply the config then power each VM back on. So make sure you run this script in an outage window.
When creating the CSV, make sure to include the header row – Name.
#Function to generate wait time progress bar
function Start-Sleep($seconds) {
$doneDT = (Get-Date).AddSeconds($seconds)
while($doneDT -gt (Get-Date)) {
$secondsLeft = $doneDT.Subtract((Get-Date)).TotalSeconds
$percent = ($seconds - $secondsLeft) / $seconds * 100
Write-Progress -Activity "Sleeping" -Status "Sleeping..." -SecondsRemaining
$secondsLeft -PercentComplete $percent
[System.Threading.Thread]::Sleep(500)
}
Write-Progress -Activity "Sleeping" -Status "Sleeping..." -SecondsRemaining 0 -
Completed
}
#Variables
$HotAddVMs = Import-CSV c:\temp\hot_add_disabled_vms.csv
$vmConfigSpec = New-Object VMware.Vim.VirtualMachineConfigSpec
$vmConfigSpec.CpuHotAddEnabled = "True"
$vmConfigSpec.MemoryHotAddEnabled = "True"
Foreach ($VM in ($HotAddVMs)) {
#Shutdown Guest OS / Power off VM
Get-VM $VM.Name | Shutdown-VMGuest -Confirm:$false
#Wait for VM to power off before executing config cmd
section – in which case the config cmd will fail
while((Get-VM $VM.Name).PowerState -ne 'PoweredOff') {
Start-Sleep -Seconds 10
}
#Execute config cmd
$VMConfig = Get-View -VIObject $VM.Name
$VMConfig.ReconfigVM($vmConfigSpec)
#Power on VM
Get-VM $VM.Name | Start-VM
}
Last week I was looking for a way to bundle VM Hardware Upgrades with our monthly Guest OS patching. After the Guest OS is patched, it gets rebooted. The goal was to get the VMs to upgrade their hardware after the Guest OS is rebooted. And avoid having to power of the VMs to carry out the hardware upgrades.
It appears this is possible by changing the VM UpgradePolicy to “Always” and setting a VersionKey (i.e. the ESX compatibility level) using Powershell.
To prove that changing these VM settings I mentioned above actually triggers a Hardware Upgrade at Guest reboot, I built a test VM, then carried out the steps below.
I’ve simply used the scripts provided in this blog post. https://blogs.vmware.com/vsphere/2018/09/automating-upgrade-of-vmware-tools-and-vmware-compatibility.html
Continue readingThe other day I had to add 60+ new VMware datastores, rather than doing this manually using the vSphere web client wizard, I used a basic PowerCLI script (in a foreach loop) to create the datastores in one big bang!
Before carrying out these steps make sure new LUNs are presented to the ESXi host. And make a note of the LUN id of first new LUN you created.
NOTE – You can acquire the LUN id by analyzing “Runtime Name” of LUN. Or alternatively the storage array may have this information also.
This script will automate the process of backing up your Citrix VD templates. As a matter of fact, you can use it for backing up any VM in your vCenter server.
The script leverages the OVF Tool utility. This tool can be downloaded from myvmware.com and should be installed on the server you’re scheduling the script on. For more info: www.vmware.com/support/developer/ovf
The script will run the OVF Tool utility for each Template or VM defined in the CSV file. It will then zip the log files generated by the OVF Tool utility and email them to the email addresses defined in the variables section.
NOTE – Each time the script runs the OVF data is overwritten. Export job logs for previous runs are archived in the Log-Archive folder. The script also creates a console log file in the root of the export folder.
Continue readingSSH on to the ESXi host the VM resides on and run command below. Replace VM-NAME with your VM’s name.
esxcli network vm list | grep -i VM-NAME
COMMAND OUTPUT:
1122341 VM-NAME dvportgroup-202593
Copy digits at beginning of output – 1122341 into command below and run command.
esxcli network vm port list -w 1122341
COMMAND OUTPUT:
Port ID: 33554507 vSwitch: VDS or VSS Name Portgroup: dvportgroup-202593 DVPort ID: 323 MAC Address: 00:50:56:91:72:03 IP Address: 0.0.0.0 Team Uplink: vmnic1 Uplink Port ID: 33554434 Active Filters:
Copy Port ID at the beginning of output – 33554507 into capture commands below and run captures.
FOR EGRESS CAPTURE (default)
pktcap-uw --switchport 33554507 -o /tmp/VM-NAME-outbound.pcap
FOR INGRESS CAPTURE
pktcap-uw --switchport 33554507 --dir 1 -o /tmp/VM-NAME.pcap
Install WinSCP, connect to host over SCP, download pcap file from tmp folder, analyze in Wireshark
More info —
The goal of this procedure is to replace self-signed External PSC certificates with a Microsoft CA signed certificate.
Helpful blog posts and articles:
http://www.enterprisedaddy.com/2017/01/configure-psc-ha-in-vsphere-6-5-part-1-configuring-certificates/
https://kb.vmware.com/s/article/2112014
https://kb.vmware.com/s/article/2112009
https://kb.vmware.com/s/article/2136693
Environment:
2 External PSC servers (v6.5) behind a load balancer
PSC1 – psc1.myitblog.local
PSC2 – psc2.myitblog.local
VIP – vpsc.myitblog.local