A. Mikkelsen VMware ESX scripts, commands, tools and other nice to know things that will make your virtualization days easier!!!!

Friday, June 24, 2011

VMware releases vSphere 4.1 hardening guide

Filed under: Security,Tools — Tags: , , , — A. Mikkelsen @ 22:25 pm

In April VMware released their hardening guide for vSphere 4.1 (http://communities.vmware.com/docs/DOC-15413) , now the have also released a free tool to check your vSphere installations against their hardening guidelines.

The tool is called “VMware Compliance Checker for vSphere” – http://www.vmware.com/products/datacenter-virtualization/vsphere-compliance-checker/overview.html

VMware vSphere PowerCLI Reference – Book

Filed under: Books,PowerShell,Tools — Tags: , , , , — A. Mikkelsen @ 22:18 pm

If you haven’t read or read about the must have PowerCLI book “VMware vSphere PowerCLI Reference: Automating vSphere Administration“, by Luc Dekens, Alan Renouf, Glen Sizemore, Arnim van Lieshout and Jonathan Medd, then you need to check it out.

The book will show you how to automate your VMware infrastructure from vCenter to VM’s.

  • Automate installations
  • Create and configure VM’s
  • Secure your environment
  • Create reports

and much more.

Read a few chaphers from the book or buy the book (like I did :-)) at:
http://eu.wiley.com/WileyCDA/WileyTitle/productCd-0470890797,miniSiteCd-SYBEX,descCd-description.html

Download the PowerCLI examples from each chapter:
http://eu.wiley.com/WileyCDA/WileyTitle/productCd-0470890797,miniSiteCd-SYBEX,descCd-DOWNLOAD.html

Friday, June 3, 2011

List hosts CDP information

Filed under: Networking,PowerCLI Scripts,PowerShell — Tags: , , , — A. Mikkelsen @ 18:28 pm

If you have your hosts connected to a Cisco network infrastructure, you can see a hosts CDP information directly from within the VI Client.

As you can see in the exampels below it’s quite impossible to get the full CDP picture if you have many hosts with multiple NICs.
So I created a script that retrieves all CDP info from all your hosts (even across multiple vCenters) and displays it as a webpage.
Now it’s possible to search and share the information 🙂

The script is build up by a few functions

  • Retrieve the vCenter servers to retrieve host from.
    $objvCenterServer = Import-Csv -Path $strvCenterFilePath -Delimiter ";" | sort vCenter
    foreach($strvCenterServer in $objvCenterServer){
    # Check if VC is uncommented
    if ((!($strvCenterServer.vCenter.Contains("#"))) -and ($strvCenterServer.vCenter.Length -gt 0)){
    # Connect to vCenter Server
     Connect-VIServer -Server $strvCenterServer.vCenter -User $strvCenterServer.UserName -Password $strvCenterPWD
    
    # Add logic
    
    # Disconnect from vCenter server
    DisConnect-VIServer -Confirm:$false
    }}
    
  • Retrieve hosts from clusters.
    $arrDC = Get-Datacenter | Sort
    foreach($objDC in $arrDC){
     $arrCluster = Get-Cluster -Location $objDC | Sort
     # Only proceed if the Cluster isn't blank
     if ($($arrCluster | Measure-Object).count -gt 0){
     foreach($Cluster in $arrCluster){
     $vmhosts = Get-VMHost -Location $Cluster | Sort Name | Where-Object {$_.State -eq "Connected"} | Get-View
     #Only proceed if any hosts in cluster
     if ($vmhosts.Count -gt 0){
     foreach ($vmhost in $vmhosts){
    
    # Add logic for each host
    
    }}}}}
    
  • Retrieve hosts NICs CDP info.
    foreach ($vmhost in $vmhosts){
     $networkSystem = Get-view $vmhost.ConfigManager.NetworkSystem
    
     foreach($pnic in $networkSystem.NetworkConfig.Pnic | Sort Device){
     $pnicInfo = $networkSystem.QueryNetworkHint($pnic.Device)
    
     foreach($Hint in $pnicInfo){
    
     # LinkSpeed & MAC
     $record = 0
     $tmpSpeed = ""
     $tmpMAC = ""
     Do{
     If ($Hint.Device -eq $vmhost.Config.Network.Pnic[$record].Device){
     $tmpSpeed = $vmhost.Config.Network.Pnic[$record].LinkSpeed.SpeedMb
     $tmpMAC = $vmhost.Config.Network.Pnic[$record].Mac
     }
     $record ++
     }
     Until ($record -eq ($vmhost.Config.Network.Pnic.Length))
    
     # Duplex
     $tmpDuplex = ""
     if($Hint.ConnectedSwitchPort.FullDuplex -eq $true){
     $tmpDuplex = "Full"
     }
     if($Hint.ConnectedSwitchPort.FullDuplex -eq $false){
     $tmpDuplex = "Half"
     }
    
     # Status
     $tmpStatus = ""
     If (($tmpSpeed -ge 1000) -and ($tmpDuplex -eq "Full")){
     $tmpStatus = "OK"
     }else{
     If (($tmpSpeed -gt 0) -and ($tmpDuplex -eq "")){
     $tmpStatus = "CDP not working"
     }
     elseif (($tmpSpeed -gt 0) -and ($tmpDuplex -eq "Half")){
     if ($tmpStatus -ne ""){$tmpStatus += " / "}
     $tmpStatus = "Duplex config error"
     }
     elseif (($tmpSpeed -gt 0) -and ($tmpSpeed -lt 1000)){
     if ($tmpStatus -ne ""){$tmpStatus += " / "}
     $tmpStatus = "Speed config error"
     }
     else{
     $tmpStatus = "Link Down"
     }}}}
    
  • Seperate information included/excluded.
    $isExcluded = func_exclude_from_list -ExcludeHost $vmhost.Name -ExcludeVMNIC $Hint.Device -FromObj $objExcludeList
    
  • Generate html outputfile.
    Add-Content -Path $($strOutputPath + $strOutputFileName + ".TMP") -Value $strHTML
    if(Test-Path -Path $($strOutputPath + $strOutputFileName + ".htm")){
     Copy-Item -Path $($strOutputPath + $strOutputFileName + ".htm") -Destination $($strOutputPath + $strOutputFileName + $(Get-Date -uformat "%Y%m%d") + ".htm") -Force
    }
    Copy-Item -Path $($strOutputPath + $strOutputFileName + ".TMP") -Destination $($strOutputPath + $strOutputFileName + ".htm") -Force
    Remove-Item -Path $($strOutputPath + $strOutputFileName + ".TMP") -Force
    

vCenter servers are added/removed from the file “_All_vCenter_Hosts_.csv” .
A hosts NICs are moved to the exclude section, by adding it to the host exclude list “host_CDP_exclude.csv”.

The CDP information is sorted and saved in a HTML output file. If the script has been run before and an older version of the output file exist, it’s renamed and the new is saved (This supply you with a sort of history).

Get all script files here.
_All_vCenter_Hosts_.csv
host_CDP_exclude.csv
host_cdp_info_v01.ps1

————————-

For CDP information to be visible  in the VI client, CDP must also be enabled/configured on your physical Cisco switch – see example.
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1003885

To enable/change the CDP information on a host you have several options.

  1. If you are using dvSwitches in vSphere 4.x you can enable it from GUI .

    • Connect to vCenter using VI Client
    • From Home click Networking
    • Right click your dvSwitch and select Edit Settings
    • Under the Properties tab select Advanced
    • Check Cisco Discovery Protocol
    • Set Operation to Both
    • Click OK
  2. Using ESX Command line
    http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1003885
    (exchange vSwitch1 with the name of your vSwitch)

    • Show current setting
      esxcfg-vswitch -b vSwitch1
    • Set the new status (down, listen, advertise, both)
      esxcfg-vswitch -B both vSwitch1
    • Verify new settings
      esxcfg-vswitch -b vSwitch1
  3. Using vMA
    http://spininfo.homelinux.com/news/vSphere_PowerCLI/2010/03/24/Enable_CDP_on_vSwitch_on_all_hosts

     vicfg-vswitch --server <vcenter.domain.com> -h <esxi.domain.com> -B both <vSwitch1>

To view your CDP info you also a few options
See all options here:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1007069

  1. GUI

    • Connect to vCenter or ESX using VI Client
    • Select a ESX host
    • Click the Configuration tab
    • Select Networking
    • Click the Info icon to the right of the vSwitch
    • A tool tip opens with CDP information for the selected physical network interface
  2. PowerShell
     Get-VMHost | Where-Object {$_.State -eq "Connected"} |
     %{Get-View $_.ID} |
     %{$esxname = $_.Name; Get-View $_.ConfigManager.NetworkSystem} |
     %{ foreach($physnic in $_.NetworkInfo.Pnic){
        $pnicInfo = $_.QueryNetworkHint($physnic.Device)
        foreach($hint in $pnicInfo){
           Write-Host $esxname $physnic.Device
           if( $hint.ConnectedSwitchPort ) {
              $hint.ConnectedSwitchPort
           }
           else {
              Write-Host "No CDP information available."; Write-Host
           }
        }
     }
    

A must see, about how VMware sees the future of cloud

Filed under: Cloud — Tags: , , , , — A. Mikkelsen @ 12:52 pm

See the full keynote from EMC Worls 2011, staring Poul Maritz – VMware CEO

http://www.youtube.com/watch?v=Ac9jQZi_lz8&feature=youtu.be&goback=%252Egde_1800113_member_55803385

Wednesday, June 1, 2011

vSphere Client 4.1 error…

Filed under: Errors,Virtual Center — Tags: , , , , — A. Mikkelsen @ 15:37 pm

After I upgraded vSphere vCenter & Client to 4.1 258902, I been getting an error in the vSphere Client.

A internal error occured in the vSphere Client. Details: Object reference not set to an instant object.

The solution is provided by VMware.
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1033560

It’s just replacing a DLL file 🙂

The error is only with version 4.1 258902 and not 4.1 Update 1.

Powered by WordPress