2010-04-30

Last Chance for VMware vExpert Nominations

Today April 30, 2010 is the closing day for Nominations.

image VMware vExpert Application Form

 

 Award Benefits

  

 Criteria & Guidelines

 

If you have not already got your nomination in, the clock is ticking……

2010-04-29

Are We Allowed to Publish Everything?

In continuation to my post regarding mistakes, it actually started a very interesting discussion.on Twitter on the subject.

Don't get me wrong - I am not for publicizing information that was under NDA. And if you ask me - if someone does publicize a piece of information that is covered by an NDA - then the publisher should have sanctions taken against them.

But the whole idea of that post was not because someone broke an NDA, not at all.

It was not that someone overheard a conversation that should not have in a Starbucks coffee shop.

The main subject under debate was a planned announcement with a recognized spokesman of the vendor on a pre-planned public webcast.

Saying that though - if an error happened and something did leak out - I do think that common sense should be used. It all depends what your motives are. If you want to be a sensationalist - then by all means - go for it. But as I heard from someone wise - do not bite the hand that feeds you.

Remember information is one of the easiest things to come by in our day and age. If you value your privacy and your company's then you will have to protect that information - in more ways then one.

2010-04-28

Mistakes, Mistakes and more mistakes..

Small Rant….

Over the last two weeks there have been a numerous amount of occurrences where VMware employees have voiced new announcements in Public, and thereafter several bloggers have posted on their blogs information based on these announcements.

Content here, here, here, here and here.

Now what you will find in common with all of the above posts - is that they either have been pulled, or the content they were pointing to has been removed.

I personally have been asked (in the past and not related to the topics above) to remove content off of my blog because the material was confidential and not for public knowledge - but the source forgot to tell me and 60 other people in the room with me that this information was under NDA.

I mean we all make mistakes - we are all human, but I would like to put in a public request to VMware and to any other vendor as well for that matter. If you do not want something out in the public - do not go and announce it on a public forum! You will have to go around cleaning up your mess after you.

This does not add to your credibility.

VMworld 2010 - What's New

VMworld 2010 registration is now open.

A few facts and new introductions to this year's conference

Follow the Experts - New in 2010
This year, VMworld is connecting you directly with subject-matter authorities with our Knowledge Experts Program. These highly respected members of the VMware community - made up of industry-leading customers, bloggers and VMware employees - will be conducting and participating in Breakout sessions and Birds of a Feather discussion groups. Plus, they’ll also be available for one-on-one meetings and more casual discussions as they circulate throughout the conference.

One-on-One Meetings
You can schedule one-on-one meetings with up to 3 Knowledge Experts during the conference. Use these 15-minute sessions to delve into topics that relate specifically to your organization.

Birds of a Feather Discussion Groups
In addition to traditional Breakout Sessions, we’re introducing Birds of a Feather Discussion Groups led by one of the Knowledge Experts. These informative and interactive discussion groups are a great opportunity for you to gain insight from like-minded colleagues in similar industries. Attendance is on a first-come, first-served basis.

Self-Paced Labs - More Options
In 2010, all VMworld Labs will be held in a self-paced environment - allowing us to maximize the number of labs offered and giving you more opportunities to explore how virtualization can make a powerful impact on your organization. Unlike traditional instructor-led labs, self-paced labs create a more interactive and educational environment - one that lets you see, first hand, how the latest in VMware software can help you energize your business.
VMworld will stage more than 18,000 lab seats and conduct up to 400 simultaneous lab sessions during the 4-day event. Plus, we have committed 200,000+ man-hours in lab creation and development to produce over 20 self-paced lab topics - covering everything from SRM to DRS. With over 100 VMware Specialists on hand to answer questions and explore options, you’ll get one-on-one attention when you need it - and still have the flexibility to move at your own pace. Forget pre-registration. With over 40 hours of available lab time throughout the conference, you’re free to experience the latest in VMware offerings when it best fits your schedule.

Breakout Sessions - More Freedom. Less Formality.
This year, we’ve eliminated the need to pre-register for sessions - giving you more freedom and greater control over your conference experience. Forget trying to plan your daily agenda around events you picked weeks ago -use Schedule Builder to view a complete listing of available sessions and then just show up to sessions that work best for you when you’re at the conference. Plus, we’ll be repeating most sessions at least once, so you have ample opportunity to attend your top choices.

Now a few things here caught my eye.

  1. The huge amount of Labs and hours invested in this event is absolutely amazing!!
  2. The Breakout sessions. From what I remember there was a lot of noise from the public because VMware bounced several people out of sessions.Now here we see that VMware have decided that there will be no need to register for sessions in advance just walk in to what you want. Forgive me if this sounds naive - but do you not think that even if you repeat most of the sessions at least once - that you will have certain sessions that will be completely packed - to the brim - and then some..
  3. It would be interesting to hear who the Experts are that will be available for these sessions.
  4. The one-on-one sessions - is a great idea! I actually attended a similar idea in a TechNet conference with some of the Windows Server and Hyper-V Team - it was a great opportunity to get to actually speak to the Product team and people that are the leading experts on certain products. Kudos for the initiative.

So what do you all think about the changes? The discussion has already begun.

Monitor AD Replication Status with Powershell

Do you know the feeling?

You have 40 domain controllers located in 20 different locations - with a multitude of child domains and children of those child domains, on all sides of the globe (yeah I know a globe does not have sides….), with different people at different levels of expertise managing these DC's? Sound familiar?

And for some reason someone went on vacation and forgot to clean up a movie that they put on the DC's C: drive - because they had nowhere else to put it? (well I am joking of course - but the reasons for disk space running out could be for multitude of reasons).

And the C: drive has no more free space.

And therefore the DC's stops responding properly.

And your start getting replication errors between the Domain Controllers.

So do you know the feeling??

Now of course you could have someone (or something monitor your logs for you - but not necessarily would you catch the replication issue - because you would have to monitor more than just one DC).

Well thanks to Microsoft there is small tool which will give you the replication status and if you would like it can do a whole lot more than that, but for this example the replication status will suffice.

Repadmin - and if you have not used it before then I suggest you get to know the tool.

repadmin.exe /showrepl * /csv

Ok .. Whoopee! And now what do I do with that info? Well you could:

  1. open it in Excel and
  2. filter out all the values that have 0 failures
  3. and then see where the issues are

That would be nice… but not automated!!

What if you could get the data, filter out to retrieve only what you wanted (which would be all the failures) and send it to an admin by mail. And to make your life complete (just kidding), have this run on a regular schedule?

Here you are.

# ==============================================================================================
# NAME: Check-Replication
# 
# AUTHOR: Maish Saidel-Keesing
# DATE  : 27/04/2010
# 
# COMMENT: Will check the replication status and if there are failures will send an email to the
# Assigned Addresses.
# ** Requires Repadmin from the Windows resource Kit accessible in the default path **
# ==============================================================================================

$from = "Replication Status<maishsk@gmail.com>"
$to = "Maish<maishsk@gmail.com>"
#Collect the replication info

#Check the Replication with Repadmin
$workfile = D:\software\USB_Tool_Kit\Tools\repadmin.exe /showrepl * /csv 
$results = ConvertFrom-Csv -InputObject $workfile | where {$_.'Number of Failures' -ge 1}


#Here you set the tolerance level for the report
$results = $results | where {$_.'Number of Failures' -gt 1 }

if ($results -ne $null ) {
	$results = $results | select "Source DC", "Naming Context", "Destination DC" ,"Number of Failures", "Last Failure Time", "Last Success Time", "Last Failure Status" | ConvertTo-Html
	} else {
	$results = "There were no Replication Errors"
}

Send-MailMessage -From $from -To $to -Subject "Daily Forest Replication Status" -SmtpServer "smtp.maishsk.local" -BodyAsHtml ($results | Out-String)


Line 17.
Run the command and put it into CSV format

Line 18. Convert the results from the variable into a variable and filter them

Lines 20-24. If the results are not empty (which means you have errors) then apply some formatting to the output and convert that output to HTML. If there were no errors then set the variable to show that fact.

Line 26. Send the results by email

So from going from lines and lines of this

image

to this - which I can get in my inbox every 4 hours because it is now running as a scheduled task.

image

or this if all is fine and dandy

image

Hope this is useful to someone!

--UPDATE--

I updated the script above to remove the use of a temporary file - it was not necessary - everything can be saved into variables and clean up some logic.

2010-04-27

ESXi Deployment Solution - Part 3

Today we will deal with the client and server scripts, and before we start I would like to get the definitions straight.

Client Script: The script that is executed on the ESXi machine (Python)

Server Script:The script running on a Windows host that will configure the ESXi machine after deployment (Powershell)

So let's start. Here is the client script - it was adapted from here

# TCP client example
import socket
s = socket.socket()
s.connect(("192.168.113.1",3333))
s.send("myuniquestring")
s.close()


Simple isn't it? - Well for me to understand this took a while so I will try and explain in as much detail as possible.

Line 2. Import the socket module - which will allow us to to create the communication socket

Line 3. Create the variable s as a socket

Line 4. Connect to an "IP","port" - in my case 192.168.113.1 and port 3333 - You can define this to the IP and port of your choice

Line 5. Send a string of text. This again can be anything you would like - but I would define it as something unique so not to have any false positives.

Line 6. Close the connection - and close the script.

And in plain text - the machine will open a communication socket on port 3333 to 192.168.113.1, send myuniquestring and exit.

Now on to the Server script - adapted from here

###############################################################################################
##	TCP port Listener + Connect to ESXi
## 	Author: 	Maish Saidel-Keesing                        
##  	       	http://technodrone.blogspot.com				
##	Date:		April 15, 2010								
##	Version: 	1.0
##	Synopsis:	This script will configure a TCP listener that will recive a string
##		It will then connect to a ESXi machine ready to configure the instance
###############################################################################################

#Define parameters with setting default port
function Trace-Port {
	param ([int]$port=3333, [string]$IPAdress="192.168.113.1", [switch]$Echo=$false)
	
		#create a new .net listener object
		$listener = new-object System.Net.Sockets.TcpListener([System.Net.IPAddress]::Parse($IPAdress), $port)
		$listener.start()
		[byte[]]$bytes = 0..255|%{0}
		write-debug "Waiting for a connection on port $port..."
		$client = $listener.AcceptTcpClient()
		$script:remoteIP = $client.Client.RemoteEndPoint
		$stream = $client.GetStream()
		while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0)
		{
			$bytes[0..($i-1)]|%{$_}
			if ($Echo){$stream.Write($bytes,0,$i)}
		}
		$client.Close()
		$listener.Stop()
		write-debug "Connection closed."
} #end Trace-Port Function

####entry point to script

#set Parameters
$result = $null
$script:string = "myuniquestring"

trace-port | foreach {
	$script:output = ([char]$_)
	$script:result += $output
}

if ($result -eq $string) {
	Connect-VIServer -Server $remoteIP.Address.IPAddressToString -User root -Password ""
}

 

Line 12. Two Parameters are passed by default to the script, IP and Port

Line 15. Create the listener object using the two parameters above

Line 16. Start the listener

Line 19. Open the TCP Client connection

Line 20. Assign the incoming IP to the remoteIP variable. The variable is in the Script Scope - so that I can use it again outside the function.

Line 22-26. In essence the input is translated into characters until the connection is closed

Line 27-28. Close the connection and then close the listener.

Line 35-36. Clear the results variable and define my unique string variable

Line 38-40. Get each character that is sent to the listener, and put it in the result string

Line 43.44. If the string that is sent matches the string I defined - then connect to the ESXi server with the remoteIP variable. The username is always root and password is always empty. This is the default of an ESXi installation.

And in Plain text - wait for a connection on port 3333. Once received  - check the string that is sent through this connection matches the string that is have predefined. If so that means it is a connection from an ESXi machine and that a connection should be opened to the ESXi server.

Now of course this is just a proof of concept for the script - but you should understand that once you can connect to the ESXi machine with root privileges you can configure what ever you would like.

Now of course to run the Server script, all you need is Powershell and the PowerCLI Cmdlets installed,

Next up is how to get the script into the ESXi installation process.

2010-04-26

VCDX Design Exam - Check!

Now I am happy to say that I have completed the VCDX Design Exam today - and if you did not know that will probably be because you missed my announcement on Twitter this afternoon.

OK so first what did I use to prepare for this exam?

Duncan Epping's Post has a great list.

Jason Boche's post on his experience.

Joep Piscaer's review as well.

Jon posted a review of the process as well.

I think that the posts above have done a wonderful job of providing the proper resources to prepare and describing the process. I spent the last month going over more than 1,000 pages of manuals, Whitepapers, articles, best practices etc.

You cannot study for the VCDX from a book. There are no brain dumps and no just going over a list of multiple choice questions and memorizing the correct answer.

The VCDX process will test your experience and your knowledge of Enterprise infrastructures. The Admin Exam will test your technical knowledge and the Design Exam will see if you are capable of making the correct design decisions.

If the VCDX was the next level Certification (up until the VCAP was announced - and pulled not so long after that) - then us VMware Admins had no choice but to go for the VCDX as the next Level.

But now that there will be a VCAP intermediate Certification, the full VCDX is not for everyone.

What I can advise is the following:

  1. The VCDX is a long and time consuming process.
  2. You cannot really study for this exam, but you will need to rely on your knowledge, and your personal experience.

3. From what I hear, the easy part is over, now starts the real work - submitting a design and the defense.

I would like to thank 2vcps, FrankDenneman, jpiscaer and DuncanYB for all there assistance along the process so far.

Wish me luck!

2010-04-23

ESXi Deployment Solution - Part 2

Today we will be dealing with some details of the parts involved. In my previous post - I explained the rationale behind the whole process.

So let us get into the schematics.

An ESX server can be installed with a kickstart script. There are multiple posts all over the web on how to configure this and customize the process. In a nutshell - most of the additional customization is performed in the %post section

%post (optional)

Executes the specified script after package installation has been completed. If you specify multiple %post sections, they are executed in the order they appear in the installation script.

As I said in my previous post - one of the reasons for doing this was because there is no kickstart for ESXi, it is whole different process. Two of the best posts I have read are on this here and here

The way it works is that ESXi boot into a full ESXi environment from the ISO image. It then kicks off an install process to ask you for input:

  • Which disk..
  • Eula
  • etc. etc.
  • Install
  • Reboot
  • Hey presto - you have an ESXi

It then formats the disk with VMFS and configures the boot partition to start off the ESX Kernel on the next boot. Andrew gives a much better explanation than I do so read the posts above.

Ok then what? you cannot perform any customization.

So the options (as I saw them) were:

  • Dig into the Python Libraries in the installation source and customize the installation

    That was not what I wanted because:
    • The learning curve to learn a new language - not something I am up to at the moment.
    • This would be good for the one installation but what about the subsequent installations. And if I want to make a change to the process, this did not seem viable to me.
  • Take the customization process out of the installation and like the kickstart do it post installation.

Ok so how?

The solution I came up with was based on the solution provided by Lance Berc.

What Lance did was to provide a parameter to the PXE boot parameters including a variable called PBHOST which is an IP address

#
# This code assumes that an argument has been passed via PXE which points
# pbconnect to the configuration service.  The format is PBHOST=<host:port>
# and it goes just after the vmkernel.gz argument in the configuration line,
# for example:
# append vmkernel.gz PBHOST=192.168.2.253:3333--- binmod.tgz --- environ.tgz --- cim.tgz --- oem.tgz --- lance-boot.tgz
# The vsish line is for compatibility with VI4.  It should be conditional based on uname -a
awk -f /sbin/pbconnect.awk /var/log/messages > /tmp/pb.tmp
vsish -e get /system/bootCmdLine | awk -f /sbin/pbconnect.awk >> /tmp/pb.tmp
#cat /tmp/pb.tmp
source /tmp/pb.tmp
if [ x$PBHOST != "x" ] ; then (pbconnect $PBHOST &) ; fi


What the process would do is look in the boot log. If it found the PBHOST in then it would fire-off a connection script. called pbconnect which is part of the lance-boot.tgz that was passed in the PXE boot.

Ok first my issues with the process:

  • Not all installations are performed with PXE.
  • The pbconnect is (i think) a compiled program  - and I wanted something that could be customized and changed if needed.

On the other side there was a midwife script. This script consisted of Perl script that would listen for connections and once connected would fire off the customizations process (which is was a Powershell process)

I also had a few problems with this:

  • Perl is not my cup or tea - I will leave this to William Lam
  • In order for this to run I would have to have both Powershell and Perl on the machine.
  • Why not do it all in one language? - my preference - Powershell.

So to recap slightly - the process was to run a script after installation, connect to a listener on another host and once the connection is made the "midwife would configure the machine.

This is I guess the was that VMware are moving forward seeing that they put this into Stateless VMware ESXi Server Version 3.5 Update 4 Using PXE Booting

This is already built into the VMkernel in starting from ESXi 3.5 U4 and in an ESX4i as you can see from the log of the ESXi host. This in the /var/log/messages

Apr 23 05:33:16 vmkernel: sysboot: Getting 'PBHOST' parameter from kernel boot line

Next post up - The Client and Server scripts.

2010-04-22

IBM IMM integration into AD

This one has nothing to do with Virtualization as such.

All new IBM servers from the M2 series and up have a IMM IBM Integrated Management Module. For you HP'ers - it is the same as ILO.

The same as ILO the IMM comes in two modes - the free integrated version which does not allow Remote Presence (remote console control) and the full version which requires a Virtual Media Key (a physical component on the Motherboard) at an additional cost

By default the IMM comes up with with a DHCP Address.

Default Credentials - USERID/PASSW0RD (the 0 is a ZERO)

So instead of creating a local user for each and every user that was supposed to connect I wanted to configure it for AD authentication. I wanted to allow a group of users to manage the server.

So here is the process.

First we go to the Login Profiles Section and change the default from Local only to
LDAP first, then local. Don't forget to save the settings..

image

We then choose the Network Protocols Section

image

and go to the Lightweight Directory Access Protocol (LDAP) Client section

image

Lets go through each of the the Sections

image

Here you put in the FQDN of you domain controller and the port that DC is listening on.

For example: dc1.maishsk.local - 389

image

Root DN - here you will set the DN where you will search for your group.

UID Search Attribute - What attribute you will use to search on.

Binding Method - This will use the sAMAccountName Attribute

Enhanced role-based security - This I left disabled because the use of this feature requires a lot more intense configuration

Group Filter - Here you use the name of the group that you want to grant access
The format should be CN=<groupname> (and yes - it does not have to be a security group - DG's work as well)

Group Search Attribute - memberOf - this is to see that the user is a member of the group.

Hope you can all make some use of this.

2010-04-20

ESXi Deployment Solution - the beginning

I posted a small preview about a new ESXi Deployment Solution.

First question I would like to answer is why?

  1. Why is a Deployment solution needed for ESXi?
  2. Why is it any different to Deploying the full ESX version?

So the answers were:

  1. VMware has announced multiple times that ESXi will be the platform of choice for the next version of ESX. They are moving away from the Service Console for a multitude of reasons.

    The same way that you as a Virtualization Administrator would like to prepare a standard installation configuration for all your ESX Hosts, I am sure that you would like to deploy a standard ESXi across your environment.
  2. ESX you can deploy with a kickstart script. This is fully supported by VMware. At present there are two Virtual Appliances that you can use to deploy ESX, namely the UDA and the EDA. Personally I prefer using the UDA, just came more naturally to me. With the customization of kickstart script you can practically do what you would like - anything that can be run from the command line.

    Back to ESXi. At present there is no way to mass deploy - at least not any officially supported by VMware method. There are one or two mentions of how to do this. I do suppose (or so I am told) that this functionality will be available before we are all moved off of the Service Console.

Next Question is - what?

  1. What can you do with this deployment solution?
  2. What components will I need for this solution?

And the Answers:

  1. Anything you can do with the API, you can configure through this solution. Including adding the host to a cluster, patching, the options are almost endless
  2. a. PowerCLI
    b. PUTTY (or ssh client of your choice)
    c. One of the above mentioned deployment appliances (NOT compulsory) or a CD burner to create an
        ISO

And now for the open topic questions:

  1. Can this be used as a replacement for Host Profiles (which is only available in Enterprise Plus)?
  2. Will this be customizable - Can I make changes to suit my environment?
  3. Does this contain any proprietary code or compiled executables?
  4. How is this different to the mentions above of how to deploy ESXi?

The Answers:

  1. Host Profiles deals (at least the way I see it) with two different issues.
    a. Initial Configuration
    b. Compliance to a Baseline
    This solution will deal with the initial configuration only - it will not track to the compliance to a baseline thereafter.
  2. Yes and yes. The changes you will make will be limited only by what the vSphere API can do, and what changes you would like to put into the configuration script.
  3. Nope. All Powershell and Python - taken from example freely available on the internet.
  4. The idea is basically the same. There is the same kind of client/server framework. The ESXi host is deployed and when completed it notifies (client) a Powershell script (server) of its existence. The script then performs the configuration steps that you define on the new host. I was not satisfied with the results I was getting from the ideas that were posted above. There are some flaws in the process (at least from my point of view) and the flexibility of being able to make changes was minimal. I find that this new approach simplifies things for me and allows for greater flexibility.

So when will we see how this works?

I will be posting in the next upcoming posts, the process of setting up this system.

Comments and questions are always welcome.

Sneak Preview of ESXi Deployment Solution

Well after cursing more than once at Python on Twitter over the past week or so - I finally got managed to overcome

This is a sneak preview of my ESXi Deployment Solution

How exactly it works - will come in the next few days with a detailed explanation.

I can tell you it is made up of several components including:

  • PowerCLI
  • Python
  • Deployment appliance

Here is a video of the process below.

2010-04-14

Those Annoying thing in Powershell

Powershell v2.0 has a cmdlet that allows you to send an email

Send-MailMessage

NAME
    Send-MailMessage

SYNOPSIS
    Sends an e-mail message.

SYNTAX
    Send-MailMessage [-To] <string[]> [-Subject] <string> -From <string> [[-Body] <string>] [[-SmtpServer] <string>] [-Attachments <string[
    ]>] [-Bcc <string[]>] [-BodyAsHtml] [-Cc <string[]>] [-Credential <PSCredential>] [-DeliveryNotificationOption {None | OnSuccess | OnFa
    ilure | Delay | Never}] [-Encoding <Encoding>] [-Priority {Normal | Low | High}] [-UseSsl] [<CommonParameters>]

DESCRIPTION
    The Send-MailMessage cmdlet sends an e-mail message from within Windows PowerShell.

RELATED LINKS
    Online version:
http://go.microsoft.com/fwlink/?LinkID=135256

REMARKS
    To see the examples, type: "get-help Send-MailMessage -examples".
    For more information, type: "get-help Send-MailMessage -detailed".
    For technical information, type: "get-help Send-MailMessage -full".

Ok so today I has a collection that I had stored in a variable

[12:39:03] ~> $myvar | gm 

   TypeName: Selected.System.Management.Automation.PSCustomObject


And when I tried this:

[12:40:18] ~> Send-MailMessage –From "maishsk@maishsk.local" -To "maishsk@maishsk.local" -Subject "test" -SmtpServer smtp.maishsk.local -Body ($myvar)


I was presented with this:

Send-MailMessage : Cannot convert 'System.Object[]' to the type 'System.String' required by parameter 'Body'. Specified method is not supported.
At line:1 char:114
+ Send-MailMessage –From “maishsk@maishsk.local” –To “maishsk@maishsk.local” -Subject "test" -SmtpServer smtp.maishsk.local -Body <<<<  ($myvar)
    + CategoryInfo          : InvalidArgument: (:) [Send-MailMessage], ParameterBindingException
    + FullyQualifiedErrorId : CannotConvertArgument,Microsoft.PowerShell.Commands.SendMailMessage

Thanks to my trusted friend Shay Levy (who always has the time to help out and is never tired of my questions - “I hope…” ) he explained to me why this was happening.

The object that is expected in the Body parameter is a TypeName: System.String object. I also could have seen that if I had looked properly in the help of the cmdllet -- [[-Body] <string>] --

So the solution was very simple. Out-String

[12:49:11] ~> $myvar | Out-String | gm 

   TypeName: System.String


And with that it was not a problem to send the mail

[12:50:18] ~> Send-MailMessage –From "maishsk@maishsk.local" -To "maishsk@maishsk.local" -Subject "test" -SmtpServer smtp.maishsk.local -Body ( $myvar | out-string )


Is it not wonderful that you learn something new every day!

Back to work….

Small Edit:

<------ RANT -------->

Just clarify this is not a Powershell problem – it does exactly what it is supposed to.
Tthe annoying part is that it takes a while to figure out the problem is.

<------ END RANT----->

2010-04-11

Small Quirk with Get-View vs. Get-VM

I was trying something last night to compare the speed of the two Cmdlets here.

I noticed something though.

While running the command I wanted to check against how many machines I was running the command against.

Get-View -ViewType VirtualMachine | Measure-Object

Count    : 371


And compared to

get-vm | Measure-Object

Count    : 356


And as you can see they are not the same! The reason for that being that Get-VM does not retrieve any templates only virtual machines. To get the Template you need to get them specifically

Get-Template | Measure-Object

Count    : 15


And adding the results from above to the ones from Get-VM will give me the same amount of machines that I got from the first Command.

So how would you get only the Virtual Machines (and not templates)? You can add a filter to the command

Get-View -ViewType VirtualMachine -Filter @{"Config.Template"="false"} | Measure-Object

Count    : 356


But so that you know, the filtering adds some overhead to the time it takes to run the command.

$filtered = (Measure-command {Get-View -ViewType VirtualMachine -Filter @{"Config.Template"="false"} | Measure-Object}).TotalSeconds
$filtered
8.3746321
$notfiltered = (Measure-command {Get-View -ViewType VirtualMachine}).TotalSeconds
$notfiltered
8.03360323

As you can see the filtered query is slower even though it processes less objects. Now you might say this is negligible - it is. But the bigger your environment is the more substantial this can become.

So sometimes even though you want to make your life easier by filtering to get only what you would like - it does not always optimize your scripts.

How to Speed Up Your PowerCLI Queries

It is a known fact that using PowerCLI there are more than one way to skin a cat - or more than one way to access the SDK and the properties that you would like to get.

Take for example getting all the VM's - their Name, their Memory and CPU count

Measure-command {get-vm | ForEach-Object { Write-host $_.Name $_.MemoryMB $_.NumCpu } } | select TotalSeconds

TotalSeconds
------------
5.402703


You can also get the same thing with the Get-View cmdlet

measure-command {Get-View -ViewType VirtualMachine | ForEach-Object { Write-host $_.Name $_.Config.Hardware.memoryMB $_.Config.Hardware.numCPU }} | select TotalSeconds

TotalSeconds
------------
11.1451083

 

Now of course you can speed this up with only getting the attributes you want like this

Measure-command {get-vm | select Name, MemoryMB, NumCPU | ForEach-Object { Write-host $_.Name $_.MemoryMB $_.NumCpu } } | select TotalSeconds

TotalSeconds
------------
5.0431041


But you can also get the same with get-view but this time running the query only getting the properties that you want

measure-command {Get-View -ViewType VirtualMachine -property Name,Config.Hardware | ForEach-Object { Write-host $_.Name $_.Config.Hardware.memoryMB $_.Config.Hardware.numCPU }} | select TotalSeconds

TotalSeconds
------------
3.8932184


Whoa - that was 1.5094846 seconds difference or 38.77% faster.

Lessons learned from this one?

  1. As you can see from Example 2 - not always is Get-View faster
  2. In some cases - (and you have to test this!) Get-View can be much, much faster

Thanks to LucD and Keshav Attrey for the info from this forum thread

2010-04-07

Deploy-ESXi v1.0 - My ESXi Script-0-Mania entry

As I posted a few weeks ago - I entered the ESXi Script-0-Mania Contest.Unfortunately, my entry was not chosen as one of the top entries, but hey - I don't do this for the money - I enjoy what I do - I feel that the contribution back to the virtualization community is the least I can do - seeing the amount of info and help that I receive from you all.

So - Deploy-ESXi.ps1 v1.0 - My entry. As you can deduct from the script name this script does what it says.

The need for the script? I find that I am deploying more and more systems with ESXi - be it the free version - or a fully-licensed system. Now of course to install ESXi is really, really simple!
I mean F11 -> Enter -> Enter … and Bob's your uncle - or you have an ESXi server deployed - that's it. But then you have the mundane tasks of configuring the installation according to your requirements. Removing Default port groups, changing the Management IP, set NTP settings. I guess you understand what I am talking about. Now of course all of this can be scripted with a Kickstart script - but guess what ?? No Kickstart script for ESXi!! So either you have to do this manually - or if you some of the Enterprise customers - you can utilize Host Profiles to do all of this for you.

Or you can use this script as a base for your environment.

You might say that this will not work with the free version of ESXi because the API is read-only in this version. Well that is true - but by default the new installation is deployed with a fully functional evaluation license which makes the API read-write and allows you to make the changes you need

The script is commented within.

############################################################################
##	ESXi Deployment script                                     			
## 	Author: 	Maish Saidel-Keesing                        				
##  	       	http://technodrone.blogspot.com			
##	Date:	March 15, 2010				
##	Synopsis:	This script will configure an ESXi server			
##			that has been installed with several basic settings			
############################################################################
#
#When an ESXi machine is installed there are basic default settings that we will define
#
#1. Connect to host with default credentials (root,<empty>)
#2. Remove Default VM Network Portgoup
#3. Add VM Portgroup named Virtual Machines and raise the number of port on the virtual Switch
#4. Set NTP Servers
#5. Adding a new root user 
#6. Change Management IP and DNS
#7. Backup configuration to a network share
#8. Change Default password
#9. Reboot the Host after all the changes
#10. Send email to admin of installation particulars

#Set Default variables
$defaultuser = "root"
$defaultpwd = ""
$esxi = Read-Host Please enter the IP of the ESXi server


#connect to ESXi
Write-Host -ForegroundColor Green Connecting to ESXi server
Connect-VIServer $esxi -User $defaultuser -Password $defaultpwd


##2. Remove Default VM Network Portgoup
Write-Host -ForegroundColor Green Remove Default VM Network Portgoup
Get-VirtualPortGroup -Name "VM Network" | Remove-VirtualPortGroup -Confirm:$false

##3. Add VM Portgroup named Virtual Machines and raise the number of port on the virtual Switch
Write-Host -ForegroundColor Green Changing Portgroup and Default vSwitch settings
Get-VirtualSwitch -name vSwitch0 | New-VirtualPortGroup -Name "Virtual Machines" -Confirm:$false
Get-VirtualSwitch -Name vSwitch0 | Set-VirtualSwitch -NumPorts 120 -Confirm:$false

##4. Set NTP Servers
Write-Host -ForegroundColor Green NTP Settings
Add-VmHostNtpServer -NtpServer "pool.ntp.org" -Confirm:$false

##5. Adding a new root user 
Write-Host -ForegroundColor Green Adding new root user
New-VMHostAccount -ID User1 -Password "Qwer$#@1" -UserAccount:$true
Set-VMHostAccount -GroupAccount root -AssignUsers User1
Set-VMHostAccount -GroupAccount localadmin -AssignUsers User1
Set-VMHostAccount -UserAccount User1 -UnassignGroups users

##6. Change Management IP and DNS
Write-Host -ForegroundColor Green Changing Mgmt IP and settings
$mgmtip = Read-Host Please Enter the Management IP address
$mgmsm = Read-Host Please Enter the Management Subnet Mask
$hostname = Read-Host Please Enter the ESXi Hostname
$domainname = Read-Host Please Enter the ESXi Domain Name
$dns1 = Read-Host Please Enter the DNS Server IP

Get-VMHostNetworkAdapter | Where-Object {$_.PortGroupName -eq "Management Network" } | `
	Set-VMHostNetworkAdapter -IP $mgmtip -SubnetMask $mgmsm 
Get-VMHostNetwork | Set-VMHostNetwork -HostName $hostname -DomainName $domainname -DnsFromDhcp:$false -DnsAddress $dns1

##7. Backup configuration to a network share
Write-Host -ForegroundColor Green Backing up configuration
$share = Read-Host Please enter the network share you would like to save the configuration to
Set-VMHostFirmware -BackupConfiguration -DestinationPath $share

##8. Change Default password
Write-Host -ForegroundColor Green Changing Default Password
$newpasswd = "Qwer$#@!"
Set-VMHostAccount root -Password $newpasswd

##9. Reboot the Host after all the changes
Write-Host -ForegroundColor Green Rebooting Host

Set-VMHost -state "Maintenance"
Restart-VMHost -Force:$true -Confirm:$false
sleep 60

##10. Send email to admin of installation particulars

#Wait for the host to come up
Connect-VIServer -Server $mgmtip -User root -Password $newpasswd
	while ($? -ne $true ) {
		sleep 30; write-host -ForegroundColor Red Still Waiting for Host to come back up; Connect-VIServer -Server $mgmtip -User root -Password $newpasswd
	}

Write-Host -ForegroundColor Green Host is available
$body = @"
Management IP address: $mgmtip
Management Subnet Mask: $mgmsm
ESXi Hostname: $hostname 
ESXi Domain Name: $domainname 
DNS Server IP: $dns1 
"@

Send-mailmessage -From "esxideploy@maishsk.local" -To "maish@maishsk.local" -Subject "New ESXi Server installed" -bodyasHTML $body -SmtpServer "smtp.maishsk.local"


Annotations:

23-26. Setting the default variables. All ESXi servers are set with a blank password on first configuration.

47-52. Here I created a another Admin User on the ESXi host - an additional Admin account for troubleshooting - if needed.

66=69. After configuration is completed - configuration is backed up to share - in case it is needed for restore.

71-74. We of course do not want to leave the default blank password

86-89. Check that the server has come up

92-100. Send Email to Administrator with new host details.

Things that will be added in future versions:

  • Logging to file / database
  • Checks after connections - and timeouts
  • Other improvements

I have plans for this script - and the development further so stay tuned for this spot

You can download the script below

Deploy-ESXi v1.0

A demo of how the script works below