Automated install of vShield Services

Following on from my previous post in this series where I showed how we could deploy vShield manager into our virtual infrastructure I thought I would take it one step further and show how we can use the vShield API’s within PowerShell to make some nice PowerShell advanced functions which will install the vShield services on our hosts.

Forgetting about the functions for a moment this really does show the power of PowerShell and how we can simplify everything down into a couple of lines of code which can be used over and over.  The last line of this code is all that is now needed to install vShield services on not just 1 host but 100’s of hosts !

Watch it in action

The Code

Function Connect-vShieldServer {
			Connects to a vShield Manager Server.

			Connects to a vShield Manager Server. The cmdlet starts a new session with a vShield Manager Server using the specified parameters.

		.PARAMETER  Server
			Specify the IP address or the DNS name of the vSphere server to which you want to connect.

		.PARAMETER  Username
			Specify the user name you want to use for authenticating with the server.

		.PARAMETER  Password
			Specifies the password you want to use for authenticating with the server.

			PS C:\> Connect-vShieldServer -server "" -username "admin" -password "default"
	Param (
	process {

		$httpClient = [System.Net.WebRequest]::Create("https://$server/api/2.0/app/firewall/protocols")

		# Add Authorization headers
		$authbytes = [System.Text.Encoding]::ASCII.GetBytes($username + ":" + $password)
		$base64 = [System.Convert]::ToBase64String($authbytes)
		$authorization = "Authorization: Basic " + $base64

		# Set Method
		$httpClient.Method = "GET"
		$response = $httpClient.GetResponse()
		If ($response.StatusCode -eq "OK") {
			$Global:DefaultvShieldServer = New-Object -TypeName PSObject -Property @{
				Name = $Server
				ServerUri = "https://$server/"
				Authorization = $authorization
		Write-Host -ForegroundColor Yellow "Connected Succesfully to $Server"
		} Else {
			Write-Host -ForegroundColor Red "Unable to connect to $Server, debug info:"
Function Get-NetworkID ($Datacenter) {
	$datacenterView = ($Datacenter | Get-View)
	$datacenterView.Network | Foreach {
		$Network = New-Object -TypeName PSObject -Property @{
			Name = (Get-View –Id $_).name
			ID = $_.Value
Function Post-vShieldAPI ($URL, $Body) {
	$wc = New-Object System.Net.WebClient

	# Add Authorization headers
	$URL = ($Global:DefaultvShieldServer.ServerUri) + $URL
	$wc.UploadString($URL, "POST", $Body)
Function Install-vShieldApp ($VMHost, $Datastore, $ManagementPortGroup, $ManagementIP, $ManagementNetMask, $ManagementDGW) {
	$VMHostMR = ($VMHost.Id).trim("HostSystem-")
	$DatastoreMR = ($Datastore.Id).trim("Datastore-")
	$NetworkMR = (Get-NetworkID -Datacenter (Get-Datacenter) | Where { $_.Name -eq $ManagementPortGroup}).ID

$Body = @"
	Post-vShieldAPI -URL "api/1.0/vshield/$VMHostMR" -Body $Body

Connect-vShieldServer -Server -username admin -password default
Connect-VIServer -Server

$InstallHost = Get-VMHost "Virtuesx1*"
$Datastore = Get-Datastore "IX2NFS-VMW1"
$PortGroup = Get-VirtualPortgroup -VMHost $InstallHost -Name "VM Network"

Install-vShieldApp -VMHost $InstallHost <code>
	-Datastore $Datastore </code>
	-ManagementPortGroup $PortGroup <code>
	-ManagementIP &quot;; </code>
	-ManagementDGW &quot;; `
	-ManagementNetMask &quot;;

2 thoughts on “Automated install of vShield Services”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.