Working with vCD Edge Gateway Rules in PowerCLI

Recently I was working with someone helping them automate the final part of their script which was used to deploy new customers as they were on boarded in vCloud Director 5.5, as part of this on boarding they needed to work with the Edge Gateway to add new SNAT and DNAT rules which correspond with the customers IP range.

After some investigation and reading this page I was able to find the basics, after some further testing and internal help I found that there is no way to update a single record so I had to retrieve the existing XML ruleset, add the new entry and then upload it.  You can see from the scripts how I do this and if you are feeling adventurous or have the need you could even create some remove- functions!

If you take a look at my Edge Gateway below you can see two existing rules, lets see what the functions do that I created.

TinyGrab Screen Shot 24-07-2014 22.31.21

Using the PowerCLI functions you can easily list the edge gateway rules using the following:

TinyGrab Screen Shot 24-07-2014 22.55.19

Creating a new SNAT rule is just as easy with the New-SNATRule function as you can see below:

TinyGrab Screen Shot 24-07-2014 22.59.55

And also a DNAT Rule with the New-DNATRule function as below:

TinyGrab Screen Shot 24-07-2014 23.01.48

Hopefully you will find this useful, feedback is of course welcome below in the comments section.

The Functions

Installing the vCloud Hybrid Service Web Client Plugin

Recently Duncan Epping over at Yellow-Bricks wrote a great article showing how to get started with the vCHS Web Interface, building on top of his post, one of the things I like about the vCHS setup is the fact that you can view and manage your VMs in the same way you would manage your existing environment – through the web interface.  This post takes you through the install of the web interface and some initial looks at the web client once installed.

After initial install of your vSphere 5.5 environment and configuration of the vSphere Web Client you will find a plugin is available which will allow access to vCHS VMs from the Web Client, this is available for installation from the Web Client Home Page.

Requirements

To install the vCHS plugin you will need to access the vSphere Web-Client with a supported web browser, the latest version of Firefox or Chrome should work, at the time of writing this blog post the following versions were confirmed as working:

  • Chrome 35.0.1916.153 m
  • Firefox 30.0

Install Process

1. Log into the vSphere Web Client and click the Home button to arrive on the home page

1

2. Click the vCloud Hybrid Service Installer icon.

1

3. You will now arrive on the vCHS client plugin page.

2

4. Under the Basic Tasks section click Install the vCloud Hybrid Service plug-in

2

5. A dialog box will appear asking for your credentials to myvmware.com

Warning: You will need to ensure your MyVMware profile is complete by logging into the site and trying to download the plugin manually first, missing information in your profile can cause an issue with the download failing.

3

6. Once completed and installed you will be asked to logout and log back in for the plugin to be initialized.

4

7. Once you have logged out and back in you will now have access to the vCloud Hybrid Service plugin by clicking the below icon from the home page

5

vCHS Web Client plugin configuration

Once installed the following steps should be followed to configure the vCloud Hybrid Service plugin

1. Launch the vCloud Hybrid Service plugin from the home page in the vSphere web client

5

2. Select the Summary tab and then click Register vCloud Hybrid Service Account

6

3. Provide the URL for the vCHS Service and your credentials used to access your account and click the OK button

7

4. Once completed all registered vCloud Hybrid services will be displayed

8

5. You can now double click on a cloud instance to view the available resources

9

6. To manage Virtual machines select the Related Objects tab

10

 

PowerShell your world cup

A little Friday night fun here, of course the first thing i thought when i saw the below tweet from Will.I.Lam was, Ooooo that wouldnt take long to use in PowerShell.

image

And of course just 20 mins after finishing work I had a few functions, here is how you use them.

1. Go to the kimono website and sign up for an account, this will get you an APIkey, Click your name once you have logged in and select account.

2. Copy the API key and paste it below in the script and have fun!

The Functions

$global:APIkey = "YOUR-KEY-GOES-HERE-FROM-STEP-2"

Function Get-WorldCupPlayer ($Country) {
    If ($Country) {
        $TeamID = (Get-WorldCupTeam -Country $Country).id
        Invoke-WebRequest -Uri ("http://worldcup.kimonolabs.com/api/players?teamId=$($TeamID)&apikey=$($ApiKey)") | ConvertFrom-Json
    } Else {
        Invoke-WebRequest -Uri "http://worldcup.kimonolabs.com/api/players?apikey=$($ApiKey)" | ConvertFrom-Json
    }
}

Function Get-WorldCupTeam ($Country, $TeamID) {
    If ($Country) {
        Invoke-WebRequest -Uri ("http://worldcup.kimonolabs.com/api/teams?name=$($Country)&apikey=$($ApiKey)") | ConvertFrom-Json
    }
    If ($TeamID) {
        Invoke-WebRequest -Uri ("http://worldcup.kimonolabs.com/api/teams?id=$($TeamID)&apikey=$($ApiKey)") | ConvertFrom-Json
    }

    If (!$country -and !$TeamID) {
        Invoke-WebRequest -Uri "http://worldcup.kimonolabs.com/api/teams?apikey=$($ApiKey)" | ConvertFrom-Json
    }
}

Function Get-WorldCupStat {
    Invoke-WebRequest -Uri ("http://worldcup.kimonolabs.com/api/teams?sort=goalsFor,-1&apikey=$($ApiKey)") | ConvertFrom-Json
}

Bring on the World Cup Fun

#Display the best team in the World Cup

Get-WorldCupTeam -Country “England”

image

Get-WorldCupStat | Format-Table

image

Get-WorldCupPlayer | Format-Table

image

Get-WorldCupPlayer -Country “England” | Format-Table

image

#Who has scored the most goals in the Netherland team so far?

Get-WorldCupPlayer -Country “Netherlands” | Foreach { $_ | Where { $_.goals -gt 0 } | Select firstName, lastName, goals } | sort goals –Descending

image

#View the Logo of the team who is going to win
$logo = (New-Object System.Net.WebClient).DownloadFile(((Get-WorldCupTeam -Country “England”).logo), ($env:TEMP + “\Logo.png”))
Invoke-Item $env:TEMP\Logo.png

image

PowerShell User Group–San Francisco–1st April 2014

Are you interested in PowerShell?

Are you in the San Francisco area on 1st April 2014?

If the answer to both of these questions is “Hell yeah” then make your way to the “Northern California PowerShell User Group” where we will be talking general PowerShell type conversations.

I will be presenting about PowerCLI, where it fits in, what people have done with it and more about the latest release.

If you are not interested in managing VMware products with PowerShell then attend anyway, we will no doubt reference lots of PowerShell general tips and tricks and definitely have some great conversations about PowerShell in general.

The Details

Date: Tue Apr 01
Time: 6:30 PM

Location: Microsoft Office – 835 Market Street, Suite 700, San Francisco, CA (map)

More details can be found here

See you there!

Join me at the Calgary VMUG

CanadaVMUGThis week I will be lucky enough to present at the Calgary VMUG in Canada where they will be holding an automation focused event, this will be my first time to Canada and I have to say its been one of my lifetime goals ever since I saw the photographs from my fathers trip when he was stationed there in the Army.  I hope its as beautiful as it was in the pictures!

Its not too late to register, if you are interested in automation or just keen to learn what parts of your job you can script away to enable you to move on to the more interesting things and you are in the Calgary area, make sure you sign up today!

When and where?

Date and Time:

Thursday, March 20, 2014

11:00 a.m. – 2:00 p.m.

Location:

PennWest Plaza East

PennWest Conference Room Suite 200, 207

9th Avenue SW

Calgary, Alberta T2P 1K3

Register today!

You can find out more details and register today by visiting the Calgary VMUG site here: http://www.vmug.com/e/in/eid=1265

Hope to see you there!

PowerCLI 5.5 R2 Released

imageJust in case you don’t read the vSphere PowerCLI Official Blog I thought I would let you know that the latest version of PowerCLI greatness is out and its pretty awesome!

In this release there are a lot of new features, not to mention the first support for Site Recovery Manager, cmdlets for creating Tags and Tag Categories, Cmdlets for working with EVC and much much more, see the full list below for the details:

  • Manage vCenter Site Recovery Manager
  • Create and remove tags and tag categories
  • Retrieve information and configure Enhanced vMotion Compatibility (EVC) mode on clusters.
  • Manage security policies for vSphere standard switches and port groups.
  • Support for Windows PowerShell 4.0.
  • Support for vSphere servers configured with IPv6.
  • Specify the priority of a VM migration
  • Provide a Hard Disk object to the RelatedObject of Get-Datastore
  • Get-Datastore cmdlet to allow filtering by cluster.
  • Get-Stat and Get-StatType now works with all types
  • Added support for e1000e network adapter type.
  • Specify all values for DiskStorageFormat when cloning a virtual machine
  • 64-Bit Support for New-OSCustomizationSpec and Set-OSCustomizationSpec
  • ToolsVersion property to VMGuest that shows the version as a string.
  • Provide a virtual portgroup to the RelatedObject of the Get-VirtualSwitch and Get-DVSwitch
  • Retrieve virtual machines by virtual switches.
  • Other bug fixes and general performance enhancements have been made to various PowerCLI cmdlets.

Download it and read more

Download and Install PowerCLI 5.5 Release 2 today from here.

For a more comprehensive list including all parameter and functional improvements, security enhancements, and deprecated features, see the vSphere PowerCLI Release Notes and the vSphere PowerCLI Change Log.

For more information on specific product features, see the VMware vSphere PowerCLI 5.5 Release 2 User’s Guide.

For more information on specific cmdlets, see the VMware vSphere PowerCLI 5.5 Release 2 Cmdlet Reference.

Check out the details

On the day of the release I presented on the vBrownBag Community Podcast, this was great for showing people exactly how to use the SRM Cmdlets and how to understand the sample scripts we have, I went a little long in the presentation but grab a coffee (or 3) and check it out here:

Automated deployment & configuration of Log Insight with PowerCLI

As part of my datacenter build I needed to install and configure Log Insight automatically, this is easier than it sounds, its easy enough to deploy and OVA file with PowerCLI but the configuration of Log Insight is all done via a configuration website and not through OVF properties or VM properties.

What’s more, the normal trick of using Invoke-VMscript to reach inside the VM and perform some configuration by manipulating files would not work as the administrator password is not set until you complete the web page configuration.

Thankfully PowerShell has some great ways to manipulate Internet Explorer, with this I was able to automatically fill in the website and configure Log Insight to automatically connect to my infrastructure to start collecting data.  For debug purposes I have left the automation of internet explorer visible in the below script when it is run, this can easily be turned off by altering the $ie.visible = $true line below to change it to $false.

You will see my script automatically chooses a host and datastore based upon the cluster and the size needed, you can of course change it for your environment if you would prefer to choose where it was deployed.

Don’t forget that as a follow on you can also bulk configure your ESXi hosts to send their logs to Log Insight with the following PowerCLI script.

Sample Screenshots

image

SNAGHTML15f6ad

The Script

Connect-VIServer 192.168.1.50 -user "[email protected]" -pass vmware
$LIInstallFile = "C:\tmp\VMware-vCenter-Log-Insight-1.0.4-1169900_OVF10.ova"
$LIName = "LI01"
$LINetwork = "VM Network"
$LIIP = "192.168.1.150"
$LISNM = "255.255.255.0"
$LIDGW = "192.168.1.1"
$LIDNS = "192.168.1.1"
$LICluster = "Production"
$LIEmail = "[email protected]"
$LIPassword = "VMware123!"
$LISMTPServer = "mail.vsphere.local"
$LISMTPport = 25 
$LILicense = "YOUR-KEY-GOES-HERE"
$LINTP = "0.us.pool.ntp.org, 1.us.pool.ntp.org, 2.us.pool.ntp.org, 3.us.pool.ntp.org"
$LIvC = "192.168.1.50"
$LIvCUser = "[email protected]"
$LIvCPass = "vmware"
$SleepTime = 15
$LISpaceNeededGB = "5"

Write-Host "$(Get-Date): Selecting host for $LIName from $LICluster Cluster"
$LIVMHost = Get-Cluster $LICluster | Get-VMHost | Where {$_.PowerState -eq "PoweredOn" -and $_.ConnectionState -eq "Connected" } | Get-Random
Write-Host "$(Get-Date): $LIVMHost selected for $LIName"
Write-Host "$(Get-Date): Selecting Datastore for $LIName"
$LIDatastore = $LIVMHost | Get-Datastore | Where {$_.ExtensionData.Summary.MultipleHostAccess} | Where {$_.FreeSpaceGB -ge $LISpaceNeededGB} | Get-Random
if (!$LIDatastore) {
	Write-Host "$(Get-Date): No shared datastore found with $LISpaceNeededGB GB Free"
	Write-Host "$(Get-Date): LogInsight will not be installed"
} Else {
	Write-Host "$(Get-Date): $LIDatastore selected for $LIName"
	Write-Host "$(Get-Date): Importing $LIName from $LIInstallFile"
	$LIDeployedVMTask = $LIVMHost | Import-vApp -Name $LIName -Source $LIInstallFile -Datastore $LIDatastore -Force -RunAsync

	do {
		Sleep $SleepTime
		Write-Progress -Activity "Deploying Log Insight to $LIVMHost" -status "Progress" -PercentComplete $LIDeployedVMTask.PercentComplete 
		
	} until ($LIDeployedVMTask.PercentComplete -eq 100 )
	Write-Host "$(Get-Date): $LIName deployed and the task result was $($LIDeployedVMTask.State)"
	If ($LIDeployedVMTask.State -ne "success") {
		Write-Host "$(Get-Date): Unable to deploy LogInsight, deploy failed with $($LIDeployedVMTask.ExtensionData.Info.Error.LocalizedMessage)"
	} Else {
		$LIDeployedVM = Get-VM $LIName

		# Reconfigure the vApp with Name and IP details.
		$spec = New-Object VMware.Vim.VirtualMachineConfigSpec
		$spec.changeVersion = $LIDeployedVM.ExtensionData.Config.ChangeVersion
		$spec.vAppConfig = New-Object VMware.Vim.VmConfigSpec
		$spec.vAppConfig.property = New-Object VMware.Vim.VAppPropertySpec[] (6)
		$spec.vAppConfig.ipAssignment = New-Object VMware.Vim.VAppIPAssignmentInfo
		$spec.vAppConfig.ipAssignment.ipAllocationPolicy = "fixedPolicy"

		$spec.vAppConfig.property[0] = New-Object VMware.Vim.VAppPropertySpec
		$spec.vAppConfig.property[0].operation = "edit"
		$spec.vAppConfig.property[0].info = New-Object VMware.Vim.VAppPropertyInfo
		$spec.vAppConfig.property[0].info.key = 0
		$spec.vAppConfig.property[0].info.value = $LIDGW

		$spec.vAppConfig.property[1] = New-Object VMware.Vim.VAppPropertySpec
		$spec.vAppConfig.property[1].operation = "edit"
		$spec.vAppConfig.property[1].info = New-Object VMware.Vim.VAppPropertyInfo
		$spec.vAppConfig.property[1].info.key = 1
		$spec.vAppConfig.property[1].info.value = $LIDNS

		$spec.vAppConfig.property[2] = New-Object VMware.Vim.VAppPropertySpec
		$spec.vAppConfig.property[2].operation = "edit"
		$spec.vAppConfig.property[2].info = New-Object VMware.Vim.VAppPropertyInfo
		$spec.vAppConfig.property[2].info.key = 2
		$spec.vAppConfig.property[2].info.value = $LIIP

		$spec.vAppConfig.property[3] = New-Object VMware.Vim.VAppPropertySpec
		$spec.vAppConfig.property[3].operation = "edit"
		$spec.vAppConfig.property[3].info = New-Object VMware.Vim.VAppPropertyInfo
		$spec.vAppConfig.property[3].info.key = 3
		$spec.vAppConfig.property[3].info.value = $LISNM

		$spec.vAppConfig.property[4] = New-Object VMware.Vim.VAppPropertySpec
		$spec.vAppConfig.property[4].operation = "edit"
		$spec.vAppConfig.property[4].info = New-Object VMware.Vim.VAppPropertyInfo
		$spec.vAppConfig.property[4].info.key = 4
		$spec.vAppConfig.property[4].info.value = $LIName


		$Reconfig = $LIDeployedVM.ExtensionData

		Write-Host "$(Get-Date): Reconfiguring $LIName after deployment"
		$Configtask = $Reconfig.ReconfigVM_Task($spec)

		Write-Host "$(Get-Date): Reconfiguring Network on $LIName to join $LINetwork"
		$NetworkChange = $LIDeployedVM | Get-NetworkAdapter | Set-NetworkAdapter -NetworkName $LINetwork -Confirm:$false

		Write-Host "$(Get-Date): Power On $LIName for first time"
		$LIDeployedVM | Start-VM | Out-Null

		Write-Host "$(Get-Date): Waiting for Log Insight Website to be active before configuration"
		$NumConnections = 0
		do {
			Sleep 7
			$Port = 443
			$Connection = New-Object Net.Sockets.TcpClient
			Try { 
				$Connection.Connect($LIIP,$Port)
				If ($Connection.Connected) {
					Write-Host "$(Get-Date): Waiting for Log Insight Website to be active before configuration"
					$NumConnections ++
				}
			}
			Catch {}
			Finally {}
			
		} until ($NumConnections -gt 10)

		$LIURI = "https://$LIIP"
		$ie = new-object -com "InternetExplorer.Application"
		$ie.navigate($LIURI)
		while($ie.ReadyState -ne 4) {start-sleep 1} 
		$ie.visible = $true
		$doc = $ie.Document
		If ($doc.nameProp -eq "Certificate Error: Navigation Blocked") {
			$doc.getElementByID("overridelink").Click()
			while($doc.nameProp -ne "vCenter Log Insight - Startup") {
				$doc = $ie.Document
				start-sleep 1
				Write-Host "$(Get-Date): Waiting for Log Insight Config Page"
			} 
		}
		$doc = $ie.Document
		$ie.Document.getElementById("skip-button").Click()
		Write-Host "$(Get-Date): Configuring Password"
		Start-Sleep 5
		$ie.Document.getElementsByName("user.email")| Foreach {$_.value=$LIEmail}
		$ie.Document.getElementsByName("newPassword")| Foreach {$_.value=$LIPassword}
		$ie.Document.getElementsByName("newPasswordConfirm")| Foreach {$_.value=$LIPassword}
		$ie.Document.getElementById("save-button").Click()
		Write-Host "$(Get-Date): Configuring License Key"
		Start-Sleep 5
		$ie.Document.getElementsByName("licenseKey")| Foreach {$_.value=$LILicense}
		$ie.Document.getElementById("skip-button").Click()
		Write-Host "$(Get-Date): Configuring Alert Email address"
		Start-Sleep 5
		$ie.Document.getElementsByName("alertsConfig.adminAlertReceivers")| Foreach {$_.value=$LIEmail}
		$ie.Document.getElementById("save-button").Click()	
		Write-Host "$(Get-Date): Configuring NTP"
		Start-Sleep 5
		$ie.Document.getElementsByName("ntpConfig.ntpServersCsv")| Foreach {$_.value=$LINTP}
		$ie.Document.getElementById("save-button").Click()
		Write-Host "$(Get-Date): Configuring SMTP"
		Start-Sleep 5
		$ie.Document.getElementsByName("smtpConfig.server")| Foreach {$_.value=$LISMTPServer}
		$ie.Document.getElementsByName("smtpConfig.port")| Foreach {$_.value=$LISMTPport}
		$ie.Document.getElementById("save-button").Click()
		Write-Host "$(Get-Date): Configuring vCenter Integration"
		Start-Sleep 5
		$ie.Document.getElementsByName("vsphereConfig.credentials[0].enabled")| Foreach {$_.Checked=$True}
		#TODO GO back and adjust for multi vCenter env
		$ie.Document.getElementsByName("vsphereConfig.credentials[0].hostname")| Foreach {$_.value=$LIvC}
		$ie.Document.getElementsByName("vsphereConfig.credentials[0].username")| Foreach {$_.value=$LIvCUser}
		$ie.Document.getElementsByName("vsphereConfig.credentials[0].password")| Foreach {$_.value=$LIvCPass}
		$testlinks = $ie.Document.get_links()
		$testlinks | Foreach { $_ | Where {$_.OuterText -eq "Test"} | Foreach { $_.Click() } }
		Start-Sleep 60
		$ie.Document.getElementById("save-button").Click()
		Start-Sleep 5
		$ie.Document.getElementById("save-button").Click()
		Start-Sleep 5
		$ie.Document.getElementById("skip-button").Click()
		$ie.Quit()
		Write-Host "$(Get-Date): $LIName deployment and configuration completed."
	}
}

Introduction to PowerCLI

Whenever I visit VMUGs or talk about PowerCLI I am constantly surprised by people who have not yet heard of PowerCLI or are unaware of the basics of how it works, let alone the power it has and time it can save people.  I wanted to address this and give people a head start learning PowerCLI.

The below video gives you an idea of what PowerCLI is, how it works and how you can get started. It’s the first of what will hopefully be a series of videos on PowerCLI concepts, please add a comment here for the kind of videos you would like to see.

Automation Tip 7–Testing

image

One of the great things about automation is the ability to achieve consistent results, same thing every time, but go careful. What happens for example if your automation task is incorrect, if it doesn’t achieve what you want it to do.

Guess what?

You will get the undesired result every time.  Or as I like to say, you will retrieve mass produced crap!

This is exactly why testing in automation is key, both functional and scale testing, what happens when you start working at a larger scale, do things still react in the same way, do you still get the desired results?

Sometimes testing will show areas where throttling mechanisms may need to be used, take for example the ability to create a virtual machine, when we automate this we may produce 10 virtual machines in the same timescale, maybe 100, 1000 or even more.  Does your hardware allow you to do this? How does the storage or the network or the IP management system manage working at this rate? Throttling may cause a slight delay in the process but it will certainly ensure everything is available for future workflows.

In summary, testing will help you be aware of your bottlenecks and stop mass produced crap!

More Automation tips

More tips from this series created by myself and Thomas Corfmat for a session at VMworld 2013 can be found below (updated as published), if you have a login for VMworld.com you can also watch the full session here.

Automation Tip 1 – Measure It!

Automation Tip 2 – Find your standards

Automation Tip 3 – Its all about people

Automation Tip 4 – Select the right mix of people

Automation Tip 5 – Simplify, Don’t automate a broken process

Automation Tip 6 – Automate incrementally

Automation Tip 7 – Testing

Automation Tip 8 – Documentation

Automation Tip 9 – End to end automation

Automation Tip 10 – Follow the “Automation Triangle”

VMware vSphere Mobile Watchlist

Last week VMware announced vSphere Mobile Watchlist, this is a mobile phone app for iOS and Android devices that enables you to work with virtual machines, create custom lists or watchlists to monitor and control your VMs. 

 

Add to this the ability to search, bookmark and send on KB articles from the mobile device and this app comes in very handy for quickly troubleshooting your virtual machines. 

 

vSphere Mobile Watchlist give us the following abilities from the app:

 

  • Easily Create VM Watchlists:  Search for and select a subset of VMs from your VMware vCenter Server inventory to monitor in one or multiple watchlists.
  • VMs at a glance: Review the status of selected Watchlist VMs from your device including VM state, configuration details, resource usage, health alerts, view of the VM console, and related objects.
  • Discover:  VM alerts are linked to pertinent diagnostic information from the VMware Knowledge Base, as well as articles from the Web. 
  • Remediate Remotely:  Remediate problems directly from the phone by powering on/off, suspending, or restarting VMs — or for situations where on-site remediation is required, attach the VM alert(s) along with recommended solutions in an email to team members back at the datacenter.  

Watch it in action

Watch me controlling my home lab with the app from my iPhone below.

 

 

 

Download

Living in software defined reality