nicholasfarmer – PCLI.me

Deploy a VIB via PowerCLI…

nicholasfarmer February 4, 2020

It’s been a while since I needed to update a VIB because VUM does a great job for upgrades/updates. Again, (for all my blog posts) you can reduce the code but I’m leaving it bloated so folks see the action lines and can edit/add as needed.

*** BIG gotcha with the script below. If you would like to loop through all hosts in a cluster, you will need to upload the VIB to a datastore that all the hosts can see/access. If you do not have shared storage, you can run the script serially (without the foreach loop) and edit the $vibpath var for each host.

#Update all hosts!
foreach($a in (get-vmhost | sort name)){
$vibpath = "/vmfs/volumes/datastore/YourNewVIB.vib"
$q = get-esxcli -vmhost $a
$dowork = $q.software.vib.install($null,$null,$null,$null,$null,$true,$null,$null,$vibpath)
$a.name
$dowork
}

## OR update a single esxi host
$vibpath = "/vmfs/volumes/datastore/YourNewVIB.vib"
$q = get-esxcli -vmhost "YourHostName"
$dowork = $q.software.vib.install($null,$null,$null,$null,$null,$true,$null,$null,$vibpath) 
$dowork

$a (in the foreach loop) will dump the hostname and $dowork will dump the 'success' message for the VIB install.

If you want to simply run a report for VIB version, run the following (Edit the ‘*ism*’ text below to match the string in the VIB you are looking for)

$report = @()
foreach($a in (get-vmhost | sort name)){
$q = get-esxcli -vmhost $a
$row = “” | select hostname,vib,version
$z = $q.software.vib.list() | where {$_.ID -like “*ism*”}
$row.hostname = $a
$row.vib = $z.id
$row.version = $z.version
$report += $row
}
$report

vSphere/vCenter Tagging Performance Test Script

nicholasfarmer February 1, 2019

I’ve spent enough hours working with VMware support, API folks, and Tagging team where I just need to share this for everyone. The more voices going to VMware about Tagging and vSphere/vRops performance, the faster a solution will be created.

The following Script is extremely rough. You can Edit the connection strings to be more secure with a $cred = get-credential etc. I made it extremely simple so each step can be validated within logs for performance testing.

The Script will :
1 – Connect to vcenter using VIServer and CISServer methods.
2 – Create ten Tag Categories
3 – Create 500 Random String tags within those tag categories
4 – Create a very simply VM template
5 – Clone that template across your test hosts.
6 – Finally, randomly assign a single tag from each category to every VM.

#######Connect to vCenter
connect-viserver “vcenter” -username “administrator@vsphere.local” -pass “**”
connect-cisserver “vcenter” -username “administrator@vsphere.local” -pass “**”
####### Create some tag categories:
new-TagCategory -name “cat1” -entityType “VMHost”,”VirtualMachine” -confirm:$false
new-TagCategory -name “cat2” -entityType “VMHost”,”VirtualMachine” -confirm:$false
new-TagCategory -name “cat3” -entityType “VMHost”,”VirtualMachine” -confirm:$false
new-TagCategory -name “cat4” -entityType “VMHost”,”VirtualMachine” -confirm:$false
new-TagCategory -name “cat5” -entityType “VMHost”,”VirtualMachine” -confirm:$false
new-TagCategory -name “cat6” -entityType “VMHost”,”VirtualMachine” -confirm:$false
new-TagCategory -name “cat7” -entityType “VMHost”,”VirtualMachine” -confirm:$false
new-TagCategory -name “cat8” -entityType “VMHost”,”VirtualMachine” -confirm:$false
new-TagCategory -name “cat9” -entityType “VMHost”,”VirtualMachine” -confirm:$false
new-TagCategory -name “cat10” -entityType “VMHost”,”VirtualMachine” -confirm:$false
####### Create 500 tags per category — total of 5,000 Tags
$allCateMethod = Get-CisService com.vmware.cis.tagging.category
$allcate = $allcateMethod.list()
$cates = @()
foreach ($cate in $allcate) {
$cates += $allCateMethod.Get($cate)
}
$cates = $cates | where {$_.name -match “cat”}

$alltagMethod = Get-CisService com.vmware.cis.tagging.tag
foreach($a in $cates){
$x = 0

while($x -lt 500){
$spec = $alltagMethod.Help.create.create_spec
$spec.name = (-join ((65..90) + (97..122) | Get-Random -Count 30 | % {[char]$_}))
$spec.description = “”
$spec.category_id = $a.id.value
$alltagMethod.Create($spec)
$x++
}
}
#######Create your VM Template: – Basic VM then delete the harddisk to reduce need for Datastore space.
$ahost = get-vmhost “vmhost1”
$adatastore = $ahost | get-datastore | sort freespaceGB -desc | select -f 1

new-vm -name “zTagTesterTemplate” -vmhost $ahost -datastore $adatastore -memoryGB “0.004” -confirm:$false -runasync
$avm = get-vm “zTagTesterTemplate”
$avm | get-harddisk| remove-harddisk -DeletePermanently -confirm:$false
$avm | set-vm -totemplate -confirm:$false
$thetemplate = get-template -name “zTagTesterTemplate”

#######Create a bunch of VMs… Thread this to as many hosts as you want… Going Serial here because I dont know your lab…
####### uncomment the new-vm command below to select the best for your lab…
####### I suggest using four to six ESXi hosts because of vSphere config limitation of VMs per host…
####### edit the MaxCount to match your host count… four hosts – 4,000 VMs… six hosts, 6,000 VMs…
####### 1000 is configured below if you are testing with one host….
####### I tested with 5,600 VMs to exaggerate the impact/results within vRops. “Bigger impact on the charts”
####### Only used if you want to create more than 1000 VMs and want to thread them across more hosts.
#######$hostlist = get-cluster | get-vmhost
####### Vars taken from above… edit if you want to change it here….
#######$ahost = get-vmhost “vmhost1”
#######$adatastore = $ahost | get-datastore | sort freespaceGB -desc | select -f 1
#######$thetemplate = get-template -name “zTagTesterTemplate”

$count = 0
$maxcount = 1000
$vmnamePrefix = “zTagTester”
while ($count -lt $maxcount){
$vmname = $vmnamePrefix + $count
#######New-vm -Name $vmname -VMhost ($hostlist | get-random) -Template $thetemplate -Datastore (get-datastore | sort freespaceGB -desc | select -f 1) -runAsync
New-vm -Name $vmname -VMhost $ahost -Template $thetemplate -Datastore $adatastore -runAsync
$count = $count + 1
}

#######Assign Tags to your VMs… I suggest looking at vRops at this time and watch as these commands run.
####### I’m populating the tag vars first because the tagging API could stop responding later for a slower get and set call.

$tag1 = get-tagcategory | where {$_.name -eq “cat1”} | get-tag
$tag2 = get-tagcategory | where {$_.name -eq “cat2”} | get-tag
$tag3 = get-tagcategory | where {$_.name -eq “cat3”} | get-tag
$tag4 = get-tagcategory | where {$_.name -eq “cat4”} | get-tag
$tag5 = get-tagcategory | where {$_.name -eq “cat5”} | get-tag
$tag6 = get-tagcategory | where {$_.name -eq “cat6”} | get-tag
$tag7 = get-tagcategory | where {$_.name -eq “cat7”} | get-tag
$tag8 = get-tagcategory | where {$_.name -eq “cat8”} | get-tag
$tag9 = get-tagcategory | where {$_.name -eq “cat9”} | get-tag
$tag10 = get-tagcategory | where {$_.name -eq “cat10”} | get-tag

$allvms = get-vm | where {$_.name -match “ztagtester”}

####### using counter to show where you are in the assignment.
####### I Thread this into different powershell windows because the API is a bit slow using New-tagassignment. (could try cisserver assignment methods in your lab)
$count = 0
foreach($avm in $allvms){
$avm | new-tagassignment -tag ($tag1|get-random)
$avm | new-tagassignment -tag ($tag2|get-random)
$avm | new-tagassignment -tag ($tag3|get-random)
$avm | new-tagassignment -tag ($tag4|get-random)
$avm | new-tagassignment -tag ($tag5|get-random)
$avm | new-tagassignment -tag ($tag6|get-random)
$avm | new-tagassignment -tag ($tag7|get-random)
$avm | new-tagassignment -tag ($tag8|get-random)
$avm | new-tagassignment -tag ($tag9|get-random)
$avm | new-tagassignment -tag ($tag10|get-random)
$count++
$count
}

####### Would be nice if new-tagassignment accepted an array of tags…
####### get a single VM and check if it has ten tags assigned….
get-vm ($allvms | select -f 1) | get-tagassignment

#######END – Check vrops collection cycle.

vSphere Tags using CISServer methods.

nicholasfarmer July 5, 2018

For vSphere tagging, most PowerCLI users go for the “Get-Tag”,”Get-TagCategory”, or “Get-TagAssignment” methods.
Depending on the size of your vCenter, inventory count, but more importantly, Tag count, the CisService methods may provide better performance for vSphere Tagging.

To access these APIs, you will need to log in to vcenter with the following string. (Adjust vcenter/user/pass as needed)
connect-cisserver “vcenter.pcli.me” -username “administrator@vsphere.local” -pass “mypassword”

To start, each method has documentation. I will say, it’s not extremely easy to read, but its better than leaving us stranded.
I will show you how to pull the command documentation for Tag Categories and you should be able to translate this for other methods.
Pasting the following two lines will show you the “Operations” you can complete within the “tagging.category.”
$allCateMethod = Get-CisService com.vmware.cis.tagging.category
$allCateMethod.Help

From here, you can expand the help. Lets say you want to create a new Tag Category. You add on “create” to the help command and it will show you what you need to complete the command.
$allCateMethod.Help.create
$allCateMethod.Help.create.create_spec

Below, I will post the most common methods I use.

# Create a new Tagging Category: (I included all possible options for the specs after the comment hash)
$allCateMethod = Get-CisService com.vmware.cis.tagging.category
$spec = $allCateMethod.Help.create.create_spec
$spec.name = “myFirstCategory”
$spec.description = “”
$spec.cardinality = “MULTIPLE” # “SINGLE” # yes it needs to be all caps….
$spec.associable_types = “virtualmachine”,”vmhost” # Cluster, Datacenter, Datastore, DatastoreCluster, DistributedPortGroup, DistributedSwitch, Folder, ResourcePool, VApp, VirtualPortGroup
$allCateMethod.Create($spec)

# Get all Tag Categories:
$allCateMethod = Get-CisService com.vmware.cis.tagging.category
$allcate = $allcateMethod.list()
$cates = @()
foreach ($cate in $allcate) {
$cates += $allCateMethod.Get($cate)
}
$cates

# Create a new Tag: (a Tag needs a category so be sure to create one first)
$alltagMethod = Get-CisService com.vmware.cis.tagging.tag
$spec = $alltagMethod.Help.create.create_spec
$spec.name = “myFirstTag”
$spec.description = “”
$spec.category_id = $cates | where {$_.name -eq “myFirstCategory”} | %{$_.id.value}
$alltagMethod.Create($spec)

# Get all Tags:
$alltagMethod = Get-CisService com.vmware.cis.tagging.tag
$alltag = $alltagMethod.list()
$tags = @()
foreach ($tag in $alltag) {
$tags += $alltagMethod.Get($tag)
}
$tags

# From here, you can now Attach, Detach, or Query tags to objects. To access those objects (like a Virtual Machine) you will need to connect to vcenter with our VIServer connection.
connect-viserver “vcenter.pcli.me” -username “administrator@vsphere.local” -pass “mypassword”

Now we can pull in object IDs and match them with Tag IDs.
# Attach a Tag to a VirtualMachine:
$mytag = $tags | where {$_.name -eq “myFirstTag”}
$vm = Get-VM -Name “myFirstVM”
$tagAssign = Get-CisService -Name com.vmware.cis.tagging.tag_association
$spec = $tagAssign.Help.attach.object_id.Create()
$spec.type = $vm.ExtensionData.MoRef.Type
$spec.id = $vm.ExtensionData.MoRef.Value
$tagAssign.attach($mytag.id.Value, $spec)

# Then to check the Association:
$tagAsso = Get-CisService -Name com.vmware.cis.tagging.tag_association
$tagAsso.list_attached_objects($mytag.id.value)

If you dig deep into the documentation of these methods, you will find ways to Add, Delete, Create, and even Batch assign tags. I gave you the starting point here.

One extra for the road:
# Quick method to delete a Tag Category: (Quick note…. Deleting a category WILL delete all of the tags under it and the API call will not prompt you about it.)
$mycateID = $cates |where {$_.name -eq “myFirstCategory”} |%{$_.id.value}
$allCateMethod = Get-CisService com.vmware.cis.tagging.category
$allcateMethod.Delete($mycateID)

Let me know if you have any questions @vmnick0 on twitter.

Check vCenter For User and API Access Frequency.

nicholasfarmer December 5, 2017

Based on a snip from William Lam,
Snip here –> https://www.virtuallyghetto.com/2017/11/how-to-audit-vsphere-api-usage.html
You can use some quick Powershell to:
1 – Download the VPXD.log from your vcenter
2 – Parse that log for
a. API access frequency parsed per API.
b. User Auth frequency parsed per user account.

Why do we care about this? In my shop, we have an aggressive amount of third party (and VMware tools) that log into vCenter and relentlessly call APIs 24/7/365. This API usage has pushed some of our vCenters to 20+ vCPUs and 32+GB of memory. Some well above the “Extra Large” configuration setting at first deployment. So, use this script to find out who is logging in, then find out what API calls are being called the most frequent. If you want, you can go beyond this script and scan vcenter events (with PowerCLI get-vievent) and find the IP address and API method used by the user account you caught with this script.

First, Download and install the WinSCP Powershell commandlets.
If your computer has internet access, run an admin level powershell window and run “Install-Module -name WinSCP”
Help here if needed –> https://gallery.technet.microsoft.com/WinSCP-PowerShell-Module-ee1601ff

Second, Make sure your vCenter is ready to accept remote SSH/SCP sessions.
– SSH into your vCenter appliance, switch to the shell prompt with “shell.set –enabled true” then run “chsh -s /bin/bash root”
— Running this command will force vCenter shell to launch into the bash shell directly and allow remote SCP sessions to work.
— You can manually pull the log if you don’t want to use this command. Just download the log from vcenter location “/storage/log/vmware/vpxd/vpxd.log” and save it to a local location. Just keep in mind my script does focus on C:\temp and names the file with the vcenter name using the winSCP method. Thus, be sure to edit the script as needed if you plan to copy the file from vCenter manually.

Third, edit the top three vars of the script below and paste it into your powershell window. If you run into any issues, validate the vars, vcenter name, password, your Powershell modules loaded correctly, and that the vCenter SSH Shell is set correctly to allow remote commands.

###### EDIT THESE Vars:
$vcenter = “vcenter-1.pcli.me”
$pass = “VMWare1!”
$yourDomain = “pcli” #example if domain account is pcli\username1

### Paste The Script
Import-Module winscp
$filename = $vcenter.split(“.”)[0] + “-vpxd.log”
$destinationlocation = “c:\temp\”+$filename
$Cred = New-Object –TypeName System.Management.Automation.PSCredential –ArgumentList “root”, (ConvertTo-SecureString –String $pass –AsPlainText -Force)
$session = New-WinSCPSession -Credential $cred -Hostname $vcenter -GiveUpSecurityAndAcceptAnySshHostKey
$getfile = Receive-WinSCPItem -WinSCPSession $Session -Path “/storage/log/vmware/vpxd/vpxd.log” -destination $destinationlocation

if($getfile.issuccess -eq $true){
# IF the winSCP session resulted in success, parse the file
$vpxdLog = Get-Content -Path $destinationlocation
### find how much data is in the log file and store in var
$date1 = ($vpxdLog | select -f 1).split(” “)[0]
$date2 = ($vpxdLog | select -l 1).split(” “)[0]
$timespanofdata = “{0:N2}” -f (new-timespan $date1 $date2).totalhours

$apiTally = @{}
$userTally = @{}
foreach ($line in $vpxdLog) {
if($line -match “[VpxLRO]” -and $line -match “BEGIN”) {
$field = $line -split ” ”
if($field[13] -match “vim” -or $field[13] -match “vmodl”) {
$apiTally[$field[13]] += 1
}#end IF $field
}#end if $line
if($line -match “User “+$yourDomain+”\\” -or $line -match “User VSPHERE.LOCAL”){
$field = $line -split ” ”
if($field[8] -match $yourDomain){$userTally[$field[8]] += 1}
if($field[8] -match “VSPHERE.LOCAL”){$userTally[$field[8]] += 1}
}#end if $line auth
}#end foreach $vpxdlog

$commandDuration = Measure-Command {
$apiresults = $apiTally.GetEnumerator() | Sort-Object -Property Value | FT -AutoSize @{Name=”vSphereAPI”;e={$_.Name}}, @{Name=”Frequency”; e={$_.Value}}
$userresults = $userTally.GetEnumerator() | Sort-Object -Property Value | FT -AutoSize @{Name=”UserName”;e={$_.Name}}, @{Name=”Frequency”; e={$_.Value}}
}

$duration = $commandDuration.TotalMinutes
$fileSize = [math]::Round((Get-Item -Path $destinationlocation).Length / 1MB,2)
$apiresults
$userresults
Write-host “FileName: $destinationlocation”
Write-host “FileSize: $fileSize MB.”
Write-Host “Amount of Logs in file: $timespanofdata Hours.”
Write-host “Time to Parse logfile: $duration minutes.”
}

Again, Credit to William Lam for the Blog work. Ping me on twitter @vmnick0 if you have any questions.
And as with all scripts, I know this can be condensed down, but I leave it open to make it easy for others to edit (or take small snips) as needed.

Backup your VCSA via automation+powerCLI Script.

nicholasfarmer October 17, 2017

The folks on the VMware API team along with some Community Support ( <a href=”https://twitter.com/butch7903″ target=”_blank”>@butch7903</a> – Russell Hamker)
have created an amazing backup script for your vCenter Appliance. Give it a once over.
https://github.com/butch7903/PowerCLI/blob/master/Backup_VCSA_DB_to_File.ps1

Some quick notes:
– Only works on vSphere 6.5 and higher.
– It requires PowerCLI version 6.5.3 or greater.
– It needs the Powershell PSFTP or WinSCP Powershell module if you want to use FTP or WinSCP to copy the backup from vCenter to a storage location.
* (Optional) – I deployed a Photon OS VM and I use that as my SCP target to save my backups.

If you want to save all of the Command Line GUI in the 772 Line file, all you need are these lines to complete the backup.
Import-Module -Name VMware.VimAutomation.core
Import-Module -Name WinSCP
connect-cisserver “vcenter01” -username “administrator@vsphere.local” -pass “myPass”
$BackupAPI = Get-CisService com.vmware.appliance.recovery.backup.job
$CreateSpec = $BackupAPI.Help.create.piece.Create()
$CreateSpec.parts = @(“common”,”seat”)
$CreateSpec.backup_password = “”
$CreateSpec.location_type = “SCP”
$CreateSpec.location = “10.10.10.10/storage”
$CreateSpec.location_user = “root” #username of your SCP location
$CreateSpec.location_password = New-Object –TypeName System.Management.Automation.PSCredential –ArgumentList “backup location username”, (ConvertTo-SecureString –String “backup location password” –AsPlainText -Force)
$CreateSpec.comment = $Comment
$BackupJob = $BackupAPI.create($CreateSpec)

Then you can use the following command to check on its status:
$BackupJob | select id, progress, state

Generic Host Profile / Config Script.

nicholasfarmer September 22, 2017

#This script is a Generic Host Profile that could be applied to an ESXi host after it is newly built from ISO or from a base build. The configurations are for reference. Most commands are not required but do conform to most configuration baselines suggested in Performance and third party documents. The commands do not require the host to be in Maintenance Mode to complete but some commands could cause an outage if not executed correctly. Some commands below may require some additional changes, (editing the IP Address or vmnic numbers.) Please review the commands before running against your Production hosts.

### Set the Vars
$myhost = “esx01.pcli.me”
$myDomain = “pcli.me”
$myDNSServer1 = “8.8.8.8”
$myDNSServer2 = “208.67.222.222”
$myNTPServer = “ntp.pcli.me”
$mySyslogServer = “loginsight.pcli.me”

$vmotionIP1 = “10.10.10.10”
$vmotionIP2 = “10.10.10.11”
$vmotionSubnetMask = “255.255.255.0”
$vmotionVlanID = “0”

$myVDSwitch = “dvs-pcliCore”
$myVDSSwitchNICs = “vmnic6″,”vmnic7″,”vmnic8″,”vmnic9”

### Run the commands…
##Set the domain
get-vmhostnetwork -VMHost $myhost | set-vmhostnetwork -searchdomain $yourDomain -domain $yourDomain -DnsAddress @($myDNSServer1,$myDNSServer2)

##Set the NTP server and restart the service.
if(get-vmhostntpserver -vmhost $myhost){remove-vmhostntpserver -host $myhost -ntpserver (get-vmhostntpserver -vmhost $myhost) -confirm:$false}
add-vmhostntpserver -vmhost $myhost -ntpserver @($myNTPServer)
Get-VmHostService -VMHost $myhost | Where-Object {$_.key -eq “ntpd”} | Set-VMHostService -Policy “on” -Confirm:$false
Get-VmHostService -VMHost $myhost | Where-Object {$_.key -eq “ntpd”} | ReStart-VMHostService -confirm:$false

##Set the syslog server and open the firewall
set-VMHostAdvancedConfiguration -VMHost $myhost -Name “Syslog.global.logHost” -Value $mySyslogServer -confirm:$false
Get-VMHostFirewallException -name ‘syslog’ -vmhost $myhost | Set-VMHostFirewallException -Enabled:$true

##Enable SSH, restart service and set session vars to meet Security Requirements
Get-VmHostService -VMHost $myhost | Where-Object {$_.key -eq “TSM-SSH”} | Set-VMHostService -Policy “on” -Confirm:$false
Get-VmHostService -VMHost $myhost | Where-Object {$_.key -eq “TSM-SSH”} | ReStart-VMHostService -confirm:$false
set-VMHostAdvancedConfiguration -VMHost $myhost -Name “UserVars.SuppressShellWarning” -Value “1” -confirm:$false
set-VMHostAdvancedConfiguration -VMHost $myhost -Name “UserVars.ESXiShellTimeOut” -Value “900” -confirm:$false
set-VMHostAdvancedConfiguration -VMHost $myhost -Name “UserVars.ESXiShellInteractiveTimeOut” -Value “900” -confirm:$false
set-VMHostAdvancedConfiguration -VMHost $myhost -Name “Security.AccountLockFailures” -Value “5” -confirm:$false

##Rename the local datastore to “hostname-local”
$localDS = “”+(($myhost).split(“.”))[0]+”-local”
if(get-vmhost $myhost |get-datastore | where {$_.name -match “datastore”}){get-vmhost $myhost | get-datastore | where {$_.name -match “datastore”} | set-datastore -name $localDS}

##Create a new standard switch for vmotion, add two physical nics, set the security policy, then create two vmotion vmknics
#### ** BE SURE to edit the VMNIC numbers below (vmnic2 and vmnic3) to match your physical nic numbers.
#### ** If you want to combine vmotion vmknics on the management vSwitch (vSwitch0) skip to the code below this.
$thevmotionswitch = new-virtualswitch -vmhost $myhost -name “vSwitchVMotion” -mtu 9000 -nic “vmnic2″,”vmnic3”
$esx=get-vmhost $myhost
$esxid=$esx |% {get-view $_.Id}
$esxidconfig=$esxid.configmanager
$esxns=$esxidconfig.networksystem
$esxnsview=get-view $esxns
$esxvSwitch=$esxnsview.NetworkConfig.Vswitch | where {$_.Name -eq $thevmotionswitch}
$specChange= $esxvSwitch.Spec
$specChange.policy.security.allowPromiscuous=$false
$specChange.policy.security.forgedTransmits=$false
$specChange.policy.security.macChanges=$false
$esxnsview.UpdateVirtualSwitch($esxvSwitch.name,$specChange)
new-VirtualPortGroup -virtualswitch $thevmotionswitch -name vmotion0 -vlanid $vmotionVlanID
New-VMHostNetworkAdapter -VMHost $myhost -PortGroup vmotion0 -VirtualSwitch $thevmotionswitch -IP $vmotionIP1 -SubnetMask $vmotionSubnetMask -VMotionEnabled:$true
$vnicchange = get-virtualswitch -vmhost $myhost -name $thevmotionswitch | Get-virtualportgroup -name “vmotion0” | get-nicteamingPolicy
$vnicchange | Set-NicTeamingPolicy -MakeNicActive “vmnic3” -MakeNicStandby “vmnic2”
new-VirtualPortGroup -virtualswitch $thevmotionswitch -name vmotion1 -vlanid $vmotionVlanID
New-VMHostNetworkAdapter -VMHost $myhost -PortGroup vmotion1 -VirtualSwitch $thevmotionswitch -IP $vmotionIP2 -SubnetMask $vmotionSubnetMask -VMotionEnabled:$true
$vnicchange | Set-NicTeamingPolicy -MakeNicActive “vmnic2” -MakeNicStandby “vmnic3”
$vnicchange = get-virtualswitch -vmhost $myhost -name $thevmotionswitch | Get-virtualportgroup -name “vmotion1” | get-nicteamingPolicy

##**** If you want to run vmotion on your management switch (vSwitch0) use this code instead.
##** Again, edit the vmnic numbers below as needed.
$thevmotionswitch = get-virtualswitch -vmhost $myhost -name “vSwitch0”
new-VirtualPortGroup -virtualswitch $thevmotionswitch -name vmotion0 -vlanid $vmotionVlanID
New-VMHostNetworkAdapter -VMHost $myhost -PortGroup vmotion0 -VirtualSwitch $thevmotionswitch -IP $vmotionIP1 -SubnetMask $vmotionSubnetMask -VMotionEnabled:$true
$vnicchange = get-virtualswitch -vmhost $myhost -name $thevmotionswitch | Get-virtualportgroup -name “vmotion0” | get-nicteamingPolicy
$vnicchange | Set-NicTeamingPolicy -MakeNicActive “vmnic0” -MakeNicStandby “vmnic1”
new-VirtualPortGroup -virtualswitch $thevmotionswitch -name vmotion1 -vlanid $vmotionVlanID
New-VMHostNetworkAdapter -VMHost $myhost -PortGroup vmotion1 -VirtualSwitch $thevmotionswitch -IP $vmotionIP2 -SubnetMask $vmotionSubnetMask -VMotionEnabled:$true
$vnicchange = get-virtualswitch -vmhost $myhost -name $thevmotionswitch | Get-virtualportgroup -name “vmotion1” | get-nicteamingPolicy
$vnicchange | Set-NicTeamingPolicy -MakeNicActive “vmnic1” -MakeNicStandby “vmnic0”

##Add the host to a vDS then add its Physcial NICs to the switch
Add-VDSwitchVMHost -vdswitch $myVDSwitch -vmhost $myhost
$hostadapter = get-vmhost -name $myhost | Get-vmhostnetworkadapter -physical -name $myVDSSwitchNICs
get-vdswitch $myVDSwitch | add-vdswitchphysicalnetworkadapter -vmhostnetworkadapter $hostadapter -confirm:$false

##Create a portgroup on an existing Standard Switch
$vswitch0 = get-virtualswitch -vmhost $myhost -name “vSwitch0”
new-VirtualPortGroup -virtualswitch $vswitch0 -name “10.10.10.0”

##Set the host Power Policy to “High Performance” to reduce cpu latency.
$view = (Get-VMHost $myhost | Get-View)
(Get-View $view.ConfigManager.PowerSystem).ConfigurePowerPolicy(1)

##Move the local datastore into a datastore folder named “localdisk” Folder must exist.
get-vmhost $myhost | get-datastore | where {$_.name -match “-local”} | move-datastore -destination (get-folder “localdisk”)

##Make sure both physical adapters on your management switch (vSwitch0) are set to active,active to prevent an outage.
$theManagementSwitch = get-virtualswitch -vmhost $myhost -name “vSwitch0”
$thenics = get-virtualswitch -vmhost $myhost -name $theManagementSwitch | Get-vmhostnetworkadapter | where {$_.name -notmatch “vmk”}
$vnicchange = get-virtualswitch -vmhost $myhost -name $theManagementSwitch | Get-virtualportgroup -name “Management Network” | get-nicteamingPolicy
$vnicchange | Set-NicTeamingPolicy -MakeNicActive $thenics

##If you use NFS storage, set the host NFS Advanced Vars to NFS Storage Vender Specs:
$Cmyhost = Get-VMHost $myhost
$Cmyhost | get-advancedsetting -name VMFS3.hardwareacceleratedlocking | set-advancedsetting -Value 1 -confirm:$false
$Cmyhost | get-advancedsetting -name Net.TcpipHeapSize | set-advancedsetting -Value 32 -confirm:$false
$Cmyhost | get-advancedsetting -name Net.TcpipHeapMax | set-advancedsetting -Value 1536 -confirm:$false
$Cmyhost | get-advancedsetting -name NFS.MaxVolumes | set-advancedsetting -Value 256 -confirm:$false
$Cmyhost | get-advancedsetting -name NFS41.MaxVolumes | set-advancedsetting -Value 256 -confirm:$false
$Cmyhost | get-advancedsetting -name NFS.MaxQueueDepth | set-advancedsetting -Value 64 -confirm:$false
$Cmyhost | get-advancedsetting -name NFS.HeartbeatMaxFailures | set-advancedsetting -Value 10 -confirm:$false
$Cmyhost | get-advancedsetting -name NFS.HeartbeatFrequency | set-advancedsetting -Value 12 -confirm:$false
$Cmyhost | get-advancedsetting -name NFS.HeartbeatTimeout | set-advancedsetting -Value 5 -confirm:$false

##If you need to add a vmknic for NFS traffic on a Virtual Distributed Switch:
$theswitch = get-vdswitch “myNFSVDSwitch”
$thePG = $theswitch | get-vdportgroup | where {$_.name -match “10.10.10.0-NFSvPG”}
New-VMHostNetworkAdapter -VMHost (Get-VMHost $myhost) -virtualswitch $theswitch -PortGroup $thePG -IP “10.10.10.9” -SubnetMask “255.255.255.0”

##Mount up some NFS vols
Get-VMHost $myhost| New-Datastore -Nfs -Name “MyNFSDevice” -Path “/NFSShare1/MyNFSShare” -NfsHost “10.10.10.2”

#Here is the PowerCLI 6.5 Command Reference to look up these commands.
https://www.vmware.com/support/developer/PowerCLI/PowerCLI651/html/

List your VM Environment Tags per cluster.

nicholasfarmer March 8, 2017

Here is a quick one-liner that will list your VM names and their Environment Tag.
– The assumption here is you use vCenter Tags, you created a tag category for Environment, created some tag types (like Production, Dev, etc) under that category, and assigned those Tags to your VMs.

$Thecategory = “Environment”
$thecluster = “TheCoolKidsCluster”
get-cluster $thecluster | Get-VM | Select Name,@{N=”Tag”;E={((Get-TagAssignment -category $Thecategory -Entity $_ | select -ExpandProperty Tag).Name -join “,”)}}

#The output can be sent to csv with “|export-csv c:\temp\export.csv”
#The output looks like this:
VM1 Production
VM2 Development
VM3 Production…..
… etc

# Remember – you can change the get-cluster part to get-folder, get-datastore, get-datastorecluster, even a get-VDPortgroup!

Unmount all of your CD-Roms!

nicholasfarmer October 31, 2016

#Quick On-liner to look through all VMs in a vCenter and unmount all of the connected CDs.

get-vmhost | get-vm |get-cddrive| set-cddrive -nomedia -confirm:$false

https://www.vmware.com/support/developer/PowerCLI/PowerCLI41/html/Set-CDDrive.html

Find VMs Where the Running OS Does Not Match the Configured OS.

nicholasfarmer October 31, 2016

#A quick grep of all VMs in a vcenter, with the configured and running OS (detected by a valid version of VMware tools installed)
#This is a great report if you find out some Admins were running “upgrades” from windows 2008 to 2012 and never reconfigured the VM OS setting.

$temp = get-view -viewtype “virtualmachine” -property name,guest.ToolsRunningStatus,guest.guestfullname,config.guestfullname
$OSMisconfiguredReport = @()
foreach($a in $temp){
$row = “” | select name,toolsstate,OSConfigured, OSRunning
$row.name = $a.name
$row.toolsstate = $a.guest.ToolsRunningStatus
$row.OSConfigured = $a.config.guestfullname
$row.OSRunning = $a.guest.guestfullname
$OSMisconfiguredReport += $row
}

$OSMisconfiguredReport | where {$_.toolsstate -eq “guestToolsRunning” -and $_.osrunning -notlike “” -and $_.osconfigured -ne $_.osrunning}

Look for VMs with VMware tools installer mounted. (vcenter wide)

nicholasfarmer October 31, 2016

Quick One-liner to look for any VM in your entire vcenter that has the VMware tools installer mounted.

get-view -viewtype virtualmachine -property ‘name’ -Filter @{‘Runtime.ToolsInstallerMounted’=’True’}

#Here is the same command but with the additional text to unmount the installer if any are found.

get-view -viewtype virtualmachine -property ‘name’ -Filter @{‘Runtime.ToolsInstallerMounted’=’True’} | foreach{$_.UnmountToolsInstaller()}

1 2 … 6 Next