profile for Gajendra D Ambi on Stack Exchange, a network of free, community-driven Q&A sites
Showing posts with label vmware. Show all posts
Showing posts with label vmware. Show all posts

Thursday, June 28, 2018

Upgrading your vcenter server made easy with Hybrid Linked Mode

So whenever you upgrade an environment you must start with HCL [hardware compatibility list]. Let us pretend that you want to go from vsphere 6.5 to 6.7 without any downtime. hmm... yes you are asking for a pony and thanks to vmware you have it too.
I always say that the first point of contact should be upgrade first because it will be backward compatible of what lies beneath. Anyway assuming that you made sure that the rest of your stuff like version of your NSX, VRA is all taken care of. You have to then upgrade your
vcenter>esxi>vm tools>vm hardware.
Get a new vcenter 6.7 appliance ready.
Create HLM between the old and the new vcenter.
Decommission the old one.
Yes, that  is it. If you are not satisfied with this high level plan then there are so many bloggers wanting to be at the yearly top 100 virtualization blog list (and its awesome) by http://vsphere-land.com (http://vsphere-land.com/news/top-vblog-2017-full-results.html) and they have detailed posts on how to do hybrid linked mode. It is easy and you dont have to pull out any hair.
I still do recommend the old ways of having a plan B as backup. Yes take a backup of your old vcenter before you get on with this plan/task.
What if you have 2 vcsa already in linked mode and you want to retain the networking information of them?
Let us say that you have vcsa1 linked with vcsa2.

  1. Decommission the vcsa2 from linked mode with vcsa1.
  2. Shutdown the vcsa2, disable the network adapter
  3. get your new vcsa with your newer desired version and assign the vcsa2 networking details (hostname, ip..) and join the linked mode with vcsa1.
  4. Make sure all is well and they are in sync.
  5. Decommission the vcsa1
  6. deploy the newer versioned vcsa and assign vcsa1 networking details to it.
congratulate yourself.
Posted by at No comments:
Labels:

Monday, January 8, 2018

Automating the deployment of VMware vCSA 6.5 with json

So in my earlier post  I was exploring the deployment of vcsa and tried to create a json file for importing.
This post is about deploy the primary platform service controller directly to an esxi.

1
.$deployer\vcsa-deploy.exe install "psc1.json" --accept-eula --no-esx-ssl-verify
The above is the command to deploy the vcsa. We first however need the vcsa and the updated json file which contains all of these. You have however various templates available inside the vcsa iso. This one is for platform services controller 1 deployed directly against esxi.


 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
function DeployPsc1 {
# variables to deploy psc1
$esxihostname = "10.11.27.143"
$esxiPass = "VMware1!"
$datastore = "vsanDs"
$portgroup = "VM Network"
$deployment_option = "infrastructure"
$psc1_name = "psc1"
$psc1_fqdn = "psc1.dell.com"
$psc1_ip = "10.1.1.1"
$dnsServers = "2.3.4.4" # dns servers separated by comma
$gateway = "10.1.1.1"
$subnet = "255.255.255.0"
$maskBits = 0
foreach($octet in $psc1_ip.Split('.'))
  {
    while(0 -ne $octet)
    {
      $octet = ($octet -shl 1) -band [byte]::MaxValue
      $maskBits++
    }
  }
 
$psc1Pass = "VMware1!"
$ssoDomain = "vsphere.local"
$ssoPass = "VMware1!"
$siteName = "dc"

# The automation script
$iso_path = (get-PSDrive | where Description -Match CDROM).Root
$ovaPath = "$iso_path"+"vcsa"
$name = (dir $ovaPath | where name -Match ".ova").Name
$vcsa_ovapath = "$iso_path"+"$name"
$jsonName = "PSC_first_instance_on_ESXi.json"
$jsonSource = "$iso_path"+"vcsa-cli-installer\templates\install\$jsonName"
Copy-Item $jsonSource -Force | Out-Null
$json = get-childitem | where name -Match $jsonName

Write-Host "preparing the deployment json template"
$a = Get-Content $json -raw | ConvertFrom-Json
$a.'new.vcsa'.esxi.hostname = $esxihostname
$a.'new.vcsa'.esxi.username = 'root'
$a.'new.vcsa'.esxi.password = $esxiPass
$a.'new.vcsa'.esxi.datastore = $datastore
$a.'new.vcsa'.esxi.'deployment.network' = $portgroup
$a.'new.vcsa'.appliance.'deployment.option' = $deployment_option
$a.'new.vcsa'.appliance.name = ""
$a.'new.vcsa'.appliance.'thin.disk.mode' = $true
$a.'new.vcsa'.appliance.name = $psc1_name
$a.'new.vcsa'.network.'ip.family' = "ipv4"
$a.'new.vcsa'.network.ip = $psc1_ip
$a.'new.vcsa'.network.'dns.servers' = $dnsServers
$a.'new.vcsa'.network.gateway = $gateway
$a.'new.vcsa'.network.mode = "static"
$a.'new.vcsa'.network.'system.name' = "$psc1_fqdn"
$a.'new.vcsa'.network.prefix = "$maskBits"
$a.'new.vcsa'.os.'ssh.enable' = $true
$a.'new.vcsa'.os.password = $psc1Pass
$a.'new.vcsa'.sso.'domain-name' = $ssoDomain
$a.'new.vcsa'.sso.password = $ssoPass
$a.'new.vcsa'.sso.'site-name' = $siteName
$a.ceip.settings.'ceip.enabled' = $false
$a | ConvertTo-Json -Depth 3 | Out-File psc1.json -Encoding utf8 -Force

Write-Host "deploying psc1"
$deployer = "$iso_path"+"vcsa-cli-installer\win32"
.$deployer\vcsa-deploy.exe install "psc1.json" --accept-eula --no-esx-ssl-verify 
} DeployPsc1

Till line 13 you have all the variables that you need to populate.
14-22 calculate the subnet bits.
30 it finds the mounded iso on the machine where the script is being run.
31 vcsa is the folder inside the iso, so we are adding that to our path.
32 searching the vcsa folder for the .ova file and find the complete path to use it later.
33 complete path to the vcsa ova file
34 name of the json template which we want to use from the iso file
35 complete path to the json template that we want to use
36-37 copying the json template to our local directory for the sake of simplicity and later we will import this json template, update it with our values and deploy the psc.
40 you import the json into powershell so that you can update it.
41- 62 you update the various values of the json. Don't worry. When you type $a. and tab it automatically shows the next options for you.
63 we export the new updated json as psc1.json.
66 find out the path of the .exe from the mounted iso which deploys vcsa.


Posted by at No comments:
Labels: , , ,

Wednesday, January 3, 2018

Create json from powershell to deploy vCenter 6.5

So I have been working on generating a json file within powershell and then import it during the deployment of vcenter VCSA 6.5.


1
vcsa-deploy.exe install --accept-eula --no-esx-ssl-verify c:\vcsa.json

Above is how you deploy the vCSA. We have an automation portal which poops out pretty awesome automation scripts. I am however planning to use the variables from the web portal and generate the json. This is how you do it. We will end up using this in our future deployment of vCSA on vxracks, vxblocks and our other CI/HCI solutions of dell emc.


 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
$dnsServers = "" # dns servers separated by comma

$jsonRequest = [ordered]@{
    "target.vcsa" = @{
        "appliance" = @{            
            "deployment.network"="VM Network"
            "deployment.option"="infrastructure"
            "name"="vCenter-Server-Appliance"
            "thin.disk.mode"=$true }

        "esx"= @{
            "hostname"= "<ESXi host name or IP address>"
            "username"= "root"
            "password"= "<Password of the ESXi host root user>"
            "datastore"= "<ESXi host datastore>" }

        "network"= @{
            "hostname"= "<Host name>"
            "dns.servers"= "[$dnsServers]"
            "gateway"= "<Gateway IP address>"
            "ip"= "<Static IP address>"
            "ip.family"= "ipv4"
            "mode"= "static"
            "prefix"= "<The value must be 0-32>"  }


        "os"= @{
            "password"= "<vCenter Server Appliance root password>"
            "ssh.enable"=$true }

        "sso"= @{
            "password"= "<vCenter Single Sign-On password>"
            "domain-name"= "vsphere.local"
            "site-name"= "<SSO site name>" }
    }
}

$jsonPath = $PSScriptRoot +"\jsonVcsa.json"
$jsonData = $jsonRequest | ConvertTo-Json | Out-File $jsonPath -Force
$jsonData

This does creates a good json file. Hopefully I get to use it to deploy the vcenter. You want to check out william lam's blog for the same here https://www.virtuallyghetto.com/2016/12/how-to-automate-the-deployment-of-an-un-configured-vcsa-6-5-stage-1-only.html



Posted by at No comments:
Labels: , , ,

Thursday, November 9, 2017

automating creation of vmkernel portgroups with powercli and csv

This is just a continuation of my previous post. this is again a work in progress. keep a watch on my github page for the most updated version of it. If vTool (github.com/mrambig/vmware) isnt enough for you and your hosts are in series then is what you need to create vmkernel portgroups. Go to github.com/vmware/mrambig for more

#start of function
function vmkernelPgCsv
{
Write-Host "
A CSV file will be opened (open in excel/spreadsheet)
populate the values,
save & close the file,
Hit Enter to proceed
" -ForegroundColor Blue -BackgroundColor White
$csv = "$PSScriptRoot/HostVds.csv"
get-process | Select-Object vmhost,vss,portgroup,vlan,ip,mask,vmk,mtu | Export-Csv -Path $csv -Encoding ASCII -NoTypeInformation
Start-Process $csv
Read-Host "Hit Enter/Return to proceed"

$csv = Import-Csv $csv

  foreach ($line in $csv) 
 {  # importing data from csv and go line by line
    $vmhost = $($line.vmhost)  
    $vss  = $($line.vss)  
    $portgroup  = $($line.portgroup)
    $vlan  = $($line.vlan)    
    $ip  = $($line.ip)
    $mask  = $($line.mask)
    $vmk  = $($line.vmk)    
    $mtu  = $($line.mtu)    
        
    $esxcli = get-vmhost $vmhost | get-esxcli -v2
    (get-vmhost $vmhost).name
    get-vmhost $vmhost | get-virtualswitch -Name $vss | New-VirtualPortGroup -Name $pg -VLanId $vlan -Confirm:$false
    
    # add vmkernel with netstack    
    $esxcliset = $esxcli.network.ip.interface.add 
    $args = $esxcliset.CreateArgs()
    $args.interfacename = "$vmk"
    $args.mtu = "$mtu"    
    $args.portgroupname = "$pg"    
    $esxcliset.Invoke($args)   
     
    # update networking to the vmkernel
    $esxcliset = $esxcli.network.ip.interface.ipv4.set
    $args = $esxcliset.CreateArgs()
    $args.interfacename = "$vmk"
    $args.type = "static"
    $args.ipv4 = "$ip"
    $args.netmask = "$mask"
    $esxcliset.Invoke($args)  
    }
}#End of function

vmkernelPgCsv

Posted by at
Labels: , ,

creating l3 vmotion with powercli and csv

So sometimes the shortcomings of my vtool at github.com/mrambig/vmware/vtool is that it assumes that the ip addresses are in range when creating vmkernel portgroups for vmware. It also assumes that your hosts are in order. We are working a huge VMware implementation which is being deployed and expanded in installment where this is not the case. This is something that i putting it here for those who might use this in future. Of course i have to still test this with my solution architects for whom I am doing this automation. I am certain that it will work. If not I will post the updated version as always in my github page. github.com/MrAmbiG/vmware


#start of function
function l3vmotion2csv
{
Write-Host "
A CSV file will be opened (open in excel/spreadsheet)
populate the values,
save & close the file,
Hit Enter to proceed
" -ForegroundColor Blue -BackgroundColor White
$csv = "$PSScriptRoot/HostVds.csv"
get-process | Select-Object vmhost,vss,portgroup,vlan,ip,mask,vmk,mtu | Export-Csv -Path $csv -Encoding ASCII -NoTypeInformation
Start-Process $csv
Read-Host "Hit Enter/Return to proceed"

$csv = Import-Csv $csv

  foreach ($line in $csv) 
 {  # importing data from csv and go line by line
    $vmhost = $($line.vmhost)  
    $vss  = $($line.vss)  
    $portgroup  = $($line.portgroup)
    $vlan  = $($line.vlan)    
    $ip  = $($line.ip)
    $mask  = $($line.mask)
    $vmk  = $($line.vmk)    
    $mtu  = $($line.mtu)    
        
    $esxcli = get-vmhost $vmhost | get-esxcli -v2
    (get-vmhost $vmhost).name
    get-vmhost $vmhost | get-virtualswitch -Name $vss | New-VirtualPortGroup -Name $pg -VLanId $vlan -Confirm:$false
    # add vmotion netstack
    $esxcliset = $esxcli.network.ip.netstack.add
    $args = $esxcliset.CreateArgs()
    $args.disabled = $false
    $args.netstack = 'vmotion'    
    $esxcliset.Invoke($args)
    
    # add vmkernel with netstack    
    $esxcliset = $esxcli.network.ip.interface.add 
    $args = $esxcliset.CreateArgs()
    $args.interfacename = "$vmk"
    $args.netstack = 'vmotion'
    $args.mtu = "$mtu"    
    $args.portgroupname = "$pg"    
    $esxcliset.Invoke($args)   
     
    # update networking to the vmkernel
    $esxcliset = $esxcli.network.ip.interface.ipv4.set
    $args = $esxcliset.CreateArgs()
    $args.interfacename = "$vmk"
    $args.type = "static"
    $args.ipv4 = "$ip"
    $args.netmask = "$mask"
    $esxcliset.Invoke($args)  
    }
}#End of function

l3vmotion2csv




Posted by at
Labels: , ,

Friday, July 28, 2017

Get the right version of vcenter and other management tools for your esxi/vsphere

Many a times i have seen few of my colleagues trying to download the new vsphere client to manage the newer version of esxi that we are shipping with our dell emc ci/hci. They google it, log into vmware, search again, match the build number and download or sometimes just use a usb pen drive to share such files. If you are in your own environment or even home lab then it is better for your own product to guide you to download the other products which are to be used with it or can be used with it.
just click on advanced and add certification.
 
 Once you do this,  you will be presented with the following
click on the download vsphere client for windows to install the one which for sure will work with your esxi. It won't take you to VMware site but you will get the file itself. the link below that will launch the vsphere client. Rest of the links to other products will take you to their site and they all are self explanatory.




Posted by at
Labels:

Thursday, July 27, 2017

Changing the vmkernel/management ip address (and subnet mask too if you want) using powercli


powercli just rox. we at dell emc today had an issue where we had
3 UCS domains and client wanted all the 110+ blades to be distributed across these 3 domains. IP addresses were not in range. We use a custom linux virtual machine which install esxi on UCS with proper vmkernel networking. However that is not designed for such scenarios. So the ip addresses how this esxi deployer assigned was not at all matching what the customer wanted. We thought by the time our storage guys assign boot luns then i could figure out a script to change the ip addresses of all these 110+ blades. I even took my buddy gowtham's data center without asking him and played around with it. It worked for the 8 blades that we had. I used plink to deliver the esxcli command as mentioned by duncan epping . Needless to say what worked on a small solution didnt work on this one for some reason. I was using a csv file to input the
old ip
new ip
username
password
vmkernel (it was vmk0)
but it failed and we as a team shared all 15 blades per head and changed the ip addresses manually. We did not have much time to play. I just reached home and so far i have this.
connect to the esxi host first

PS C:\WINDOWS\system32> Connect-VIServer 192.168.248.136 -User root -Password 'vmware1'
WARNING: There were one or more problems with the server certificate for the server 192.168.248.136:443:

* The X509 chain could not be built up to the root certificate.

* The certificate's CN name does not match the passed value.

Certificate: [Subject]
  OID.1.2.840.113549.1.9.2="1477497341,564d7761726520496e632e", CN=localhost.localdomain, E=ssl-certificates@vm
ware.com, OU=VMware ESX Server Default Certificate, O="VMware, Inc", L=Palo Alto, S=California, C=US

[Issuer]
  O=VMware Installer

[Serial Number]
  00A4602D4BBDF6

[Not Before]
  26-10-2016 9.25.42 PM

[Not After]
  26-04-2028 9.25.42 PM

[Thumbprint]
  360BDA508071AF7832778CA9C038195A14468A4F



The server certificate is not valid.
   
WARNING: THE DEFAULT BEHAVIOR UPON INVALID SERVER CERTIFICATE WILL CHANGE IN A FUTURE RELEASE. To ensure script
s are not affected by the change, use Set-PowerCLIConfiguration to set a value for the InvalidCertificateAction
 option.
      

Name                           Port  User                         
----                           ----  ----                         
192.168.248.136                443   root

Let us see to whom we are connected with
------------------
PS C:\WINDOWS\system32> Get-VMHost
 
Name                 ConnectionState PowerState NumCpu CpuUsageMhz CpuTotalMhz   MemoryUsageGB   MemoryTotalGB
----                 --------------- ---------- ------ ----------- -----------   -------------   -------------
192.168.248.136      Connected       PoweredOn       4          69       16000           1.418          11.718 
 
Now we should find out who this is
 
 PS C:\WINDOWS\system32> (Get-VMHost).NetworkInfo
 
HostName     DomainName   DnsFro ConsoleGateway  ConsoleGatewayD DnsAddress          
                          mDhcp                  evice                               
--------     ----------   ------ --------------  --------------- ----------          
host1        ambi.com     False                                  {192.168.248.136} 
 
 
Now change the ip address  
 
 
 PS C:\WINDOWS\system32> (Get-VMHost | Get-EsxCli).network.ip.interface.ipv4.set('vmk0','192.168.248.135', '255.255.255.0', $null, 'static')
true 
 
That true is really encouraging. I connected to the new changed ip address now.
  
 PS C:\WINDOWS\system32> Connect-VIServer 192.168.248.135 -User root -Password 'vmware1'
 
Name                           Port  User                          
----                           ----  ----                          
192.168.248.135                443   root 
 


I checked the name of this new ip.


 


 


PS C:\WINDOWS\system32> (Get-VMHost).NetworkInfo
 
HostName     DomainName   DnsFro ConsoleGateway  ConsoleGatewayD DnsAddress          
                          mDhcp                  evice                               
--------     ----------   ------ --------------  --------------- ----------          
host1        ambi.com     False                                  {192.168.248.136}   
 
 
 
PS C:\WINDOWS\system32>


------------------



Yes, you can change any vmkernel ip address like this but i am trying to figure out an esxcli -v2 version of it. Nay sayers listen to this. If you do not know how to do it then it doesn't mean it can't be done. 

Now here is the esxcli -v2 version.






PS C:\WINDOWS\system32> $esxcli = Get-VMHost | Get-EsxCli -v2
$esxcliset = $esxcli.network.ip.interface.ipv4.set
$args = $esxcliset.CreateArgs()
$args.interfacename = 'vmk0'
$args.type = 'static'
$args.ipv4 = '192.168.248.136'
$args.netmask = '255.255.255.0'
$esxcliset.Invoke($args)



true

PS C:\WINDOWS\system32> disconnect-viserver * -confirm:$false
Connect-VIServer 192.168.248.136 -User root -Password 'vmware1'

WARNING: There were one or more problems with the server certificate for the server 192.168.248.136:443:

* The X509 chain could not be built up to the root certificate.

* The certificate's CN name does not match the passed value.

Certificate: [Subject]
  OID.1.2.840.113549.1.9.2="1477497341,564d7761726520496e632e", CN=localhost.localdomain, E=ssl-certificates@vmware.com, OU=VMware ESX Server Defaul
t Certificate, O="VMware, Inc", L=Palo Alto, S=California, C=US

[Issuer]
  O=VMware Installer

[Serial Number]
  00A4602D4BBDF6

[Not Before]
  26-10-2016 9.25.42 PM

[Not After]
  26-04-2028 9.25.42 PM

[Thumbprint]
  360BDA508071AF7832778CA9C038195A14468A4F



The server certificate is not valid.
    
WARNING: THE DEFAULT BEHAVIOR UPON INVALID SERVER CERTIFICATE WILL CHANGE IN A FUTURE RELEASE. To ensure scripts are not affected by the change, use
 Set-PowerCLIConfiguration to set a value for the InvalidCertificateAction option.
       

Name                           Port  User                          
----                           ----  ----                          
192.168.248.136                443   root                          



PS C:\WINDOWS\system32> $esxcli = Get-VMHost | Get-EsxCli -v2
$esxcliset = $esxcli.network.ip.interface.ipv4.set
$args = $esxcliset.CreateArgs()
$args.interfacename = 'vmk0'
$args.type = 'static'
$args.ipv4 = '192.168.248.135'
$args.netmask = '255.255.255.0'
$esxcliset.Invoke($args)



true

PS C:\WINDOWS\system32> disconnect-viserver * -confirm:$false
Connect-VIServer 192.168.248.135 -User root -Password 'vmware1'


Name                           Port  User                          
----                           ----  ----                          
192.168.248.135                443   root                          



PS C:\WINDOWS\system32> 


update : 2017nov17








#Start of function
function IpChanger2
{
<#
.SYNOPSIS
    Changes the ip address and gateway of the given vmkernel
.DESCRIPTION
    Imports esxcli in powercli to update the vmkernel's networking details
.NOTES
    File Name      : IpChanger.ps1
    Author         : gajendra d ambi
    updated        : July 2017
    Prerequisite   : PowerShell v4+, powercli 6+ over win7 and upper.
    Copyright      - None
.LINK
    Script posted over: github.com/MrAmbig
#>
#Start of Script
$OldIp = Read-Host 'original ip?'
$NewIp = Read-Host 'new ip?'
$user = '' # username to log into the host
$pass = '' # password for the esxi to login
$vmk = '' # vmk to change the the ip for. ex: vmvk0
$subnetMask = '' # subnetmask

    Connect-VIServer $OldIp -User $user -Password $pass
    $esxcliset = $esxcli.network.ip.interface.ipv4.set
    $args = $esxcliset.CreateArgs()
    $args.interfacename = "$vmk"
    $args.type = 'static'
    $args.ipv4 = $NewIp
    $args.netmask = $subnetMask
    $esxcliset.Invoke($args)

    Start-Sleep -Seconds $delay
    Disconnect-VIServer * -Confirm:$false -ErrorAction SilentlyContinue
} #End of function
do { IpChanger2 } while ($True)






So this will set you up for multiple hosts










Posted by



at






















Labels:
,
,
,

















        

      









Subscribe to:
Posts (Atom)