Around Christmas, I picked up a book called Ender’s Game And Philosophy: Genocide Is Child’s Play. I wasn’t looking for it, but it found me when browsing the aisles of Barnes and Noble. Like many technologically-minded children of my generation, Ender’s Game remains one of my favorite novels and spawned one of my favorite series. At the time, the movie had just come out; I had just re-read the novel; and when you add 30 years from the novel’s release, the opinions of one Orson Scott Card, and another dozen plus novels and shorts, you have a wonderful world, so close to our own, yet so far away. This is a great universe in which to debate philosophy.
This book is part of a series called Popular Culture and Philosophy and weighs in at 238 pages. We all debate and philosophize, though we rarely acknowledge it. It’s what a lot of you will be doing this week around the water cooler when discussing the season finale of The Walking Dead and all the decisions the characters made. In fact, the series even has a book on The Walking Dead!
Auto Deploy Deep Dive Series, Part Three focuses on PowerCLI and Image Builder, puts the wrap on DHCP, and brings the first auto-deployed VMhost to life!
PowerCLI and Image Builder
We are going to use some PowerCLI next. You can find plenty of PowerCLI primers elsewhere (I suggest Alan Renouf and Luc Dekens sites for the novice. I’ve also done a few articles on Power CLI…), so I’m going to assume some familiarity with it. Connect to your vCenter server with “Connect-VIServer <hostname>” and provide your credentials. The rule we are about to create relies on a host profile and a cluster name , so first we grab that information:
In part 2 of the Auto Deploy Deep Dive Series, I will show you how to build a host profile in preparation for the deployment. Launch the vSphere Web Client and we can get started.
Host Profiles are a very powerful, complicated, and finicky tool that vCenter offers. These profiles are useful for compliance checking of your hosts, to ensure settings are consistent across a cluster, and in our case, Auto Deploy. We’re only going to use a small part of the host profile’s capability, which is to allow stateful installs on the new hosts, and ignore the rest – a tale for another time.
You cannot simply create a blank host profile, but you can use an existing host to create a populated profile. This can be done a number of ways, the easiest of which is to extract a host profile from an existing host. If you don’t already have an existing host in your vCenter, you’re going to need one to continue. You can extract the profile by going to the Hosts and Clusters page and selecting the highlighted option:
Since vSphere 5.5 was released in September, I’ve seen a lot of blog articles related to the upgrade process. Most of these articles deal with the implementation details of some specific step – upgrading the vCSA, migrating from an older version of vCSA, fixing SSO, etc. However, it seems like one of the most common questions in the freenode #vmware channel is still, “In what order do I upgrade my vCenter without breaking things?” Let’s answer that question at a high level, without getting into the implementation details.
This info is based on VMworld 2013 sessions VSVC5690 (YouTube) and VSVC4945 (requires VMworld login) taught by Justin King, Josh Gray, and Kyle Gleed, be sure to watch the presentations for additional details.
Over Christmas, I expanded my home lab with another ESXi host. It seemed like the perfect time to set up Auto Deploy so my new host could be brought online with a minimum of effort. The process requires some assembly and I ran into a few minor issues along the way, so I thought I would detail those issues for others. The process is also quite lengthy, and this will be a multi-part series. Stay tuned, and check back at Auto Deploy Deep Dive Series for the rest of the articles. Credit goes to Vladan Seget’s Auto Deploy post and VMware’s own documentation for getting me started.
Auto Deploy requires multiple components – Image Builder, PowerCLI, Host Profiles, TFTP, DHCP, and vSphere Enterprise Plus licensing for your vCenter server. You have your choice of the TFTP and DHCP providers, the rest are provided by vCenter and VMware. For TFTP, I used SolarWinds’s TFTP server (you do not have to provide a valid email address to access the download) for Windows and ISC tftp for CentOS. I had an existing CentOS server running ISC DHCP; Windows DHCP server on Server 2003+ is fine but I skipped over it because it’s familiar to most and easy to pick up by the rest.
Alan Renouf gave a vBrownBag presentation on Advanced PowerCLI 5.5R2 last night. During the show, he showed an interesting bit of code:
$output = "" | Select VmName, PgName
$output.VmName = "value1"
$output.PgName = "value2"
This was intriguing to me. The “proper” way to create an object with attributes is to use New-Object and pipeline it through some Add-Member commands.
$output = New-Object PSObject |
Add-Member -PassThru NoteProperty VmName "value1" |
Add-Member -PassThru NoteProperty PgName "value2"
That creates an excessive, and somewhat unreadable, pipeline for objects with a long list of members, especially if a member’s name is long. It’s a pretty neat trick to make your code look pretty neat.
Over the past couple of weeks, I’ve done a few PowerCLI posts, including creating some modules. To reduce the change of typos or older versions of files making it into my posts, I created a GitHub repo, https://github.com/rnelson0/powercli-modules/, that you can feel free to use. There are three modules:
- Copy-Module – Based off the Hey Scripting Guy! module, this enhanced module allows us to load modules in the Global Modulepath (when run with admin privs) and overwrite existing modules.
- PowerCLI-Administrator-Cmdlets – Cmdlets for an administrator. Generally speaking, these require read/write access. Example: Clone-VDPortgroup
- PowerCLI-User-Cmdlets – Cmdlets for users. Ideal for read-only users. Example: Get-VMConsoles
Please use GitHub to send me pull requests for any bug fixes or report bugs. You can of course use comments as well.
Something I forgot to mention in my post on creating modules: If you use the snippets and fill out all the comments, Get-Help Your-Cmdlet will use that information and generate full help files for you. Very helpful!
Over Christmas, my awesome wife bought me a Synology DS214 for my expanded home lab. One of the many reasons Synology was selected is because the DSM operating system supports multiple VLANs. However, the web interface only lets you set one interface. I found a number of conflicted articles describing how to configure the other VLANs. I upgraded my Synology to DSM v4.3 and then followed the process below to add the VLAN setup.
Depending on your switch setup, you may need to remove all VLAN configuration from the Synology’s port until the VLAN is created, or you can tag a single VLAN, or you can tag multiple VLANs and set a native VLAN. In a worst case scenario, you can connect the Synology to a port with no VLANs, configure the first VLAN, then move it to a properly configured tag. I trust the reader to understand and troubleshoot their local network configuration. If you do lose all connection to your Synology, you can always reset it to defaults and try again.
UPDATE: This process is confirmed to work with both DSM v4 and DSM v5!
UPDATE TWO: This will not work with DSM v6! See the comments for details.
A few months ago, Dimitar Barfonchovski created a blog post on accessing the VM Console via PowerCLI, hosted on the PowerCLI Blog. Over the next few days, some cool enhancements came out focusing on a GUI for the featureset – which appear to have been lost to the great bitbucket in the sky, or I’d give some credit to them (if you know what I’m talking about, drop a link in the comments and I’ll update the article). I added a few enhancements of my own and ended up with a quick a dirty pastebin that would allow anyone to authenticate to any vCenter server and get a list of VMs they have access to.
I finally went back and combined this with last Friday’s post on creating a PowerCLI module. With a few tweaks we end up with an auto-import module and the cmdlet Get-VMConsoles. Any user can run this cmdlet. Upon connection to the specified vCenter server, you are prompted for authentication. After successfully authenticating, click Open VM Consoles and you are presented with a list of consoles available to your user. You can add a few filters, as I have done below. Ctrl-click to select the VMs you want to view and hit OK in the bottom right. Your consoles will open in your system’s browser in separate tabs.
At work, one of our vSphere datacenters has a relatively static VM count maintained by a single group operating under the vCenter Administrator role. Recently, another group has joined this datacenter and will need to provision 60+ VMs, then hand over the VMs to us for ongoing maintenance and occasional provisioning of 1-2 VMs at a time. We do not want to make these users Administrators, nor do we want to provision 60+ VMs. To make this work, these new users need more rights than the VM Power User role during initial provisioning; some rights will be taken back when they move to maintenance mode. vCenter doesn’t provide any roles that match either need, so I had to create one that had all the correct permissions.
As the built-in roles do not provide the proper permissions, some trial and error was required to determine the correct combination of permissions for our situation. I do not expect that these permissions fit everyone’s needs. Please take the time to test and ensure whatever settings you do choose hit the right balance between your user’s needs and security considerations.