PowerCLI Collection: Back up the ESXi configuration (and restore it)

I happen to run in to vSphere environments without Enterprise plus, or need to implement vSphere environments where for example budget is a constrain, and one or more other limiting factors are there for having Enterprise Plus.

When we don’t have a vSphere edition supporting Host Profiles, Auto Deploy and Distributed switches, we need to have to create a way to (multiple) host back up and restoring for a disaster recovery or such. It can be easy with PowerCLI…

Back-up

In this post I want to write about the PowerCLI cmdlet to back-up a host configuration. We can use the Get-VMHostFirmware cmdlet to back-up the local configuration to a tarbal and save this on a disk location. The Get-VMHostFirmware takes the following options:

Get-VMHostFirmware -VMHost <host> -BackupConfiguration -DestinationPath <directorywithouttrailing\>

This creates a tarbal (in other words tar archive zipped in .tgz) bundle with the the filename configBundle-hostname.tgz. In this tarbal there is a manifest text file with the release level of the host, UUID, kernel options and user options.  There is also a state.tgz tarbal with the host state of the moment the tarbal is created. In this state tarbal is the local tarbal (getting lost a bit here ;-)) with local dump of the configuration of the host. Here you will find the files for creating local settings, vSwitch configurations, Resource Pools, Authentication, NTP, SSH etc. etc. etc.

Configuration Tarbal

Script

We need to build a script around this to occasionally take the dumps from hosts, for example with a schedule task. For the current customer I’m doing this for clusters. An side effect to doing the configuration dump, is checking the configuration is the same across all hosts in the cluster. If you happen to have a tarbal with a different size there is probably something different about this host. This can be with a reason or not. But something worth to check.

The following script takes input in variables for the vCenter, cluster, Hostroot, Hostpassword (note: plain text!), Destinationpath (without trailing \). It furthermore creates a log file name with the cluster and date. In this logfile we put the hostname, buildnumber to get the exact patchlevel and output of the Get-VMHostFirmware.

# This script dumps the config of hosts in cluster
# to be used with restoring via Set-VMHostFirmware (and Set-VMHost -State ‘maintenance’)
# To be runned with a user with access to the environment
# Must be runned against hosts with same build, when needed use -f force to override

# Log is created where name and build is written with time stamp

#Settings
$vCenter = “<vcenter server>”
$Cluster = “<clustername>”
$HostRoot = “root”
$HostPassword = “<password>”
$DestinationPath = “<driveletter:\pathname>”

# connect to vCenter
Connect-VIServer $vCenter

# Create LogFileName
$LogFile = “$DestinationPath\Dump-$Cluster-$(Get-Date -Format ddMMyyyy).log”

# Open Logfile with timestamp
Get-Date | Out-File $LogFile

Foreach($Hostname in (Get-VMHost -Location $Cluster | Select-Object name, build)){
“Dump and build for $Hostname” | Out-File $LogFile -Append
Get-VMHostFirmware -VMHost $Hostname.name -BackupConfiguration -DestinationPath $DestinationPath | Out-File $LogFile -Append
“Dump created” | Out-File $LogFile -Append
}

Disconnect-VIServer -Confirm:$False

Restore

Restoring the configuration when something goes amiss? Take a host at the same build number, either the one where some configuration change went wrong or reinstall a host in case of a complete disaster.

For restoring we need two cmdlets, one to put the host in maintenance and one to restore.

Set-VMHost -VMHost <host> -State ‘Maintenance’

And to restore:

Set-VMHostFirmware -VMHost <host> -Restore -SourcePath <backupfile complete pathname.tgz> -HostUser <user> -HostPassword <password>

The Sourcepath must include the driveletter\directory-tree\dumpfilename.extension.

Like said when restoring configuration the build number of the host must match the build number of the host that created the backup file. If this not possible, use the -force option to override this requirement. Recommended is having the same build number.

– Enjoy!

Sources: vmware.com

vCenter Operations Manager Part 2: How to interpret the metrics?

In the first part of writing about vCenter Operations Manager, or vCOPS for short, I handled the architecture and installation of vCOPS. You can read that part at https://pascalswereld.nl/post/84944390488/installing-vcenter-operations-manager.

As I also visit customers that have vCOPS in place, but don’t know how to use it. I want to follow up with an article on how to interpret the presented metrics, how are they calculated and when to act. Future posts must go about tuning and customization, but first is first.

The Dashboard

What do we see when opening the standard interface of vCOPS?

image

We see a World overview. World is the vOPS process with all vCenters, Datacenter, cluster, host and other sibling objects. Per object type you narrow down the view from that objects tree. Health, Risk and Efficiency badges can be green on the world, but down in the cluster specific stress or efficiency levels can bring them down for that zoomed object. There will be metrics involved specific for the object. Always check down in the tree to see what specifically is happening there.

Like said in the previous part, for Health and Efficiency high is good and low is bad. For Risk this is the other way around, low is good high is bad. This opening screen isn’t that bad (if we forget all the alerts and reclaimable waste for now).

When I go down an object layer to one of the vCenters, I get this:

image

My health went down a few points, nothing serious. Risk went up a few points. Efficiency went from green to a yellow state. There is a reclaimable waste here, and density is also not ideal (out of view so you will have to trust me) on memory. Something to investigate further.

And when we go to a cluster in that datacenter, we get this view.

image

Risk is up to 96, there is definitely something to do here in this cluster!

We didn’t see this right away in the world dashboard, but we could have come here by investigating and looking at the environment, operations, planning, alert etc. from the world view. Don’t go and trust all your initial information as these are calculated at the whole environment and you will miss important information from the siblings. There is always something lurking in the environment.

Where does vCOPS gets it’s metrics?

What VCOPS actually does is take thousands of metrics from vCenter Server and categorize them up into 3 actionable higher level badges for Health, Risk and Efficiency.  These are critical pieces of info that would help any admin without having to go through all those vCenter metrics.

All of the metrics that are collected from the vCenter servers database, are moved into the vCOPS embedded database running inside the vCOPS Analytics VM. Because vCOPS itself pulls data from the vCOPS database, it starts providing useful performance and capacity information the first day it is installed because it can use the historical data available in the vCenter database (can as this depends on your specific settings). No need to wait for important business cycles, again depending on the fact your vCenter is already configured to take account of these specific workloads.

Certain metrics are identified more important than other metrics.  These more important metrics can indicate that there are severe problems in the virtual infrastructure. Those special groups of metrics are KPIs, or key performance indicators.

The way badges, alerts, forecast and all are made up, is controlled via the policies. Standard the default policy is applied when no custom policy is applied. For tuning the environment custom policies are required.

You will also customize the groups of metrics. The created groups of metrics might, for example, track the average free disk space for all MSSQL server data disks in your organizations infrastructure.

When and how to act?

vCOPS is big and will tell a lot of information about your environment, take the time to get used to the way vCOPS presents its information. Try to get the why out of the presented data. vCOPS is complex, and stays complex until you understand the variety of badges and how/why they are presented in the different layes and object type (these have their own metrics). It becomes even more complex when you  want to customize.  Make sure you take the time to recognize important badges and use them to their (and yours) advantage.

See any stress or oversized and go full me(n)tal jacket and to try to solve all those events by changing the VM’s and blindly solving issues? Well your application or server administrators won’t be pleased, perhaps some customers as well as services might go down (without application redundant roles/services), and when they do their half years cycle resources needed weren’t calculated yet as those statistics are not saved, woops. Removing resources, and solving issues as well, needs some planning. Hot add is okay for the most of the last releases of OS, but hot removing still is far from support. This takes down time. But it also takes planning. Right size the VM’s.  Just removing all resources to the minimum amount registered in monitoring is probably not the way, you will need to test/monitor the workload for capacity planning. Maybe the workload needs some more in a few cycles. Talk to the owners of the workload, they know what is needed and when (or they should at least). Think, communicate and plan your actions.

Customize or extend with other monitoring? Sure that is possible and recommended as well. But take it a step at a time, first know what is going around before creating a bigger monster that burns down your brain with an informational overload.

Sources: vmware.com

PowerCLI Collection: Reporting to HTML

Another PowerCLI for the collection, this time a returning job of creating reports of the environment with specific information requested by Service Delivery or other IT management report. Basic PowerCLI (and with that basic powershell) outputs to the screen, but there are several cmdlets to help and export to a different output; in this case the ConvertTo-HTML cmdlet for export to a nice HTML output. This output can be send to an output file or send via e-mail.

We want a report of VM’s and their power state, vCPU count and vRAM. And specifically resources in a defined cluster. In the final report this shows the cluster resources in the top part and a breakdown of the VM’s in a lower part.

ConvertTo-HTML

ConvertTo-HTML takes the output of an inventory cmdlet (Get-VM for example) and converts the output to an HTML table. When using no formatting it actually creates a ready to use information HTML table. But with the management reports we also want to add some markup to show the information in a nice report.

Let see if we can get some of the wanted information. After we connect to a vCenter server:

$ClusterName = “Testlab”

Get-VM -Location (Get-Cluster -Name $ClusterName) | Select-Object Name,PowerState,NumCPU, MemoryGB | Sort-Object Name | ConvertTo-HTML | Out-File “testlab.html”

We set the clustername in a variable, and use the Get-VM cmdlet to get information of the VM’s in this cluster. With Select-Object we choose the VM Name, the power state, the number of vCPU’s and the configured Memory. We sort on the name of the VM’s and pipe to Convert-HTML to get a nice HTML markup. We pipe this yet again to Out-File for saving the HTML that we can view from disk in a HTML browser.

What output do we have:

image

Wasn’t this what was asked? Yes and no, the report needs to be displayed in a nicer format (you know management ;-)) and we were asked some totals as well.

Get more results and a nicer view

More results? Yes part of the job was to get the cumulative vCPU and vRAM of the cluster.

For this we check the cluster for the specific counts and add this to a total variable (that has been declared at 0 and added with a +=).

#Get VMHost info for CPU and Memory totals
$countcpu = 0
$countmem = 0
$MemoryGBtot = 0
$cpu=Get-VM -Location (Get-Cluster -Name $ClusterName) | Select-Object NumCPU
Foreach ($itemcpu in $cpu) { $countcpu += $itemcpu.NumCpu }

$memory=Get-VM -Location (Get-Cluster -Name $ClusterName) | Select-Object @{Name = ‘MemoryGBtot’; Expression = {“{0:N2}” -f ($_.MemoryGB)}}
Foreach ($itemmem in $memory) { $countmem += $itemmem.MemoryGBtot }
# Now we have $countcpu and $countmem for cluster totals
# Memory should be formatted to two decimals which is #done via Expression N2.

Next up creating a HTML style and markup. We declare a CSS stylesheet with colors in the organization colors. And place box objects where we put the information, this we use in the HTML line to add HTML code and information into the ConvertTo-HTML. A small snippet, in the total script you can see it all together (this part does not work on it’s own).

# Style of the Report in Css
$Css=”<style>
body {
font-family: Verdana, sans-serif;
font-size: 14px;
color: #666666;
background: #FEFEFE;
}
#title{
color:#FF0000;
font-size: 30px;
font-weight: bold;
padding-top:25px;
margin-left:35px;
height: 50px;
}

</style>”

And for some div boxes:

# HTML Markup
$PageBoxOpener=”<div id=’box1’>”
$ReportClusterStats=”<div id=’boxheader’>ClusterTotal $ClusterName</div>”
$ReportClusterHeader=”<table><tr><th>vCPU Count</th><th>Memory GB Total</th></tr>”
$BoxContentOpener=”<div id=’boxcontent’>”
$PageBoxCloser=”</div>”
$br=”<br>”
$ReportGetVmCluster=”<div id=’boxheader’>VM Details $ClusterName</div>”

Create some Div boxes with the styles as we defined and markup in the CSS.

We use these declarations in the report making:

# Create HTML report
$MyReport = ConvertTo-Html -Title “VM Details Report” -Head “<div id=’title’>VM CPU and Memory Reporting</div>$br<div id=’subtitle’>Report generated on: $(Get-Date)</div>” -Body ” $Css $PageBoxOpener $ReportClusterStats $BoxContentOpener $ReportClusterHeader <tr><td>$countcpu</td> <td>$countmem</td></tr> $PageBoxCloser </table> $br $ReportGetVmCluster $BoxContentOpener $GetVmCluster $PageBoxCloser”

The report is created as $MyReport with a ConvertTo-HTML to create a HTML format and with – title to give a title instead of HTML Table. in the Body we put the $Css style, the box parts and the collected information.

This creates the report in a nice markup as shown in the following screenshot:

image

To save or to send, that’s the question

Or both of course, if you want. We can use the earlier mentioned Out-File cmdlet to send pipelined output directly to a text file rather than displaying that output on screen. Well, as we will be directing the output to a variable we don’t see the output on screen, but we still can use this cmdlet to save to a file. A nice declaration of the file name and pipe the HTML report to Out-File.

$fileNameReport = “$OutputPathReportVMDetails-$ClusterName-$(Get-Date -Format o | foreach {$_ -replace “:”, “.”}).html”

and add | Out-File $fileNameReport to the report $MyReport line (add at the end after closing “) when wanting to save

FileNameReport marks up the filename with a clustername and date stamp.

We can also use an e-mail to inform our whomever it is that is interested in the report. For this will need some declaration of from and to adresses, mail title, a SMTP server. We send our HTML marked up report as body.

function Send-SMTPmail($to, $from, $subject, $smtpserver, $body) {
$mailer = new-object Net.Mail.SMTPclient($smtpserver)
$msg = new-object Net.Mail.MailMessage($from,$to,$subject,$body)
$msg.IsBodyHTML = $true
$mailer.send($msg)
}

Write-Host “Sending e-mail” -foregroundcolor “red”
# Sending the report
Send-SMTPmail $EmailTo $EmailFrom “$ClusterName Capacity Report $(Get-Date)” $SMTPSRV $MyReport

We create a Send-SMTPmail function where we need input in the form of a to, from and subject, a SMTP server where the host where the script is run is allowed to relay and a $body. When we call this function we add this values via declared variables. The last is the Report that we put in an HTML markup.

Putting it all together

And to conclude we put this all together in the following script. I left out the saving as I want the report to the e-mail. The code is still in there. Here we go:

# Settings
# vCenter Connection details
$vCenterFQDN=”<vcenter>”
$vCenterUser=”<user>”
$vCenterPass=”<password>”
# Name of the Cluster on which you need to run the report
$ClusterName=”<cluster>”
#Location where you want to place generated report
$OutputPath=”<output path>”
# Set the SMTP Server address
$SMTPSRV = “<SMTP Server>”
# Set the Email address to recieve from
$EmailFrom = “<from email address>”
# Set the Email address to send the email to, comma separate when using multiple reciptients
$EmailTo = “<to e-mail address>”

Write-Host “Connecting to vCenter” -foregroundcolor “red”
Connect-VIServer -Server $vCenterFQDN -User $vCenterUser -Password $vCenterPass

# Style of the Report in Css
$Css=”<style>
body {
font-family: Verdana, sans-serif;
font-size: 14px;
color: #666666;
background: #FEFEFE;
}
#title{
color:#FF0000;
font-size: 30px;
font-weight: bold;
padding-top:25px;
margin-left:35px;
height: 50px;
}
#subtitle{
font-size: 11px;
margin-left:35px;
}
#main {
position:relative;
padding-top:10px;
padding-left:10px;
padding-bottom:10px;
padding-right:10px;
}
#box1{
position:absolute;
background: #F8F8F8;
border: 1px solid #DCDCDC;
margin-left:10px;
padding-top:10px;
padding-left:10px;
padding-bottom:10px;
padding-right:10px;
}
#boxheader{
font-family: Arial, sans-serif;
padding: 5px 20px;
position: relative;
z-index: 20;
display: block;
height: 30px;
color: #777;
text-shadow: 1px 1px 1px rgba(255,255,255,0.8);
line-height: 33px;
font-size: 19px;
background: #fff;
background: -moz-linear-gradient(top, #ffffff 1%, #eaeaea 100%);
background: -webkit-gradient(linear, left top, left bottom, color-stop(1%,#ffffff), color-stop(100%,#eaeaea));
background: -webkit-linear-gradient(top, #ffffff 1%,#eaeaea 100%);
background: -o-linear-gradient(top, #ffffff 1%,#eaeaea 100%);
background: -ms-linear-gradient(top, #ffffff 1%,#eaeaea 100%);
background: linear-gradient(top, #ffffff 1%,#eaeaea 100%);
filter: progid:DXImageTransform.Microsoft.gradient( startColorstr=’#ffffff’, endColorstr=’#eaeaea’,GradientType=0 );
box-shadow:
0px 0px 0px 1px rgba(155,155,155,0.3),
1px 0px 0px 0px rgba(255,255,255,0.9) inset,
0px 2px 2px rgba(0,0,0,0.1);
}

table{
width:100%;
border-collapse:collapse;
}
table td, table th {
border:1px solid #FA5858;
padding:3px 7px 2px 7px;
}
table th {
text-align:left;
padding-top:5px;
padding-bottom:4px;
background-color:#FA5858;
color:#fff;
}
table tr.alt td {
color:#000;
background-color:#F5A9A9;
}
</style>”
# End the Style.

# HTML Markup
$PageBoxOpener=”<div id=’box1’>”
$ReportClusterStats=”<div id=’boxheader’>ClusterTotal $ClusterName</div>”
$ReportClusterHeader=”<table><tr><th>vCPU Count</th><th>Memory GB Total</th></tr>”
$BoxContentOpener=”<div id=’boxcontent’>”
$PageBoxCloser=”</div>”
$br=”<br>”
$ReportGetVmCluster=”<div id=’boxheader’>VM Details $ClusterName</div>”

Write-Host “Getting Cluster Details for CPU and Memory totals” -foregroundcolor “red”
#Get VMHost info for CPU and Memory totals
$countcpu = 0
$countmem = 0
$MemoryGBtot = 0
$cpu=Get-VM -Location (Get-Cluster -Name $ClusterName) | Select-Object NumCPU
Foreach ($itemcpu in $cpu) { $countcpu += $itemcpu.NumCpu }

$memory=Get-VM -Location (Get-Cluster -Name $ClusterName) | Select-Object @{Name = ‘MemoryGBtot’; Expression = {“{0:N2}” -f ($_.MemoryGB)}}
Foreach ($itemmem in $memory) { $countmem += $itemmem.MemoryGBtot }
# Now we have $countcpu and $countmem for cluster totals
# Memory should be formatted to two decimals

Write-Host “Getting VM information for $ClusterName” -foregroundcolor “red”
#Get VM infos
$GetVmCluster=Get-VM -Location (Get-Cluster -Name $ClusterName) | Select-Object Name,PowerState,NumCPU, MemoryGB | Sort-Object Name | ConvertTo-HTML -Fragment

# Create HTML report
# and export to HTML out file
# Use $fileNameReport = “$OutputPathReportVMDetails-$ClusterName-$(Get-Date -Format o | foreach {$_ -replace “:”, “.”}).html” and | Out-File $fileNameReport when wanting to save
$MyReport = ConvertTo-Html -Title “VM Details Report” -Head “<div id=’title’>VM CPU and Memory Reporting</div>$br<div id=’subtitle’>Report generated on: $(Get-Date)</div>” -Body ” $Css $PageBoxOpener $ReportClusterStats $BoxContentOpener $ReportClusterHeader <tr><td>$countcpu</td> <td>$countmem</td></tr> $PageBoxCloser </table> $br $ReportGetVmCluster $BoxContentOpener $GetVmCluster $PageBoxCloser”

# Disconnect
Write-Host “Closing vCenter connection” -foregroundcolor “red”
Disconnect-VIServer -Confirm:$false

function Send-SMTPmail($to, $from, $subject, $smtpserver, $body) {
$mailer = new-object Net.Mail.SMTPclient($smtpserver)
$msg = new-object Net.Mail.MailMessage($from,$to,$subject,$body)
$msg.IsBodyHTML = $true
$mailer.send($msg)
}

Write-Host “Sending e-mail” -foregroundcolor “red”
# Sending the report
Send-SMTPmail $EmailTo $EmailFrom “$ClusterName Capacity Report $(Get-Date)” $SMTPSRV $MyReport

Notice: at this time the script takes a plaintext password.

Add your environment entries to the settings variables and your good to go.

More

You can add more or specific required cmdlets and information to the report to get what you want. Or you could go on the community and find an already made reporting scripts out there. Maybe not the best way to learn, but you can check in the source what these guys and gals have been up to. A great one for example, vCheck is highly recommended to get an overview report of your environment. This script can be found at: http://www.virtu-al.net/vcheck-pluginsheaders/vcheck/.

– Enjoy!

Sources: Microsoft.com powershell cmdlet library, vmware.com PowerCLI reference, community.vmware.com for examples.

Introduction to Automation via vCenter Orchestrator – Part 2 Installation and initial configuration

This post is a follow up from my previous post about the introduction to the vCenter Orchestration and it’s architecture within the vCenter system infrastructure. The first part can be found at https://pascalswereld.nl/post/84118414428/introduction-to-automation-via-vcenter-orchestrator.

This part will handle the installation options and the initial configuration before starting to use the system.

Installation

For the installation of vCenter Orchestration we have the following options:

  • Use the vCenter server installation to install vOrchestrator with your vCenter server. This is the default and simplest way.
  • Use the installer on the vCenter installation media to install the vCenter Orchestrator separately from your vCenter server. This is especially for dedicated Orchestration servers or role separation. The installer can be found on the media in the directory vCenter-ServervCO and the application installer is vCenterOrchestrator.exe. This also minimize the hassle of the initial configuration as those are moved to the installed (;-)), just add the vCenter connection in the vSphere web client.
  • Use the vCenter Orchestration Virtual Appliance to deploy as a OVF in your infrastructure.

I have installed vOrchestrator from the vCenter Server installer.  This installs to the vCenter location as defined in the installer input. The directory within the infrastructure structure is called Orchestrator. The installer creates two services, namely the VMware vCenter Orchestrator configuration service for the web configuration, and VMware vCenter Orchestrator Server for the service (where the vCenter and web client connection will be to). These services open web service for port 8283 for the configuration and 8281 for the Orchestrator API. These services are installed in a stopped manual state.

For a small environment with testing or just a small amount of workflows the default vCenter or embedded database can be used. But for a production environment a specific database is highly recommended. I have setup a MSSQL 2008R2 database to be connected to from vCenter Orchestrator. This is an empty database with 1GB space and 10% growth. The databases will be created from the configuration.

Initial Installation

For the initial installation we start up the VMware vCenter Orchestrator configuration service and set this to automatic. After the system starts up, we can connect a browser to https:<servername>:8283/

The initial username and password is, vmware with password vmware. The default password is changed upon connecting. The vmware user cannot be changed.

We see some greens (hooray) and some reds (boooo).

First up check the network settings. These should be okay. Next up import the SSL certificate of the vCenter server. Go to Network – SSL Trust Manager

Fill in the details of your vCenter server at Import from URL. I have installed this on the same host, so https://localhost is sufficient. This needs to be repeated from every vCenter you want to add (a maximum of 20 per Orchestrator).

Next up settings the authentication method. Orchestrator supports LDAP and SSO authentication.  If we want Orchestrator to work from the web client we need SSO setup.

We have to import the SSO certificate in SSL Trust Manager. Import from URL and connect to the SSO on the server. https://localhost:7444 for example.

Next click on authentication and select SSO authentication from the mode drop-down menu.

Add the same URL as the SSL import. For admin and password use the SSO admin credentials. Either Administrator@vsphere.local or any other account you have selected as SSO admin. This account is only used on registering or removing. Click on register.

Next complete the SSO configuration by add a vCO Admin domain and group. Optionally use the filter to filter out the groups.

Click update to complete this step.

Next we are going to set up the database. Go to the database screen.

We select SQL Server, add the SQL username and password. Fill in the name and standard port (1433), database name and instance name. After we save this configuration, we are presented with an option to create the database tables. If you happen to use SSL on the SQL server, you will need to import the database server SSL certificate. We can do this in the SSL Trust Manager by connecting to the server URL and import. For this example I don’t need this step.

Click on the link to create the tables.

Click apply changes.

This changes the red triangle at database to a green circle.

Installing Orchestrator requires a certificate for orchestrator. Depending on how your certificates are managed you either create a signing request and a CA signed certificate or create a self signed.

Click on server certificate. Click create certificate database and self-signed certificate. Enter the relevant certificate details.

For the licenses use the vCenter Server License. Add this information if your not using a licensed vCenter or a pre 4.0 version. Add the host, portnumber 443 Path /sdk and a user that is allowed to connect. Apply changes.

Server availability let’s you set a standalone mode or clustered mode when having multiple Orchestrator servers. We leave it running in standalone mode. We are just introducing to system and are not yet at the moment we need clustering. When using Orchestration in your production environment and administrative processes, you might want to think about leveraging this option.

Start the Orchestration service and set it to automatic. You might want to head over to General – Export Configuration and export this configuration to a back-up location.

Setting up Orchestrator to work with vSphere Web Client.

Login to the vSphere Web client and in home select vCenter Orchestrator.  In vCO home select manage Servers and edit configuration of vCenter server. Fill in the Fixed IP/Hostname of the Orchestrator server in format https://<fqdn server>:8281/vco/api/. Test connection and when all is okay click ok.

Workflows

When the registration is successful you have access to some 394 workflow items, composed of the standard workflows and plugins.

vOrchestrator Client

To perform general administration or edit and create your on workflows you must log in to the client interface. You can start the client from programs-VMware-vCenter Orchestration client (or use the windows key on metro systems to browse your apps).

In the hostname fill in the IP as displayed in the Network tab in vOrchestrator configuration and log in with credentials as defined in the Authentication tab.

This is the most important tool in the set, well next to the Orchestrator interface in the vSphere Web client.

Want to install the client on it’s own, use the standalone installer from the vCenter install media and select client.

 

Next!

Great we have our system ready to use. From this two blog post we know we have it, how it works and how to install and configure the system. Next up is starting to use it. I will follow up with a blog post (maybe not the next, but I will) to actually start using it!

Sources: vmware.com.

Installing vCenter Operations Manager

A yes, I want a little PowerCLI and more vOrchestrator, but my next task brings me vCenter Operations Manager. Also a very handy, must have, excellent tool for every vSphere administrator/engineer/architect. Here goes.

Introduction

vCenter operations manager is the key component of the vCenter Operations Management Suite. It provide a holistics view and deep operational insights into the health, risks and efficiency of the virtual infrastructure and its application workload. It identifies capacity short falls and over-provisioning, with that information you can right size the VM’s, reclaim not used resources and increase consolidation ratio’s. This is all in a proactive performance management solution, with automated root cause analysis and recommended actions to remediate potential bottlenecks.

The operations management suite consists of the following components:

  •          vCenter Operations Manager, or vCOPS in short.
  •          vCenter Configuration Manager;
  •          vCenter Hyperic;
  •          vCenter Infrastructure Navigator;
  •          vCenter Chargeback Manager;

This document handles the installation of the key component VCOPs.

Architecture

vCOPS is a vApp that you import and deploy in the virtualization layer, in this case vSphere ESXi.

The vApp consists of two virtual machines:

  •        the UI VM. Access to the analytics and access to the administration portal via several web interfaces. Addins/plugins to vSphere client and the vSphere web client let’s you view and manage the environment from a single web control plane.
  •       the analytics VM. Responsible for collecting data from vCenter and other VMware or third party infrastructure components. Raw metric data is stored in the File System Database (FSDB) and other collected data, objects, relationships, alerts and thresholds are stored in a Postgres DB.

All put together in an architecture model taken from the vmware.com site:

image

For deployment you will need:

  •          vCenter to connect to.
  •          Active Directory user with access to the source vCenter, and access in the infrastructure vCenter to deploy.
  •          Amount of VM’s to monitor, depending on your license (vSphere edition or vCOPS license) you will need the amount of VM’s licensed and you will need the resource calculated for the amount of VM’s:
  • Small: less than 1500 VM’s. 4vCPU’s and 16GB vRAM.

  • Medium: between 1500-3000 VM’s. 8 vCPU’s and 25GB vRAM.

  • Large: Larger than 3000 VM’s. 16 vCPU’s and 34 GB vRAM.

  •          vCenter for the infrastructure where your vApp will run.
  •         Networking information.
  •         Storage location and capacity, starting with 344 GB Thick provisioned (or 3.8 GB Thin when you want to thin provision).
  •         Resources, depending on the amount of VM’s.

Installation

Download the OVA or OVF and VMDK files from vmware.com. Either import the OVF from the web client or from the vSphere client. When using the vSphere client you will have to create an IP Pool to support the vApp. With the web client this is created upon import and configuration.

Note: when creating the IP Pool in the vSphere client you don’t have to enable the IP Pool and add a IP range. When deploying the vApp you either configure a static IP (recommended) or use a DHCP server present in the IP range.

Go to Inventory – Networking and select the datacenter object you want to deploy vCOPS into.  Select the IP Pools tab. Click add.

Fill in the IP Subnet and gateway, DHCP (only when a DHCP server is to be used and present), DNS and Associations. Do not select Enable IP Pool (normally when you want a Transient allocation, but this is not supported with vCOPS). But as I want static, I don’t need the IP Pool to be enabled. Association of the IP pool must be to the portgroup(s) you want you VM’s configured with.

image

Next up is deploying the vApp. Select deploy OVF Template and browse to your downloaded location. Follow the prompts of the Deploy OVF Template Wizard.

  1. Accept the EULA.
  2. Name your vAPP and select an Inventory location in the data center.
  3. Select your deployment configuration. I select small as the infrastructure is much smaller than 1500 VM’s.
  4. Select the Cluster or host the vApp needs to run on.
  5. Select the storage location. Standard the compatibility check is on Thick provisioned, you can change this to go to disk format and then return to Storage location.
  6. Thick Provisioned Eager Zeroed disk format is recommended, or whatever is the organizations standard is.
  7. Select Network Mapping to the wanted portgroup.
  8. Select an IP Allocation Policy, I want Fixed.
  9. Fill in the required properties and when finshed let it rip.
  10. Wait for the VM’s to be started
  11. Check the IP’s in the VM tab’s.

Connect to the vCOPS web service. This can be reached via https://<ip UI VM>/admin. Use the default admin admin combination on first boot.

Configure the following:

  •           vCenter Hosting server. If FQDN gives error, IP address should be used to import certificate.
  •           Change password on admin and on root.
  •           Specify the vCenter to register with (for monitoring). Specify users for registering and collecting information.
  •           Import data.

Next assign a license via the License management to the vCOPS solution.

When needed set SMTP en SNMP to forward alerts, and add users to the roles to be able to use vCOPS as well.

You can now go to solutions and vCOPS. Let the solution gather some information on the infrastructure before any actions will be done. As more data becomes available, more information is displayed. Depending on the size of the to monitor infrastructure this can take a few minutes to hours.

Check if there are no alerts, both in the admin and in the vCOPS UI.

Dashboard

image

The dashboard is opened via the vSphere client (after you enabled the plug-in) when you go to Home – solutions and Applications – vCenter Operations Manager. You can also open this in a web client by browsing to https://<UI IP address>/.

You can view the dashboard and details on several point in the infrastructure:

  •           World shows all connected infrastructures and the combined status.
  •           vCenter shows that vCenter inventory status.
  •           From vCenter you can zoom in to the vCenter objects just like in the vSphere infrastructure:
  • Datacenter

  • Cluster

  • Hosts

  • Datastores

When you are used to the default dashboard and it’s badges you can create custom dashboards to further specialize vCOPS solution to your organization’s needs. The custom interface is reachable via https://<ui IP address>/vcops-custom. Same goes for setting organization specific policies instead to the default policies. This means setting specific threshold values, detection rules, alerts and forecasts and trends.

Dashboard badges

The standard dashboard is created from the following badges:

  •          Health. Which in turn is a combination of workload, anomalies and faults. The higher this number, the healthier the environment is. Low number is bad.
  •          Risk. This is a combination of stress, time remaining and capacity remaining. This is a projected risk in a future condition (near or long term). The lower this number the better, high is bad.
  •          Efficiency. This is a combination of reclaimable waste and density (consolidation p:v for CPU and memory and VM to host ratio). The higher this number, the better. Low number is bad.

Going from Dashboard to more

Going from the dashboard badges to more specific information, planning, analysis and reporting via the tabs shown on the top pages or by clicking on some of the badges of interest in the dashboard. The active alerts, warnings and informational numbers are shown on the right of the screen.

But for now this concludes this document.

– Enjoy!

PowerCLI Collection – Adding SNMP settings to ESXi hosts

It’s been a while since I posted a PowerCLI script, but since I started a new project one of my first tasks was to help out and setup SNMP to monitor ESXi hosts from Nagios (which is a great product BTW).  So a new script for the collection.
O yeah, a little notice as I’m not always working with scripts there are probably better scripts or better scripters out there that will be more efficient. I have chosen to use a script and not a killer one liner, just to make clear what is happening and for others to use and understand what is happening.
If you have tips and leave a comment to help me, no problem I would appreciate that and probably any reader out there as well.

SNMP Scripts

To change the SNMP settings we need some information about what need to be set. For this example I will set the readonly community, trap destination and trap community name.  I have set up the script to take input from the user for these values.

I’m using two scripts, one to change a single hosts and one to change hosts connected to vCenter in a specific cluster. The main difference is that the single host script takes a input for the ESXi hostname, while the cluster script takes vCenter and cluster name (which can be easily changed to another object location for example replacing Get-cluster with nothing or Get-datacenter) and loops through the hosts. There is a host connection needed to change the SNMP values for that host, this is what is done first in the loop. If not direct connected to the host, the SNMP settings will not be changed. This goes for the single host script as well.

For SNMP there are two cmdlet’s relevant Get-VMHostSNMP and Set-VMHostSNMP, respectively getting the SNMP values from the host and setting the values. First enable SNMP with Set-VMHostSNMP to set value –Enabled to true. The SNMP settings value are done via two more Set-VMHostSNMP cmdlets, first setting the Read only community with –ReadOnlyCommunity option and the other to set a SNMP trap target and communityname (-Target and -TrapCommunity).

The rest of the comments in the script should tell what action is done at that time. If not, you know where to find me….

I have chosen not  to hardcode or use files that store passwords, again this is user input with the Get-Credential cmdlet. For the ESXi hosts in the cluster script this is stored to a variable to be used in the host loop. The condition is that the hosts use the same credentials.

The Singlehost script:

#Settings

$ESXHost = Read-Host “ESXi hostname to change:”

$trapDestination = Read-Host “SNMP Trap Mgmt server hostname: “

$trapCommunity = Read-Host “Trap Community Name: “

$ReadOnlyCommunity = Read-Host “Read Only Community Name: “

# Running no need to change under this line

# Connect to the ESX server

$viServer = Connect-VIServer -Server $ESXHost -Credential (Get-Credential)

 

# Get snmp

$snmpConn = Get-VMHostSnmp -Server $defaultViServer

 

# Enable snmp

Set-VMHostSnmp -HostSnmp $snmpConn -Enabled:$true

 

# Set read-only community

Set-VMHostSnmp -HostSnmp $snmpConn -ReadOnlyCommunity $ReadOnlyCommunity

 

# Set trap target and community name

Set-VMHostSnmp -HostSnmp $snmpConn -AddTarget -TargetCommunity $trapCommunity -TargetHost $trapDestination

 

#disconnect from ESX server

Disconnect-VIServer -Server $viServer -Confirm:$false

 

The cluster script with a host loop:

#Settings

$vCenterFQDN = Read-Host “Enter vCenter FQDN: “

$ClusterName = Read-Host “Enter Cluster name of hosts that will need to be changed: “

$trapDestination = Read-Host “SNMP Trap Mgmt server hostname: “

$trapCommunity = Read-Host “Trap Community Name: “

$ReadOnlyCommunity = Read-Host “Read Only Community Name: “

 

# Running no need to change under this line

# Connect to the vCenter server

Write-Host “vCenter credentials”

$viServer = Connect-VIServer -Server $vCenterFQDN -Credential (Get-Credential)

 

# Get all hosts in vCenter managed Cluster so we can cycle thru them

$Hosts = Get-Cluster -Name $ClusterName | Get-VMHost

 

# Get ESXi Host credentials

Write-Host “ESXi host credentials”

$EsxCred = Get-Credential

 

# Cycle through each host

ForEach ($VMHost in $Hosts)

{

                # Need to connect to ESXi itself

                $esxconnect = Connect-VIServer -Server $VMHost -Credential $EsxCred

 

                # Get snmp object

                $snmpConn = Get-VMHostSnmp

 

                # Enable snmp

                Set-VMHostSnmp -HostSnmp $snmpConn -Enabled:$true

 

                # Set read-only community

                Set-VMHostSnmp -HostSnmp $snmpConn -ReadOnlyCommunity $ReadOnlyCommunity

 

                # Set trap target host and trap community

                Set-VMHostSnmp -HostSnmp $snmpConn -AddTarget -TargetCommunity $trapCommunity -TargetHost $trapDestination

 

                # Disconnect-VIServer

                Disconnect-VIServer -Server $esxconnect -Confirm:$false

}

 

#disconnect from ESX server

Disconnect-VIServer -Server $viServer -Confirm:$false

Just copy and save the scripts. And when your execution policy allows it, execute them.

–          Enjoy!