Powercli scripts

Just wanted to add some powercli scripts.

Create identical resource pools in new vSphere

After creating a new vSphere instance during a migration, I needed to create the same resource pools as in the old vSphere. As there were many pools I used 2 powercli scripts to do this.

Log into the old vSPhere using powercli and run the following script. Replace <cluster> with your cluster name and change the output file if needed.

get-cluster -name <cluster> | get-resourcepool | select-object -property Name > c:\temp\resout.txt

After this a text file will be create (in the c:\temp location) and contain all the resourcepool names from the old vSphere. Edit anything in this file as each item listed will be added to the new vSphere cluster.

Log into the new vSPhere using powecli and run the following script. Replace <cluster> with your cluster name and change the output file if needed.

get-content c:\scripts\resout.txt | foreach { Get-cluster -name <cluster> | new-resourcepool -name $_}

After this the new resource pools will be created in the new vsphere cluster.

Create folders from text file in the VM and Templates view in vSphere

Using powerCLi I found that the New-Folder cmdlet would create a new folder in the Hosts and Clusters view of vSphere. Needed a solution to create a folder in the VM and templates view.

I created a text file with each folder name per line as I needed in vSphere. next ran the following script. Adjust <datacenter> as needed.

get-content c:\scripts\resout.txt | foreach {(get-view (get-view -viewtype datacenter -filter @{"name"="<datacenter>"}).vmfolder).createfolder($_)}

Result is folders in the VMs and templates view.

Change vSwitch security settings with PowerCLI

I was creating a powercli script to configure an ESXi Host to a standard configuration after installation and wanted to set the security settings for the vSwitch. This was not as easy as I thought. Found the below script worked. Change the first 2 variables.

# Modify VM network vSwitch security policy
$esxhostname = "<your esxi host>"
$vSwChanged = "<vSwitch needing change>"
#get the esxi host id value
$esx=get-vmhost $esxhostname
$esxid=$esx |% {get-view $_.Id}
#get the current vSwitch configuration
$esxidconfig=$esxid.configmanager
$esxns=$esxidconfig.networksystem
$esxnsview=get-view $esxns
$esxvSwitch=$esxnsview.NetworkConfig.Vswitch | where {$_.Name -eq $vSwChanged}
#Add changes to the vSwitch specification
$specChange= $esxvSwitch.Spec
$specChange.policy.security.allowPromiscuous=$false
$specChange.policy.security.forgedTransmits=$false
$specChange.policy.security.macChanges=$false
#update the specification for the vSwitch
$esxnsview.UpdateVirtualSwitch($esxvSwitch.name,$specChange)
echo "Added security updates to $vSwChanged"

Add Syslog server to ESXi host (5.1)

Change the $esxiHost  and x.x.x.x values in the script to suit your environment.

#Add syslog server
Get-AdvancedSetting -Entity $esxiHost -Name Syslog.global.logHost | Set-AdvancedSetting -Value "udp://x.x.x.x:514" -Confirm:$false

Bind vmk to iSCSI software adapter

Connect directly to the ESXi host for this one. Add the required vmhba adapter and ensure the vmk1 and vmk2 are correct.

$HBANumber = "vmhbaxx"
#Sets up PowerCLI to be able to access esxcli commands
$esxcli = Get-EsxCli
#Binds VMKernel ports to the iSCSI Software Adapter HBA
$esxcli.iscsi.networkportal.add($HBANumber, $true, "vmk1")
echo "bound vmk1 to vmhba"
$esxcli.iscsi.networkportal.add($HBANumber, $true, "vmk2")
echo "bound vmk2 to vmhba"

Change iSCSI software adapter path policy plus change IOPs per path to 1

Connect directly to the ESXi host for this one. This will only chaneg path policy and IOPs per path on device with more than 4 paths.

$psp = "VMW_PSP_RR"
$satp = "VMW_SATP_SVC"
$esxcli = Get-EsxCli
#Change PSP for device with 4 or more paths
$esxcli.storage.nmp.path.list() | group-Object –Property Device | Where {$_.Count –ge 4} | %{
 $esxcli.storage.nmp.device.set($null, $_.Name, $psp) | Out-Null
 $esxcli.storage.nmp.psp.roundrobin.deviceconfig.set([long]0, $null, $_.Name,[long]1, "iops", $false) | Out-Null
 echo "set iops policy on datastore path"
 }
#Change the default PSP for SATP
$esxcli.storage.nmp.satp.set($null,$psp,$satp) | Out-Null

Change DNS address of all ESXi host connected to a vCenter Server

Open PowerCli and connect to the vCenter server. This will change the DNS of all ESXi Hosts connected to the vCenter Server.

get-vmhost | Get-VMHostNetwork | Set-VMHostNetwork -DnsAddress xxx.xxx.xxx.xxx,yyy.yyy.yyy.yyy

Where: xxx.xxx.xxx.xxx is the primary DNS IP address and yyy.yyy.yyy.yyy is the secondary DNS ip address

Add a new port group to each Host in a cluster

Open Powercli and connect to the vCenter server. This script will add a port group to the vSwitch specified.

 Change the <cluster> for your cluster name, <vSwitch> for your vSwitch, <NetName> for the new port group network name and <vlan> for the required vLan.

get-cluster "<cluster>" | Get-vmhost | get-VirtualSwitch -Name <vSwitch> | New-virtualportgroup -name "<NetName>" -Vlanid <vlan>

Add a new Role for Avamar in vCenter

Needed to add a new role for Avamar to use in vCenter on multiple vCenter Servers. Created the following script to do it.

# Load VMWare add-ins
if (-not (Get-PSSnapin VMware.VimAutomation.Core -ErrorAction SilentlyContinue)) {
    Add-PSSnapin VMware.VimAutomation.Core
}
Connect-VIServer -Server <vCenterServer>
New-VIRole -Name Avamar
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Allocate space")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Browse datastore")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Low level file operations")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Move datastore")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Remove datastore")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Remove file")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Rename datastore")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Create Folder")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Cancel task")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Disable methods")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Enable methods")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Licenses")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Log event")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Settings")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Assign network")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Configure")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Assign virtual machine to resource pool")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "validate session")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Create task")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Update task")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Export")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Add existing disk")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Add new disk")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Add or remove device")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Advanced")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Change CPU count")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Change resource")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Disk change tracking")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Disk lease")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Host USB device")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Memory")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Modify device settings")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Raw device")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Reload from path")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Remove disk")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Rename")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Reset guest information")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Settings")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Swapfile placement")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Upgrade virtual hardware")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Extend virtual disk")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Acquire guest control ticket")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Console interaction")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Power Off")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Power On")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Reset")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "VMware tools install")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Create new")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Register")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Remove")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Unregister")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Allow disk access")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Allow read-only disk access")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Allow virtual machine download")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Mark as Template")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Create snapshot")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Remove snapshot")
Set-VIRole -Role Avamar -AddPrivilege (Get-VIPrivilege -Name "Revert to snapshot")
Disconnect-VIServer -Force -Confirm:$false

Enjoy.