powershell | VirtualFlow

Posted on 2016/03/10 by cann0nF0dder 2 Comments

Share This: Script written to automate vCD cancellation process using powershell and REST. It takes vcd and organization as input and cancel that customer in multi tenant environments. By cancel I mean disable org,orgvcd and power off all existing vApps.

#*========================================================================
#* Script Function: Cancellation of the customer org/vdc.
# Author: Chris Danielewski
#*========================================================================
param(
[string]$vCDserver,
[string]$org
)
$vcd = $vCDserver+".test.lab.com"

$path = "Z:\LogDir"
If (Test-Path $path)
{
write-host -foregroundcolor Green "Log directory found: $path"
write-host ""
}
Else
{
write-host -foregroundcolor Red "Unable to access $path , Please double check if the share is mapped"
exit
}

$logdir = $path+$org+".txt"
if (Test-Path $logdir) 
{
write-host "Log file exist $logdir"
}
Else
{
write-host "Log file set to $logdir"
New-Item $logdir -type file 
}


#Get password function
<confidential>


#*===========================================================================
#* Script Function: Gets Auth String 
#* Thanks to Timothy Test for sharing those get/post functions!
#*===========================================================================
Function GetConinfo ($BaseURL,$password)
{
$url=$baseURL+"/sessions"
Write-Host "Trying to connect to " $url -ForegroundColor Green
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
$webRequest = [System.Net.WebRequest]::Create($url)
$webRequest.ServicePoint.Expect100Continue = $false
$webRequest.PreAuthenticate = $true
$webRequest.Method = "Post"
$webRequest.Accept = "application/*+xml;version=5.6";
$webRequest.Credentials = New-Object System.Net.NetworkCredential("admin@system",[Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($password)))
$resp = $webRequest.GetRequestStream();
$rs = $webRequest.GetResponse()
[System.IO.StreamReader]$sr = New-Object System.IO.StreamReader -argumentList $rs.GetResponseStream();
[string]$results = $sr.ReadToEnd();
$rs.Close(); 
return New-Object PSObject -Property @{Auth=$rs ; HTTP=[xml]$results}
}
#*===========================================================================
#* Script Function: Execute GET
#*===========================================================================
Function Getvcd($URL,$auth)
{
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
$webRequest = [System.Net.WebRequest]::Create($url)
$webRequest.ContentType = "text/html"
$webRequest.ServicePoint.Expect100Continue = $false
$webRequest.Method = "Get"
$webRequest.Headers.Add("x-vcloud-authorization",$auth);
$webRequest.Accept = "application/*+xml;version=5.1";
[System.Net.WebResponse]$resp = $webRequest.GetResponse();
$rs = $resp.GetResponseStream();
[System.IO.StreamReader]$sr = New-Object System.IO.StreamReader -argumentList $rs;
[string]$results = $sr.ReadToEnd();
$rs.Close(); 
return [xml]$results;
}
function vcdRestP($url,$auth,$method,$contentType,$body)
{
$postContent = [byte[]][char[]][string]$body
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
$webRequest = [System.Net.WebRequest]::Create($url)
$webRequest.ContentType = $contentType
$webRequest.ServicePoint.Expect100Continue = $false
$webRequest.Method = $method
$webRequest.Headers.Add("x-vcloud-authorization",$auth);
$webRequest.Accept = "application/*+xml;version=5.6";
$resp = $webRequest.GetRequestStream();
$resp.Write($postContent, 0, $postContent.length)
$rs = $webRequest.GetResponse();
[System.IO.StreamReader]$sr = New-Object System.IO.StreamReader -argumentList $rs.GetResponseStream();
[string]$results = $sr.ReadToEnd();
$rs.Close(); 
return $results;
}

# Prep
#set password
$password = <confidential> -AsPlainText -force
#set base URL to vCD api 
$BaseURL="https://"+$vCDname+"/api"
#Get connection and authentication
$Coninfo=GetConinfo $BaseURL $password
$auth=$Coninfo.Auth.Headers["x-vcloud-authorization"]
#get org list URL
$OrgListURL = ($Coninfo.HTTP.Session.Link | where {$_.type -eq "application/vnd.vmware.vcloud.orglist+xml"}).href
#Use GET to retrieve org list
$OrgInfo= getvcd $OrgListURL $auth
#set Target Org URL
$TargetOrg = ($OrgInfo.OrgList.org | where {$_.name -eq $org}).href
#Use GET to retrieve Target Org XML
$TargetOrgXML = getvcd $TargetOrg $auth
#Set OrgID and cut the prefix to obtain just the ID
$orgID = $TargetOrgXML.Org.Id
$orgID = $orgID.replace("urn:vcloud:org:","")

#Post variables , no body and content type needed for those requests.
$D_method="POST"
$D_body=""
$D_contentType=""

#PowerOff vAPPs
#set Target Org VDC URLs 
$TargetOrgVDC = ($TargetOrgXML.Org.Link | where {$_.type -eq "application/vnd.vmware.vcloud.vdc+xml"}).href
#Loop through each VDC to obtain VDC XML object and get all vAPPs.
ForEach ($vdc in $TargetOrgVDC)
{
$TargetOrgVDCXML = getvcd $vdc $auth
$vApps = $TargetOrgVDCXML.vdc.ResourceEntities.ResourceEntity.href
#Loop through all vAPPs, remove prefix to obtain vApp ID and get each vApp status and name
ForEach ($vApp in $vApps)
{
$Pattern = "https.*vApp/"
$New = ""
$vApp = [regex]::replace($vApp, $pattern, "")
$vAppURL = ($BaseURL+"/vApp/"+$vApp)
$vAppXML = getvcd $vAppURL $auth
$vAppstate = $vAppXML.vapp.status
$vAppname = $vAppXML.vapp.name
# shutdown vApps if powered on
if ($vAppstate -ne 8)
{
write-host -foregroundcolor Blue "Issued PowerOff to $vAppname"
$vAppPowerOffURL = ($BaseURL+"/vApp/"+$vApp+"/power/action/shutdown")
$date = get-date
#Save the output to log file
"vAPP name:"+$vAppname+" URL: "+$BaseURL+" ORG: "+$orgID+" DATE: "+$date | Out-File $logdir -Append
$poweroffPOST = vcdRestP $vAppPowerOffURL $auth $D_method
Start-Sleep 10
} 
}
}
#Disable VDCs
$TargetOrgVDC = ($TargetOrgXML.Org.Link | where {$_.type -eq "application/vnd.vmware.vcloud.vdc+xml"}).href
#Loop through each vcd, remove prefix and post disable action
ForEach ($vdc in $TargetOrgVDC)
{
$Pattern = "https.*c/"
$New = ""
$vdc = [regex]::replace($vdc, $pattern, "")
$vdctoDisable = ($BaseURL+"/admin/vdc/"+$vdc+"/action/disable")
Start-Sleep 10
write-host -foregroundcolor Blue "Disabling VDC"
$disablevdc = vcdRestP $vdctoDisable $auth $D_method
}

#Disable Org 
Start-Sleep -s 10
write-host -foregroundcolor Blue "Disabling the Organization"
$orgURLtoDisable = ($BaseURL+"/admin/org/"+$orgID+"/action/disable")
$disable = vcdRestP $orgURLtoDisable $auth $D_method

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

#*========================================================================

#* Script Function: Cancellation of the customer org/vdc.

# Author: Chris Danielewski

#*========================================================================

param(

[string]$vCDserver,

[string]$org

)

$vcd = $vCDserver+".test.lab.com"

$path = "Z:\LogDir"

If (Test-Path $path)

{

write-host -foregroundcolor Green "Log directory found: $path"

write-host ""

}

Else

{

write-host -foregroundcolor Red "Unable to access $path , Please double check if the share is mapped"

exit

}

$logdir = $path+$org+".txt"

if (Test-Path $logdir)

{

write-host "Log file exist $logdir"

}

Else

{

write-host "Log file set to $logdir"

New-Item $logdir -type file

}

#Get password function

#*===========================================================================

#* Script Function: Gets Auth String

#* Thanks to Timothy Test for sharing those get/post functions!

#*===========================================================================

Function GetConinfo ($BaseURL,$password)

{

$url=$baseURL+"/sessions"

Write-Host "Trying to connect to " $url -ForegroundColor Green

[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

$webRequest = [System.Net.WebRequest]::Create($url)

$webRequest.ServicePoint.Expect100Continue = $false

$webRequest.PreAuthenticate = $true

$webRequest.Method = "Post"

$webRequest.Accept = "application/*+xml;version=5.6";

$webRequest.Credentials = New-Object System.Net.NetworkCredential("admin@system",[Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($password)))

$resp = $webRequest.GetRequestStream();

$rs = $webRequest.GetResponse()

[System.IO.StreamReader]$sr = New-Object System.IO.StreamReader -argumentList $rs.GetResponseStream();

[string]$results = $sr.ReadToEnd();

$rs.Close();

return New-Object PSObject -Property @{Auth=$rs ; HTTP=[xml]$results}

}

#*===========================================================================

#* Script Function: Execute GET

#*===========================================================================

Function Getvcd($URL,$auth)

{

[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

$webRequest = [System.Net.WebRequest]::Create($url)

$webRequest.ContentType = "text/html"

$webRequest.ServicePoint.Expect100Continue = $false

$webRequest.Method = "Get"

$webRequest.Headers.Add("x-vcloud-authorization",$auth);

$webRequest.Accept = "application/*+xml;version=5.1";

[System.Net.WebResponse]$resp = $webRequest.GetResponse();

$rs = $resp.GetResponseStream();

[System.IO.StreamReader]$sr = New-Object System.IO.StreamReader -argumentList $rs;

[string]$results = $sr.ReadToEnd();

$rs.Close();

return [xml]$results;

}

function vcdRestP($url,$auth,$method,$contentType,$body)

{

$postContent = [byte[]][char[]][string]$body

[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

$webRequest = [System.Net.WebRequest]::Create($url)

$webRequest.ContentType = $contentType

$webRequest.ServicePoint.Expect100Continue = $false

$webRequest.Method = $method

$webRequest.Headers.Add("x-vcloud-authorization",$auth);

$webRequest.Accept = "application/*+xml;version=5.6";

$resp = $webRequest.GetRequestStream();

$resp.Write($postContent, 0, $postContent.length)

$rs = $webRequest.GetResponse();

[System.IO.StreamReader]$sr = New-Object System.IO.StreamReader -argumentList $rs.GetResponseStream();

[string]$results = $sr.ReadToEnd();

$rs.Close();

return $results;

}

# Prep

#set password

$password = <confidential> -AsPlainText -force

#set base URL to vCD api

$BaseURL="https://"+$vCDname+"/api"

#Get connection and authentication

$Coninfo=GetConinfo $BaseURL $password

$auth=$Coninfo.Auth.Headers["x-vcloud-authorization"]

#get org list URL

$OrgListURL = ($Coninfo.HTTP.Session.Link | where {$_.type -eq "application/vnd.vmware.vcloud.orglist+xml"}).href

#Use GET to retrieve org list

$OrgInfo= getvcd $OrgListURL $auth

#set Target Org URL

$TargetOrg = ($OrgInfo.OrgList.org | where {$_.name -eq $org}).href

#Use GET to retrieve Target Org XML

$TargetOrgXML = getvcd $TargetOrg $auth

#Set OrgID and cut the prefix to obtain just the ID

$orgID = $TargetOrgXML.Org.Id

$orgID = $orgID.replace("urn:vcloud:org:","")

#Post variables , no body and content type needed for those requests.

$D_method="POST"

$D_body=""

$D_contentType=""

#PowerOff vAPPs

#set Target Org VDC URLs

$TargetOrgVDC = ($TargetOrgXML.Org.Link | where {$_.type -eq "application/vnd.vmware.vcloud.vdc+xml"}).href

#Loop through each VDC to obtain VDC XML object and get all vAPPs.

ForEach ($vdc in $TargetOrgVDC)

{

$TargetOrgVDCXML = getvcd $vdc $auth

$vApps = $TargetOrgVDCXML.vdc.ResourceEntities.ResourceEntity.href

#Loop through all vAPPs, remove prefix to obtain vApp ID and get each vApp status and name

ForEach ($vApp in $vApps)

{

$Pattern = "https.*vApp/"

$New = ""

$vApp = [regex]::replace($vApp, $pattern, "")

$vAppURL = ($BaseURL+"/vApp/"+$vApp)

$vAppXML = getvcd $vAppURL $auth

$vAppstate = $vAppXML.vapp.status

$vAppname = $vAppXML.vapp.name

# shutdown vApps if powered on

if ($vAppstate -ne 8)

{

write-host -foregroundcolor Blue "Issued PowerOff to $vAppname"

$vAppPowerOffURL = ($BaseURL+"/vApp/"+$vApp+"/power/action/shutdown")

$date = get-date

#Save the output to log file

"vAPP name:"+$vAppname+" URL: "+$BaseURL+" ORG: "+$orgID+" DATE: "+$date | Out-File $logdir -Append

$poweroffPOST = vcdRestP $vAppPowerOffURL $auth $D_method

Start-Sleep 10

}

#Disable VDCs

$TargetOrgVDC = ($TargetOrgXML.Org.Link | where {$_.type -eq "application/vnd.vmware.vcloud.vdc+xml"}).href

#Loop through each vcd, remove prefix and post disable action

ForEach ($vdc in $TargetOrgVDC)

{

$Pattern = "https.*c/"

$New = ""

$vdc = [regex]::replace($vdc, $pattern, "")

$vdctoDisable = ($BaseURL+"/admin/vdc/"+$vdc+"/action/disable")

Start-Sleep 10

write-host -foregroundcolor Blue "Disabling VDC"

$disablevdc = vcdRestP $vdctoDisable $auth $D_method

}

#Disable Org

Start-Sleep -s 10

write-host -foregroundcolor Blue "Disabling the Organization"

$orgURLtoDisable = ($BaseURL+"/admin/org/"+$orgID+"/action/disable")

$disable = vcdRestP $orgURLtoDisable $auth $D_method

Any questions let me know! Enjoy.
Continue reading…

Powershell & SSH-Module – automated ssh/sshd configuration changes for multiple nodes

Posted on 2016/01/11 by cann0nF0dder Leave a comment

Share This: This script uses powershell ssh module and provides a quick way for global configuration changes if puppet/chef etc is not available in your environment. Below is an example of ssh/sshd changes. Moreover using invoke-sshcommand can perform any action / pass parameters to the shell.

#Define 2 arrays for host and credentials:
#Pull resources array from the file if needed or declare below.
$resources = @()
$creds =@()

#Obtaining credentials from password manager , alternatively those can be declared below.
write-host "Obtaining creds from password manager"
for ($i=0; $i -lt $resources.length; $i++) {
$creds+=get-password $resources[$i] root
}

#Loop through all elements in resource array and execute changes 
for ($y=0; $y -lt $resources.length; $y++) {
$sessionA = $(New-SshSession -ComputerName $resources[$y] -Username root -Password $creds[$y])
if ($sessionA -match "Successfully connected") {

#Backup config files
write-host "##################################################################"
write-host -foregroundcolor Yellow "Connected to $($resources[$y])"
write-host "##################################################################"
write-host "Backing up ssh_config and sshd_config to .bak"
Invoke-SshCommand -ComputerName $resources[$y] -Command "cp /etc/ssh/ssh_config /etc/ssh/ssh_config.bak; cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak && echo done " | Out-null
#Alter files
write-host "Altering lines in ssh configs"

#More syntax not shown due to confidentiality but Invoke-sshcommand can execute any action.
Invoke-SshCommand -ComputerName $resources[$y] -Command "sed -i 's/# ForwardAgent no/ForwardAgent yes/g' /etc/ssh/ssh_config; `
sed -i 's/# ForwardX11 no/ForwardX11 yes/g' /etc/ssh/ssh_config; `
sed -i 's/# RSAAuthentication yes/RSAAuthentication yes/g' /etc/ssh/ssh_config; `
sed -i 's/#LogLevel INFO/LogLevel VERBOSE/g' /etc/ssh/sshd_config; "| Out-null
write-host "##################################################################"

#Verify output for ssh and sshd
write-host "Verification - please make sure no comment signs # exist in the output below"
write-host "/etc/ssh/ssh_config checks"
Invoke-SshCommand -ComputerName $resources[$y] -Command "echo config; cat /etc/ssh/ssh_config | egrep -w '(ForwardAgent yes|ForwardX11 yes|RSAAuthentication yes)'" | Out-null 
write-host "/etc/ssh/sshd_config checks"
Invoke-SshCommand -ComputerName $resources[$y] -Command "echo config; cat /etc/ssh/sshd_config | egrep -x '(LogLevel)'" | Out-null 
#restart ssh
Invoke-SshCommand -ComputerName $resources[$y] -Command "service sshd restart" | Out-null 
Invoke-SshCommand -ComputerName $resources[$y] -Command "service sshd status" | Out-null
Remove-SshSession -ComputerName $resources[$y]
}
Else
{
write-host "Password doesnt match"
}
write-host "##################################################################" 
}
write-host -foregroundcolor Green "Configuration Completed"
}

#Define 2 arrays for host and credentials:

#Pull resources array from the file if needed or declare below.

$resources = @()

$creds =@()

#Obtaining credentials from password manager , alternatively those can be declared below.

write-host "Obtaining creds from password manager"

for ($i=0; $i -lt $resources.length; $i++) {

$creds+=get-password $resources[$i] root

}

#Loop through all elements in resource array and execute changes

for ($y=0; $y -lt $resources.length; $y++) {

$sessionA = $(New-SshSession -ComputerName $resources[$y] -Username root -Password $creds[$y])

if ($sessionA -match "Successfully connected") {

#Backup config files

write-host "##################################################################"

write-host -foregroundcolor Yellow "Connected to $($resources[$y])"

write-host "##################################################################"

write-host "Backing up ssh_config and sshd_config to .bak"

Invoke-SshCommand -ComputerName $resources[$y] -Command "cp /etc/ssh/ssh_config /etc/ssh/ssh_config.bak; cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak && echo done " | Out-null

#Alter files

write-host "Altering lines in ssh configs"

#More syntax not shown due to confidentiality but Invoke-sshcommand can execute any action.

Invoke-SshCommand -ComputerName $resources[$y] -Command "sed -i 's/# ForwardAgent no/ForwardAgent yes/g' /etc/ssh/ssh_config; `

sed -i 's/# ForwardX11 no/ForwardX11 yes/g' /etc/ssh/ssh_config; `

sed -i 's/# RSAAuthentication yes/RSAAuthentication yes/g' /etc/ssh/ssh_config; `

sed -i 's/#LogLevel INFO/LogLevel VERBOSE/g' /etc/ssh/sshd_config; "| Out-null

write-host "##################################################################"

#Verify output for ssh and sshd

write-host "Verification - please make sure no comment signs # exist in the output below"

write-host "/etc/ssh/ssh_config checks"

Invoke-SshCommand -ComputerName $resources[$y] -Command "echo config; cat /etc/ssh/ssh_config | egrep -w '(ForwardAgent yes|ForwardX11 yes|RSAAuthentication yes)'" | Out-null

write-host "/etc/ssh/sshd_config checks"

Invoke-SshCommand -ComputerName $resources[$y] -Command "echo config; cat /etc/ssh/sshd_config | egrep -x '(LogLevel)'" | Out-null

#restart ssh

Invoke-SshCommand -ComputerName $resources[$y] -Command "service sshd restart" | Out-null

Invoke-SshCommand -ComputerName $resources[$y] -Command "service sshd status" | Out-null

Remove-SshSession -ComputerName $resources[$y]

}

Else

{

write-host "Password doesnt match"

}

write-host "##################################################################"

}

write-host -foregroundcolor Green "Configuration Completed"

}

Enjoy.
Continue reading…

Powershell,ovftool & powercli unattended deployment Tips

Posted on 2015/11/02 by cann0nF0dder Leave a comment

Share This: Typical vCC deployment command syntax is:

& 'C:\Program Files\VMware\VMware OVF Tool\ovftool.exe' 
--acceptAllEulas 
--noSSLVerify 
--powerOn 
--name=$name --computerName:$name=$name 
--diskMode=thick 
--datastore="$LargestDatastore" 
--network="$pgt" "$pathToOVF" 
" vi://${usernameparsed}:${passwordparsed}@${vc}/?dns=${node}"

& 'C:\Program Files\VMware\VMware OVF Tool\ovftool.exe'

--acceptAllEulas

--noSSLVerify

--powerOn

--name=$name --computerName:$name=$name

--diskMode=thick

--datastore="$LargestDatastore"

--network="$pgt" "$pathToOVF"

" vi://${usernameparsed}:${passwordparsed}@${vc}/?dns=${node}"

Here’s how to obtain some of those parameters (PowerCLI): Get host from specific cluster:

$Cluster="Management"
$server = @()
$server = get-VMhost -Location "$Cluster" | select Name
$node = $server[1].Name.SubString(0)
echo "Esxi node has been selected - $node"

$Cluster="Management"

$server = @()

$server = get-VMhost -Location "$Cluster" | select Name

$node = $server[1].Name.SubString(0)

echo "Esxi node has been selected - $node"

Get datastore with most free space for specific cluster:

$datastores = get-datastore where {$_.name -like "*mgmt*"} | select Name,FreeSpaceMB
#Sets some static info
$LargestFreeSpace = "0"
$LargestDatastore = $null
#Performs the calculation of which datastore has most free space
foreach ($datastore in $datastores) {
if ($Datastore.FreeSpaceMB -gt $LargestFreeSpace) { 
$LargestFreeSpace = $Datastore.FreeSpaceMB
$LargestDatastore = $Datastore.name
}
}
#Writes out the result to the PowerShell Console 
write-host "$LargestDatastore has been selected as the largest datastore with $LargestFreeSpace MB Free Space"

$datastores = get-datastore where {$_.name -like "*mgmt*"} | select Name,FreeSpaceMB

#Sets some static info

$LargestFreeSpace = "0"

$LargestDatastore = $null

#Performs the calculation of which datastore has most free space

foreach ($datastore in $datastores) {

if ($Datastore.FreeSpaceMB -gt $LargestFreeSpace) {

$LargestFreeSpace = $Datastore.FreeSpaceMB

$LargestDatastore = $Datastore.name

}

#Writes out the result to the PowerShell Console

write-host "$LargestDatastore has been selected as the largest datastore with $LargestFreeSpace MB Free Space"

Get network with specific content/prefix:

$env = "*dmz-pg*"
#Lookup port group
write-host -foregroundcolor Green "Retrieving Port Groups"
$pg = get-VirtualPortgroup -Name $env | select Name
$pgt = $pg.Name.SubString(0)
echo "Port group selected is $pgt"

$env = "*dmz-pg*"

#Lookup port group

write-host -foregroundcolor Green "Retrieving Port Groups"

$pg = get-VirtualPortgroup -Name $env | select Name

$pgt = $pg.Name.SubString(0)

echo "Port group selected is $pgt"

Have fun!
Continue reading…

ovftool syntax and escaping special characters

Posted on 2015/10/02 by cann0nF0dder Leave a comment

Share This: Came across an issue (what are the odds for that ?) where my password did not go along with ovftool syntax. The syntax is vi://username:password@vcserveraddress You could see having @ is a problem, as well as ad account having ‘ad\’ , found this blog by Steve Flanders which allow me to bypass this […]
Continue reading…

Automated deployment of vCC Server/Node on biggest datastore/dmz network/LDAP auth using powershell and powerCLI

Posted on 2015/09/25 by cann0nF0dder Leave a comment

Share This:

# Load Windows PowerShell cmdlets for managing vSphere
Add-PsSnapin VMware.VimAutomation.Core -ea "SilentlyContinue"

#provide option for optional path (TODO)
$pathToOVF = "C:\ovf\vCCNode-2.7.1.0-2651441_OVF10.ovf"
$vc = "vCenter address"
echo "Connecting to $vc"

$adUserAccount = "$([Environment]::UserDomainName)\$([Environment]::UserName)"
# get the AD username running this script
$creds = Get-Credential -UserName $adUserAccount -Message "Please enter your AD Password"
$username = $creds.username
$password = $creds.GetNetworkCredential().password
# Get current domain using logged-on user's credentials
$CurrentDomain = "LDAP://"+([ADSI]"").distinguishedName 
$domain = New-Object DirectoryServices.DirectoryEntry($CurrentDomain,$username,$password)

if ($domain.name -eq $null)
{
write-host "Authentication failed - please verify your username and password."
exit #terminate the script.
}
else
{
write-host -foregroundcolor Green "Successfully authenticated with LDAP" #>


$vi = "vi://$username:$password@$vc"

#Connect to vCenter
write-host -foregroundcolor Green "Connecting to vCenter"
Connect-VIServer -Server $vc -User $username -Password $password
#Get Datastores
write-host ""
write-host "##############################################################################"
write-host ""
write-host -foregroundcolor Green "Retrieving Datastores"
#get-datastore | Select Name, @{N="FreeSpaceGB";E={[System.Math]::Round($_.FreeSpaceMB / 1024, 2)}} , @{N="CapacityGB";E={$_.CapacityMB / 1024}}, @{N="UsedGB";E={[System.Math]::Round(($_.CapacityMB - $_.FreeSpaceMB) / 1024, 2)}}
#Prompt datastore selection
$datastores = get-datastore | select Name,FreeSpaceMB

#Sets some static info
$LargestFreeSpace = "0"
$LargestDatastore = $null

#Performs the calculation of which datastore has most free space
foreach ($datastore in $datastores) {
if ($Datastore.FreeSpaceMB -gt $LargestFreeSpace) { 
$LargestFreeSpace = $Datastore.FreeSpaceMB
$LargestDatastore = $Datastore.name
}
}
#Writes out the result to the PowerShell Console 
write-host "$LargestDatastore has been selected as the largest datastore with $LargestFreeSpace MB Free Space"
write-host ""
write-host "##############################################################################"
write-host ""
$env = "enter port group name could be partial dmz* etc"
#Lookup port group
write-host -foregroundcolor Green "Retrieving Port Groups"
$pg = get-VirtualPortgroup -Name $env | select Name
$pgt = $pg.Name.SubString(0)
echo "Port group selected is $pgt"
write-host ""
write-host "##############################################################################"
write-host ""

# Calculate or assign IP's to variables
echo "GW will be set to XXX"
echo "DNS will be set to XXX"
echo "Network IP will be set to XXX"
echo "Subnet Mask will be set to XXX"
write-host ""
write-host "##############################################################################"
write-host ""
$name="xxx"

& 'C:\Program Files\VMware\VMware OVF Tool\ovftool.exe' --allowExtraConfig --acceptAllEulas --powerOn --name=$name --diskMode=thick --datastore="$LargestDatastore" --network="$pgt" --prop:vami.DNS.VMware_vCloud_Connector_Server="XXX" --prop:vami.netmask0.VMware_vCloud_Connector_Server="255.255.255.192" --prop:vami.ip0.VMware_vCloud_Connector_Server="XXX" --prop:vami.gateway.VMware_vCloud_Connector_Server="XXX" "$pathToOVF" " $vi"

# Load Windows PowerShell cmdlets for managing vSphere

Add-PsSnapin VMware.VimAutomation.Core -ea "SilentlyContinue"

#provide option for optional path (TODO)

$pathToOVF = "C:\ovf\vCCNode-2.7.1.0-2651441_OVF10.ovf"

$vc = "vCenter address"

echo "Connecting to $vc"

$adUserAccount = "$([Environment]::UserDomainName)\$([Environment]::UserName)"

# get the AD username running this script

$creds = Get-Credential -UserName $adUserAccount -Message "Please enter your AD Password"

$username = $creds.username

$password = $creds.GetNetworkCredential().password

# Get current domain using logged-on user's credentials

$CurrentDomain = "LDAP://"+([ADSI]"").distinguishedName

$domain = New-Object DirectoryServices.DirectoryEntry($CurrentDomain,$username,$password)

if ($domain.name -eq $null)

{

write-host "Authentication failed - please verify your username and password."

exit #terminate the script.

}

else

{

write-host -foregroundcolor Green "Successfully authenticated with LDAP" #>

$vi = "vi://$username:$password@$vc"

#Connect to vCenter

write-host -foregroundcolor Green "Connecting to vCenter"

Connect-VIServer -Server $vc -User $username -Password $password

#Get Datastores

write-host ""

write-host "##############################################################################"

write-host ""

write-host -foregroundcolor Green "Retrieving Datastores"

#get-datastore | Select Name, @{N="FreeSpaceGB";E={[System.Math]::Round($_.FreeSpaceMB / 1024, 2)}} , @{N="CapacityGB";E={$_.CapacityMB / 1024}}, @{N="UsedGB";E={[System.Math]::Round(($_.CapacityMB - $_.FreeSpaceMB) / 1024, 2)}}

#Prompt datastore selection

$datastores = get-datastore | select Name,FreeSpaceMB

#Sets some static info

$LargestFreeSpace = "0"

$LargestDatastore = $null

#Performs the calculation of which datastore has most free space

foreach ($datastore in $datastores) {

if ($Datastore.FreeSpaceMB -gt $LargestFreeSpace) {

$LargestFreeSpace = $Datastore.FreeSpaceMB

$LargestDatastore = $Datastore.name

}

#Writes out the result to the PowerShell Console

write-host "$LargestDatastore has been selected as the largest datastore with $LargestFreeSpace MB Free Space"

write-host ""

write-host "##############################################################################"

write-host ""

$env = "enter port group name could be partial dmz* etc"

#Lookup port group

write-host -foregroundcolor Green "Retrieving Port Groups"

$pg = get-VirtualPortgroup -Name $env | select Name

$pgt = $pg.Name.SubString(0)

echo "Port group selected is $pgt"

write-host ""

write-host "##############################################################################"

write-host ""

# Calculate or assign IP's to variables

echo "GW will be set to XXX"

echo "DNS will be set to XXX"

echo "Network IP will be set to XXX"

echo "Subnet Mask will be set to XXX"

write-host ""

write-host "##############################################################################"

write-host ""

$name="xxx"

& 'C:\Program Files\VMware\VMware OVF Tool\ovftool.exe' --allowExtraConfig --acceptAllEulas --powerOn --name=$name --diskMode=thick --datastore="$LargestDatastore" --network="$pgt" --prop:vami.DNS.VMware_vCloud_Connector_Server="XXX" --prop:vami.netmask0.VMware_vCloud_Connector_Server="255.255.255.192" --prop:vami.ip0.VMware_vCloud_Connector_Server="XXX" --prop:vami.gateway.VMware_vCloud_Connector_Server="XXX" "$pathToOVF" " $vi"

EDIT – Struggling with VAMI property key does not exist, here’s the workaround. Let the VM boot without applying network settings and use PowerCLI – Invoke-VMScript

$output = Invoke-VMScript -VM $name -ScriptText "/opt/vmware/share/vami/vami_set_network eth0 STATICV4 10.X.X.X 255.255.255.0 10.X.X.X" -GuestUser root -GuestPassword vmware -WarningAction SilentlyContinue
$output.ScriptOutput
write-host -foregroundcolor green "vami_set_network completed"
write-host ""
$output = Invoke-VMScript -VM $name -ScriptText "/opt/vmware/share/vami/vami_set_dns 8.8.8.8" -GuestUser root -GuestPassword vmware -WarningAction SilentlyContinue
$output.ScriptOutput
write-host "" 
write-host -foregroundcolor green "vami_set_dns completed"
$output = Invoke-VMScript -VM $name -ScriptText "service network restart eth0" -GuestUser root -GuestPassword vmware -WarningAction SilentlyContinue
$output.ScriptOutput

$output = Invoke-VMScript -VM $name -ScriptText "/opt/vmware/share/vami/vami_set_network eth0 STATICV4 10.X.X.X 255.255.255.0 10.X.X.X" -GuestUser root -GuestPassword vmware -WarningAction SilentlyContinue

$output.ScriptOutput

write-host -foregroundcolor green "vami_set_network completed"

write-host ""

$output = Invoke-VMScript -VM $name -ScriptText "/opt/vmware/share/vami/vami_set_dns 8.8.8.8" -GuestUser root -GuestPassword vmware -WarningAction SilentlyContinue

$output.ScriptOutput

write-host ""

write-host -foregroundcolor green "vami_set_dns completed"

$output = Invoke-VMScript -VM $name -ScriptText "service network restart eth0" -GuestUser root -GuestPassword vmware -WarningAction SilentlyContinue

$output.ScriptOutput

Enjoy. Datastore calculations found on http://www.spug.co.uk/?p=185 @Thanks! Also William Lam’s post http://www.virtuallyghetto.com/2011/11/unattended-deployment-of-vcloud.html – Thanks!
Continue reading…

Change linux credentials using SSH-Sessions – powershell script

Posted on 2015/03/31 by cann0nF0dder Leave a comment

Share This: This script can be used as it is (providing host and old and new credentials) or even better by obtaining credentials from central password repository and setting the value to $credentials. Git: https://github.com/cann0nf0dder

param(
[string]$hosta,

[string]$oldcredentials,

[string]$credentials
)


if ( !$hosta ) {
Write-Host "Exiting: -host is required"
exit
}

if ( !$oldcredentials ) {
Write-Host "Exiting: -oldcredentials is required"
exit
}


if ( !$credentials ) {
Write-Host "Exiting: -credentials is required"
exit
}


#SSH module for powershell has to be installed and imported.
#http://www.powershelladmin.com/wiki/SSH_from_PowerShell_using_the_SSH.NET_library

if (!(Get-module | where {$_.Name -eq "SSH-Sessions"})) {
Import-Module SSH-Sessions
}

#Print the password on the screen
write-host "Password retrieved is equal to $credentials "
#SSH connection to host
$sessionA = $(New-SshSession -ComputerName $hosta -Username root -Password $oldcredentials)
#write-host "session - $session"
if ($sessionA -match "Successfully connected") {
write-host -foregroundcolor Green "Connected to $hosta"
#Invoke change passwords command
Invoke-SshCommand -ComputerName $hosta -Command "echo 'root:'$credentials | chpasswd" -Verbose
write-host -foregroundcolor Green "Password change invoked."
Remove-SshSession -ComputerName $hosta
}
Else
{
write-host "Old Password doesn't match, checking if it has already been set"
}
#checking if the password has been already changed
$sessionA1 = $(New-SshSession -ComputerName $hosta -Username root -Password $credentials)
if ($sessionA1 -match "Successfully connected") {
write-host -foregroundcolor Green "Successfully logged in with the new password for $host"
}
Else
{
write-host -foregroundcolor Red "Unable to login to the host with the new password."
write-host -foregroundcolor Red "Please change the password manually."
}
Remove-SshSession -ComputerName $hosta

param(

[string]$hosta,

[string]$oldcredentials,

[string]$credentials

)

if ( !$hosta ) {

Write-Host "Exiting: -host is required"

exit

}

if ( !$oldcredentials ) {

Write-Host "Exiting: -oldcredentials is required"

exit

}

if ( !$credentials ) {

Write-Host "Exiting: -credentials is required"

exit

}

#SSH module for powershell has to be installed and imported.

#http://www.powershelladmin.com/wiki/SSH_from_PowerShell_using_the_SSH.NET_library

if (!(Get-module | where {$_.Name -eq "SSH-Sessions"})) {

Import-Module SSH-Sessions

}

#Print the password on the screen

write-host "Password retrieved is equal to $credentials "

#SSH connection to host

$sessionA = $(New-SshSession -ComputerName $hosta -Username root -Password $oldcredentials)

#write-host "session - $session"

if ($sessionA -match "Successfully connected") {

write-host -foregroundcolor Green "Connected to $hosta"

#Invoke change passwords command

Invoke-SshCommand -ComputerName $hosta -Command "echo 'root:'$credentials | chpasswd" -Verbose

write-host -foregroundcolor Green "Password change invoked."

Remove-SshSession -ComputerName $hosta

}

Else

{

write-host "Old Password doesn't match, checking if it has already been set"

}

#checking if the password has been already changed

$sessionA1 = $(New-SshSession -ComputerName $hosta -Username root -Password $credentials)

if ($sessionA1 -match "Successfully connected") {

write-host -foregroundcolor Green "Successfully logged in with the new password for $host"

}

Else

{

write-host -foregroundcolor Red "Unable to login to the host with the new password."

write-host -foregroundcolor Red "Please change the password manually."

}

Remove-SshSession -ComputerName $hosta

Posts tagged with 'powershell'

Enable / Disable alerts on ESXi Cluster script

Configure all vDS port groups as Elastic script – vSphere 6.0 (vds 5/5.5)

vCloud Director RESTapi using powershell to disable org,orgvdc and poweroff vApps

Powershell & SSH-Module – automated ssh/sshd configuration changes for multiple nodes

ovftool syntax and escaping special characters

Automated deployment of vCC Server/Node on biggest datastore/dmz network/LDAP auth using powershell and powerCLI

Change linux credentials using SSH-Sessions – powershell script