Tip

Configuring an ESXi host – Sample PS1 file - More PowerShell

Well, last week I set myself on the task of trying to do everything with PowerShell that I would normally do with the %post script on kickstart install of an ESX host. I’ve made quite a bit of progress on my own, occasionally with help from Google. I discovered a couple of things. The main one being this. Whilst there is a method with ESX “Classic” to create a second Service Console port for HA, there doesn’t seem to be a corresponding method with ESX4i. In ESX4i underneath the enable VMotion tick-box, there’s also a tickbox for enabling a VMkernel port for management. It appears that there’s no method for carrying on this task for ESX4i.

The main reason for using PowerShell for this kind of post-configuration rides on a number of conditions:

  • Your using ESX4i instead of ESX “Classic”
  • You don’t have access to the new “Host Profiles” feature because you not a Enterprise+ customer

Anyway, below is my .ps1 file I use for configuring ESX4i… What I really struggle with in PowerShell is the whole get-view command, and navigating the API/SDK environment. Trying to find the right object and attributes using either the MOB (virtualcenter.corp.com/mob) or the online reference (

    Requires Free Membership to View

http://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/index.html) is actually quite difficult if you are a novice (like me). For example I was looking for a method to license an ESX host (although a cmd-let exists to add a host, you have to wrestle with the SDK to find the way to assign a license to an ESX host). I managed to find someone who had already worked out how to enable SW iSCSI on host, but I couldn’t get my script to set my IQN…

Anyway, for what its worth – here’s my post-configuration .ps1 file.

ConfigureESXi.ps1

Update 01:

So I have found a method of setting the IQN. And it was dead easy… I added a variable to the ps1 file called - $swiscsiiqn = “iqn.2008-10.com.vi4book:$vmhost” and then call out the storageSystem to UpdateInternetScsiName.

$VMhost = "esx4.vi4book.com"
$iscsiHba = "vmhba34"
$swiscsiiqn = "iqn.2008-10.com.vi4book:$vmhost"
$h = Get-VMHost $VMhost

Foreach ($hostView in ( Get-View -VIObject $h))
{
$storageSystem = Get-View $hostView.configManager.storageSystem
$storageSystem.UpdateInternetScsiName($iscsihba,$swiscsiiqn)
}

Update 02: Added Firewall Configuration

Added to the .ps1 file a method for changing the firewall with:

Foreach ($hostView in ( Get-View -VIObject $h))
{
$firewallSystem = Get-View $hostView.configManager.firewallSystem
$firewallSystem.EnableRuleset("sshClient")
}

Update 03: Added Licensing Process to the Script…

$vmhost = "esx4.vi4book.com"
$targethostMoRef = (get-VMHost $vmhost  | get-view).MoRef
$si = Get-View ServiceInstance
$LicManRef=$si.Content.LicenseManager
$LicManView=Get-View $LicManRef
$licassman = Get-View $LicManView.LicenseAssignmentManager
$licassman.UpdateAssignedLicense($targethostMoRef.value,"YOUR LIC KEY","vSphere4 Enterprise Plus (1-12 cores per CPU")

Update 04: Added Configuring DPM to the Script…

$vmhost = "esx4.vi4book.com"
$login = "vmware_dpm_user"
$password = "password"
$hostview = get-vmhost $vmhost | % {Get-View $_.Id}
$IpmiInfo = New-Object Vmware.Vim.HostIpmiInfo
$IpmiInfo.BmcIpAddress = "192.168.3.204"
$IpmiInfo.BmcMacAddress = "00:16:35:37:F8:02"
$IpmiInfo.Login = $login
$IpmiInfo.Password = $password
$hostview.UpdateIpmi($IpmiInfo)

Update 05: Added Setting the Root password on ESXi Hosts & Creating Local User Accounts

You might notice that the connect-viserver -password field is missing. That’s because all cleanly “installed” or “factory reset” ESXi hosts default to having no password. So initially I authenticate without a password, and the first thing I do is set a password.

$esxhost = Connect-VIServer $vmhost -username root
Set-VMHostAccount -UserAccount root -password password
New-VMHostAccount -ID lavericm-admin -Password password -UserAccount

Update 06: Enable FT Logging on a VMkernel Port

This uses the data object virtualNicManager to set the VMKernal Port (vmk2) to be enabled for “FaultTolerenceLogging”

$FTlogging = New-VirtualPortGroup -VirtualSwitch $vs3 -Name FT-Logging
New-VMHostNetworkAdapter -PortGroup FT-Logging -VirtualSwitch $vs3 -IP $FTloggingIP -SubnetMask 255.255.255.0
$h = Get-VMHost $vmhost | Get-View -Property configManager
$nicManager = Get-View $h.configManager.virtualNicManager
$nicManager.SelectVnicForNicType("faultToleranceLogging", "vmk3")

Update 07: Enable “Management Traffic” on VMkernel Port for the HA Heartbeat

This uses the data object virtualNicManager to set the VMKernal Port (vmk2) to be enabled for “Management Traffic”

New-VMHostNetworkAdapter -PortGroup HA-Heartbeat -VirtualSwitch $vs3 -IP $HAheartbeatIP -SubnetMask 255.255.255.0
$h = Get-VMHost $vmhost | Get-View -Property configManager
$nicManager = Get-View $h.configManager.virtualNicManager
$nicManager.SelectVnicForNicType("management", "vmk2")

This was first published in August 2009

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.