Configuring an ESXi host – Sample PS1 file - More PowerShell
I set myself the task of trying to do everything I would do with PowerShell that would I normally do the %post script on kickstart install of an ESX host
Well, last week I set myself on the task of trying to do everything with PowerShell that I would normally do with the %post script on kickstart install of an ESX host. I’ve made quite a bit of progress on my own, occasionally with help from Google. I discovered a couple of things. The main one being this. Whilst there is a method with ESX “Classic” to create a second Service Console port for HA, there doesn’t seem to be a corresponding method with ESX4i. In ESX4i underneath the enable VMotion tick-box, there’s also a tickbox for enabling a VMkernel port for management. It appears that there’s no method for carrying on this task for ESX4i.
The main reason for using PowerShell for this kind of post-configuration rides on a number of conditions:
- Your using ESX4i instead of ESX “Classic”
- You don’t have access to the new “Host Profiles” feature because you not a Enterprise+ customer
Anyway, below is my .ps1 file I use for configuring ESX4i… What I really struggle with in PowerShell is the whole get-view command, and navigating the API/SDK environment. Trying to find the right object and attributes using either the MOB (virtualcenter.corp.com/mob) or the online reference (https://www.vmware.com/support/developer/vc-sdk/visdk400pubs/ReferenceGuide/index.html) is actually quite difficult if you are a novice (like me). For example I was looking for a method to license an ESX host (although a cmd-let exists to add a host, you have to wrestle with the SDK to find the way to assign a license to an ESX host). I managed to find someone who had already worked out how to enable SW iSCSI on host, but I couldn’t get my script to set my IQN…
Anyway, for what its worth – here’s my post-configuration .ps1 file.
Update 01:
So I have found a method of setting the IQN. And it was dead easy… I added a variable to the ps1 file called - $swiscsiiqn = “iqn.2008-10.com.vi4book:$vmhost” and then call out the storageSystem to UpdateInternetScsiName.
$VMhost = "esx4.vi4book.com"
$iscsiHba = "vmhba34"
$swiscsiiqn = "iqn.2008-10.com.vi4book:$vmhost"
$h = Get-VMHost $VMhost
Foreach ($hostView in ( Get-View -VIObject $h))
{
$storageSystem = Get-View $hostView.configManager.storageSystem
$storageSystem.UpdateInternetScsiName($iscsihba,$swiscsiiqn)
}
Update 02: Added Firewall Configuration
Added to the .ps1 file a method for changing the firewall with:
Foreach ($hostView in ( Get-View -VIObject $h))
{
$firewallSystem = Get-View $hostView.configManager.firewallSystem
$firewallSystem.EnableRuleset("sshClient")
}
Update 03: Added Licensing Process to the Script…
$vmhost = "esx4.vi4book.com" $targethostMoRef = (get-VMHost $vmhost | get-view).MoRef $si = Get-View ServiceInstance $LicManRef=$si.Content.LicenseManager $LicManView=Get-View $LicManRef $licassman = Get-View $LicManView.LicenseAssignmentManager $licassman.UpdateAssignedLicense($targethostMoRef.value,"YOUR LIC KEY","vSphere4 Enterprise Plus (1-12 cores per CPU")
Update 04: Added Configuring DPM to the Script…
$vmhost = "esx4.vi4book.com"
$login = "vmware_dpm_user"
$password = "password"
$hostview = get-vmhost $vmhost | % {Get-View $_.Id}
$IpmiInfo = New-Object Vmware.Vim.HostIpmiInfo
$IpmiInfo.BmcIpAddress = "192.168.3.204"
$IpmiInfo.BmcMacAddress = "00:16:35:37:F8:02"
$IpmiInfo.Login = $login
$IpmiInfo.Password = $password
$hostview.UpdateIpmi($IpmiInfo)
Update 05: Added Setting the Root password on ESXi Hosts & Creating Local User Accounts
You might notice that the connect-viserver -password field is missing. That’s because all cleanly “installed” or “factory reset” ESXi hosts default to having no password. So initially I authenticate without a password, and the first thing I do is set a password.
$esxhost = Connect-VIServer $vmhost -username root Set-VMHostAccount -UserAccount root -password password New-VMHostAccount -ID lavericm-admin -Password password -UserAccount
Update 06: Enable FT Logging on a VMkernel Port
This uses the data object virtualNicManager to set the VMKernal Port (vmk2) to be enabled for “FaultTolerenceLogging”
$FTlogging = New-VirtualPortGroup -VirtualSwitch $vs3 -Name FT-Logging
New-VMHostNetworkAdapter -PortGroup FT-Logging -VirtualSwitch $vs3 -IP $FTloggingIP -SubnetMask 255.255.255.0
$h = Get-VMHost $vmhost | Get-View -Property configManager
$nicManager = Get-View $h.configManager.virtualNicManager
$nicManager.SelectVnicForNicType("faultToleranceLogging", "vmk3")
Update 07: Enable “Management Traffic” on VMkernel Port for the HA Heartbeat
This uses the data object virtualNicManager to set the VMKernal Port (vmk2) to be enabled for “Management Traffic”
New-VMHostNetworkAdapter -PortGroup HA-Heartbeat -VirtualSwitch $vs3 -IP $HAheartbeatIP -SubnetMask 255.255.255.0
$h = Get-VMHost $vmhost | Get-View -Property configManager
$nicManager = Get-View $h.configManager.virtualNicManager
$nicManager.SelectVnicForNicType("management", "vmk2")
