Bulk Virtual Machines Deployment and Zero Clicks Part 1

A recent project revisited deploying virtual machines via PowerCli. Its fair to say this isn’t a new tool but sometimes over looked.

Part 1 /  Part 2

My requirements were to deploy :

  • 100+ virtual machines (within a few hours)
  • domain join all machines
  • license the OS
  • various virtual machine specifications
  • various Windows OS versions.
  • to two different data centers within a linked vCenter setup
  • to resource pools
  • to different data stores
  • to different networks

 

The constraints:

  • vSphere 6.0 update 2
  • no budget for third party automation tools
  • small window of opportunity to deploy the VMs

 

On the plus side there was:

o    Loads of available CPU and RAM
o    Large datastores presented
o    Subnets prepared
o    Stretched VLANs across Data Centers

 

The tools I used to the task

  • Excel (CSV)
  • Notepad++
  • PowerCLi

 

The CSV file example

# Example Bulk_VMs_Deploy.csv

Template Datastore VMhost Custspec VMname IPaddress Subnet Gateway
2012_Template Storage1 ESXi.domain 2012_Spec test2003VL1 192.168.0.191 255.255.255.0 192.168.0.1
PDNS SDNS ResourcePool RAM CPU VLAN Size Format
192.168.0.10 127.0.0.1 resource1 2 2 VM Network 10 thin

 

The Script

# Automate the deployment of customised virtual machines deployed in vSphere 6.0. Tested against u2
#
# Prereq’s
# 1) Populate the a CSV file called Bulk_VMs_Deploy.csv
# 2) Create a Windows Server template
# 3) Create a customization spec within vSphere for Windows
# 4) Run Bulk_VMs_Deploy.ps1 script via PowerCli as administrator (CSV file must be stored in the same location where the script is run from)
#
#https://blogs.vmware.com/PowerCLI/2015/03/powercli-6-0-introducing-powercli-modules.html
if ( !(Get-Module -Name VMware.VimAutomation.Core -ErrorAction SilentlyContinue) ) {

###### IMPORTANT, Check this file path is correct##########
. “C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Scripts\Initialize-PowerCLIEnvironment.ps1”
}
Connect-VIServer VC6.test.domain
#connect to a VC. This also works with Linked VC’s
$vmlist = Import-CSV .\Bulk_VMs_Deploy.csv
foreach ($item in $vmlist) {

#set variables to read from CSV
$template = $item.template
$datastore = $item.datastore
$vmhost = $item.vmhost
$custspec = $item.custspec
$vmname = $item.vmname
$ipaddr = $item.ipaddress
$subnet = $item.subnet
$gateway = $item.gateway
$pdns = $item.pdns
$sdns = $item.sdns
$resourcepool = $item.resourcepool
$cpu = $item.cpu
$ram = $item.ram
$vlan = $item.vlan
$size = $item.size
$format = $item.format

#Get the Specification and set the Nic Mapping
New-OSCustomizationNicMapping -Spec $custspec -IpMode UseStaticIp –Position 1 -IpAddress $ipaddr -SubnetMask $subnet -DefaultGateway $gateway -Dns $pdns,$sdns

#Create VM using Template with the adjusted Customization Specification
New-VM -Name $vmname -Template $template -Datastore $datastore -VMHost $vmhost -ResourcePool $resourcepool | Set-VM -OSCustomizationSpec $custspec -Confirm:$false

#Set the Network Name
Get-VM -Name $vmname | Get-NetworkAdapter | Set-NetworkAdapter -NetworkName $vlan -Confirm:$false

#Set the CPU and Memory
Get-VM -Name $vmname | Set-VM -MemoryGB $ram -NumCPU $cpu -Confirm:$false

#Additional Disk
#Get-VM -Name $vmname | New-HardDisk -CapacityGB $size -StorageFormat $format -Confirm:$false

#Remove the NicMapping
Get-OSCustomizationSpec $custspec | Get-OSCustomizationNicMapping | Remove-OSCustomizationNicMapping -Confirm:$false

#PowerOn VM
Start-VM $vmname

}
#Disconnect from VC.
disconnect-VIServer VC6.test.domain -Confirm:$false

 

 

Disclaimer Please take the code and evolve it into a different project? Credit / Tag me on your project Twitter #StephenHackers

Any use of this code is at your own risk. Remember bulk automation jobs require the right resources to be available.

This project & code was based on :
https://communities.vmware.com/thread/315193
Which progressed to : https://communities.vmware.com/thread/436734

Part 1 /  Part 2

Learn NSX Day 9 : Load Balancing Feature

EDGE Load Balancing
Networking and Security > NSX EDGE > Manage > Load Balancer tab.

load-balancing-edge
load-balancing-edge

Three load balancing options available

  • Enable Loadbalance – For internal servers distributed traffic
  • Enable Service Insertion – Load balance with third party vendor appliances
  • Acceleration Enabled – For faster L4 LB engine instead of L7

You can also select a variety of logging options

Details can be found in the VMware Document Centre

 

vSphere standard switch – Load Balancing

Diagram try to display my understanding of the vSphere standard switch load balancing using Round Robin of physical NICs

Load Balancing Feature

 

Topics :
Learn NSX – Home
Learn NSX Day 1 : NSX Requirements
Learn NSX Day 2 : NSX Deployment Best Practice
Learn NSX Day 3 : NSX Manager and NSX Controller
Learn NSX Day 4 : NSX Roles
Learn NSX Day 5 : NSX HA, Edge, REST API
Learn NSX  Day 6 : NSX and Logical Switches
Learn NSX Day 7 : Deploying ESXi
Learn NSX Day 8 : vDS (vSphere Distributed Switch)
Learn NSX Day 9 : Load Balancing Feature
Learn NSX Day 10 : Layer 2 Bridging
Learn NSX Day 11 : NSX EDGE
Learn NSX Day 12 : Spoof Guard
Learn NSX Day 13 : Distributed Router and Distributed Logical Firewall
Learn NSX Day 14 : Monitoring
Learn NSX Day 15 : NSX Backups
Learn NSX Day 16 : Useful Commands & Errors

 

These are notes made during my study of VMware NSX for vSphere. Apologise if any of the detail is incorrect. Hopefully posts under “Learn NSX” help others to start learning about VMware NSX for vSphere.

Fix: vCenter failure to upgrade – unable to…

“Fix: vCenter failure to upgrade – unable to configure log browser windows service” via vnotions.com

Fix: vCenter failure to upgrade – unable to…

During a recent upgrade from vCenter Server 5.5 Update 2d to vCenter Server 5.5 Update 3b it kept failing at the web client upgrade. After successfully upgrading Single-Sign On I proceeded with the upgrade of vSphere Web Client. I got the following error during the installation: Error 29702 unable to configure log browser windows service…Read More


VMware Social Media Advocacy

vCenter Server 6.0 Upgrade – Log on as a…

vCenter Server 6.0 Upgrade – Log on as a Service error

vCenter Server 6.0 Upgrade – Log on as a…

It’s been a while since I upgraded an old version of vCenter Server to 6.0 and I totally forgot about the error that pops up about NT Service\All Services not having Log on as a Service rights….. I was actually going to blog about this when I encountered the error at the start of the year, but it totally slipped my mind…. I think I need to start keeping a list of things I have to blog about (old age)!


VMware Social Media Advocacy

VMware discussing NSX Notes

Agenda

  • NSX 201 cross centre metro cluster, data centre migration / DR use case
  • NSX futures – distributed network encryption, management of containers, securing multiple clouds
  • VMware strategy for the cloud native applications and dev ops
  • Deep dive on Photon, lightwave, container management

NSX Discussion
How does NSX protect against bank attach or Twitter hack

NSX micro segmentation (isolation of apps)  ..DFW

3rd party integration like trend , Mcafee .. Steer traffic for layer 7 traffic.. For malware inspection.. Security tag VM.. It tells NSX to automate a policy, possible a quarantine policy

3rd party’s develop the tags ( protects against bank attach or Twitter hack etc ). NSX relies on the 3rd party NSX tags to apply a policy. NSX does have some features for tagging using activity monitoring an VM tools. VM tools can see what is running within the VM.

DMZ anywhere .. How long to provision a VM web facing and secure. NSX can spin it up instantly.

Secure user environment ..

Overlay virtual networking ( abstract )
Stretch across sites
Tunnelling ( change from vLans etc )
Logical layer 2. Packet in envelope. Encapsulate the traffic.
Vxlan

NSX is distributed across hosts rather than all going via a central physical firewall.

Develop cloud – Strategy vRealise but also others such as openstack
Others doing networks , Neutron in theory not as scale able. Challenge is abstraction layer.

Time to setup a PoC!!!

VMware do a NSX 2 day training

 

Containers – Cloud Native Apps

Contains, Windows 2016 ,G1 -> G2 -> G3 photon
Challenges with containers
Containers sit in the same user space on the same VM. Deploy multiple containers only appear as one VM in vcentre.

PowerCLI – Setup Host networking and storage ready for ISCSI LUNs

Useful script. Additional details and screen shots can be found using the following link

Script below provided by @Saintdle

( All scripts should be tested in a Lab environment only )

#Setup which host to target
$VMhost = ‘hostname’

#Create vSwitch2 for storage, add vmnics, add two vmkernels with Storage IPs, setup NIC teaming (based on the fact you probably have vSwitch0 for mgmt and vSwitch1 for VM traffic)

$vswitch2 = get-vmhost $VMhost | new-virtualswitch -Name vSwitch2 -Nic ‘vmnic2′,’vmnic5’ -Mtu 9000 -NumPorts 120

New-VMHostNetworkAdapter -VMhost $VMhost -virtualswitch $vswitch2 -portgroup iSCSI_ESX_01 -ip IP_ADDR -subnetmask SUBNET_MASK -Mtu 9000

New-VMHostNetworkAdapter -VMhost $VMhost -virtualswitch $vswitch2 -portgroup iSCSI_ESX_02 -ip IP_ADDR -subnetmask SUBNET_MASK -Mtu 9000

Get-VirtualPortGroup -VMhost $VMhost -virtualswitch $vswitch2 -Name iSCSI_ESX_01 | Get-NicTeamingPolicy | Set-NicTeamingPolicy -MakeNicActive vmnic2 -MakeNicUnused vmnic5

Get-VirtualPortGroup -VMhost $VMhost -virtualswitch $vswitch2 -Name iSCSI_ESX_02 | Get-NicTeamingPolicy | Set-NicTeamingPolicy -MakeNicActive vmnic5 -MakeNicUnused vmnic2

#Create Software iSCSI Adapter

get-vmhoststorage $host | set-vmhoststorage -softwareiscsienabled $True

#Get Software iSCSI adapter HBA number and put it into an array

$HBA = Get-VMHostHba -VMHost $VMHost -Type iSCSI | %{$_.Device}

#Set your VMKernel numbers, Use ESXCLI to create the iSCSI Port binding in the iSCSI Software Adapter

$vmk1number = ‘vmk1’
$vmk2number = ‘vmk2’
$esxcli = Get-EsxCli -VMhost $VMhost
$Esxcli.iscsi.networkportal.add($HBA, $Null, $vmk1number)
$Esxcli.iscsi.networkportal.add($HBA, $Null, $vmk2number)

#Setup the Discovery iSCSI IP addresses on the iSCSI Software Adapter

$hbahost = get-vmhost $VMhost | get-vmhosthba -type iscsi
new-iscsihbatarget -iscsihba $hbahost -address IP_ADDR

#Rescan the HBA to discover any storage
get-vmhoststorage $VMhost -rescanallhba -rescanvmfs

Trouble shooting a Disconnected Host in VMware vCenter

When your ESXi hosts are all setup up in vCenter and using HA and DRS but a blip happens, the power goes or  a host has a moment “not responding”.

disconnected host

In this  scenario we powered off the ESXi host.

What can you check?

Possible options. Try reconnecting the host if there has been no other changes

normal state reconnect

Watch the status bar for progress

Reconnecting host

What if it fails to connect like in the image below

failed to connect

  1. Don’t forget a few basic connectivity checks like…Can you ping the host?
  2. Can you connect to the ESXi host by DNS name or IP & local user and password using the vSphere client?
  3. Can you connect to any VMs which were / are still running on the disconnected host?
  4. Can you restart the management service on the ESXi host?
  5. Can you ilo to the ESXi host? Any errors /events logged on the host
  6. Any network switch down?
  7. Any SAN issues?

These are just a rough guide, it is no responsibility of the Author if you try any of these actions. Try at your own risk.

Trouble shooting VMware Virtual Center failing to start

We restarted the Virtual Center server during a routine maintenance window.

As a rough / quick test we then tried to connect via the client. To our shock, it didn’t connect

Client connection fails

How to Trouble shoot …..Where should you look next ?

Services?

Manual Service

Check for a stopped service on the vCenter server.

Start vcenter service

start vc service

In this scenario, check SQL , in the log you can see there is a SQL DB connection issue

VC no SQL connection