diff --git a/Modules/ContentLibrary/ContentLibrary.psm1 b/Modules/ContentLibrary/ContentLibrary.psm1 index 9a8574b..25e6a58 100644 --- a/Modules/ContentLibrary/ContentLibrary.psm1 +++ b/Modules/ContentLibrary/ContentLibrary.psm1 @@ -190,7 +190,7 @@ Function Get-ContentLibraryItemFiles { $itemIds = $contentLibraryItemService.list($libraryID) $DatastoreID = $library.storage_backings.datastore_id.Value $Datastore = get-datastore -id "Datastore-$DatastoreID" - + foreach($itemId in $itemIds) { $itemName = ($contentLibraryItemService.get($itemId)).name $contentLibraryItemFileSerice = Get-CisService com.vmware.content.library.item.file @@ -205,7 +205,7 @@ Function Get-ContentLibraryItemFiles { else{ $fullfilepath = "UNKNOWN" } - + if(!$LibraryItemName) { $fileResult = [pscustomobject] @{ Name = $file.name; @@ -344,8 +344,8 @@ Function New-ExtReplicatedContentLibrary { $createSpec = $subscribeLibraryService.Help.create.create_spec.Create() $createSpec.name = $LibraryName $addResults = $createSpec.storage_backings.Add($StorageSpec) - $createSpec.subscription_info.automatic_sync_enabled = $false - $createSpec.subscription_info.on_demand = $true + $createSpec.subscription_info.automatic_sync_enabled = $AutoSync + $createSpec.subscription_info.on_demand = $OnDemand $createSpec.subscription_info.subscription_url = $subscribeUrl $createSpec.subscription_info.authentication_method = "NONE" $createSpec.type = "SUBSCRIBED" @@ -709,4 +709,72 @@ Function New-VMFromVMTX { Write-Host "`nDeploying new VM $NewVMName from VMTX Template $VMTXName ..." $results = $vmtxService.deploy($vmtxId,$vmtxDeploySpec) -} +} + +Function New-SubscribedContentLibrary { +<# + .NOTES + =========================================================================== + Created by: William Lam + Organization: VMware + Blog: www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + .DESCRIPTION + This function creates a new Subscriber Content Library from Subscription URL + .PARAMETER LibraryName + The name of the new vSphere Content Library + .PARAMETER DatastoreName + The name of the vSphere Datastore to store the Content Library + .PARAMETER SubscriptionURL + The URL of the published Content Library + .PARAMETER SubscriptionThumbprint + The SSL Thumbprint for the published Content Library + .PARAMETER OnDemand + Specifies whether content is downloaded on-demand (e.g. no immediately) + .PARAMETER AutomaticSync + Specifies whether automatic synchronization with the external content library is enabled + .EXAMPLE + New-SubscribedContentLibrary -LibraryName NestedESXi -DatastoreName vsanDatastore -SubscriptionURL https://download3.vmware.com/software/vmw-tools/lib.json -SubscriptionThumbprint "7a:c4:08:2d:d3:55:56:af:9f:26:43:65:d0:31:99:0b:d2:f3:d8:69" -AutomaticSync + .EXAMPLE + New-SubscribedContentLibrary -LibraryName NestedESXi -DatastoreName vsanDatastore -SubscriptionURL https://download3.vmware.com/software/vmw-tools/lib.json -SubscriptionThumbprint "7a:c4:08:2d:d3:55:56:af:9f:26:43:65:d0:31:99:0b:d2:f3:d8:69" -OnDemand +#> + param( + [Parameter(Mandatory=$true)][String]$LibraryName, + [Parameter(Mandatory=$true)][String]$DatastoreName, + [Parameter(Mandatory=$true)][String]$SubscriptionURL, + [Parameter(Mandatory=$true)][String]$SubscriptionThumbprint, + [Parameter(Mandatory=$false)][Switch]$OnDemand, + [Parameter(Mandatory=$false)][Switch]$AutomaticSync + ) + + $datastore = Get-Datastore -Name $DatastoreName + + if($datastore) { + $datastoreId = $datastore.ExtensionData.MoRef.Value + $subscribeLibraryService = Get-CisService -Name "com.vmware.content.subscribed_library" + + $StorageSpec = [pscustomobject] @{ + datastore_id = $datastoreId; + type = "DATASTORE"; + } + + $UniqueChangeId = [guid]::NewGuid().tostring() + + $createSpec = $subscribeLibraryService.help.create.create_spec.create() + $createSpec.name = $LibraryName + $createSpec.type = "SUBSCRIBED" + $addResults = $createSpec.storage_backings.Add($StorageSpec) + + if($OnDemand) { $OnDemandFlag = $true } else { $OnDemandFlag = $false } + if($AutomaticSync) { $AutomaticSyncFlag = $true } else { $AutomaticSyncFlag = $false } + $createSpec.subscription_info.on_demand = $OnDemandFlag + $createSpec.subscription_info.automatic_sync_enabled = $AutomaticSyncFlag + $createSpec.subscription_info.subscription_url = $SubscriptionURL + $createSpec.subscription_info.authentication_method = "NONE" + $createSpec.subscription_info.ssl_thumbprint = $SubscriptionThumbprint + + Write-Host "Creating new Subscribed Content Library called $LibraryName ..." + $library = $subscribeLibraryService.create($UniqueChangeId, $createSpec) + } +} \ No newline at end of file diff --git a/Modules/CrossvCentervmotion/XVM.psm1 b/Modules/CrossvCentervmotion/XVM.psm1 index cb9d225..555ec5d 100644 --- a/Modules/CrossvCentervmotion/XVM.psm1 +++ b/Modules/CrossvCentervmotion/XVM.psm1 @@ -152,10 +152,12 @@ Function New-XVCMRequest { The name of the source vSphere Datacenter .PARAMETER DstDatacenter The name of the destination vSphere Datacenter - .PARAMETER SrcCluster - .PARAMETER DstCluster The name of the destination vSphere Cluster, set to null if DstHost is defined + .PARAMETER DstPool + The name of the destination vSphere Resource Pool + .PARAMETER DstFolder + The name of the destination vSphere Folder .PARAMETER DstDatastore The name of the destination Datastore .PARAMETER DstHost @@ -171,6 +173,15 @@ Function New-XVCMRequest { -DstDatastore vsanDatastore ` -srcVMs @("PhotonOS-01","PhotonOS-02","PhotonOS-03","PhotonOS-04") ` -NetworkMapping @{"DVPG-VM Network 1"="DVPG-Internal Network";"DVPG-VM Network 2"="DVPG-External Network"} + .EXAMPLE + New-XVCMRequest -opType Clone -SrcSite OREGON -DstSite CALIF ` + -SrcDatacenter SDDC-Datacenter -srcVMs @(“DUDE-ubuntu”) ` + -DstDatacenter SDDC-Datacenter ` + -DstCluster "Cluster-1" -DstHost $null ` + -DstPool Compute-ResourcePool ` + -DstFolder Workloads ` + -DstDatastore WorkloadDatastore ` + -NetworkMapping @{"OREGON-VMs-sddc"="CALIF-sddc-VMs"} #> param( [Parameter(Mandatory=$true)][String]$opType, #Added by CPM for 2.0 @@ -178,8 +189,9 @@ Function New-XVCMRequest { [Parameter(Mandatory=$true)][String]$DstSite, [Parameter(Mandatory=$true)][String]$SrcDatacenter, [Parameter(Mandatory=$true)][String]$DstDatacenter, - #[Parameter(Mandatory=$true)][String]$SrcCluster, #Removed by CPM for 2.0 [Parameter(Mandatory=$true)][AllowNull()] $DstCluster, #Added [AllowNull()], removed [String] by CPM for 2.0 + [Parameter(Mandatory=$true)][String]$DstPool, + [Parameter(Mandatory=$true)][String]$DstFolder, [Parameter(Mandatory=$true)][String]$DstDatastore, [Parameter(Mandatory=$true)][AllowNull()] $DstHost, #Added by CPM for 2.0 [Parameter(Mandatory=$true)][String[]]$srcVMs, @@ -193,7 +205,8 @@ Function New-XVCMRequest { "targetSite"=$DstSite; "sourceDatacenter"=$SrcDatacenter; "targetDatacenter"=$dstDatacenter; - #"sourceCluster"=$SrcCluster; #Removed by CPM for 2.0 + "targetPool"=$DstPool; + "targetFolder"=$DstFolder; "targetCluster"=$DstCluster; "targetDatastore"=$DstDatastore; "targetHost"=$DstHost; #Added by CPM for 2.0 diff --git a/Modules/NSXT/NSXT.psd1 b/Modules/NSXT/NSXT.psd1 index c3371b3..3cee460 100644 --- a/Modules/NSXT/NSXT.psd1 +++ b/Modules/NSXT/NSXT.psd1 @@ -7,7 +7,35 @@ Copyright = '(c) 2017. All rights reserved.' Description = 'Powershell Module for NSX-T REST API Functions' PowerShellVersion = '5.0' - FunctionsToExport = 'Get-NSXTComputeManager','Get-NSXTFabricNode','Get-NSXTFirewallRule','Get-NSXTIPPool','Get-NSXTLogicalSwitch','Get-NSXTManager','Get-NSXTTransportZone','Get-NSXTController' + FunctionsToExport = 'Get-NSXTBGPNeighbors', + 'Get-NSXTComputeManager', + 'Get-NSXTController', + 'Get-NSXTEdgeCluster', + 'Get-NSXTFabricNode', + 'Get-NSXTFabricVM', + 'Get-NSXTFirewallRule', + 'Get-NSXTForwardingTable', + 'Get-NSXTIPPool', + 'Get-NSXTLogicalRouter', + 'Get-NSXTLogicalRouterPorts', + 'Get-NSXTLogicalSwitch', + 'Get-NSXTManager', + 'Get-NSXTNetworkRoutes', + 'Get-NSXTRoutingTable', + 'Get-NSXTTraceFlow', + 'Get-NSXTTraceFlowObservations', + 'Get-NSXTTransportNode', + 'Get-NSXTTransportZone', + 'Get-NSXTClusterNode', + 'Set-NSXTIPPool', + 'Set-NSXTLogicalRouter', + 'Set-NSXTLogicalSwitch', + 'Set-NSXTTraceFlow', + 'Get-NSXTIPAMIPBlock', + 'Set-NSXTIPAMIPBlock', + 'Remove-NSXTIPAMIPBlock' + + PrivateData = @{ PSData = @{ Tags = @('NSX-T','REST') diff --git a/Modules/NSXT/NSXT.psm1 b/Modules/NSXT/NSXT.psm1 index f8dcb49..4e135e8 100644 --- a/Modules/NSXT/NSXT.psm1 +++ b/Modules/NSXT/NSXT.psm1 @@ -71,63 +71,6 @@ Function Get-NSXTFabricNode { $results } -Function Get-NSXTIPPool { - Param ( - [parameter(Mandatory=$false,ValueFromPipeline=$true)][string]$Id - ) - - $ipPoolService = Get-NsxtService -Name "com.vmware.nsx.pools.ip_pools" - - if($Id) { - $ipPools = $ipPoolService.get($Id) - } else { - $ipPools = $ipPoolService.list().results - } - - $results = @() - foreach ($ipPool in $ipPools) { - $tmp = [pscustomobject] @{ - Id = $ipPool.Id; - Name = $ipPool.Display_Name; - Total = $ipPool.pool_usage.total_ids; - Free = $ipPool.pool_usage.free_ids; - Network = $ipPool.subnets.cidr; - Gateway = $ipPool.subnets.gateway_ip; - DNS = $ipPool.subnets.dns_nameservers; - RangeStart = $ipPool.subnets.allocation_ranges.start; - RangeEnd = $ipPool.subnets.allocation_ranges.end - } - $results+=$tmp - } - $results -} - -Function Get-NSXTTransportZone { - Param ( - [parameter(Mandatory=$false,ValueFromPipeline=$true)][string]$Id - ) - - $transportZoneService = Get-NsxtService -Name "com.vmware.nsx.transport_zones" - - if($Id) { - $transportZones = $transportZoneService.get($Id) - } else { - $transportZones = $transportZoneService.list().results - } - - $results = @() - foreach ($transportZone in $transportZones) { - $tmp = [pscustomobject] @{ - Id = $transportZone.Id; - Name = $transportZone.display_name; - Type = $transportZone.transport_type; - HostSwitchName = $transportZone.host_switch_name; - } - $results+=$tmp - } - $results -} - Function Get-NSXTComputeManager { Param ( [parameter(Mandatory=$false,ValueFromPipeline=$true)][string]$Id @@ -160,38 +103,6 @@ Function Get-NSXTComputeManager { $results } -Function Get-NSXTLogicalSwitch { - Param ( - [parameter(Mandatory=$false,ValueFromPipeline=$true)][string]$Id - ) - - $logicalSwitchService = Get-NsxtService -Name "com.vmware.nsx.logical_switches" - $logicalSwitchSummaryService = Get-NsxtService -Name "com.vmware.nsx.logical_switches.summary" - - if($Id) { - $logicalSwitches = $logicalSwitchService.get($Id) - } else { - $logicalSwitches = $logicalSwitchService.list().results - } - - $results = @() - foreach ($logicalSwitch in $logicalSwitches) { - $transportZone = (Get-NSXTTransportZone -Id $logicalSwitch.transport_zone_id | Select Name | ft -HideTableHeaders | Out-String).trim() - $ports = $logicalSwitchSummaryService.get($logicalSwitch.id).num_logical_ports - - $tmp = [pscustomobject] @{ - Id = $logicalSwitch.Id; - Name = $logicalSwitch.display_name; - VLAN = $logicalSwitch.vlan; - AdminStatus = $logicalSwitch.admin_state; - Ports = $ports; - TransportZone = $transportZone; - } - $results+=$tmp - } - $results -} - Function Get-NSXTFirewallRule { Param ( [parameter(Mandatory=$false,ValueFromPipeline=$true)][string]$Id @@ -257,4 +168,1937 @@ Function Get-NSXTManager { } } $results -} \ No newline at end of file +} + +# Updated Function style below + +Function Get-NSXTTransportNode { + <# + .Synopsis + Retrieves the transport_node information + .DESCRIPTION + Retrieves transport_node information for a single or multiple IDs. Execute with no parameters to get all ports, specify a transport_node if known. + .EXAMPLE + Get-NSXTTransportNode + .EXAMPLE + Get-NSXTThingTemplate -Tranport_node_id "TN ID" +#> + + Param ( + [parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] + [Alias("Id","Tranportnode_id")] + [string]$transport_node_id + ) + + begin + { + $NSXTransportNodesService = Get-NsxtService -Name "com.vmware.nsx.transport_nodes" + + class NSXTransportNode { + [string]$Name + [string]$Transport_node_id + [string]$maintenance_mode + hidden $tags = [System.Collections.Generic.List[string]]::new() + hidden $host_switches = [System.Collections.Generic.List[string]]::new() + hidden [string]$host_switch_spec + hidden $transport_zone_endpoints = [System.Collections.Generic.List[string]]::new() + } + } + + Process + { + if($transport_node_id) { + $NSXTransportNodes = $NSXTransportNodesService.get($transport_node_id) + } else { + $NSXTransportNodes = $NSXTransportNodesService.list().results + } + + foreach ($NSXTransportNode in $NSXTransportNodes) { + + $results = [NSXTransportNode]::new() + $results.Name = $NSXTransportNode.display_name; + $results.Transport_node_id = $NSXTransportNode.Id; + $results.maintenance_mode = $NSXTransportNode.maintenance_mode; + $results.Tags = $NSXTransportNode.tags; + $results.host_switches = $NSXTransportNode.host_switches; + $results.host_switch_spec = $NSXTransportNode.host_switch_spec; + $results.transport_zone_endpoints = $NSXTransportNode.transport_zone_endpoints; + $results.host_switches = $NSXTransportNode.host_switches + $results + } + } +} + +Function Get-NSXTTraceFlow { + <# + .Synopsis + Retrieves traceflow information + .DESCRIPTION + Retrieves traceflow information for a single or multiple traceflows. Execute with no parameters to get all traceflows, specify a traceflow_id if known. + .EXAMPLE + Get-NSXTTraceFlow + .EXAMPLE + Get-NSXTTraceFlow -traceflow_id "TF ID +#> + + Param ( + [parameter(Mandatory=$false,ValueFromPipeline=$true)] + [Alias("Id")] + [string]$traceflow_id + ) + + $NSXTraceFlowsService = Get-NsxtService -Name "com.vmware.nsx.traceflows" + + if($traceflow_id) { + $NSXTraceFlows = $NSXTraceFlowsService.get($traceflow_id) + } else { + $NSXTraceFlows = $NSXTraceFlowsService.list().results + } + + class NSXTraceFlow { + [string]$traceflow_id + hidden [string]$lport_id + [string]$Operation_State + [int]$Forwarded + [int]$Delivered + [int]$Received + [int]$Dropped + [string]$Analysis + } + + foreach ($NSXTraceFlow in $NSXTraceFlows) { + + $results = [NSXTraceFlow]::new() + $results.traceflow_id = $NSXTraceFlow.Id; + $results.Operation_State = $NSXTraceFlow.operation_state; + $results.forwarded = $NSXTraceFlow.Counters.forwarded_count; + $results.delivered = $NSXTraceFlow.Counters.delivered_count; + $results.received = $NSXTraceFlow.Counters.received_count; + $results.dropped = $NSXTraceFlow.Counters.dropped_count; + $results.analysis = $NSXTraceFlow.analysis + $results + } +} + +Function Get-NSXTTraceFlowObservations { + <# + .Synopsis + Retrieves traceflow observations information + .DESCRIPTION + Retrieves traceflow observations information for a single traceflow. Must specify a current traceflow_id + .EXAMPLE + Get-NSXTTraceFlowObservations -traceflow_id "TF ID" + .EXAMPLE + Get-NSXTTraceFlow | Get-NSXTTraceFlowObservations +#> + + Param ( + [parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)] + [Alias("Id")] + [string]$traceflow_id + ) + + begin + { + $NSXTraceFlowsObservService = Get-NsxtService -Name "com.vmware.nsx.traceflows.observations" + } + + Process + { + if($traceflow_id) { + $NSXTraceFlowsObserv = $NSXTraceFlowsObservService.list($traceflow_id) + } else { + throw "TraceFlow ID required" + } + + $NSXTraceFlowsObserv.results | select transport_node_name,component_name,@{N='PacketEvent';E={($_.resource_type).TrimStart("TraceflowObservation")}} + } +} + +Function Get-NSXTEdgeCluster { + <# + .Synopsis + Retrieves the Edge cluster information + .DESCRIPTION + Retrieves Edge cluster information for a single or multiple clusterss. Execute with no parameters to get all ports, specify a edge_cluster_id if known. + .EXAMPLE + Get-NSXTEdgeCluster + .EXAMPLE + Get-NSXTEdgeCluster -edge_cluster_id "Edge Cluster ID" + .EXAMPLE + Get-NSXTThingTemplate | where name -eq "My Edge Cluster Name" +#> + + Param ( + [parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] + [Alias("Id")] + [string]$edge_cluster_id + ) + + Begin + { + $NSXTEdgeClustersService = Get-NsxtService -Name "com.vmware.nsx.edge_clusters" + + class NSXEdgeCluster { + [string]$Name + hidden [string]$Protection + hidden [string]$Tags + [string]$edge_cluster_id + [string]$resource_type + [string]$deployment_type + [string]$member_node_type + $members = [System.Collections.Generic.List[string]]::new() + $cluster_profile_bindings = [System.Collections.Generic.List[string]]::new() + } + } + + Process + { + if ($edge_cluster_id) { + $NSXEdgeClusters = $NSXTEdgeClustersService.get($edge_cluster_id) + } + else { + $NSXEdgeClusters = $NSXTEdgeClustersService.list().results + } + + foreach ($NSXEdgeCluster in $NSXEdgeClusters) { + + $results = [NSXEdgeCluster]::new() + $results.Name = $NSXEdgeCluster.display_name; + $results.Protection = $NSXEdgeCluster.Protection; + $results.edge_cluster_id = $NSXEdgeCluster.Id; + $results.resource_type = $NSXEdgeCluster.resource_type; + $results.Tags = $NSXEdgeCluster.tags; + $results.deployment_type = $NSXEdgeCluster.deployment_type; + $results.member_node_type = $NSXEdgeCluster.member_node_type; + $results.members = $NSXEdgeCluster.members; + $results.cluster_profile_bindings = $NSXEdgeCluster.cluster_profile_bindings + $results + } + } +} + +Function Get-NSXTLogicalRouter { + <# + .Synopsis + Retrieves the Logical Router information + .DESCRIPTION + Retrieves Logical Router information for a single or multiple LR's. This includes corresponding SR's and transport_node_id. Execute with no parameters to get all ports, specify a Logical_router_id if known. + .EXAMPLE + Get-NSXTLogicalRouter + .EXAMPLE + Get-NSXTLogicalRouter -Logical_router_id "LR ID" + .EXAMPLE + Get-NSXTLogicalRouter | where name -eq "LR Name" + .EXAMPLE + (Get-NSXTLogicalRouter -Logical_router_id "LR ID").per_node_status +#> + + Param ( + [parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] + [Alias("Id")] + [string]$Logical_router_id + ) + + begin + { + $NSXTLogicalRoutersService = Get-NsxtService -Name "com.vmware.nsx.logical_routers" + $NSXTLogicalRoutersStatusService = Get-NsxtService -Name "com.vmware.nsx.logical_routers.status" + + class per_node_status { + $service_router_id + [ValidateSet("ACTIVE","STANDBY","DOWN","SYNC","UNKNOWN")] + $high_availability_status + $transport_node_id + + per_node_status(){} + + per_node_status( + $service_router_id, + $high_availability_status, + $transport_node_id + ) { + $this.service_router_id = $service_router_id + $this.high_availability_status = $high_availability_status + $this.transport_node_id = $transport_node_id + } + } + + class NSXTLogicalRouter { + [string]$Name + [string]$Logical_router_id + [string]$protection + hidden [string]$Tags + [string]$edge_cluster_id + [ValidateSet("TIER0","TIER1")] + [string]$router_type + [ValidateSet("ACTIVE_ACTIVE","ACTIVE_STANDBY","")] + [string]$high_availability_mode + [ValidateSet("PREEMPTIVE","NON_PREEMPTIVE","")] + [string]$failover_mode + [string]$external_transit + [string]$internal_transit + hidden [string]$advanced_config = [System.Collections.Generic.List[string]]::new() + hidden [string]$firewall_sections = [System.Collections.Generic.List[string]]::new() + $per_node_status = [System.Collections.Generic.List[string]]::new() + } + } + + Process + { + if($Logical_router_id) { + $NSXLogicalRouters = $NSXTLogicalRoutersService.get($Logical_router_id) + } else { + $NSXLogicalRouters = $NSXTLogicalRoutersService.list().results + } + + foreach ($NSXLogicalRouter in $NSXLogicalRouters) { + + $NSXTLogicalRoutersStatus = $NSXTLogicalRoutersStatusService.get($NSXLogicalRouter.id) + $results = [NSXTLogicalRouter]::new() + + foreach ($NSXTLogicalRouterStatus in $NSXTLogicalRoutersStatus.per_node_status) { + $results.per_node_status += [per_node_status]::new($NSXTLogicalRouterStatus.service_router_id,$NSXTLogicalRouterStatus.high_availability_status,$NSXTLogicalRouterStatus.transport_node_id) + } + + $results.Name = $NSXLogicalRouter.display_name; + $results.Logical_router_id = $NSXLogicalRouter.Id; + $results.protection = $NSXLogicalRouter.protection; + $results.Tags = $NSXLogicalRouter.tags; + $results.edge_cluster_id = $NSXLogicalRouter.edge_cluster_id; + $results.router_type = $NSXLogicalRouter.router_type; + $results.high_availability_mode = $NSXLogicalRouter.high_availability_mode; + $results.failover_mode =$NSXLogicalRouter.failover_mode; + $results.external_transit = $NSXLogicalRouter.advanced_config.external_transit_networks; + $results.internal_transit = $NSXLogicalRouter.advanced_config.internal_transit_network; + $results.advanced_config =$NSXLogicalRouter.advanced_config; + $results.firewall_sections =$NSXLogicalRouter.firewall_sections + $results + } + } +} + +Function Get-NSXTRoutingTable { + <# + .Synopsis + Retrieves the routing table information + .DESCRIPTION + Retrieves routing table for a single LR including LR type (SR/DR) and next_hop. Must specify Logical_router_id & transport_node_id. Pipeline input supported. + .EXAMPLE + Get-NSXTRoutingTable -Logical_router_id "LR ID" -transport_node_id "TN ID" | format-table -autosize + .EXAMPLE + Get-NSXTLogicalRouter | where name -eq "LR Name" | Get-NSXTRoutingTable -transport_node_id "TN ID" + .EXAMPLE + Get-NSXTLogicalRouter | where name -eq INT-T1 | Get-NSXTRoutingTable -transport_node_id ((Get-NSXTTransportNode | where name -match "INT")[0].transport_node_id) + .EXAMPLE + Get-NSXTLogicalRouter | where name -eq INT-T1 | Get-NSXTRoutingTable -transport_node_id (((Get-NSXTLogicalRouter | where name -eq INT-T1).per_node_status | where high_availability_status -eq ACTIVE).transport_node_id) +#> + + Param ( + [parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)] + [string]$Logical_router_id, + [parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)] + [string]$transport_node_id + ) + + Begin + { + $NSXTRoutingTableService = Get-NsxtService -Name "com.vmware.nsx.logical_routers.routing.route_table" + + class NSXTRoutingTable { + hidden [string]$Logical_router_id + [string]$lr_component_id + [string]$lr_component_type + [string]$network + [string]$next_hop + [string]$route_type + hidden [string]$logical_router_port_id + [long]$admin_distance + } + } + + Process + { + $NSXTRoutingTable = $NSXTRoutingTableService.list($Logical_router_id,$transport_node_id,$null,$null,$null,$null,$null,'realtime') + + foreach ($NSXTRoute in $NSXTRoutingTable.results) { + + $results = [NSXTRoutingTable]::new() + $results.Logical_router_id = $Logical_router_id; + $results.lr_component_type = $NSXTRoute.lr_component_type; + $results.lr_component_id = $NSXTRoute.lr_component_id; + $results.next_hop = $NSXTRoute.next_hop; + $results.route_type = $NSXTRoute.route_type; + $results.logical_router_port_id = $NSXTRoute.logical_router_port_id; + $results.admin_distance = $NSXTRoute.admin_distance; + $results.network = $NSXTRoute.network + $results + } + } +} + +Function Get-NSXTFabricVM { + <# + .Synopsis + Retrieves the VM's attached to the fabric. + .DESCRIPTION + Retrieves all VM's attached to the fabric. + .EXAMPLE + Get-NSXTFabricVM +#> + Begin + { + $NSXTVMService = Get-NsxtService -Name "com.vmware.nsx.fabric.virtual_machines" + + class NSXVM { + [string]$Name + $resource_type + hidden [string]$Tags + hidden $compute_ids + hidden [string]$external_id + [string]$host_id + [string]$power_state + [string]$type + hidden $source + } + } + + Process + { + + $NSXTVMs = $NSXTVMService.list().results + + foreach ($NSXTVM in $NSXTVMs) { + + $results = [NSXVM]::new() + $results.Name = $NSXTVM.display_name; + $results.resource_type = $NSXTVM.resource_type; + $results.compute_ids = $NSXTVM.compute_ids; + $results.resource_type = $NSXTVM.resource_type; + $results.Tags = $NSXTVM.tags; + $results.external_id = $NSXTVM.external_id; + $results.host_id = $NSXTVM.host_id; + $results.power_state = $NSXTVM.power_state; + $results.type = $NSXTVM.type; + $results.source = $NSXTVM.source + $results + } + } +} + +Function Get-NSXTBGPNeighbors { + <# + .Synopsis + Retrieves the BGP neighbor information + .DESCRIPTION + Retrieves BGP neighbor information for a single logical router. Must specify logical_router_id parameter. Pipeline input supported + .EXAMPLE + Get-NSXTBGPNeighbors -logical_router_id "LR ID" + .EXAMPLE + Get-NSXTLogicalRouter | where name -eq "LR Name" | Get-NSXTBGPNeighbors +#> + + Param ( + [parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)] + [Alias("Id")] + [string]$logical_router_id + ) + + begin + { + $NSXTThingsService = Get-NsxtService -Name "com.vmware.nsx.logical_routers.routing.bgp.neighbors" + + class NSXTBGPNeighbors { + [string]$Name + [string]$logical_router_id + hidden $tags = [System.Collections.Generic.List[string]]::new() + [string]$protection + [string]$resource_type + [string]$address_families = [System.Collections.Generic.List[string]]::new() + hidden $bfd_config + [bool]$enable_bfd + [bool]$enabled + hidden $filter_in_ipprefixlist_id + hidden $filter_in_routemap_id + hidden $filter_out_ipprefixlist_id + hidden $filter_out_routemap_id + hidden [long]$hold_down_timer + hidden [long]$keep_alive_timer + hidden [long]$maximum_hop_limit + [string]$neighbor_address + hidden [string]$password + [long]$remote_as + [string]$remote_as_num + [string]$source_address + [string]$source_addresses = [System.Collections.Generic.List[string]]::new() + } + } + + Process + { + $NSXTThings = $NSXTThingsService.list($logical_router_id).results + + foreach ($NSXTThing in $NSXTThings) { + + $results = [NSXTBGPNeighbors]::new() + $results.Name = $NSXTThing.display_name; + $results.logical_router_id = $NSXTThing.logical_router_id; + $results.tags = $NSXTThing.tags; + $results.protection = $NSXTThing.protection; + $results.resource_type = $NSXTThing.resource_type; + $results.address_families = $NSXTThing.address_families; + $results.bfd_config = $NSXTThing.bfd_config; + $results.enable_bfd = $NSXTThing.enable_bfd; + $results.enabled = $NSXTThing.enabled; + $results.filter_in_ipprefixlist_id = $NSXTThing.filter_in_ipprefixlist_id; + $results.filter_in_routemap_id = $NSXTThing.filter_in_routemap_id; + $results.filter_out_ipprefixlist_id = $NSXTThing.filter_out_ipprefixlist_id; + $results.filter_out_routemap_id = $NSXTThing.filter_out_routemap_id; + $results.hold_down_timer = $NSXTThing.hold_down_timer; + $results.keep_alive_timer = $NSXTThing.keep_alive_timer; + $results.maximum_hop_limit = $NSXTThing.maximum_hop_limit; + $results.neighbor_address = $NSXTThing.neighbor_address; + $results.password = $NSXTThing.password; + $results.remote_as = $NSXTThing.remote_as; + $results.remote_as_num = $NSXTThing.remote_as_num; + $results.source_address = $NSXTThing.source_address; + $results.source_addresses = $NSXTThing.source_addresses + $results + } + } +} + +Function Get-NSXTForwardingTable { + <# + .Synopsis + Retrieves the forwarding table information + .DESCRIPTION + Retrieves forwarding table for a single LR including LR type (SR/DR) and next_hop. Must specify Logical_router_id & transport_node_id. Pipeline input supported. + .EXAMPLE + Get-Get-NSXTForwardingTable -Logical_router_id "LR ID" -transport_node_id "TN ID" | format-table -autosize + .EXAMPLE + Get-NSXTLogicalRouter | where name -eq "LR Name" | Get-NSXTForwardingTable -transport_node_id "TN ID" + .EXAMPLE + Get-NSXTLogicalRouter | where name -eq "LR Name" | Get-NSXTForwardingTable -transport_node_id ((Get-NSXTTransportNode | where name -match "Edge Name")[0].transport_node_id) + .EXAMPLE + Get-NSXTLogicalRouter | where name -eq "LR Name" | Get-NSXTForwardingTable -transport_node_id (((Get-NSXTLogicalRouter | where name -eq "Edge Name").per_node_status | where high_availability_status -eq ACTIVE).transport_node_id) +#> + + Param ( + [parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)] + [string]$Logical_router_id, + [parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)] + [string]$transport_node_id + ) + + Begin + { + $NSXTForwardingTableService = Get-NsxtService -Name "com.vmware.nsx.logical_routers.routing.forwarding_table" + + class NSXTForwardingTable { + hidden [string]$Logical_router_id + [string]$lr_component_id + [string]$lr_component_type + [string]$network + [string]$next_hop + [string]$route_type + hidden [string]$logical_router_port_id + } + } + + Process + { + $NSXTForwardingTable = $NSXTForwardingTableService.list($Logical_router_id,$transport_node_id,$null,$null,$null,$null,$null,$null,'realtime') + + foreach ($NSXTForwarding in $NSXTForwardingTable.results) { + + $results = [NSXTForwardingTable]::new() + $results.Logical_router_id = $Logical_router_id; + $results.lr_component_type = $NSXTForwarding.lr_component_type; + $results.lr_component_id = $NSXTForwarding.lr_component_id; + $results.network = $NSXTForwarding.network; + $results.next_hop = $NSXTForwarding.next_hop; + $results.route_type = $NSXTForwarding.route_type; + $results.logical_router_port_id = $NSXTForwarding.logical_router_port_id + $results + } + } +} + +Function Get-NSXTNetworkRoutes { +<# + .Synopsis + Retrieves the network routes information + .DESCRIPTION + Retrieves the network routes information for a single or multiple routes. + .EXAMPLE + Get-NSXTNetworkRoutes + .EXAMPLE + Get-NSXTNetworkRoutes -route_id "Route ID" +#> + + Param ( + [parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] + [string]$route_id + ) + + Begin + { + $NSXTNetworkRoutesService = Get-NsxtService -Name "com.vmware.nsx.node.network.routes" + + class NSXTNetworkRoutes { + [string]$route_id + $route_type + $interface_id + $gateway + $from_address + $destination + $netmask + $metric + $proto + $scope + $src + } + } + + Process + { + if ($route_id) { + $NSXTNetworkRoutes = $NSXTNetworkRoutesService.get($route_id) + } + else { + $NSXTNetworkRoutes = $NSXTNetworkRoutesService.list().results + } + + foreach ($NSXTRoute in $NSXTNetworkRoutes) { + + $results = [NSXTNetworkRoutes]::new() + $results.route_id = $NSXTRoute.route_id; + $results.route_type = $NSXTRoute.route_type; + $results.interface_id = $NSXTRoute.interface_id; + $results.gateway = $NSXTRoute.gateway; + $results.from_address = $NSXTRoute.from_address; + $results.destination = $NSXTRoute.destination; + $results.netmask = $NSXTRoute.netmask; + $results.metric = $NSXTRoute.metric; + $results.proto = $NSXTRoute.proto; + $results.scope = $NSXTRoute.scope; + $results.src = $NSXTRoute.src + $results + } + } +} + +Function Get-NSXTLogicalRouterPorts { +<# + .Synopsis + Retrieves the logical router port information + .DESCRIPTION + Retrieves logical router port information for a single or multiple ports. Execute with no parameters to get all ports, specify a single port if known, or feed a logical switch for filtered output. + .EXAMPLE + Get-NSXTLogicalRouterPorts + .EXAMPLE + Get-NSXTLogicalRouterPorts -logical_router_port_id "LR Port Name" + .EXAMPLE + Get-NSXTLogicalRouterPorts -logical_router_id "LR Name" + .EXAMPLE + Get-NSXTLogicalRouterPorts -logical_router_id (Get-NSXTLogicalRouter | where name -eq "LR Name") +#> + + Param ( + [parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] + [Alias("Id")] + [string]$logical_router_port_id, + [parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] + [string]$logical_router_id + ) + + begin + { + $NSXTLogicalRouterPortsService = Get-NsxtService -Name "com.vmware.nsx.logical_router_ports" + + class subnets { + $ip_addresses + $prefix_length + + subnets(){} + + subnets( + $ip_addresses, + $prefix_length + ) { + $this.ip_addresses = $ip_addresses + $this.prefix_length = $prefix_length + } + } + + class NSXTLogicalRouterPorts { + [string]$Name + $Id + [string]$logical_router_id + $resource_type + [string]$protection + $mac_address + $subnets = [System.Collections.Generic.List[string]]::new() + hidden [string]$Tags + hidden $linked_logical_switch_port_id + } + } + + Process + { + if($logical_router_port_id) { + $NSXTLogicalRouterPorts = $NSXTLogicalRouterPortsService.get($logical_router_port_id) + } else { + if ($logical_router_id) { + $NSXTLogicalRouterPorts = $NSXTLogicalRouterPortsService.list().results | where {$_.logical_router_id -eq $Logical_router_id} + } + else { + $NSXTLogicalRouterPorts = $NSXTLogicalRouterPortsService.list().results + } + } + + foreach ($NSXTLogicalRouterPort in $NSXTLogicalRouterPorts) { + + $results = [NSXTLogicalRouterPorts]::new() + + foreach ($subnet in $NSXTLogicalRouterPort.subnets) { + $results.subnets += [subnets]::new($subnet.ip_addresses,$subnet.prefix_length) + } + + $results.Name = $NSXTLogicalRouterPort.display_name + $results.Id = $NSXTLogicalRouterPort.Id + $results.Logical_router_id = $NSXTLogicalRouterPort.Logical_router_id + $results.resource_type = $NSXTLogicalRouterPort.resource_type + $results.protection = $NSXTLogicalRouterPort.protection + $results.Tags = $NSXTLogicalRouterPort.tags + $results.mac_address = $NSXTLogicalRouterPort.mac_address + $results.linked_logical_switch_port_id = $NSXTLogicalRouterPort.linked_logical_switch_port_id + $results + } + } +} + +Function Get-NSXTTransportZone { + <# + .Synopsis + Retrieves the Transport Zone information + .DESCRIPTION + Retrieves THING information for a single or multiple ports. Execute with no parameters to get all ports, specify a PARAM if known. + .EXAMPLE + Get-NSXTTransportZone + .EXAMPLE + Get-NSXTTransportZone -zone_id "Zone ID" + .EXAMPLE + Get-NSXTTransportZone -name "Zone1" +#> + + Param ( + [parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] + [Alias("Id")] + [string]$zone_id, + [parameter(Mandatory=$false)] + [string]$name + ) + + begin + { + $NSXTTransportZoneService = Get-NsxtService -Name "com.vmware.nsx.transport_zones" + + class NSXTTransportZone { + [string]$Name + [string]$ID + hidden [string]$description + hidden $tags + $resource_type + $host_switch_name + $transport_type + hidden $transport_zone_profile_ids + $host_switch_mode + $protection + hidden $uplink_teaming_policy_names + } + } + + Process + { + if($zone_id) { + $NSXTTransportZones = $NSXTTransportZoneService.get($zone_id) + } else { + if ($name) { + $NSXTTransportZones = $NSXTTransportZoneService.list().results | where {$_.display_name -eq $name} + } + else { + $NSXTTransportZones = $NSXTTransportZoneService.list().results + } + } + + foreach ($NSXTTransportZone in $NSXTTransportZones) { + + $results = [NSXTTransportZone]::new() + $results.Name = $NSXTTransportZone.display_name; + $results.ID = $NSXTTransportZone.Id; + $results.description = $NSXTTransportZone.description; + $results.tags = $NSXTTransportZone.tags; + $results.resource_type = $NSXTTransportZone.resource_type; + $results.host_switch_name = $NSXTTransportZone.host_switch_name; + $results.transport_type = $NSXTTransportZone.transport_type; + $results.transport_zone_profile_ids = $NSXTTransportZone.transport_zone_profile_ids; + $results.host_switch_mode = $NSXTTransportZone.host_switch_mode; + $results.protection = $NSXTTransportZone.protection; + $results.uplink_teaming_policy_names = $NSXTTransportZone.uplink_teaming_policy_names + $results + } + } +} + +Function Get-NSXTLogicalSwitch { + <# + .Synopsis + Retrieves the Logical Switch information + .DESCRIPTION + Retrieves Logical Switch information for a single or multiple switches. Execute with no parameters to get all ports, specify a name or lswitch_id if known. + .EXAMPLE + Get-NSXTLogicalSwitch + .EXAMPLE + Get-NSXTLogicalSwitch -lswitch_id "switch id" + .EXAMPLE + Get-NSXTLogicalSwitch -name "switch name" +#> + + Param ( + [parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] + [Alias("Id")] + [string]$lswitch_id, + [parameter(Mandatory=$false)] + [string]$name + ) + + begin + { + $NSXTLogicalSwitchService = Get-NsxtService -Name "com.vmware.nsx.logical_switches" + + class NSXTLogicalSwitch { + [string]$Name + [string]$ID + $tags + $resource_type + hidden $description + $vni + $transport_zone_id + $admin_state + $replication_mode + hidden $address_bindings + $protection + hidden $extra_configs + $ip_pool_id + hidden $mac_pool_id + hidden $uplink_teaming_policy_name + hidden $vlan + hidden $vlan_trunk_spec + } + } + + Process + { + if($lswitch_id) { + $NSXTLogicalSwitches = $NSXTLogicalSwitchService.get($lswitch_id) + } else { + if ($name) { + $NSXTLogicalSwitches = $NSXTLogicalSwitchService.list().results | where {$_.display_name -eq $name} + } + else { + $NSXTLogicalSwitches = $NSXTLogicalSwitchService.list().results + } + } + + foreach ($NSXTLogicalSwitch in $NSXTLogicalSwitches) { + + $results = [NSXTLogicalSwitch]::new() + $results.Name = $NSXTLogicalSwitch.display_name; + $results.Id = $NSXTLogicalSwitch.Id; + $results.Tags = $NSXTLogicalSwitch.tags; + $results.resource_type = $NSXTLogicalSwitch.resource_type; + $results.description = $NSXTLogicalSwitch.description; + $results.vni = $NSXTLogicalSwitch.vni; + $results.transport_zone_id = $NSXTLogicalSwitch.transport_zone_id; + $results.admin_state = $NSXTLogicalSwitch.admin_state; + $results.replication_mode = $NSXTLogicalSwitch.replication_mode; + $results.address_bindings = $NSXTLogicalSwitch.address_bindings; + $results.protection = $NSXTLogicalSwitch.protection; + $results.extra_configs = $NSXTLogicalSwitch.extra_configs; + $results.ip_pool_id = $NSXTLogicalSwitch.ip_pool_id; + $results.mac_pool_id = $NSXTLogicalSwitch.mac_pool_id; + $results.uplink_teaming_policy_name = $NSXTLogicalSwitch.uplink_teaming_policy_name; + $results.vlan = $NSXTLogicalSwitch.vlan; + $results.vlan_trunk_spec = $NSXTLogicalSwitch.vlan_trunk_spec + $results + } + } +} + +Function Get-NSXTIPPool { + <# + .Synopsis + Retrieves the THING information + .DESCRIPTION + Retrieves THING information for a single or multiple ports. Execute with no parameters to get all ports, specify a PARAM if known. + .EXAMPLE + Get-NSXTIPPool + .EXAMPLE + Get-NSXTThingTemplate -pool_id "Pool ID" +#> + + Param ( + [parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] + [Alias("Id")] + [string]$pool_id, + [parameter(Mandatory=$false)] + [string]$name + ) + + begin + { + $NSXTIPPoolService = Get-NsxtService -Name "com.vmware.nsx.pools.ip_pools" + + class NSXTIPPool { + [string]$Name + [string]$id + $total_ids + $free_ids + $allocated_ids + $Network + $Gateway + $DNS + $RangeStart + $RangeEnd + } + } + + Process + { + if($pool_id) { + $NSXTIPPools = $NSXTIPPoolService.get($pool_id) + } else { + if ($name) { + $NSXTIPPools = $NSXTIPPoolService.list().results | where {$_.display_name -eq $name} + } + else { + $NSXTIPPools = $NSXTIPPoolService.list().results + } + } + + foreach ($NSXTIPPool in $NSXTIPPools) { + + $results = [NSXTIPPool]::new() + $results.Name = $NSXTIPPool.display_name; + $results.ID = $NSXTIPPool.id; + $results.total_ids = $NSXTIPPool.pool_usage.total_ids; + $results.free_ids = $NSXTIPPool.pool_usage.free_ids; + $results.allocated_ids = $NSXTIPPool.pool_usage.allocated_ids; + $results.Network = $NSXTIPPool.subnets.cidr; + $results.Gateway = $NSXTIPPool.subnets.gateway_ip; + $results.DNS = $NSXTIPPool.subnets.dns_nameservers; + $results.RangeStart = $NSXTIPPool.subnets.allocation_ranges.start; + $results.RangeEnd = $NSXTIPPool.subnets.allocation_ranges.end + $results + } + } +} + +Function Get-NSXTIPAMIPBlock { + <# + .Synopsis + Retrieves the IPAM IP Block information + .DESCRIPTION + Retrieves IPAM IP Block information for a single or multiple ports. Execute with no parameters to get all ports, specify a PARAM if known. + .EXAMPLE + Get-NSXTIPAMIPBlock + .EXAMPLE + Get-NSXTIPAMIPBlock -block_id "Block Id" + .EXAMPLE + Get-NSXTIPAMIPBlock -name "Block Name" + +#> + + Param ( + [parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] + [Alias("Id")] + [string]$block_id, + [parameter(Mandatory=$false)] + [string]$name + ) + + begin + { + $NSXTIPAMIPBlocksService = Get-NsxtService -Name "com.vmware.nsx.pools.ip_blocks" + + class ip_block { + [string]$Name + [string]$block_id + hidden [string]$Tags = [System.Collections.Generic.List[string]]::new() + [string]$protection + #[ValidateSet("TIER0","TIER1")] + [string]$cidr + hidden [string]$resource_type + } + } + + Process + { + if($block_id) { + $NSXTIPAMIPBlocks = $NSXTIPAMIPBlocksService.get($block_id) + } else { + if ($name) { + $NSXTIPAMIPBlocks = $NSXTIPAMIPBlocksService.list().results | where {$_.display_name -eq $name} + } + else { + $NSXTIPAMIPBlocks = $NSXTIPAMIPBlocksService.list().results + } + } + + foreach ($NSXTIPAMIPBlock in $NSXTIPAMIPBlocks) { + + $results = [ip_block]::new() + $results.Name = $NSXTIPAMIPBlock.display_name; + $results.block_id = $NSXTIPAMIPBlock.id; + $results.Tags = $NSXTIPAMIPBlock.tags; + $results.protection = $NSXTIPAMIPBlock.protection; + $results.cidr = $NSXTIPAMIPBlock.cidr; + $results.resource_type = $NSXTIPAMIPBlock.resource_type + + $results + } + } +} + +Function Get-NSXTClusterNode { + <# + .Synopsis + Retrieves the cluster node information + .DESCRIPTION + Retrieves cluster node information including manager and controller nodes. + .EXAMPLE + Get-NSXTClusterNode + .EXAMPLE + Get-NSXTClusterNode -node_id "Node Id" + .EXAMPLE + Get-NSXTClusterNode -name "Name" +#> + + Param ( + [parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] + [Alias("Id")] + [string]$node_id, + [parameter(Mandatory=$false)] + [string]$name + ) + + begin + { + $NSXTClusterNodesService = Get-NsxtService -Name "com.vmware.nsx.cluster.nodes" + + class NSXTClusterNode { + [string]$Name + [string]$node_id + hidden [array]$Tags = [System.Collections.Generic.List[string]]::new() + hidden [string]$controller_role + hidden [array]$manager_role + [string]$protection + [string]$appliance_mgmt_listen_addr + hidden [string]$external_id + hidden [string]$description + [string]$role + } + } + + Process + { + if($node_id) { + $NSXTThings = $NSXTClusterNodesService.get($node_id) + } else { + if ($name) { + $NSXTClusterNodes = $NSXTClusterNodesService.list().results | where {$_.display_name -eq $name} + } + else { + $NSXTClusterNodes = $NSXTClusterNodesService.list().results + } + } + + foreach ($NSXTClusterNode in $NSXTClusterNodes) { + + $results = [NSXTClusterNode]::new() + $results.Name = $NSXTClusterNode.display_name; + $results.node_id = $NSXTClusterNode.Id; + $results.Tags = $NSXTClusterNode.tags; + $results.controller_role = $NSXTClusterNode.controller_role; + $results.manager_role = $NSXTClusterNode.manager_role; + $results.protection = $NSXTClusterNode.protection; + $results.appliance_mgmt_listen_addr = $NSXTClusterNode.appliance_mgmt_listen_addr; + $results.external_id = $NSXTClusterNode.external_id; + $results.description = $NSXTClusterNode.description + + if ($NSXTClusterNode.manager_role -ne $null) { + $results.role = "Manager" + } + elseif ($NSXTClusterNode.controller_role -ne $null) { + $results.role = "Controller" + } + + $results + } + } +} + +# Working Set Functions +Function Set-NSXTLogicalRouter { + <# + .Synopsis + Creates a Logical Router + .DESCRIPTION + Create a TIER0 or TIER1 logical router + .EXAMPLE + Set-NSXTLogicalRouter -display_name "Name" -high_availability_mode "ACTIVE_STANDBY" -router_type "TIER1" + .EXAMPLE + Set-NSXTLogicalRouter -display_name "Name" -high_availability_mode "ACTIVE_ACTIVE" -router_type "TIER0" -edge_cluster_id "Edge Cluster ID" + .EXAMPLE + Set-NSXTLogicalRouter -display_name "Name" -high_availability_mode "ACTIVE_STANDBY" -router_type "TIER1" -description "this is my new tier1 lr" +#> + + [CmdletBinding(SupportsShouldProcess=$true, + ConfirmImpact='Medium')] + + # Paramameter Set variants will be needed Multicast & Broadcast Traffic Types as well as VM & Logical Port Types + Param ( + [parameter(Mandatory=$false, + ParameterSetName='TIER0')] + [parameter(Mandatory=$false, + ParameterSetName='TIER1')] + [string]$description, + + [parameter(Mandatory=$true, + ParameterSetName='TIER0')] + [parameter(Mandatory=$true, + ParameterSetName='TIER1')] + [string]$display_name, + + [parameter(Mandatory=$true, + ParameterSetName='TIER0')] + [parameter(Mandatory=$true, + ParameterSetName='TIER1')] + [ValidateSet("ACTIVE_ACTIVE","ACTIVE_STANDBY")] + [string]$high_availability_mode, + + [parameter(Mandatory=$true, + ParameterSetName='TIER0')] + [parameter(Mandatory=$true, + ParameterSetName='TIER1')] + [ValidateSet("TIER0","TIER1")] + [string]$router_type, + + [parameter(Mandatory=$true, + ParameterSetName='TIER0')] + [string]$edge_cluster_id + ) + + Begin + { + if (-not $global:DefaultNsxtServers.isconnected) + { + try + { + Connect-NsxtServer -Menu -ErrorAction Stop + } + + catch + { + throw "Could not connect to an NSX-T Manager, please try again" + } + } + + $NSXTLogicalRouterService = Get-NsxtService -Name "com.vmware.nsx.logical_routers" + } + + Process + { + $logical_router_request = $NSXTLogicalRouterService.help.create.logical_router.Create() + + $logical_router_request.display_name = $display_name + $logical_router_request.description = $description + $logical_router_request.router_type = $router_type + $logical_router_request.high_availability_mode = $high_availability_mode + $logical_router_request.resource_type = "LogicalRouter" + $logical_router_request.failover_mode = "NON_PREEMPTIVE" + + if ($edge_cluster_id) { + $logical_router_request.edge_cluster_id = $edge_cluster_id + } + + try + { + # Should process + if ($pscmdlet.ShouldProcess($logical_router_request.display_name, "Create logical router")) + { + $NSXTLogicalRouter = $NSXTLogicalRouterService.create($logical_router_request) + } + } + + catch + { + throw $Error[0].Exception.ServerError.data + # more error data found in the NSX-T Manager /var/log/vmware/nsx-manager.log file. + } + + $NSXTLogicalRouter + } +} + +Function Set-NSXTLogicalSwitch { + <# + .Synopsis + Creates a Logical Switch + .DESCRIPTION + Creates a Logical Switch with a number of required parameters. IP Pool is necessary even for an overlay logical switch + .EXAMPLE + Set-NSXTLogicalSwitch -display_name "Name" -transport_zone_id "TP Zone ID" + .EXAMPLE + Set-NSXTLogicalSwitch -display_name "Name" -transport_zone_id "TP Zone ID" -admin_state "UP" -replication_mode "MTEP" -ip_pool_id "IP Pool Name" +#> + + [CmdletBinding(SupportsShouldProcess=$true, + ConfirmImpact='Medium')] + + # Paramameter Set variants will be needed Multicast & Broadcast Traffic Types as well as VM & Logical Port Types + Param ( + [parameter(Mandatory=$false)] + [string]$description, + + [parameter(Mandatory=$true)] + [string]$display_name, + + [parameter(Mandatory=$true)] + [string]$transport_zone_id, + + [parameter(Mandatory=$true)] + [ValidateSet("UP","DOWN")] + [string]$admin_state, + + [parameter(Mandatory=$false)] + [ValidateSet("MTEP","SOURCE")] + [string]$replication_mode, + + [parameter(Mandatory=$true)] + [string]$ip_pool_id + ) + + Begin + { + if (-not $global:DefaultNsxtServers.isconnected) + { + try + { + Connect-NsxtServer -Menu -ErrorAction Stop + } + + catch + { + throw "Could not connect to an NSX-T Manager, please try again" + } + } + + $NSXTLogicalSwitchService = Get-NsxtService -Name "com.vmware.nsx.logical_switches" + } + + Process + { + $logical_switch_request = $NSXTLogicalSwitchService.help.create.logical_switch.Create() + + $logical_switch_request.display_name = $display_name + $logical_switch_request.description = $description + $logical_switch_request.admin_state = $admin_state + $logical_switch_request.transport_zone_id = $transport_zone_id + $logical_switch_request.resource_type = "LogicalSwitch" + $logical_switch_request.replication_mode = $replication_mode + $logical_switch_request.ip_pool_id = $ip_pool_id + + try + { + # Should process + if ($pscmdlet.ShouldProcess($logical_switch_request.display_name, "Create logical switch")) + { + $NSXTLogicalSwitch = $NSXTLogicalSwitchService.create($logical_switch_request) + } + + } + + catch + { + throw $Error[0].Exception.ServerError.data + # more error data found in the NSX-T Manager /var/log/vmware/nsx-manager.log file. + } + + $NSXTLogicalSwitch + } +} + +Function Set-NSXTIPAMIPBlock { + <# + .Synopsis + Creates an IPAM IP Block + .DESCRIPTION + Creates a IPAM IP Block with a cidr parameter. + .EXAMPLE + Set-NSXTIPAMIPBlock -name "IPAM Block Name" -cidr "192.168.0.0/24" +#> + + [CmdletBinding(SupportsShouldProcess=$true, + ConfirmImpact='Medium')] + + # Paramameter Set variants will be needed Multicast & Broadcast Traffic Types as well as VM & Logical Port Types + Param ( + [parameter(Mandatory=$false)] + [string]$description, + + [parameter(Mandatory=$true)] + [ValidateNotNullOrEmpty()] + [string]$display_name, + + [parameter(Mandatory=$true)] + [ValidateNotNullOrEmpty()] + [string]$cidr + ) + + Begin + { + if (-not $global:DefaultNsxtServers.isconnected) + { + try + { + Connect-NsxtServer -Menu -ErrorAction Stop + } + + catch + { + throw "Could not connect to an NSX-T Manager, please try again" + } + } + + $NSXTIPAMIPBlockService = Get-NsxtService -Name "com.vmware.nsx.pools.ip_blocks" + } + + Process + { + $IPAMIPBlock_request = $NSXTIPAMIPBlockService.help.create.ip_block.Create() + + $IPAMIPBlock_request.display_name = $display_name + $IPAMIPBlock_request.description = $description + $IPAMIPBlock_request.resource_type = "IpBlock" + $IPAMIPBlock_request.cidr = $cidr + + + try + { + # Should process + if ($pscmdlet.ShouldProcess($ip_pool.display_name, "Create IP Pool")) + { + $NSXTIPAMIPBlock = $NSXTIPAMIPBlockService.create($IPAMIPBlock_request) + } + } + + catch + { + throw $Error[0].Exception.ServerError.data + # more error data found in the NSX-T Manager /var/log/vmware/nsx-manager.log file. + } + + $NSXTIPAMIPBlock + } +} + +Function Set-NSXTIPPool { + <# + .Synopsis + Creates an IP Pool + .DESCRIPTION + Creates a IP Pool with a number of required parameters. Supported IP formats include 192.168.1.1, 192.168.1.1-192.168.1.100, 192.168.0.0/24 + .EXAMPLE + Set-NSXTIPPool -display_name "Pool Name" -allocation_start "192.168.1.2" -allocation_end "192.168.1.100" -cidr "192.168.1.0/24" + .EXAMPLE + Set-NSXTIPPool -display_name "Test Pool Name" -allocation_start "192.168.1.2" -allocation_end "192.168.1.100" -cidr "192.168.1.0/24" -dns_nameservers "192.168.1.1" -gateway_ip "192.168.1.1" -dns_suffix "evil corp" +#> + + [CmdletBinding(SupportsShouldProcess=$true, + ConfirmImpact='High')] + + # Paramameter Set variants will be needed Multicast & Broadcast Traffic Types as well as VM & Logical Port Types + Param ( + [parameter(Mandatory=$true)] + [ValidateNotNullOrEmpty()] + [string]$display_name, + + [parameter(Mandatory=$false)] + [string]$description, + + [parameter(Mandatory=$false)] + [string]$dns_nameservers, + + [parameter(Mandatory=$false)] + [string]$dns_suffix, + + [parameter(Mandatory=$true)] + [ValidateNotNullOrEmpty()] + [string]$allocation_start, + + [parameter(Mandatory=$true)] + [ValidateNotNullOrEmpty()] + [string]$allocation_end, + + [parameter(Mandatory=$true)] + [ValidateNotNullOrEmpty()] + [string]$cidr, + + [parameter(Mandatory=$false)] + [string]$gateway_ip + ) + + Begin + { + if (-not $global:DefaultNsxtServers.isconnected) + { + try + { + Connect-NsxtServer -Menu -ErrorAction Stop + } + + catch + { + throw "Could not connect to an NSX-T Manager, please try again" + } + } + + $NSXTIPPoolService = Get-NsxtService -Name "com.vmware.nsx.pools.ip_pools" + + # Classes unused - part of early testing + class allocation_ranges { + [string]$start + [string]$end + #$self + } + + class subnets { + [array]$allocation_ranges = [allocation_ranges]::new() + [array]$dns_nameservers + [string]$dns_suffix + [string]$cidr + [string]$gateway_ip + #hidden $self + } + + class ip_pool { + [string]$display_name + [string]$description + [string]$resource_type = 'IpPool' + [long]$revision = '0' + [array]$subnets = [subnets]::new() + hidden $pool_usage + hidden [array]$tags + # hidden $self + hidden $links + } + } + + Process + { + $sample_ip_pool = $NSXTIPPoolService.help.create.ip_pool.Create() + $sample_ip_pool.subnets = @($NSXTIPPoolService.help.create.ip_pool.subnets.Create()) + $sample_ip_pool.subnets = @($NSXTIPPoolService.help.create.ip_pool.subnets.Element.Create()) + $sample_ip_pool.subnets[0].allocation_ranges = @($NSXTIPPoolService.help.create.ip_pool.subnets.Element.allocation_ranges.create()) + $sample_ip_pool.subnets[0].allocation_ranges = @($NSXTIPPoolService.help.create.ip_pool.subnets.Element.allocation_ranges.element.create()) + + #Remove buggy self object + $ip_pool = $sample_ip_pool | select -Property * -ExcludeProperty self + $ip_pool.subnets[0] = $sample_ip_pool.subnets[0] | select -Property * -ExcludeProperty self + $ip_pool.subnets[0].allocation_ranges[0] = $sample_ip_pool.subnets[0].allocation_ranges[0] | select -Property * -ExcludeProperty self + + # Assign objects + $ip_pool.display_name = $display_name + $ip_pool.description = $description + $ip_pool.resource_type = "IpPool" + $ip_pool.subnets[0].dns_nameservers = @($dns_nameservers) + $ip_pool.subnets[0].dns_suffix = $dns_suffix + $ip_pool.subnets[0].allocation_ranges[0].start = $allocation_start + $ip_pool.subnets[0].allocation_ranges[0].end = $allocation_end + $ip_pool.subnets[0].cidr = $cidr + $ip_pool.subnets[0].gateway_ip = $gateway_ip + $ip_pool.revision = 0 + $ip_pool.tags = @() + + try + { + # Should process + if ($pscmdlet.ShouldProcess($ip_pool.display_name, "Create IP Pool")) + { + $NSXTIPPoolService.create($ip_pool) + } + } + + catch + { + $Error[0].Exception.ServerError.data + # more error data found in the NSX-T Manager /var/log/vmware/nsx-manager.log file; grep POOL-MGMT + throw + } + } +} + +# Remove functions +Function Remove-NSXTIPAMIPBlock { + <# + .Synopsis + Removes an IPAM IP Block + .DESCRIPTION + Removes a IPAM IP Block with a block_id parameter. + .EXAMPLE + Remove-NSXTIPAMIPBlock -block_id "id" + .EXAMPLE + Get-NSXTIPAMIPBlock | where name -eq "IPAM Test2" | Remove-NSXTIPAMIPBlock +#> + + [CmdletBinding(SupportsShouldProcess=$true, + ConfirmImpact='High')] + + Param ( + [parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)] + [ValidateNotNullOrEmpty()] + [Alias("Id")] + [string]$block_id + ) + + Begin + { + if (-not $global:DefaultNsxtServers.isconnected) + { + try + { + Connect-NsxtServer -Menu -ErrorAction Stop + } + + catch + { + throw "Could not connect to an NSX-T Manager, please try again" + } + } + + $NSXTIPAMIPBlockService = Get-NsxtService -Name "com.vmware.nsx.pools.ip_blocks" + } + + Process + { + try + { + # Should process + if ($pscmdlet.ShouldProcess($block_id, "Delete IP Pool")) + { + $NSXTIPAMIPBlockService.delete($block_id) + } + } + + catch + { + throw $Error[0].Exception.ServerError.data + # more error data found in the NSX-T Manager /var/log/vmware/nsx-manager.log file. + } + } +} + +# Non-working Set Functions +Function Set-NSXTTraceFlow { + <# + .Synopsis + Creates a TraceFlow + .DESCRIPTION + Create a TraceFlow for later observation. + .EXAMPLE + Set-NSXTTraceFlow -transport_type "UNICAST" -lport_id "LP ID" -src_ip "IP Address" -src_mac "MAC" -dst_ip "IP Address" -dst_mac "MAC" + .EXAMPLE + Set-NSXTTraceFlow -transport_type "UNICAST" -lport_id "LP ID" -src_ip "IP Address" -src_mac "MAC" -dst_ip "IP Address" -dst_mac "MAC" | Get-NSXTTraceFlow + .EXAMPLE + Set-NSXTTraceFlow -transport_type "UNICAST" -lport_id "LP ID" -src_ip "IP Address" -src_mac "MAC" -dst_ip "IP Address" -dst_mac "MAC" | Get-NSXTTraceFlow | Get-NSXTTraceFlowObservations +#> + + [CmdletBinding(SupportsShouldProcess=$true, + ConfirmImpact='Medium')] + + # Paramameter Set variants will be needed Multicast & Broadcast Traffic Types as well as VM & Logical Port Types + Param ( + [parameter(Mandatory=$true, + ParameterSetName='Parameter Set VM Type')] + [ValidateSet("UNICAST")] + [string] + $transport_type = "UNICAST", + [parameter(Mandatory=$true, + ValueFromPipeline=$true, + ParameterSetName='Parameter Set VM Type')] + [ValidateNotNullOrEmpty()] + #[ValidateScript({Get-NSXTLogicalPort -Id $_}] + [string] + $lport_id, + [parameter(Mandatory=$true, + ValueFromPipeline=$true, + ParameterSetName='Parameter Set VM Type')] + [ValidateNotNullOrEmpty()] + [ValidateScript({$_ -match [IPAddress]$_})] + [string] + $src_ip, + [parameter(Mandatory=$true, + ValueFromPipeline=$true, + ParameterSetName='Parameter Set VM Type')] + [ValidateNotNullOrEmpty()] + [ValidateScript({$pattern = '^(([0-9A-Fa-f]{2}[:]){5}([0-9A-Fa-f]{2}))|(([0-9A-Fa-f]{2}[-]){5}([0-9A-Fa-f]{2}))$' + if ($_ -match ($pattern -join '|')) {$true} else { + throw "The argument '$_' does not match a valid MAC address format." + } + })] + [string] + $src_mac, + [parameter(Mandatory=$true, + ValueFromPipeline=$true, + ParameterSetName='Parameter Set VM Type')] + [ValidateNotNullOrEmpty()] + [ValidateScript({$_ -match [IPAddress]$_ })] + [string] + $dst_ip, + [parameter(Mandatory=$true, + ValueFromPipeline=$true, + ParameterSetName='Parameter Set VM Type')] + [ValidateNotNullOrEmpty()] + [ValidateScript({$pattern = '^(([0-9A-Fa-f]{2}[:]){5}([0-9A-Fa-f]{2}))|(([0-9A-Fa-f]{2}[-]){5}([0-9A-Fa-f]{2}))$' + if ($_ -match ($pattern -join '|')) {$true} else { + throw "The argument '$_' does not match a valid MAC address format." + } + })] + [string] + $dst_mac) + + Begin + { + if (-not $global:DefaultNsxtServers.isconnected) + { + + try + { + Connect-NsxtServer -Menu -ErrorAction Stop + } + + catch + { + throw "Could not connect to an NSX-T Manager, please try again" + } + } + + $NSXTraceFlowsService = Get-NsxtService -Name "com.vmware.nsx.traceflows" + + # Comment out custom classes + <# + class ip_header { + [string]$src_ip + [string]$dst_ip + } + + class eth_header { + [string]$src_mac + [string]$dst_mac + } + + class packet_data { + [boolean]$routed + [ValidateSet("UNICAST","BROADCAST","MULTICAST","UNKNOWN")] + [string]$transport_type + [ValidateSet("BINARYPACKETDATA","FIELDSPACKETDATA")] + [string]$resource_type + [long]$frame_size + [eth_header]$eth_header = [eth_header]::new() + [ip_header]$ip_header = [ip_header]::new() + + packet_data(){ + $this.routed = 'true' + $this.transport_type = 'UNICAST' + $this.resource_type = 'FieldsPacketData' + } + } + + class traceflow_request { + [string]$lport_id + [long]$timeout + [packet_data]$packet = [packet_data]::new() + + traceflow_request(){ + $this.timeout = '15000' + } + } +#> + } + + Process + { + $traceflow_request = $NSXTraceFlowsService.Help.create.traceflow_request.Create() + + $traceflow_request.lport_id = $lport_id + $traceflow_request.packet.transport_type = $transport_type + + $eth_header = [ordered]@{'src_mac' = $src_mac;'eth_type' = '2048';'dst_mac' = $dst_mac} + $ip_header = [ordered]@{src_ip = $src_ip;protocol = '1';ttl = '64';dst_ip = $dst_ip} + $traceflow_request.packet | Add-Member -NotePropertyMembers $eth_header -TypeName eth_header + $traceflow_request.packet | Add-Member -NotePropertyMembers $ip_header -TypeName ip_header + + try + { + # Should process + if ($pscmdlet.ShouldProcess($traceflow_request.lport_id, "Create traceflow")) + { + # This does not work, bug report submitted to PowerCLI team + $NSXTraceFlow = $NSXTraceFlowService.create($traceflow_request) + } + } + + catch + { + throw $Error[0].Exception.ServerError.data + # more error data found in the NSX-T Manager /var/log/vmware/nsx-manager.log file. Filter by MONITORING. + } + + $NSXTraceFlow + } +} + + + +########################### +# # +# TEMPLATES!! # +# # +########################### + +# Get Template +Function Get-NSXTThingTemplate { + <# + .Synopsis + Retrieves the THING information + .DESCRIPTION + Retrieves THING information for a single or multiple ports. Execute with no parameters to get all ports, specify a PARAM if known. + .EXAMPLE + Get-NSXTThingTemplate + .EXAMPLE + Get-NSXTThingTemplate -param1 "LR Port Name" + .EXAMPLE + Get-NSXTThingTemplate -param2 "LR Name" + .EXAMPLE + Get-NSXTThingTemplate -param2 (Get-NSXTLogicalRouter | where name -eq "LR Name") +#> + + Param ( + [parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] + [Alias("Id")] + [string]$Thing_id, + [parameter(Mandatory=$false)] + [string]$name + ) + + begin + { + $NSXTThingsService = Get-NsxtService -Name "com.vmware.nsx.API.Thing" + + class NSXTThing { + [string]$Name + [string]$Thing1 + hidden [string]$Tags = [System.Collections.Generic.List[string]]::new() + [string]$Thing2 + #[ValidateSet("TIER0","TIER1")] + [string]$Thing3 + #[ValidateSet("ACTIVE_ACTIVE","ACTIVE_STANDBY","")] + [string]$Thing4 + #[ValidateSet("PREEMPTIVE","NON_PREEMPTIVE","")] + [string]$Thing5 + [string]$Thing6 + [string]$Thing7 + } + } + + Process + { + if($Thing_id) { + $NSXTThings = $NSXTThingsService.get($Thing_id) + } else { + if ($name) { + $NSXTThings = $NSXTThingsService.list().results | where {$_.display_name -eq $name} + } + else { + $NSXTThings = $NSXTThingsService.list().results + } + } + + foreach ($NSXTThing in $NSXTThings) { + + $results = [NSXTThing]::new() + $results.Name = $NSXTThing.display_name; + $results.Logical_router_id = $NSXTThing.Id; + $results.Tags = $NSXTThing.tags; + $results.thing1 = $NSXTThing.thing1; + $results.thing2 = $NSXTThing.thing2 + + $results + } + } +} + +# Set Template +Function Set-NSXTThingTemplate { + <# + .Synopsis + Creates a THING + .DESCRIPTION + Creates a THING with a number of required parameters. + .EXAMPLE + Set-NSXTThingTemplateh -param1 "Name" -param2 "TP Zone ID" + .EXAMPLE + Set-NSXTThingTemplateh -param1 "Name" -param2 "TP Zone ID" +#> + + [CmdletBinding(SupportsShouldProcess=$true, + ConfirmImpact='Medium')] + + # Paramameter Set variants will be needed Multicast & Broadcast Traffic Types as well as VM & Logical Port Types + Param ( + [parameter(Mandatory=$false)] + [string]$description, + + [parameter(Mandatory=$true)] + [ValidateNotNullOrEmpty()] + [string]$display_name, + + [parameter(Mandatory=$true)] + [ValidateNotNullOrEmpty()] + [string]$transport_zone_id, + + [parameter(Mandatory=$true)] + [ValidateSet("UP","DOWN")] + [string]$admin_state, + + [parameter(Mandatory=$false)] + [ValidateSet("MTEP","SOURCE")] + [string]$replication_mode, + + [parameter(Mandatory=$true)] + [ValidateNotNullOrEmpty()] + [string]$ip_pool_id + ) + + Begin + { + if (-not $global:DefaultNsxtServers.isconnected) + { + try + { + Connect-NsxtServer -Menu -ErrorAction Stop + } + + catch + { + throw "Could not connect to an NSX-T Manager, please try again" + } + } + + $NSXTTHINGService = Get-NsxtService -Name "com.vmware.nsx.THING" + } + + Process + { + $logical_THING_request = $NSXTTHINGService.help.create.logical_switch.Create() + + $logical_THING_request.display_name = $display_name + $logical_THING_request.description = $description + $logical_THING_request.admin_state = $admin_state + $logical_THING_request.transport_zone_id = $transport_zone_id + $logical_THING_request.resource_type = "LogicalSwitch" + $logical_THING_request.replication_mode = $replication_mode + $logical_THING_request.ip_pool_id = $ip_pool_id + + try + { + # Should process + if ($pscmdlet.ShouldProcess($ip_pool.display_name, "Create IP Pool")) + { + $NSXTTHING = $NSXTTHINGService.create($logical_THING_request) + } + } + + catch + { + throw $Error[0].Exception.ServerError.data + # more error data found in the NSX-T Manager /var/log/vmware/nsx-manager.log file. + } + + $NSXTTHING + } +} + +# Remove Template +Function Remove-NSXTThingTemplate { + <# + .Synopsis + Removes an IPAM IP Block + .DESCRIPTION + Removes a IPAM IP Block with a block_id parameter. + .EXAMPLE + Remove-NSXTIPAMIPBlock -block_id "id" +#> + + [CmdletBinding(SupportsShouldProcess=$true, + ConfirmImpact='High')] + + Param ( + [parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)] + [ValidateNotNullOrEmpty()] + [Alias("Id")] + [string]$thing_id + ) + + Begin + { + if (-not $global:DefaultNsxtServers.isconnected) + { + try + { + Connect-NsxtServer -Menu -ErrorAction Stop + } + + catch + { + throw "Could not connect to an NSX-T Manager, please try again" + } + } + + $NSXTTHINGkService = Get-NsxtService -Name "com.vmware.nsx.THING" + } + + Process + { + try + { + # Should process + if ($pscmdlet.ShouldProcess($thing_id, "Delete IP Pool")) + { + $NSXTTHINGkService.delete($thing_id) + } + } + + catch + { + throw $Error[0].Exception.ServerError.data + # more error data found in the NSX-T Manager /var/log/vmware/nsx-manager.log file. + } + } +} + + + diff --git a/Modules/VMware.CSP/VMware.CSP.psm1 b/Modules/VMware.CSP/VMware.CSP.psm1 index b4b4515..0562950 100644 --- a/Modules/VMware.CSP/VMware.CSP.psm1 +++ b/Modules/VMware.CSP/VMware.CSP.psm1 @@ -21,7 +21,8 @@ [Parameter(Mandatory=$true)][String]$RefreshToken ) - $results = Invoke-WebRequest -Uri "https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize?refresh_token=$RefreshToken" -Method POST -ContentType "application/json" -UseBasicParsing -Headers @{"csp-auth-token"="$RefreshToken"} + $body = "refresh_token=$RefreshToken" + $results = Invoke-WebRequest -Uri "https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize" -Method POST -ContentType "application/x-www-form-urlencoded" -UseBasicParsing -Body $body if($results.StatusCode -ne 200) { Write-Host -ForegroundColor Red "Failed to retrieve Access Token, please ensure your VMC Refresh Token is valid and try again" break @@ -51,4 +52,43 @@ Function Get-CSPServices { $results = Invoke-WebRequest -Uri "https://console.cloud.vmware.com/csp/gateway/slc/api/definitions?expand=1" -Method GET -ContentType "application/json" -UseBasicParsing -Headers @{"csp-auth-token"="$env:cspAuthToken"} ((($results.Content) | ConvertFrom-Json).results | where {$_.visible -eq $true}).displayName } -} \ No newline at end of file +} + +Function Get-CSPRefreshTokenExpiry { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 01/10/2019 + Organization: VMware + Blog: https://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .DESCRIPTION + Retrieve the expiry for a given CSP Refresh Token + .PARAMETER RefreshToken + Retrieve the expiry for a given CSP Refresh Token + .EXAMPLE + Get-CSPRefreshTokenExpiry -RefreshToken $RefreshToken + #> + Param ( + [Parameter(Mandatory=$true)][String]$RefreshToken + ) + + $body = @{"tokenValue"="$RefreshToken"} + $json = $body | ConvertTo-Json + $results = Invoke-WebRequest -Uri "https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/details" -Method POST -ContentType "application/json" -UseBasicParsing -Body $json + $tokenDetails = (($results.Content) | ConvertFrom-Json) + + $createDate = (Get-Date -Date "01/01/1970").AddMilliseconds($tokenDetails.createdAt).ToLocalTime() + $usedDate = (Get-Date -Date "01/01/1970").AddMilliseconds($tokenDetails.lastUsedAt).ToLocalTime() + $expiryDate = (Get-Date -Date "01/01/1970").AddMilliseconds($tokenDetails.expiresAt).ToLocalTime() + + $tmp = [pscustomobject] @{ + LastUsedDate = $usedDate; + CreatedDate = $createDate; + ExpiryDate = $expiryDate; + } + $tmp | Format-List +} diff --git a/Modules/VMware.Community.CISTag/VMware.Community.CISTag.psd1 b/Modules/VMware.Community.CISTag/VMware.Community.CISTag.psd1 new file mode 100644 index 0000000..b20f2de --- /dev/null +++ b/Modules/VMware.Community.CISTag/VMware.Community.CISTag.psd1 @@ -0,0 +1,123 @@ +# +# Module manifest for module 'VMware.Community.CISTag' +# +# Generated by: Kyle Ruddy +# +# Generated on: 12/14/18 +# + +@{ + +# Script module or binary module file associated with this manifest. +RootModule = 'VMware.Community.CISTag.psm1' + +# Version number of this module. +ModuleVersion = '1.0.0' + +# Supported PSEditions +# CompatiblePSEditions = @() + +# ID used to uniquely identify this module +GUID = 'a0803efd-6017-4049-bfc9-5983a5a0c348' + +# Author of this module +Author = 'Kyle Ruddy' + +# Company or vendor of this module +CompanyName = 'VMware' + +# Copyright statement for this module +Copyright = '(c) VMware. All rights reserved.' + +# Description of the functionality provided by this module +Description = 'Community sourced PowerShell Module for managing vSphere Tags via the CIS Endpoint' + +# Minimum version of the PowerShell engine required by this module +PowerShellVersion = '4.0' + +# Name of the PowerShell host required by this module +# PowerShellHostName = '' + +# Minimum version of the PowerShell host required by this module +# PowerShellHostVersion = '' + +# Minimum version of Microsoft .NET Framework required by this module. This prerequisite is valid for the PowerShell Desktop edition only. +# DotNetFrameworkVersion = '' + +# Minimum version of the common language runtime (CLR) required by this module. This prerequisite is valid for the PowerShell Desktop edition only. +# CLRVersion = '' + +# Processor architecture (None, X86, Amd64) required by this module +# ProcessorArchitecture = '' + +# Modules that must be imported into the global environment prior to importing this module +# RequiredModules = @() + +# Assemblies that must be loaded prior to importing this module +# RequiredAssemblies = @() + +# Script files (.ps1) that are run in the caller's environment prior to importing this module. +# ScriptsToProcess = @() + +# Type files (.ps1xml) to be loaded when importing this module +# TypesToProcess = @() + +# Format files (.ps1xml) to be loaded when importing this module +# FormatsToProcess = @() + +# Modules to import as nested modules of the module specified in RootModule/ModuleToProcess +# NestedModules = @() + +# Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export. +FunctionsToExport = 'Get-CISTag', 'Get-CISTagCategory', 'Get-CISTagAssignment', 'New-CISTag', 'New-CISTagCategory', 'New-CISTagAssignment', 'Remove-CISTag', 'Remove-CISTagCategory', 'Remove-CISTagAssignment' + +# Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export. +# CmdletsToExport = '*' + +# Variables to export from this module +# VariablesToExport = '*' + +# Aliases to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no aliases to export. +# AliasesToExport = '*' + +# DSC resources to export from this module +# DscResourcesToExport = @() + +# List of all modules packaged with this module +# ModuleList = @() + +# List of all files packaged with this module +# FileList = @() + +# Private data to pass to the module specified in RootModule/ModuleToProcess. This may also contain a PSData hashtable with additional module metadata used by PowerShell. +PrivateData = @{ + + PSData = @{ + + # Tags applied to this module. These help with module discovery in online galleries. + # Tags = @() + + # A URL to the license for this module. + # LicenseUri = '' + + # A URL to the main website for this project. + # ProjectUri = '' + + # A URL to an icon representing this module. + # IconUri = '' + + # ReleaseNotes of this module + # ReleaseNotes = '' + + } # End of PSData hashtable + +} # End of PrivateData hashtable + +# HelpInfo URI of this module +# HelpInfoURI = '' + +# Default prefix for commands exported from this module. Override the default prefix using Import-Module -Prefix. +# DefaultCommandPrefix = '' + +} + diff --git a/Modules/VMware.Community.CISTag/VMware.Community.CISTag.psm1 b/Modules/VMware.Community.CISTag/VMware.Community.CISTag.psm1 new file mode 100644 index 0000000..4ca717c --- /dev/null +++ b/Modules/VMware.Community.CISTag/VMware.Community.CISTag.psm1 @@ -0,0 +1,770 @@ +function Get-CISTag { +<# +.SYNOPSIS + Gathers tag information from the CIS REST API endpoint +.DESCRIPTION + Will provide a list of tags +.NOTES + Author: Kyle Ruddy, @kmruddy +.PARAMETER Name + Tag name which should be retreived +.PARAMETER Category + Tag category name which should be retreived +.PARAMETER Id + Tag ID which should be retreived +.EXAMPLE + Get-CISTag + Retreives all tag information +.EXAMPLE + Get-CISTag -Name tagName + Retreives the tag information based on the specified name +#> +[CmdletBinding(SupportsShouldProcess = $True, ConfirmImpact = 'Low')] + param( + [Parameter(Mandatory=$false,Position=0,ValueFromPipelineByPropertyName=$true)] + [String]$Name, + [Parameter(Mandatory=$false,Position=1,ValueFromPipelineByPropertyName=$true)] + [String]$Category, + [Parameter(Mandatory=$false,Position=2,ValueFromPipelineByPropertyName=$true)] + [String]$Id + ) + + If (-Not $global:DefaultCisServers) { Write-error "No CIS Connection found, please use the Connect-CisServer to connect" } Else { + $tagSvc = Get-CisService -Name com.vmware.cis.tagging.tag + if ($PSBoundParameters.ContainsKey("Id")) { + $tagOutput = $tagSvc.get($Id) + } else { + if ($global:DefaultVIServer -and $global:DefaultVIServer.Name -eq $global:DefaultCisServers.Name) { + [Boolean]$vCenterConn = $true + $vCTagList = Get-Tag + } else { + $tagArray = @() + $tagIdList = $tagSvc.list() | Select-Object -ExpandProperty Value + [int]$counter = 1 + foreach ($t in $tagIdList) { + $tagArray += $tagSvc.get($t) + $counter++ + if ($counter -gt 200) {Start-Sleep -Milliseconds 1; $counter = 1} + } + } + if ($PSBoundParameters.ContainsKey("Name")) { + if ($vCenterConn){ + $tagOutput = $vCTagList | Where-Object {$_.Name -eq $Name} + } else {$tagOutput = $tagArray | Where-Object {$_.Name -eq $Name}} + } elseif ($PSBoundParameters.ContainsKey("Category")) { + if ($vCenterConn){ + $tagOutput = $vCTagList | Where-Object {$_.Category -eq $Category} + } else { + $tagCatid = Get-CISTagCategory -Name $Category | Select-Object -ExpandProperty Id + $tagIdList = $tagSvc.list_tags_for_category($tagCatid) + $tagArray2 = @() + foreach ($t in $tagIdList) { + $tagArray2 += $tagSvc.get($t) + } + $tagOutput = $tagArray2 + } + } else { + if ($vCenterConn){$tagOutput = $vCTagList} + else {$tagOutput = $tagArray} + } + } + $tagOutput | Select-Object Id, Name, Description + } + +} + +function New-CISTag { +<# +.SYNOPSIS + Creates a new tag from the CIS REST API endpoint +.DESCRIPTION + Will create a new tag +.NOTES + Author: Kyle Ruddy, @kmruddy +.PARAMETER Name + Tag name which should be created +.PARAMETER Category + Category name where the new tag should be associated +.PARAMETER Description + Description for the new tag +.PARAMETER CategoryID + Category ID where the new tag should be associated +.EXAMPLE + New-CISTag -Name tagName -Category categoryName -Description "Tag Descrition" + Creates a new tag based on the specified name +#> +[CmdletBinding(SupportsShouldProcess = $True, ConfirmImpact = 'Medium')] + param( + [Parameter(Mandatory=$true,Position=0)] + [String]$Name, + [Parameter(Mandatory=$false,Position=1)] + [String]$Category, + [Parameter(Mandatory=$false,Position=2)] + [String]$Description, + [Parameter(Mandatory=$false,Position=3)] + [String]$CategoryID + ) + + If (-Not $global:DefaultCisServers) { Write-error "No CIS Connection found, please use the Connect-CisServer to connect" } Else { + $tagSvc = Get-CisService -Name com.vmware.cis.tagging.tag + $tagCreateHelper = $tagSvc.Help.create.create_spec.Create() + $tagCreateHelper.name = $Name + if ($PSBoundParameters.ContainsKey("Category")) { + $tagCreateHelper.category_id = Get-CISTagCategory -Name $Category | Select-Object -ExpandProperty Id + } elseif ($PSBoundParameters.ContainsKey("CategoryId")) { + $tagCreateHelper.category_id = $CategoryID + } else {Write-Warning "No Category input found. Add a Category name or ID."; break} + if ($PSBoundParameters.ContainsKey("Description")) { + $tagCreateHelper.description = $Description + } else { + $tagCreateHelper.description = "" + } + $tagNewId = $tagSvc.create($tagCreateHelper) + Get-CISTag -Id $tagNewId + } + +} + +function Remove-CISTag { +<# +.SYNOPSIS + Removes a tag from the CIS REST API endpoint +.DESCRIPTION + Will delete a new tag +.NOTES + Author: Kyle Ruddy, @kmruddy +.PARAMETER Name + Tag name which should be removed +.PARAMETER ID + Tag ID which should be removed +.EXAMPLE + Remove-CISTag -Name tagName + Removes a new tag based on the specified name +#> +[CmdletBinding(SupportsShouldProcess = $True, ConfirmImpact = 'High')] + param( + [Parameter(Mandatory=$false,Position=0,ValueFromPipelineByPropertyName=$true)] + [String]$Name, + [Parameter(Mandatory=$false,Position=1,ValueFromPipelineByPropertyName=$true)] + [String]$ID + ) + + If (-Not $global:DefaultCisServers) { Write-error "No CIS Connection found, please use the Connect-CisServer to connect" } Else { + $tagSvc = Get-CisService -Name com.vmware.cis.tagging.tag + if ($ID) { + $tagSvc.delete($ID) + } else { + $tagId = Get-CISTag -Name $Name | select -ExpandProperty Id + if ($tagId) {$tagSvc.delete($tagId)} + else {Write-Warning "No valid tag found."} + } + } +} + +function Get-CISTagCategory { +<# +.SYNOPSIS + Gathers tag category information from the CIS REST API endpoint +.DESCRIPTION + Will provide a list of tag categories +.NOTES + Author: Kyle Ruddy, @kmruddy +.PARAMETER Name + Tag category name which should be retreived +.PARAMETER Id + Tag category ID which should be retreived +.EXAMPLE + Get-CISTagCategory + Retreives all tag category information +.EXAMPLE + Get-CISTagCategory -Name tagCategoryName + Retreives the tag category information based on the specified name +#> +[CmdletBinding(SupportsShouldProcess = $True, ConfirmImpact = 'Low')] + param( + [Parameter(Mandatory=$false,Position=0,ValueFromPipelineByPropertyName=$true)] + [String]$Name, + [Parameter(Mandatory=$false,Position=2,ValueFromPipelineByPropertyName=$true)] + [String]$Id + ) + + If (-Not $global:DefaultCisServers) { Write-error "No CIS Connection found, please use the Connect-CisServer to connect" } Else { + $tagCatSvc = Get-CisService -Name com.vmware.cis.tagging.category + if ($PSBoundParameters.ContainsKey("Id")) { + $tagCatOutput = $tagCatSvc.get($Id) + } else { + $tagCatArray = @() + $tagCatIdList = $tagCatSvc.list() | Select-Object -ExpandProperty Value + foreach ($tc in $tagCatIdList) { + $tagCatArray += $tagCatSvc.get($tc) + } + if ($PSBoundParameters.ContainsKey("Name")) { + $tagCatOutput = $tagCatArray | Where-Object {$_.Name -eq $Name} + } else { + $tagCatOutput = $tagCatArray + } + } + $tagCatOutput | Select-Object Id, Name, Description, Cardinality + } + +} + +function New-CISTagCategory { +<# +.SYNOPSIS + Creates a new tag category from the CIS REST API endpoint +.DESCRIPTION + Will create a new tag category +.NOTES + Author: Kyle Ruddy, @kmruddy +.PARAMETER Name + Tag category name which should be created +.PARAMETER Description + Tag category ID which should be retreived +.PARAMETER Cardinality + Tag category ID which should be retreived +.PARAMETER AssociableTypes + Tag category ID which should be retreived +.EXAMPLE + New-CISTagCategory -Name NewTagCategoryName -Description "New Tag Category Description" -Cardinality "Single" -AssociableTypes + Creates a new tag category with the specified information +#> +[CmdletBinding(SupportsShouldProcess = $True, ConfirmImpact = 'Medium')] + param( + [Parameter(Mandatory=$true,Position=0)] + [String]$Name, + [Parameter(Mandatory=$false,Position=1)] + [String]$Description, + [Parameter(Mandatory=$false,Position=2)] + [ValidateSet("SINGLE","MULTIPLE")] + [String]$Cardinality = "SINGLE", + [Parameter(Mandatory=$false,Position=3)] + [ValidateSet("All", "Cluster", "Datacenter", "Datastore", "DatastoreCluster", "DistributedPortGroup", "DistributedSwitch", "Folder", "ResourcePool", "VApp", "VirtualPortGroup", "VirtualMachine", "VMHost")] + [String]$AssociableTypes = "All" + ) + + If (-Not $global:DefaultCisServers) { Write-error "No CIS Connection found, please use the Connect-CisServer to connect" } Else { + $tagCatSvc = Get-CisService -Name com.vmware.cis.tagging.category + $tagCatCreateHelper = $tagCatSvc.Help.create.create_spec.Create() + $tagCatCreateHelper.name = $Name + if ($PSBoundParameters.ContainsKey("Description")) { + $tagCatCreateHelper.description = $Description + } else {$tagCatCreateHelper.description = ""} + $tagCatCreateHelper.cardinality = $Cardinality + $tagCatCreateAssocTypeHelper = $tagCatSvc.help.create.create_spec.associable_types.create() + $tagCatCreateAssocTypeHelper.Add($AssociableTypes) + $tagCatCreateHelper.associable_types = $tagCatCreateAssocTypeHelper + $tagCatNewId = $tagCatSvc.create($tagCatCreateHelper) + Get-CISTagCategory -Id $tagCatNewId + } + +} + +function Remove-CISTagCategory { +<# +.SYNOPSIS + Removes tag category information from the CIS REST API endpoint +.DESCRIPTION + Will remove a tag category +.NOTES + Author: Kyle Ruddy, @kmruddy +.PARAMETER Name + Tag category name which should be removed +.PARAMETER Id + Tag category ID which should be removed +.EXAMPLE + Remove-CISTagCategory -Name tagCategoryName + Removes the tag category information based on the specified name + +#> +[CmdletBinding(SupportsShouldProcess = $True, ConfirmImpact = 'High')] + param( + [Parameter(Mandatory=$false,Position=0,ValueFromPipelineByPropertyName=$true)] + [String]$Name, + [Parameter(Mandatory=$false,Position=2,ValueFromPipelineByPropertyName=$true)] + [String]$Id + ) + + If (-Not $global:DefaultCisServers) { Write-error "No CIS Connection found, please use the Connect-CisServer to connect" } Else { + $tagCatSvc = Get-CisService -Name com.vmware.cis.tagging.category + if ($PSBoundParameters.ContainsKey("Id")) { + $tagCatSvc.delete($Id) + } elseif ($PSBoundParameters.ContainsKey("Name")) { + $tagCatId = Get-CISTagCategory -Name $Name | Select-Object -ExpandProperty Id + $tagCatSvc.delete($tagCatId) + } else {Write-Warning "No tag category found."} + } +} + +function Get-CISTagAssignment { +<# +.SYNOPSIS + Displays a list of the tag assignments from the CIS REST API endpoint +.DESCRIPTION + Will provide a list of the tag assignments +.NOTES + Author: Kyle Ruddy, @kmruddy +.PARAMETER Category + Tag category name which should be referenced +.PARAMETER Entity + Object name which should be retreived +.PARAMETER ObjectId + Object ID which should be retreived +.EXAMPLE + Get-CISTagAssignment + Retreives all tag assignment information +.EXAMPLE + Get-CISTagAssignment -Entity VMName + Retreives all tag assignments for the VM name +.EXAMPLE + Get-CISTagAssignment -ObjectId 'vm-11' + Retreives all tag assignments for the VM object +#> +[CmdletBinding(SupportsShouldProcess = $True, ConfirmImpact = 'Low')] + param( + [Parameter(Mandatory=$false,Position=0)] + [String]$Category, + [Parameter(Mandatory=$false,Position=1)] + [String]$Entity, + [Parameter(Mandatory=$false,Position=2,ValueFromPipelineByPropertyName=$true)] + [String]$ObjectId + ) + + If (-Not $global:DefaultCisServers) { Write-error "No CIS Connection found, please use the Connect-CisServer to connect" } Else { + $tagOutput = @() + [Boolean]$vCenterConn = $false + $tagAssocSvc = Get-CisService -Name com.vmware.cis.tagging.tag_association + if ($PSBoundParameters.ContainsKey("ObjectId")) { + if ($ObjectId.split('-')[0] -eq 'vm') { + $objType = "VirtualMachine" + } elseif ($ObjectId.Split('-')[0] -eq 'datastore') { + $objType = 'Datastore' + } else {Write-Warning 'Only VirtualMachine and Datastore types currently supported.'; break} + $objObject = $tagAssocSvc.help.list_attached_tags.object_id.create() + $objObject.id = $ObjectId + $objObject.type = $objType + $tagIdOutput = $tagAssocSvc.list_attached_tags($objObject) + } elseif ($PSBoundParameters.ContainsKey("Entity")) { + if ($global:DefaultVIServer -and $global:DefaultVIServer.Name -eq $global:DefaultCisServers.Name) { + [Boolean]$vCenterConn = $true + $viObject = (Get-Inventory -Name $Entity).ExtensionData.MoRef + $objObject = $tagAssocSvc.help.list_attached_tags.object_id.create() + $objObject.id = $viObject.Value + $objObject.type = $viObject.type + } else { + $vmSvc = Get-CisService -Name com.vmware.vcenter.vm + $filterVmNameObj = $vmsvc.help.list.filter.create() + $filterVmNameObj.names.add($Entity) | Out-Null + $objId = $vmSvc.list($filterVmNameObj) | Select-Object -ExpandProperty vm + if ($objId) {$objType = "VirtualMachine"} + else { + $dsSvc = Get-CisService com.vmware.vcenter.datastore + $filterDsNameObj = $dsSvc.Help.list.filter.Create() + $filterDsNameObj.names.add($Entity) | Out-Null + $objId = $dsSvc.list($filterDsNameObj) | Select-Object -ExpandProperty datastore + if ($objId) {$objType = "Datastore"} + else {Write-Warning "No entities found."; break} + } + $objObject = $tagAssocSvc.help.list_attached_tags.object_id.create() + $objObject.id = $objId + $objObject.type = $objType + } + $tagIdOutput = $tagAssocSvc.list_attached_tags($objObject) + } else { + $tagSvc = Get-CisService -Name com.vmware.cis.tagging.tag + $tagIdOutput = @() + $tagCategories = Get-CISTagCategory | Sort-Object -Property Name + if ($Category) { + $tagCatId = $tagCategories | Where-Object {$_.Name -eq $Category} | Select-Object -ExpandProperty Id + $tagIdOutput += $tagSvc.list_tags_for_category($tagCatId) + } else { + foreach ($tagCat in $tagCategories) { + $tagIdOutput += $tagSvc.list_tags_for_category($tagCat.id) + } + } + } + $tagReference = Get-CISTag + + if ($Entity -or $ObjectId) { + foreach ($tagId in $tagIdOutput) { + $tagAttObj = @() + if ($Entity) { + $tagAttObj += $tagAssocSvc.list_attached_objects($tagId) | Where-Object {$_.type -eq $viObject.type -and $_.id -eq $viObject.Value} + } else { + $tagAttObj += $tagAssocSvc.list_attached_objects($tagId) | Where-Object {$_.id -eq $ObjectId} + } + foreach ($obj in $tagAttObj) { + if ($obj.type -eq "VirtualMachine") { + if (-Not $vmSvc) {$vmSvc = Get-CisService -Name com.vmware.vcenter.vm} + $filterVmObj = $vmsvc.help.list.filter.create() + $filterVmObj.vms.add($obj.Id) | Out-Null + $objName = $vmSvc.list($filterVmObj) | Select-Object -ExpandProperty Name + } elseif ($obj.type -eq "Datastore") { + if (-Not $dsSvc) {$dsSvc = Get-CisService -Name com.vmware.vcenter.datastore} + $filterDsObj = $dsSvc.help.list.filter.create() + $filterDsObj.datastores.add($obj.Id) | Out-Null + $objName = $dsSvc.list($filterDsObj) | Select-Object -ExpandProperty Name + } else {$objName = 'Object Not Found'} + $tempObject = "" | Select-Object Tag, Entity + $tempObject.Tag = $tagReference | Where-Object {$_.id -eq $tagId} | Select-Object -ExpandProperty Name + $tempObject.Entity = $objName + $tagOutput += $tempObject + } + } + } else { + foreach ($tagId in $tagIdOutput) { + $tagAttObj = @() + $tagAttObj += $tagAssocSvc.list_attached_objects($tagId) + if ($global:DefaultVIServer -and $global:DefaultVIServer.Name -eq $global:DefaultCisServers.Name) { + [Boolean]$vCenterConn = $true + } elseif ($tagAttObj.Type -contains "VirtualMachine") { + if (-Not $vmSvc) {$vmSvc = Get-CisService -Name com.vmware.vcenter.vm} + } elseif ($tagAttObj.Type -contains "Datastore") { + if (-Not $dsSvc) {$dsSvc = Get-CisService -Name com.vmware.vcenter.datastore} + } + foreach ($obj in $tagAttObj) { + if ($vCenterConn) { + $newViObj = New-Object -TypeName VMware.Vim.ManagedObjectReference + $newViObj.Type = $obj.type + $newViObj.Value = $obj.id + $objName = Get-View -Id $newViObj -Property Name | Select-Object -ExpandProperty Name + } elseif ($obj.type -eq "VirtualMachine") { + $filterVmObj = $vmsvc.help.list.filter.create() + $filterVmObj.vms.add($obj.Id) | Out-Null + $objName = $vmSvc.list($filterVmObj) | Select-Object -ExpandProperty Name + } elseif ($obj.type -eq "Datastore") { + $filterDsObj = $dsSvc.help.list.filter.create() + $filterDsObj.datastores.add($obj.Id) | Out-Null + $objName = $dsSvc.list($filterDsObj) | Select-Object -ExpandProperty Name + } else {$objName = 'Object Not Found'} + $tempObject = "" | Select-Object Tag, Entity + $tempObject.Tag = $tagReference | Where-Object {$_.id -eq $tagId} | Select-Object -ExpandProperty Name + $tempObject.Entity = $objName + $tagOutput += $tempObject + } + } + } + return $tagOutput + } +} + +function New-CISTagAssignment { +<# +.SYNOPSIS + Creates new tag assignments from the CIS REST API endpoint +.DESCRIPTION + Will create new tag assignments +.NOTES + Author: Kyle Ruddy, @kmruddy +.PARAMETER Tag + Tag name which should be referenced +.PARAMETER Entity + Object name which should be retreived +.PARAMETER TagId + Tag ID/s which should be referenced +.PARAMETER ObjectId + Object ID which/s should be retreived +.EXAMPLE + New-CISTagAssignment -Tag TagName -Entity VMName + Creates a tag assignment between the Tag name and the VM name +.EXAMPLE + New-CISTagAssignment -TagId $tagId -ObjectId 'vm-11' + Creates a tag assignment between the Tag ID and the Object ID +#> +[CmdletBinding(SupportsShouldProcess = $True, ConfirmImpact = 'Medium')] + param( + [Parameter(Mandatory=$false,Position=0)] + $Tag, + [Parameter(Mandatory=$false,Position=1)] + $Entity, + [Parameter(Mandatory=$false,Position=2)] + $TagId, + [Parameter(Mandatory=$false,Position=3)] + $ObjectId + ) + + If (-Not $global:DefaultCisServers) { Write-error "No CIS Connection found, please use the Connect-CisServer to connect" } Else { + $tagAssocSvc = Get-CisService -Name com.vmware.cis.tagging.tag_association + if ($PSBoundParameters.ContainsKey("Tag") -and $PSBoundParameters.ContainsKey("Entity")) { + if ($Tag -is [array] -and $Entity -isnot [array]) { + $tagIdList = $tagAssocSvc.help.attach_multiple_tags_to_object.tag_ids.create() + foreach ($t in $Tag) { + $tempId = Get-CISTag -Name $t | Select-Object -ExpandProperty Id + $tagIdList.add($tempId) | Out-Null + } + if ($global:DefaultVIServer -and $global:DefaultVIServer.Name -eq $global:DefaultCisServers.Name) { + $viObject = (Get-Inventory -Name $Entity).ExtensionData.MoRef + $objObject = $tagAssocSvc.help.list_attached_tags.object_id.create() + $objObject.id = $viObject.Value + $objObject.type = $viObject.type + } else { + if (-Not $vmSvc) {$vmSvc = Get-CisService -Name com.vmware.vcenter.vm} + $filterVmNameObj = $vmsvc.help.list.filter.create() + $filterVmNameObj.names.add($Entity) | Out-Null + $objId = $vmSvc.list($filterVmNameObj) | Select-Object -ExpandProperty vm + if ($objId) {$objType = "VirtualMachine"} + else { + if (-Not $dsSvc) {$dsSvc = Get-CisService -Name com.vmware.vcenter.datastore} + $filterDsNameObj = $dsSvc.Help.list.filter.Create() + $filterDsNameObj.names.add($Entity) | Out-Null + $objId = $dsSvc.list($filterDsNameObj) | Select-Object -ExpandProperty datastore + if ($objId) {$objType = "Datastore"} + else {Write-Warning "No entities found."; break} + } + $objObject = $tagAssocSvc.help.list_attached_tags.object_id.create() + $objObject.id = $objId + $objObject.type = $objType + } + $tagAssocSvc.attach_multiple_tags_to_object($objObject,$tagIdList) | Out-Null + } elseif ($Tag -isnot [array] -and $Entity -is [array]) { + $tagId = Get-CISTag -Name $Tag | Select-Object -ExpandProperty Id + $objList = $tagAssocSvc.help.attach_tag_to_multiple_objects.object_ids.create() + foreach ($e in $Entity) { + if ($global:DefaultVIServer -and $global:DefaultVIServer.Name -eq $global:DefaultCisServers.Name) { + $viObject = (Get-Inventory -Name $e).ExtensionData.MoRef + $objObject = $tagAssocSvc.help.list_attached_tags.object_id.create() + $objObject.id = $viObject.Value + $objObject.type = $viObject.type + } else { + if (-Not $vmSvc) {$vmSvc = Get-CisService -Name com.vmware.vcenter.vm} + $filterVmNameObj = $vmsvc.help.list.filter.create() + $filterVmNameObj.names.add($Entity) | Out-Null + $objId = $vmSvc.list($filterVmNameObj) | Select-Object -ExpandProperty vm + if ($objId) {$objType = "VirtualMachine"} + else { + if (-Not $dsSvc) {$dsSvc = Get-CisService -Name com.vmware.vcenter.datastore} + $filterDsObj = $dsSvc.help.list.filter.create() + $filterDsObj.datastores.add($obj.Id) | Out-Null + $objId = $dsSvc.list($filterDsObj) | Select-Object -ExpandProperty Datastore + if ($objId) {$objType = "Datastore"} + else {Write-Warning "No entities found."; break} + } + $objObject = $tagAssocSvc.help.list_attached_tags.object_id.create() + $objObject.id = $objId + $objObject.type = $objType + } + $objList.add($objObject) | Out-Null + } + $tagAssocSvc.attach_tag_to_multiple_objects($TagId,$objList) | Out-Null + } elseif ($Tag -isnot [array] -and $Entity -isnot [array]) { + $tagId = Get-CISTag -Name $Tag | Select-Object -ExpandProperty Id + if ($global:DefaultVIServer -and $global:DefaultVIServer.Name -eq $global:DefaultCisServers.Name) { + $viObject = (Get-Inventory -Name $Entity).ExtensionData.MoRef + $objObject = $tagAssocSvc.help.list_attached_tags.object_id.create() + $objObject.id = $viObject.Value + $objObject.type = $viObject.type + } else { + if (-Not $vmSvc) {$vmSvc = Get-CisService -Name com.vmware.vcenter.vm} + $filterVmNameObj = $vmsvc.help.list.filter.create() + $filterVmNameObj.names.add($Entity) | Out-Null + $objId = $vmSvc.list($filterVmNameObj) | Select-Object -ExpandProperty vm + if ($objId) {$objType = "VirtualMachine"} + else { + if (-Not $dsSvc) {$dsSvc = Get-CisService -Name com.vmware.vcenter.datastore} + $filterDsNameObj = $dsSvc.Help.list.filter.Create() + $filterDsNameObj.names.add($Entity) | Out-Null + $objId = $dsSvc.list($filterDsNameObj) | Select-Object -ExpandProperty datastore + if ($objId) {$objType = "Datastore"} + else {Write-Warning "No entities found."; break} + } + $objObject = $tagAssocSvc.help.list_attached_tags.object_id.create() + $objObject.id = $objId + $objObject.type = $objType + } + $tagAssocSvc.attach($TagId,$objObject) | Out-Null + } + } elseif ($PSBoundParameters.ContainsKey("TagId") -and $PSBoundParameters.ContainsKey("ObjectId")) { + if ($ObjectId.split('-')[0] -eq 'vm') { + $objType = "VirtualMachine" + } elseif ($ObjectId.Split('-')[0] -eq 'datastore') { + $objType = 'Datastore' + } else {Write-Warning 'Only VirtualMachine and Datastore types currently supported.'; break} + if ($TagId -is [array] -and $ObjectId -isnot [array]) { + $objObject = $tagAssocSvc.help.attach_multiple_tags_to_object.object_id.create() + $objObject.id = $ObjectId + $objObject.type = $objType + $tagIdList = $tagAssocSvc.help.attach_multiple_tags_to_object.tag_ids.create() + foreach ($tId in $TagId) { + $tagIdList.add($tId) | Out-Null + } + $tagAssocSvc.attach_multiple_tags_to_object($objObject,$tagIdList) | Out-Null + } elseif ($TagId -isnot [array] -and $ObjectId -is [array]) { + $objList = $tagAssocSvc.help.attach_tag_to_multiple_objects.object_ids.create() + foreach ($obj in $ObjectId) { + $objObject = $tagAssocSvc.help.attach_tag_to_multiple_objects.object_ids.element.create() + $objObject.id = $obj + $objObject.type = $objType + $objList.add($objObject) | Out-Null + } + $tagAssocSvc.attach_tag_to_multiple_objects($TagId,$objList) | Out-Null + } elseif ($TagId -isnot [array] -and $ObjectId -isnot [array]) { + $objObject = $tagAssocSvc.help.attach.object_id.create() + $objObject.id = $ObjectId + $objObject.type = $objType + $tagAssocSvc.attach($TagId,$objObject) | Out-Null + } + + } else {Write-Output "Multiple tags with multiple objects are not a supported call."} + + } +} + +function Remove-CISTagAssignment { +<# +.SYNOPSIS + Removes a tag assignment from the CIS REST API endpoint +.DESCRIPTION + Will remove provided tag assignments +.NOTES + Author: Kyle Ruddy, @kmruddy +.PARAMETER Tag + Tag name which should be removed +.PARAMETER Entity + Object name which should be removed +.PARAMETER TagId + Tag ID/s which should be removed +.PARAMETER ObjectId + Object ID which/s should be removed +.EXAMPLE + Remove-CISTagAssignment -TagId $tagId -ObjectId 'vm-11' + Removes the tag assignment between the Tag ID and the Object ID +.EXAMPLE + Remove-CISTagAssignment -Tag TagName -Entity VMName + Removes the tag assignment between the Tag name and the Entity name +#> +[CmdletBinding(SupportsShouldProcess = $True, ConfirmImpact = 'High')] + param( + [Parameter(Mandatory=$false,Position=0,ValueFromPipelineByPropertyName=$true)] + $Tag, + [Parameter(Mandatory=$false,Position=1,ValueFromPipelineByPropertyName=$true)] + $Entity, + [Parameter(Mandatory=$false,Position=2)] + $TagId, + [Parameter(Mandatory=$false,Position=3)] + $ObjectId + ) + + If (-Not $global:DefaultCisServers) { Write-error "No CIS Connection found, please use the Connect-CisServer to connect" } Else { + $tagAssocSvc = Get-CisService -Name com.vmware.cis.tagging.tag_association + if ($PSBoundParameters.ContainsKey("Tag") -and $PSBoundParameters.ContainsKey("Entity")) { + if ($Tag -is [array] -and $Entity -isnot [array]) { + $tagIdList = $tagAssocSvc.help.detach_multiple_tags_from_object.tag_ids.create() + foreach ($t in $Tag) { + $tempId = Get-CISTag -Name $t | Select-Object -ExpandProperty Id + $tagIdList.add($tempId) | Out-Null + } + if ($global:DefaultVIServer -and $global:DefaultVIServer.Name -eq $global:DefaultCisServers.Name) { + $viObject = (Get-Inventory -Name $Entity).ExtensionData.MoRef + $objObject = $tagAssocSvc.help.detach_multiple_tags_from_object.object_id.create() + $objObject.id = $viObject.Value + $objObject.type = $viObject.type + } else { + $vmSvc = Get-CisService -Name com.vmware.vcenter.vm + $filterVmNameObj = $vmsvc.help.list.filter.create() + $filterVmNameObj.names.add($Entity) | Out-Null + $objId = $vmSvc.list($filterVmNameObj) | Select-Object -ExpandProperty vm + if ($objId) {$objType = "VirtualMachine"} + else { + if (-Not $dsSvc) {$dsSvc = Get-CisService -Name com.vmware.vcenter.datastore} + $filterDsNameObj = $dsSvc.Help.list.filter.Create() + $filterDsNameObj.names.add($Entity) | Out-Null + $objId = $dsSvc.list($filterDsNameObj) | Select-Object -ExpandProperty datastore + if ($objId) {$objType = "Datastore"} + else {Write-Warning "No entities found."; break} + } + $objObject = $tagAssocSvc.help.detach_multiple_tags_from_object.object_id.create() + $objObject.id = $objId + $objObject.type = $objType + } + $tagAssocSvc.detach_multiple_tags_from_object($objObject,$tagIdList) | Out-Null + } elseif ($Tag -isnot [array] -and $Entity -is [array]) { + $tagId = Get-CISTag -Name $Tag | Select-Object -ExpandProperty Id + $objList = $tagAssocSvc.help.detach_tag_from_multiple_objects.object_ids.create() + foreach ($e in $Entity) { + if ($global:DefaultVIServer -and $global:DefaultVIServer.Name -eq $global:DefaultCisServers.Name) { + $viObject = (Get-Inventory -Name $e).ExtensionData.MoRef + $objObject = $tagAssocSvc.help.detach_tag_from_multiple_objects.object_ids.element.create() + $objObject.id = $viObject.Value + $objObject.type = $viObject.type + } else { + $vmSvc = Get-CisService -Name com.vmware.vcenter.vm + $filterVmNameObj = $vmsvc.help.list.filter.create() + $filterVmNameObj.names.add($Entity) | Out-Null + $objId = $vmSvc.list($filterVmNameObj) | Select-Object -ExpandProperty vm + if ($objId) {$objType = "VirtualMachine"} + else { + if (-Not $dsSvc) {$dsSvc = Get-CisService -Name com.vmware.vcenter.datastore} + $filterDsNameObj = $dsSvc.Help.list.filter.Create() + $filterDsNameObj.names.add($Entity) | Out-Null + $objId = $dsSvc.list($filterDsNameObj) | Select-Object -ExpandProperty datastore + if ($objId) {$objType = "Datastore"} + else {Write-Warning "No entities found."; break} + } + $objObject = $tagAssocSvc.help.detach_tag_from_multiple_objects.object_ids.element.create() + $objObject.id = $objId + $objObject.type = $objType + } + $objList.add($objObject) | Out-Null + } + $tagAssocSvc.detach_tag_from_multiple_objects($TagId,$objList) | Out-Null + } elseif ($Tag -isnot [array] -and $Entity -isnot [array]) { + $tagId = Get-CISTag -Name $Tag | Select-Object -ExpandProperty Id + if ($global:DefaultVIServer -and $global:DefaultVIServer.Name -eq $global:DefaultCisServers.Name) { + $viObject = (Get-Inventory -Name $Entity).ExtensionData.MoRef + $objObject = $tagAssocSvc.help.detach.object_id.create() + $objObject.id = $viObject.Value + $objObject.type = $viObject.type + } else { + $vmSvc = Get-CisService -Name com.vmware.vcenter.vm + $filterVmNameObj = $vmsvc.help.list.filter.create() + $filterVmNameObj.names.add($Entity) | Out-Null + $objId = $vmSvc.list($filterVmNameObj) | Select-Object -ExpandProperty vm + if ($objId) {$objType = "VirtualMachine"} + else { + if (-Not $dsSvc) {$dsSvc = Get-CisService -Name com.vmware.vcenter.datastore} + $filterDsNameObj = $dsSvc.Help.list.filter.Create() + $filterDsNameObj.names.add($Entity) | Out-Null + $objId = $dsSvc.list($filterDsNameObj) | Select-Object -ExpandProperty datastore + if ($objId) {$objType = "Datastore"} + else {Write-Warning "No entities found."; break} + } + $objObject = $tagAssocSvc.help.detach.object_id.create() + $objObject.id = $objId + $objObject.type = $objType + } + $tagAssocSvc.detach($TagId,$objObject) | Out-Null + } + } elseif ($PSBoundParameters.ContainsKey("TagId") -and $PSBoundParameters.ContainsKey("ObjectId")) { + if ($ObjectId.split('-')[0] -eq 'vm') { + $objType = "VirtualMachine" + } elseif ($ObjectId.Split('-')[0] -eq 'datastore') { + $objType = 'Datastore' + }else {Write-Warning 'Only VirtualMachine types currently supported.'; break} + if ($TagId -is [array] -and $ObjectId -isnot [array]) { + $objObject = $tagAssocSvc.help.detach_multiple_tags_from_object.object_id.create() + $objObject.id = $ObjectId + $objObject.type = $objType + $tagIdList = $tagAssocSvc.help.detach_multiple_tags_from_object.tag_ids.create() + foreach ($tId in $TagId) { + $tagIdList.add($tId) | Out-Null + } + $tagAssocSvc.detach_multiple_tags_from_object($objObject,$tagIdList) | Out-Null + } elseif ($TagId -isnot [array] -and $ObjectId -is [array]) { + $objList = $tagAssocSvc.help.detach_tag_from_multiple_objects.object_ids.create() + foreach ($obj in $ObjectId) { + $objObject = $tagAssocSvc.help.detach_tag_from_multiple_objects.object_ids.element.create() + $objObject.id = $obj + $objObject.type = $objType + $objList.add($objObject) | Out-Null + } + $tagAssocSvc.detach_tag_from_multiple_objects($TagId,$objList) | Out-Null + } elseif ($TagId -isnot [array] -and $ObjectId -isnot [array]) { + $objObject = $tagAssocSvc.help.detach.object_id.create() + $objObject.id = $ObjectId + $objObject.type = $objType + $tagAssocSvc.detach($TagId,$objObject) | Out-Null + } + } else {Write-Output "Multiple tags with multiple objects are not a supported call."} + + } +} \ No newline at end of file diff --git a/Modules/VMware.DRaaS/VMware.DRaaS.psd1 b/Modules/VMware.DRaaS/VMware.DRaaS.psd1 new file mode 100755 index 0000000..fd5ab06 Binary files /dev/null and b/Modules/VMware.DRaaS/VMware.DRaaS.psd1 differ diff --git a/Modules/VMware.DRaaS/VMware.DRaaS.psm1 b/Modules/VMware.DRaaS/VMware.DRaaS.psm1 new file mode 100644 index 0000000..3028c8c --- /dev/null +++ b/Modules/VMware.DRaaS/VMware.DRaaS.psm1 @@ -0,0 +1,256 @@ +Function Connect-DRaas { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 05/23/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + This cmdlet creates $global:draasConnection object containing the DRaaS URL along with CSP Token Header + .DESCRIPTION + This cmdlet creates $global:draasConnection object containing the DRaaS URL along with CSP Token Header + .EXAMPLE + Connect-DRaaS -RefreshToken $RefreshToken -OrgName $OrgName -SDDCName $SDDCName + .NOTES + You must be logged into VMC using Connect-VmcServer cmdlet +#> + Param ( + [Parameter(Mandatory=$true)][String]$RefreshToken, + [Parameter(Mandatory=$true)][String]$OrgName, + [Parameter(Mandatory=$true)][String]$SDDCName + ) + + If (-Not $global:DefaultVMCServers.IsConnected) { Write-error "No valid VMC Connection found, please use the Connect-VMC to connect"; break } Else { + $sddcService = Get-VmcService "com.vmware.vmc.orgs.sddcs" + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + $sddc = $sddcService.get($orgId,$sddcId) + + } + + $results = Invoke-WebRequest -Uri "https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize?refresh_token=$RefreshToken" -Method POST -ContentType "application/json" -UseBasicParsing -Headers @{"csp-auth-token"="$RefreshToken"} + if($results.StatusCode -ne 200) { + Write-Host -ForegroundColor Red "Failed to retrieve Access Token, please ensure your VMC Refresh Token is valid and try again" + break + } + $accessToken = ($results | ConvertFrom-Json).access_token + + $headers = @{ + "csp-auth-token"="$accessToken" + "Content-Type"="application/json" + "Accept"="application/json" + } + $global:draasConnection = new-object PSObject -Property @{ + 'Server' = "https://vmc.vmware.com/vmc/draas/api/orgs/$orgId/sddcs/$sddcId/site-recovery" + 'headers' = $headers + } + $global:draasConnection +} + +Function Get-DRaas { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 05/23/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns information about DRaaS configuration for a given SDDC + .DESCRIPTION + This cmdlet returns information about DRaaS configuration for a given SDDC. Can be used to monitor both activate and deactivate operations. + .EXAMPLE + Get-DRaas +#> + Param ( + [Switch]$Troubleshoot + ) + + If (-Not $global:draasConnection) { Write-error "No DRaaS Connection found, please use Connect-DRaaS" } Else { + $method = "GET" + $draasUrl = $global:draasConnection.Server + $draasVersionUrl = $global:draasConnection.Server + "/versions" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $METHOD`n$draasUrl`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $draasUrl -Method $method -Headers $global:draasConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $draasUrl -Method $method -Headers $global:draasConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe CSP session is no longer valid, please re-run the Connect-DRaaS cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving DRaaS Information" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + $json = ($requests.Content | ConvertFrom-Json) + + $draasId = $json.id; + $draasState = $json.site_recovery_state; + $srmNode = $json.srm_node.ip_address; + $srmNodeState = $json.site_recovery_state; + $vrNode = $json.vr_node.ip_address; + $vrNodeState = $json.vr_node.state; + $draasUrl = $json.draas_h5_url; + + if($srmNodeState -eq "ACTIVATED") { + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $METHOD`n$draasVersionUrl`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $draasVersionUrl -Method $method -Headers $global:draasConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $draasVersionUrl -Method $method -Headers $global:draasConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe CSP session is no longer valid, please re-run the Connect-DRaaS cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving DRaaS Information" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + $json = ($requests.Content | ConvertFrom-Json).node_versions + + $srmVersion,$srmDescription = ($json | where {$_.node_ip -eq $srmNode}).full_version.split("`n") + $vrVersion,$vrDescription = ($json | where {$_.node_ip -eq $vrNode}).full_version.split("`n") + + $results = [pscustomobject] @{ + ID = $draasId; + DRaaSState = $draasState; + SRMNode = $srmNode; + SRMVersion = $srmVersion; + SRMNodeState = $srmNodeState; + VRNode = $vrNode; + VRVersion = $vrVersion; + VRNodeState = $vrNodeState; + DRaaSURL = $draasUrl; + } + + $results + } + } elseif ($srmNodeState -eq "ACTIVATING" -or $srmNodeState -eq "DEACTIVATING") { + $results = [pscustomobject] @{ + ID = $draasId; + DRaaSState = $draasState; + SRMNode = $srmNode; + SRMNodeState = $srmNodeState; + VRNode = $vrNode; + VRNodeState = $vrNodeState; + DRaaSURL = $draasUrl; + } + + $results + } else { + Write-Host "`nDRaaS is currently deactivated, please run Set-DRaas -Activate`n" + } + } else { + Write-Host "`nDRaaS has not been activated before, please run Set-DRaas -Activate`n" + } + } +} + + +Function Set-DRaas { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 05/23/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Activate or deactivate DRaaS for a given SDDC + .DESCRIPTION + This cmdlet activates or deactivates DRaaS for a given SDDC + .EXAMPLE + Get-DRaas +#> + Param ( + [Switch]$Activate, + [Switch]$Deactivate, + [Switch]$Troubleshoot + ) + + If (-Not $global:draasConnection) { Write-error "No DRaaS Connection found, please use Connect-DRaaS" } Else { + $draasUrl = $global:draasConnection.server + + if($Activate) { + $method = "POST" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $METHOD`n$draasUrl`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $draasUrl -Method $method -Headers $global:draasConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $draasUrl -Method $method -Headers $global:draasConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe CSP session is no longer valid, please re-run the Connect-DRaaS cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in activating DRaaS" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + Write-Host "`nActivating DRaaS, this will take some time and you can monitor the progress using Get-DRaaS or using the VMC Console UI`n" + } elseif ($Deactivate) { + $method = "DELETE" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $METHOD`n$draasUrl`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $draasUrl -Method $method -Headers $global:draasConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $draasUrl -Method $method -Headers $global:draasConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe CSP session is no longer valid, please re-run the Connect-DRaaS cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in deactivating DRaaS" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + Write-Host "`nDeactivating DRaaS, this will take some time and you can monitor the progress using Get-DRaaS or the VMC Console UI`n" + } else { + Write-Error "Invalid Operation" + } + } +} \ No newline at end of file diff --git a/Modules/VMware.HCX/VMware.HCX.psd1 b/Modules/VMware.HCX/VMware.HCX.psd1 index a5e74f0..63af019 100644 --- a/Modules/VMware.HCX/VMware.HCX.psd1 +++ b/Modules/VMware.HCX/VMware.HCX.psd1 @@ -36,7 +36,12 @@ Description = 'PowerShell Module for Managing Hybrid Cloud Extension (HCX) on VM PowerShellVersion = '6.0' # Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export. -FunctionsToExport = 'Connect-HcxServer', 'Get-HcxCloudConfig', 'Get-HcxEndpoint', 'New-HcxMigration', 'Get-HcxMigration', 'Connect-HcxVAMI', 'Get-HcxVCConfig', 'Set-HcxLicense', 'Set-HcxVCConfig', 'Get-HcxNSXConfig', 'Set-HcxNSXConfig', 'Get-HcxCity', 'Get-HcxLocation', 'Set-HcxLocation', 'Get-HcxRoleMapping', 'Set-HcxRoleMapping', 'Get-HcxProxy', 'Set-HcxProxy', 'Remove-HcxProxy' + +FunctionsToExport = 'Connect-HcxServer', 'Get-HcxCloudConfig', 'Get-HcxEndpoint', 'New-HcxMigration', 'Get-HcxMigration', 'Connect-HcxVAMI', +'Get-HcxVCConfig', 'Set-HcxLicense', 'Set-HcxVCConfig', 'Get-HcxNSXConfig', 'Set-HcxNSXConfig', 'Get-HcxCity', 'Get-HcxLocation', 'Set-HcxLocation', +'Get-HcxRoleMapping', 'Set-HcxRoleMapping', 'Get-HcxProxy', 'Set-HcxProxy', 'Remove-HcxProxy', 'Connect-HcxCloudServer', 'Get-HCXCloudActivationKey', +'Get-HCXCloudSubscription', 'New-HCXCloudActivationKey', 'Get-HCXCloud', 'Set-HCXCloud' + # Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export. CmdletsToExport = @() diff --git a/Modules/VMware.HCX/VMware.HCX.psm1 b/Modules/VMware.HCX/VMware.HCX.psm1 index cfbe95b..9bfcc18 100644 --- a/Modules/VMware.HCX/VMware.HCX.psm1 +++ b/Modules/VMware.HCX/VMware.HCX.psm1 @@ -453,12 +453,23 @@ Function Get-HcxMigration { Get-HcxMigration -MigrationId #> Param ( - [Parameter(Mandatory=$false)][String]$MigrationId, + [Parameter(Mandatory=$false)][String[]]$MigrationId, [Switch]$RunningMigrations ) If (-Not $global:hcxConnection) { Write-error "HCX Auth Token not found, please run Connect-HcxManager " } Else { - $spec = @{} + If($PSBoundParameters.ContainsKey("MigrationId")){ + $spec = @{ + filter = @{ + migrationId = $MigrationId + } + paging =@{ + pageSize = $MigrationId.Count + } + } + } Else { + $spec = @{} + } $body = $spec | ConvertTo-Json $hcxQueryUrl = $global:hcxConnection.Server + "/migrations?action=query" @@ -468,10 +479,10 @@ Function Get-HcxMigration { $requests = Invoke-WebRequest -Uri $hcxQueryUrl -Method POST -Headers $global:hcxConnection.headers -UseBasicParsing } - $migrations = ($requests.content | ConvertFrom-Json).rows - if($PSBoundParameters.ContainsKey("MigrationId")){ - $migrations = $migrations | where { $_.migrationId -eq $MigrationId } + $migrations = ($requests.content | ConvertFrom-Json).items + } else { + $migrations = ($requests.content | ConvertFrom-Json).rows } if($RunningMigrations){ @@ -559,16 +570,22 @@ Function Get-HcxVCConfig { #> If (-Not $global:hcxVAMIConnection) { Write-error "HCX Auth Token not found, please run Connect-HcxVAMI " } Else { $vcConfigUrl = $global:hcxVAMIConnection.Server + "/api/admin/global/config/vcenter" + $pscConfigUrl = $global:hcxVAMIConnection.Server + "/api/admin/global/config/lookupservice" if($PSVersionTable.PSEdition -eq "Core") { $vcRequests = Invoke-WebRequest -Uri $vcConfigUrl -Method GET -Headers $global:hcxVAMIConnection.headers -UseBasicParsing -SkipCertificateCheck + $ssoRequests = Invoke-WebRequest -Uri $pscConfigUrl -Method GET -Headers $global:hcxVAMIConnection.headers -UseBasicParsing -SkipCertificateCheck } else { $vcRequests = Invoke-WebRequest -Uri $vcConfigUrl -Method GET -Headers $global:hcxVAMIConnection.headers -UseBasicParsing + $ssoRequests = Invoke-WebRequest -Uri $pscConfigUrl -Method GET -Headers $global:hcxVAMIConnection.headers -UseBasicParsing } $vcData = ($vcRequests.content | ConvertFrom-Json).data.items + $ssoData = ($ssoRequests.content | ConvertFrom-Json).data.items $tmp = [pscustomobject] @{ Name = $vcData.config.name; + UserName = $vcData.Config.userName + LookupServiceUrl = $ssoData.config.lookupServiceUrl Version = $vcData.config.version; Build = $vcData.config.buildNumber; UUID = $vcData.config.vcuuid; @@ -578,6 +595,38 @@ Function Get-HcxVCConfig { } } +Function Get-HcxLicense { + <# + .NOTES + =========================================================================== + Created by: Mark McGilly + Date: 4/29/2019 + Organization: Liberty Mutual Insurance + =========================================================================== + + .SYNOPSIS + Returns the license key that is registered with HCX Manager + .DESCRIPTION + This cmdlet returns the license key registered with HCX Manager + .EXAMPLE + Get-HcxLicense + #> + + If (-Not $global:hcxVAMIConnection) { Write-error "HCX Auth Token not found, please run Connect-HcxVAMI " } Else { + $hcxConfigUrl = $global:hcxVAMIConnection.Server + "/api/admin/global/config/hcx" + + if($PSVersionTable.PSEdition -eq "Core") { + $licenseRequests = Invoke-WebRequest -Uri $hcxConfigUrl -Method GET -Headers $global:hcxVAMIConnection.headers -UseBasicParsing -SkipCertificateCheck + } else { + $licenseRequests = Invoke-WebRequest -Uri $hcxConfigUrl -Method GET -Headers $global:hcxVAMIConnection.headers -UseBasicParsing + } + $license = ($licenseRequests.content | ConvertFrom-Json).data.items + if($licenseRequests) { + $license.config.activationKey + } + } +} + Function Set-HcxLicense { <# .NOTES @@ -789,6 +838,7 @@ Function Get-HcxNSXConfig { $tmp = [pscustomobject] @{ Name = $nsxData.config.url; + UserName = $nsxData.config.userName Version = $nsxData.config.version; HCXUUID = $nsxData.config.uuid; } @@ -1200,6 +1250,7 @@ Function Set-HcxProxy { [Parameter(Mandatory=$True)]$ProxyPort, [Parameter(Mandatory=$False)]$ProxyUser, [Parameter(Mandatory=$False)]$ProxyPassword, + [Parameter(Mandatory=$False)]$ProxyExclusions, [Switch]$Troubleshoot ) @@ -1214,7 +1265,7 @@ Function Set-HcxProxy { config = @{ proxyHost = "$ProxyServer"; proxyPort = "$ProxyPort"; - nonProxyHosts = ""; + nonProxyHosts = "$ProxyExclusions"; userName = "$ProxyUser"; password = "$ProxyPassword"; } @@ -1306,4 +1357,346 @@ Function Remove-HcxProxy { Write-Warning "No proxy settings were configured" } } +} + +Function Connect-HcxCloudServer { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 06/19/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Connect to the HCX Cloud Service + .DESCRIPTION + This cmdlet connects to the HCX Cloud Service + .EXAMPLE + Connect-HcxCloudServer -RefreshToken +#> + Param ( + [Parameter(Mandatory=$true)][String]$RefreshToken, + [Switch]$Troubleshoot + ) + + $results = Invoke-WebRequest -Uri "https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize?refresh_token=$RefreshToken" -Method POST -ContentType "application/json" -UseBasicParsing -Headers @{"csp-auth-token"="$RefreshToken"} + if($results.StatusCode -ne 200) { + Write-Host -ForegroundColor Red "Failed to retrieve Access Token, please ensure your VMC Refresh Token is valid and try again" + break + } + $accessToken = ($results | ConvertFrom-Json).access_token + + $payload = @{ + token = $accessToken; + } + $body = $payload | ConvertTo-Json + + $hcxCloudLoginUrl = "https://connect.hcx.vmware.com/provider/csp/api/sessions" + + if($PSVersionTable.PSEdition -eq "Core") { + $results = Invoke-WebRequest -Uri $hcxCloudLoginUrl -Body $body -Method POST -UseBasicParsing -ContentType "application/json" -SkipCertificateCheck + } else { + $results = Invoke-WebRequest -Uri $hcxCloudLoginUrl -Body $body -Method POST -UseBasicParsing -ContentType "application/json" + } + + if($results.StatusCode -eq 200) { + $hcxAuthToken = $results.Headers.'x-hm-authorization' + + $headers = @{ + "x-hm-authorization"="$hcxAuthToken" + "Content-Type"="application/json" + "Accept"="application/json" + } + + $global:hcxCloudConnection = new-object PSObject -Property @{ + 'Server' = "https://connect.hcx.vmware.com/provider/csp/consumer/api"; + 'headers' = $headers + } + $global:hcxCloudConnection + } else { + Write-Error "Failed to connect to HCX Cloud Service, please verify your CSP Refresh Token is valid" + } +} + +Function Get-HCXCloudActivationKey { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 06/19/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns the activation keys from HCX Cloud + .DESCRIPTION + This cmdlet returns the activation keys from HCX Cloud + .EXAMPLE + Get-HCXCloudActivationKeys + .EXAMPLE + Get-HCXCloudActivationKeys -Type [AVAILABLE|CONSUMED|DEACTIVATED|DELETED] +#> + Param ( + [Parameter(Mandatory=$false)][ValidateSet("AVAILABLE","CONSUMED","DEACTIVATED","DELETED")][String]$Type, + [Switch]$Troubleshoot + ) + + If (-Not $global:hcxCloudConnection) { Write-error "HCX Auth Token not found, please run Connect-HcxVAMI " } Else { + $method = "GET" + $hcxLicenseUrl = $global:hcxCloudConnection.Server + "/activationKeys" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $METHOD`n$hcxLicenseUrl`n" + } + + if($PSVersionTable.PSEdition -eq "Core") { + $results = Invoke-WebRequest -Uri $hcxLicenseUrl -Method $method -Headers $global:hcxCloudConnection.headers -UseBasicParsing -SkipCertificateCheck + } else { + $results = Invoke-WebRequest -Uri $hcxLicenseUrl -Method $method -Headers $global:hcxCloudConnection.headers -UseBasicParsing + } + if($Type) { + ($results.content | ConvertFrom-Json).result.activationKeys | where { $_.status -eq $Type} + } else { + ($results.content | ConvertFrom-Json).result.activationKeys + } + } +} + +Function Get-HCXCloudSubscription { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 06/19/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns the subscription information for HCX CLoud Service + .DESCRIPTION + This cmdlet returns the subscription information for HCX Cloud Service + .EXAMPLE + Get-HCXCloudSubscription +#> + Param ( + [Switch]$Troubleshoot + ) + + If (-Not $global:hcxCloudConnection) { Write-error "HCX Auth Token not found, please run Connect-HcxVAMI " } Else { + $method = "GET" + $hcxSubscriptionUrl = $global:hcxCloudConnection.Server + "/subscriptions" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $METHOD`n$hcxSubscriptionUrl`n" + } + + if($PSVersionTable.PSEdition -eq "Core") { + $results = Invoke-WebRequest -Uri $hcxSubscriptionUrl -Method $method -Headers $global:hcxCloudConnection.headers -UseBasicParsing -SkipCertificateCheck + } else { + $results = Invoke-WebRequest -Uri $hcxSubscriptionUrl -Method $method -Headers $global:hcxCloudConnection.headers -UseBasicParsing + } + + ($results.content | ConvertFrom-Json).subscriptions | select @{Name = "SID"; Expression = {$_.sid}},@{Name = "STATUS"; Expression = {$_.status}},@{Name = 'OfferName'; Expression = {$_.subscriptionComponents.offerName}} + } +} + +Function New-HCXCloudActivationKey { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 06/19/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Requests new HCX Activation License Key + .DESCRIPTION + This cmdlet requests new HCX Activation License Key + .EXAMPLE + Get-HCXCloudActivationKey -SID -SystemType [HCX-CLOUD|HCX-ENTERPRISE] +#> + Param ( + [Parameter(Mandatory=$true)][String]$SID, + [Parameter(Mandatory=$true)][ValidateSet("HCX-CLOUD","HCX-ENTERPRISE")][String]$SystemType, + [Switch]$Troubleshoot + ) + + If (-Not $global:hcxCloudConnection) { Write-error "HCX Auth Token not found, please run Connect-HcxVAMI " } Else { + $method = "POST" + $hcxLicenseUrl = $global:hcxCloudConnection.Server + "/activationKeys" + + $payload = @{ + numberOfKeys = "1"; + sid = $SID; + systemType = ($SystemType).toLower(); + } + $body = $payload | ConvertTo-Json + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $METHOD`n$hcxSubscriptionUrl`n" + Write-Host -ForegroundColor cyan "[DEBUG]`n$body`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $hcxLicenseUrl -Method $method -Body $body -Headers $global:hcxCloudConnection.headers -UseBasicParsing -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $hcxLicenseUrl -Method $method -Body $body -Headers $global:hcxCloudConnection.headers -UseBasicParsing + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe HCX Cloud session is no longer valid, please re-run the Connect-HCXCloudServer cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in requesting new HCX license key" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully requestd new $SystemType License Key" + ($requests.content | ConvertFrom-Json).activationKeys + } + } +} + +Function Get-HCXCloud { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 06/19/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns HCX deployment information for all SDDCs + .DESCRIPTION + This cmdlet returns HCX deployment information for all SDDCs + .EXAMPLE + Get-HCXCloud +#> + Param ( + [Switch]$Troubleshoot + ) + + If (-Not $global:hcxCloudConnection) { Write-error "HCX Auth Token not found, please run Connect-HcxVAMI " } Else { + $method = "GET" + $hcxCloudSDDCUrl = $global:hcxCloudConnection.Server + "/sddcs" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $METHOD`n$hcxSubscriptionUrl`n" + } + + if($PSVersionTable.PSEdition -eq "Core") { + $results = Invoke-WebRequest -Uri $hcxCloudSDDCUrl -Method $method -Headers $global:hcxCloudConnection.headers -UseBasicParsing -SkipCertificateCheck + } else { + $results = Invoke-WebRequest -Uri $hcxCloudSDDCUrl -Method $method -Headers $global:hcxCloudConnection.headers -UseBasicParsing + } + + ($results.content | ConvertFrom-Json).sddcs | Sort-Object -Property Name | select @{Name = "SDDCName"; Expression = {$_.name}}, @{Name = "SDDCID"; Expression = {$_.id}}, @{Name = "HCXStatus"; Expression = {$_.activationStatus}}, @{Name = "Region"; Expression = {$_.region}} + } +} + +Function Set-HCXCloud { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 06/19/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Activate or Deactivate HCX for given VMC SDDC + .DESCRIPTION + This cmdlet activates or deactivates HCX for given VMC SDDC + .EXAMPLE + Set-HCXCloud -Activate -SDDCID $SDDCID + .EXAMPLE + Set-HCXCloud -Deactivate -SDDCID $SDDCID +#> + Param ( + [Parameter(Mandatory=$true)][String]$SDDCID, + [Switch]$Activate, + [Switch]$Deactivate, + [Switch]$Troubleshoot + ) + + If (-Not $global:hcxCloudConnection) { Write-error "HCX Auth Token not found, please run Connect-HcxVAMI " } Else { + $method = "POST" + + if($Activate) { + $HcxSid = (Get-HCXCloudSubscription | where {$_.STATUS -eq "ACTIVE"}).SID + + # Check to see if there is an available HCX-Cloud Key + $HcxKey = ((Get-HCXCloudActivationKey -Type AVAILABLE | where {$_.systemType -eq 'hcx-cloud'}) | select -First 1).activationKey + if($HcxKey -eq $null) { + $HcxKey = New-HCXCloudActivationKey -SID $HcxSid -SystemType HCX-CLOUD + } + + if($HCXKey -eq $null -or $HcxSid -eq $null) { + Write-Error "Failed to retrieve HCX Subscription ID or request HCX Cloud License Key" + break + } + + $hcxSDDCUrl = $global:hcxCloudConnection.Server + "/sddcs/$($SDDCID)?action=activate" + + $payload = @{ + activationKey = $HcxKey; + } + } else { + $payload = "" + + $hcxSDDCUrl = $global:hcxCloudConnection.Server + "/sddcs/$($SDDCID)?action=deactivate" + } + + $body = $payload | ConvertTo-Json + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $METHOD`n$hcxSDDCUrl`n" + Write-Host -ForegroundColor cyan "[DEBUG]`n$body`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $hcxSDDCUrl -Method $method -Body $body -Headers $global:hcxCloudConnection.headers -UseBasicParsing -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $hcxSDDCUrl -Method $method -Body $body -Headers $global:hcxCloudConnection.headers -UseBasicParsing + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe HCX Cloud session is no longer valid, please re-run the Connect-HCXCloudServer cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in attempting to activate or deactivate HCX" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + if($Activate) { + Write-Host "Activating HCX for SDDC: $SDDCID, starting deployment. You can monitor the status using the HCX Cloud Console" + } else { + Write-Host "Deactivating HCX for SDDC: $SDDCID, starting un-deploymentt. You can monitor the status using the HCX Cloud Console" + } + ($requests.content | ConvertFrom-Json) + } + } } \ No newline at end of file diff --git a/Modules/VMware.Hv.Helper/Json/Farm/AutomatedLinkedCloneFarmVGPU.json b/Modules/VMware.Hv.Helper/Json/Farm/AutomatedLinkedCloneFarmVGPU.json new file mode 100644 index 0000000..ecec6ea --- /dev/null +++ b/Modules/VMware.Hv.Helper/Json/Farm/AutomatedLinkedCloneFarmVGPU.json @@ -0,0 +1,97 @@ +{ + "Type": "AUTOMATED", + "Data": { + "Name": "LCFarmJson", + "DisplayName": "FarmJsonTest", + "AccessGroup": "Root", + "Description": "created LC Farm from PS via JSON with NVIDIA GRID VGPU", + "Enabled": null, + "Deleting": false, + "Settings": { + "DisconnectedSessionTimeoutPolicy": "NEVER", + "DisconnectedSessionTimeoutMinutes": 1, + "EmptySessionTimeoutPolicy": "AFTER", + "EmptySessionTimeoutMinutes": 1, + "LogoffAfterTimeout": false + }, + "Desktop": null, + "DisplayProtocolSettings": { + "DefaultDisplayProtocol": "PCOIP", + "AllowDisplayProtocolOverride": false, + "EnableHTMLAccess": false, + "EnableCollaboration": false, + "EnableGRIDvGPUs": true, + "VGPUGridProfile": "grid_m10-8a" + }, + "ServerErrorThreshold": null, + "MirageConfigurationOverrides": { + "OverrideGlobalSetting": false, + "Enabled": false, + "Url": null + } + }, + "AutomatedFarmSpec": { + "ProvisioningType": "VIEW_COMPOSER", + "VirtualCenter": null, + "RdsServerNamingSpec": { + "NamingMethod": "PATTERN", + "PatternNamingSettings": { + "NamingPattern": "LCFarmVMPS", + "MaxNumberOfRDSServers": 1 + } + }, + "VirtualCenterProvisioningSettings": { + "EnableProvisioning": true, + "StopProvisioningOnError": true, + "MinReadyVMsOnVComposerMaintenance": 0, + "VirtualCenterProvisioningData": { + "ParentVm": "RDSServer", + "Snapshot": "RDS_SNAP1", + "Datacenter": null, + "VmFolder": "Praveen", + "HostOrCluster": "CS-1", + "ResourcePool": "CS-1" + }, + "VirtualCenterStorageSettings": { + "Datastores": [ + { + "Datastore": "Datastore1", + "StorageOvercommit": "UNBOUNDED" + } + ], + "UseVSan": false, + "ViewComposerStorageSettings": { + "UseSeparateDatastoresReplicaAndOSDisks": false, + "ReplicaDiskDatastore": null, + "UseNativeSnapshots": false, + "SpaceReclamationSettings": { + "ReclaimVmDiskSpace": false, + "ReclamationThresholdGB": null, + "BlackoutTimes": null + } + } + }, + "VirtualCenterNetworkingSettings": { + "Nics": null + } + }, + "VirtualCenterManagedCommonSettings": { + "TransparentPageSharingScope": "VM" + }, + "CustomizationSettings": { + "CustomizationType": "SYS_PREP", + "DomainAdministrator": null, + "AdContainer": "CN=Computers", + "ReusePreExistingAccounts": false, + "SysprepCustomizationSettings": { + "CustomizationSpec": "PraveenCust" + } + }, + "RdsServerMaxSessionsData": { + "MaxSessionsType": "UNLIMITED", + "MaxSessions": null + } + }, + "ManualFarmSpec": null, + "NetBiosName": "adviewdev" +} \ No newline at end of file diff --git a/Modules/VMware.Hv.Helper/VMware.HV.Helper.psd1 b/Modules/VMware.Hv.Helper/VMware.HV.Helper.psd1 index 42dc6aa..91e9943 100644 --- a/Modules/VMware.Hv.Helper/VMware.HV.Helper.psd1 +++ b/Modules/VMware.Hv.Helper/VMware.HV.Helper.psd1 @@ -12,7 +12,7 @@ # RootModule = '' # Version number of this module. -ModuleVersion = '1.1' +ModuleVersion = '1.3.1' # ID used to uniquely identify this module GUID = '6d3f7fb5-4e52-43d8-91e1-f65f72532a1d' diff --git a/Modules/VMware.Hv.Helper/VMware.HV.Helper.psm1 b/Modules/VMware.Hv.Helper/VMware.HV.Helper.psm1 index fa5ed36..a140dd0 100644 --- a/Modules/VMware.Hv.Helper/VMware.HV.Helper.psm1 +++ b/Modules/VMware.Hv.Helper/VMware.HV.Helper.psm1 @@ -1,5 +1,5 @@ #Script Module : VMware.Hv.Helper -#Version : 1.2 +#Version : 1.3.1 #Copyright © 2016 VMware, Inc. All Rights Reserved. @@ -94,6 +94,161 @@ function Get-VcenterID { return $virtualCenterId } +function Get-HVvCenterServer { + <# + .Synopsis + Gets a list of all configured vCenter Servers + + .DESCRIPTION + Queries and returns the vCenter Servers configured for the pod of the specified HVServer. + + .PARAMETER HvServer + Reference to Horizon View Server to query the virtual machines from. If the value is not passed or null then + first element from global:DefaultHVServers would be considered inplace of hvServer + + .PARAMETER Name + A string value to query a vCenter Server by Name, if it is known. + + .EXAMPLE + Get-HVvCenterServer + + .EXAMPLE + Get-HVvCenterServer -Name 'vCenter1' + + .OUTPUTS + Returns array of object type VMware.Hv.VirtualCenterInfo + + .NOTES + Author : Matt Frey. + Author email : mfrey@vmware.com + Version : 1.0 + + ===Tested Against Environment==== + Horizon View Server Version : 7.7 + PowerCLI Version : PowerCLI 11.2.0 + PowerShell Version : 5.1 + #> + + param( + [Parameter(Mandatory = $false)] + $HvServer = $null, + + [Parameter(Mandatory = $false)] + [string]$Name = $null + ) + + begin { + $services = Get-ViewAPIService -hvServer $hvServer + + if ($null -eq $services) { + Write-Error "Could not retrieve ViewApi services from connection object" + break + } + } + + process { + + if ($null -ne $PSBoundParameters.Name) { + $vCenterList = $services.VirtualCenter.VirtualCenter_List() | Where-Object {$_.ServerSpec.ServerName -eq $Name} + } else { + $vCenterList = $services.VirtualCenter.VirtualCenter_List() + } + + } + + end { + + return $vCenterList + + } +} + +function Get-HVvCenterServerHealth { + <# + .Synopsis + Gets a the health info for a given vCenter Server. + + .DESCRIPTION + Queries and returns the VirtualCenterHealthInfo specified HVServer. + + .PARAMETER HvServer + Reference to Horizon View Server to query the virtual machines from. If the value is not passed or null then + first element from global:DefaultHVServers would be considered inplace of hvServer + + .PARAMETER VirtualCenter + A parameter to specify which vCenter Server to check health for. If not specified, this function will return the + health info for all vCenter Servers. + + .EXAMPLE + Get-HVvCenterServerHealth -VirtualCenter 'vCenter1' + + .EXAMPLE + Get-HVvCenterServerHealth -VirtualCenter $vCenter1 + + .EXAMPLE + Get-HVvCenterServerHealth + + .OUTPUTS + Returns array of object type VMware.Hv.VirtualCenterInfo + + .NOTES + Author : Matt Frey. + Author email : mfrey@vmware.com + Version : 1.0 + + ===Tested Against Environment==== + Horizon View Server Version : 7.7 + PowerCLI Version : PowerCLI 11.2.0 + PowerShell Version : 5.1 + #> + + param( + [Parameter(Mandatory = $false)] + $HvServer = $null, + + [Parameter(Mandatory = $false)] + $VirtualCenter = $null + ) + + begin { + $services = Get-ViewAPIService -hvServer $hvServer + + Write-Warning "Get-HvVcenterServerHealth is targeted for deprecation in a future release. Use Get-HVHealth -Servicename VirtualCenter instead." + + if ($null -eq $services) { + Write-Error "Could not retrieve ViewApi services from connection object" + break + } + } + + process { + + if ($null -eq $PSBoundParameters.VirtualCenter) { + $VirtualCenterHealth = $services.VirtualCenterHealth.VirtualCenterHealth_List() + } else { + $objType = $VirtualCenter.getType() | Select-Object -ExpandProperty Name + Switch ($objType) { + 'String' { + $VirtualCenterHealth = $services.VirtualCenterHealth.VirtualCenterHealth_Get($(Get-HVvCenterServer -Name $VirtualCenter | Select-Object -ExpandProperty Id)) + } + 'VirtualCenterInfo' { + $VirtualCenterHealth = $services.VirtualCenterHealth.VirtualCenterHealth_Get($($VirtualCenter | Select-Object -ExpandProperty Id)) + } + 'VirtualCenterId' { + $VirtualCenterHealth = $services.VirtualCenterHealth.VirtualCenterHealth_Get($VirtualCenter) + } + } + } + + } + + end { + + return $VirtualCenterHealth + + } +} + function Get-JsonObject { param( [Parameter(Mandatory = $true)] @@ -327,7 +482,6 @@ function Get-UserId ($User) { $defn = New-Object VMware.Hv.QueryDefinition $defn.queryEntityType = 'ADUserOrGroupSummaryView' - [VMware.Hv.QueryFilter[]]$filters = $null $groupfilter = New-Object VMware.Hv.QueryFilterEquals -Property @{ 'memberName' = 'base.group'; 'value' = $false } $userNameFilter = New-Object VMware.Hv.QueryFilterEquals -Property @{ 'memberName' = 'base.name'; 'value' = $user } $treeList = @() @@ -462,8 +616,6 @@ function Add-HVRDSServer { } } - - function Connect-HVEvent { <# .SYNOPSIS @@ -515,7 +667,7 @@ function Connect-HVEvent { [CmdletBinding()] param( [Parameter(Mandatory = $false)] - $DbPassword = $null, + [SecureString]$DbPassword = $null, [Parameter(Mandatory = $false)] $HvServer = $null, @@ -552,12 +704,10 @@ function Connect-HVEvent { if (!$dbPassword) { $dbPassword = Read-Host 'Database Password for' $dbUserName@$dbServer -AsSecureString } if ($dbType -eq "SQLSERVER") { - if ($dbPassword.GetType().name -eq 'String'){ - $password = ConvertTo-SecureString $dbPassword -AsPlainText -Force - } elseif ($dbPassword.GetType().name -eq 'SecureString') { + if ($dbPassword.GetType().name -eq 'SecureString') { $password = $dbPassword } else { - Write-Error "Unsupported type recieved for dbPassword: [$dbPassword]. dbpassword should either be String or SecureString type. " + Write-Error "Unsupported type recieved for dbPassword: [$dbPassword]. dbpassword should SecureString type." break } $connectionString = "Data Source=$dbServer, $dbPort; Initial Catalog=$dbName;" @@ -964,10 +1114,7 @@ function Get-HVFarm { PowerShell Version : 5.0 #> - [CmdletBinding( - SupportsShouldProcess = $true, - ConfirmImpact = 'High' - )] + [CmdletBinding()] param( [Parameter(Mandatory = $false)] @@ -1004,8 +1151,7 @@ function Get-HVFarm { if (! $farmList) { if (! $SuppressInfo) { Write-Host "Get-HVFarm: No Farm Found with given search parameters" - } - return $farmList + } } $farm_service_helper = New-Object VMware.Hv.FarmService $queryResults = @() @@ -1079,10 +1225,7 @@ function Get-HVFarmSummary { PowerShell Version : 5.0 #> - [CmdletBinding( - SupportsShouldProcess = $true, - ConfirmImpact = 'High' - )] + [CmdletBinding()] param( [Parameter(Mandatory = $false)] @@ -1185,7 +1328,7 @@ function Find-HVFarm { } $whereClause = [string]::Join(' -and ', $strFilterSet) $scriptBlock = [Scriptblock]::Create($whereClause) - $farmList = $queryResults.results | where $scriptBlock + $farmList = $queryResults.results | Where-Object $scriptBlock } Return $farmList } @@ -1267,10 +1410,7 @@ function Get-HVPool { PowerShell Version : 5.0 #> - [CmdletBinding( - SupportsShouldProcess = $true, - ConfirmImpact = 'High' - )] + [CmdletBinding()] param( [Parameter(Mandatory = $false)] @@ -1406,10 +1546,7 @@ function Get-HVPoolSummary { PowerShell Version : 5.0 #> - [CmdletBinding( - SupportsShouldProcess = $true, - ConfirmImpact = 'High' - )] + [CmdletBinding()] param( [Parameter(Mandatory = $false)] @@ -1523,7 +1660,7 @@ function Find-HVPool { } $whereClause = [string]::Join(' -and ', $strFilterSet) $scriptBlock = [Scriptblock]::Create($whereClause) - $poolList = $queryResults.results | where $scriptBlock + $poolList = $queryResults.results | Where-Object $scriptBlock } Return $poolList } @@ -1761,13 +1898,12 @@ function Get-HVQueryResult { Version : 1.1 ===Tested Against Environment==== - Horizon View Server Version : 7.0.2, 7.1.0 - PowerCLI Version : PowerCLI 6.5, PowerCLI 6.5.1 + Horizon View Server Version : 7.0.2, 7.1.0,7.4 + PowerCLI Version : PowerCLI 6.5, PowerCLI 6.5.1, PowerCLI 10.1.1 PowerShell Version : 5.0 #> - [CmdletBinding(SupportsShouldProcess = $true, - ConfirmImpact = 'High')] + [CmdletBinding()] param( [Parameter(Position = 0,Mandatory = $true)] [ValidateSet('ADUserOrGroupSummaryView','ApplicationIconInfo','ApplicationInfo','DesktopSummaryView', @@ -1775,7 +1911,7 @@ function Get-HVQueryResult { 'FarmSummaryView','GlobalApplicationEntitlementInfo','GlobalEntitlementSummaryView', 'MachineNamesView','MachineSummaryView','PersistentDiskInfo','PodAssignmentInfo', 'RDSServerInfo','RDSServerSummaryView','RegisteredPhysicalMachineInfo','SampleInfo', - 'SessionLocalSummaryView','TaskInfo','URLRedirectionInfo','UserHomeSiteInfo')] + 'SessionLocalSummaryView','TaskInfo','URLRedirectionInfo','UserHomeSiteInfo','EventSummaryView','GlobalApplicationEntitlementInfo')] [string]$EntityType, [Parameter(Position = 1,Mandatory = $false)] @@ -1906,7 +2042,7 @@ function New-HVFarm { Set to true to enable provision of RDSServers immediately in farm. Applicable to Linked Clone and Instant Clone farms. -.PARAMETER StopOnProvisioningError +.PARAMETER StopProvisioningOnError Set to true to stop provisioning of all RDSServers on error. Applicable to Linked Clone and Instant Clone farms. @@ -1979,11 +2115,11 @@ function New-HVFarm { Reference to Horizon View Server to query the farms from. If the value is not passed or null then first element from global:DefaultHVServers would be considered in-place of hvServer. .EXAMPLE - New-HVFarm -LinkedClone -FarmName 'LCFarmTest' -ParentVM 'Win_Server_2012_R2' -SnapshotVM 'Snap_RDS' -VmFolder 'PoolVM' -HostOrCluster 'cls' -ResourcePool 'cls' -Datastores 'datastore1 (5)' -FarmDisplayName 'LC Farm Test' -Description 'created LC Farm from PS' -EnableProvisioning $true -StopOnProvisioningError $false -NamingPattern "LCFarmVM_PS" -MinReady 1 -MaximumCount 1 -SysPrepName "RDSH_Cust2" -NetBiosName "adviewdev" + New-HVFarm -LinkedClone -FarmName 'LCFarmTest' -ParentVM 'Win_Server_2012_R2' -SnapshotVM 'Snap_RDS' -VmFolder 'PoolVM' -HostOrCluster 'cls' -ResourcePool 'cls' -Datastores 'datastore1 (5)' -FarmDisplayName 'LC Farm Test' -Description 'created LC Farm from PS' -EnableProvisioning $true -StopProvisioningOnError $false -NamingPattern "LCFarmVM_PS" -MinReady 1 -MaximumCount 1 -SysPrepName "RDSH_Cust2" -NetBiosName "adviewdev" Creates new linkedClone farm by using naming pattern .EXAMPLE - New-HVFarm -InstantClone -FarmName 'ICFarmCL' -ParentVM 'vm-rdsh-ic' -SnapshotVM 'Snap_5' -VmFolder 'Instant_Clone_VMs' -HostOrCluster 'vimal-cluster' -ResourcePool 'vimal-cluster' -Datastores 'datastore1' -FarmDisplayName 'IC Farm using CL' -Description 'created IC Farm from PS command-line' -EnableProvisioning $true -StopOnProvisioningError $false -NamingPattern "ICFarmCL-" -NetBiosName "ad-vimalg" + New-HVFarm -InstantClone -FarmName 'ICFarmCL' -ParentVM 'vm-rdsh-ic' -SnapshotVM 'Snap_5' -VmFolder 'Instant_Clone_VMs' -HostOrCluster 'vimal-cluster' -ResourcePool 'vimal-cluster' -Datastores 'datastore1' -FarmDisplayName 'IC Farm using CL' -Description 'created IC Farm from PS command-line' -EnableProvisioning $true -StopProvisioningOnError $false -NamingPattern "ICFarmCL-" -NetBiosName "ad-vimalg" Creates new linkedClone farm by using naming pattern .EXAMPLE @@ -2107,6 +2243,21 @@ function New-HVFarm { [boolean] $EnableHTMLAccess = $false, + #farmSpec.data.displayProtocolSettings.EnableCollaboration + [Parameter(Mandatory = $false)] + [boolean] + $EnableCollaboration = $false, + + #farmSpec.data.displayProtocolSettings.EnableGRIDvGPUs + [Parameter(Mandatory = $false)] + [boolean] + $EnableGRIDvGPUs = $false, + + #farmSpec.data.displayProtocolSettings.VGPUGridProfile + [Parameter(Mandatory = $false)] + [string] + $VGPUGridProfile, + #farmSpec.data.serverErrorThreshold [Parameter(Mandatory = $false)] [ValidateRange(0,[Int]::MaxValue)] @@ -2193,11 +2344,11 @@ function New-HVFarm { [boolean] $EnableProvisioning = $true, - #farmSpec.automatedfarmSpec.virtualCenterProvisioningSettings.stopOnProvisioningError if LINKED_CLONE, INSTANT_CLONE + #farmSpec.automatedfarmSpec.virtualCenterProvisioningSettings.stopProvisioningOnError if LINKED_CLONE, INSTANT_CLONE [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] [boolean] - $StopOnProvisioningError = $true, + $StopProvisioningOnError = $true, [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] @@ -2523,6 +2674,12 @@ function New-HVFarm { $defaultDisplayProtocol = $jsonObject.Data.DisplayProtocolSettings.DefaultDisplayProtocol $allowDisplayProtocolOverride = $jsonObject.Data.DisplayProtocolSettings.AllowDisplayProtocolOverride $enableHTMLAccess = $jsonObject.Data.DisplayProtocolSettings.EnableHTMLAccess + $EnableCollaboration = $jsonObject.Data.DisplayProtocolSettings.EnableCollaboration + + if ($null -ne $jsonObject.Data.DisplayProtocolSettings.VGPUGridProfile) { + $EnableGRIDvGPUs = $jsonObject.Data.DisplayProtocolSettings.EnableGRIDvGPUs + $VGPUGridProfile = $jsonObject.Data.DisplayProtocolSettings.VGPUGridProfile + } } if ($null -ne $jsonObject.Data.serverErrorThreshold) { $serverErrorThreshold = $jsonObject.Data.serverErrorThreshold @@ -2666,6 +2823,11 @@ function New-HVFarm { $farmData.DisplayProtocolSettings.DefaultDisplayProtocol = $defaultDisplayProtocol $farmData.DisplayProtocolSettings.AllowDisplayProtocolOverride = $AllowDisplayProtocolOverride $farmData.DisplayProtocolSettings.EnableHTMLAccess = $enableHTMLAccess + $farmData.DisplayProtocolSettings.EnableCollaboration = $EnableCollaboration + if($VGPUGridProfile -ne $false){ + $farmData.DisplayProtocolSettings.EnableGRIDvGPUs = $EnableGRIDvGPUs + $farmData.DisplayProtocolSettings.VGPUGridProfile = $VGPUGridProfile + } } if ($farmData.MirageConfigurationOverrides){ $farmData.MirageConfigurationOverrides.OverrideGlobalSetting = $overrideGlobalSetting @@ -2683,11 +2845,12 @@ function New-HVFarm { $farmSpecObj.ManualFarmSpec = $FarmManualFarmSpec } - # Please uncomment below code, if you want to save the json file - <# - $myDebug = convertto-json -InputObject $farmSpecObj -depth 12 - $myDebug | out-file -filepath c:\temp\copiedfarm.json - #> + If ($DebugPreference -ne 'SilentlyContinue') { + $myDebug = convertto-json -InputObject $farmSpecObj -depth 12 + $DebugOutput = "c:\temp\copiedfarm.json" + $myDebug | Out-File -filepath $DebugOutput + Write-Debug "Output Farm Spec to $DebugOutput." + } if (!$confirmFlag -OR $pscmdlet.ShouldProcess($farmSpecObj.data.name)) { $Id = $farm_service_helper.Farm_Create($services, $farmSpecObj) @@ -2790,7 +2953,6 @@ function Test-HVFarmSpec { } } - function Get-HVFarmProvisioningData { param( [Parameter(Mandatory = $false)] @@ -2865,7 +3027,6 @@ function Get-HVFarmProvisioningData { return $vmObject } - function Get-HVFarmStorageObject { param( @@ -2933,7 +3094,6 @@ function Get-HVFarmStorageObject { return $storageObject } - function Get-HVFarmNetworkSetting { param( [Parameter(Mandatory = $false)] @@ -2945,7 +3105,6 @@ function Get-HVFarmNetworkSetting { return $networkObject } - function Get-HVFarmCustomizationSetting { param( [Parameter(Mandatory = $false)] @@ -2991,7 +3150,7 @@ function Get-HVFarmCustomizationSetting { } $whereClause = [string]::Join(' -and ', $strFilterSet) $scriptBlock = [Scriptblock]::Create($whereClause) - $instantCloneEngineDomainAdministrator = $insDomainAdministrators | Where $scriptBlock + $instantCloneEngineDomainAdministrator = $insDomainAdministrators | Where-Object $scriptBlock If ($null -ne $instantCloneEngineDomainAdministrator) { $instantCloneEngineDomainAdministrator = $instantCloneEngineDomainAdministrator[0].id } elseif ($null -ne $insDomainAdministrators) { @@ -3019,7 +3178,7 @@ function Get-HVFarmCustomizationSetting { } $whereClause = [string]::Join(' -and ', $strFilterSet) $scriptBlock = [Scriptblock]::Create($whereClause) - $ViewComposerDomainAdministratorID = $lcDomainAdministrators | Where $scriptBlock + $ViewComposerDomainAdministratorID = $lcDomainAdministrators | Where-Object $scriptBlock if ($null -ne $ViewComposerDomainAdministratorID) { $ViewComposerDomainAdministratorID = $ViewComposerDomainAdministratorID[0].id } elseif ($null -ne $lcDomainAdministrators) { @@ -3078,7 +3237,6 @@ function Get-FarmSpec { return $farm_spec_helper.getDataObject() } - function New-HVPool { <# .Synopsis @@ -3302,7 +3460,7 @@ function New-HVPool { .PARAMETER BlackoutTimes A list of blackout times. -.PARAMETER StopOnProvisioningError +.PARAMETER StopProvisioningOnError Set to true to stop provisioning of all VMs on error. Applicable to Full, Linked, Instant Clone Pools. @@ -3429,7 +3587,7 @@ function New-HVPool { first element from global:DefaultHVServers would be considered in-place of hvServer. .EXAMPLE - C:\PS>New-HVPool -LinkedClone -PoolName 'vmwarepool' -UserAssignment FLOATING -ParentVM 'Agent_vmware' -SnapshotVM 'kb-hotfix' -VmFolder 'vmware' -HostOrCluster 'CS-1' -ResourcePool 'CS-1' -Datastores 'datastore1' -NamingMethod PATTERN -PoolDisplayName 'vmware linkedclone pool' -Description 'created linkedclone pool from ps' -EnableProvisioning $true -StopOnProvisioningError $false -NamingPattern "vmware2" -MinReady 0 -MaximumCount 1 -SpareCount 1 -ProvisioningTime UP_FRONT -SysPrepName vmwarecust -CustType SYS_PREP -NetBiosName adviewdev -DomainAdmin root + C:\PS>New-HVPool -LinkedClone -PoolName 'vmwarepool' -UserAssignment FLOATING -ParentVM 'Agent_vmware' -SnapshotVM 'kb-hotfix' -VmFolder 'vmware' -HostOrCluster 'CS-1' -ResourcePool 'CS-1' -Datastores 'datastore1' -NamingMethod PATTERN -PoolDisplayName 'vmware linkedclone pool' -Description 'created linkedclone pool from ps' -EnableProvisioning $true -StopProvisioningOnError $false -NamingPattern "vmware2" -MinReady 0 -MaximumCount 1 -SpareCount 1 -ProvisioningTime UP_FRONT -SysPrepName vmwarecust -CustType SYS_PREP -NetBiosName adviewdev -DomainAdmin root Create new automated linked clone pool with naming method pattern .EXAMPLE @@ -3568,30 +3726,36 @@ function New-HVPool { [string[]] $ConnectionServerRestrictions, - #desktopSpec.desktopSettings.logoffSettings.powerPloicy + #desktopSpec.desktopSettings.logoffSettings.powerPolicy [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] [ValidateSet('TAKE_NO_POWER_ACTION', 'ALWAYS_POWERED_ON', 'SUSPEND', 'POWER_OFF')] [string]$PowerPolicy = 'TAKE_NO_POWER_ACTION', - #desktopSpec.desktopSettings.logoffSettings.powerPloicy + #desktopSpec.desktopSettings.logoffSettings.powerPolicy + [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] [ValidateSet('IMMEDIATELY', 'NEVER', 'AFTER')] [string]$AutomaticLogoffPolicy = 'NEVER', #desktopSpec.desktopSettings.logoffSettings.automaticLogoffMinutes + [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] [ValidateRange(1,[int]::MaxValue)] [int]$AutomaticLogoffMinutes = 120, #desktopSpec.desktopSettings.logoffSettings.allowUsersToResetMachines + [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] + [Parameter(Mandatory = $false,ParameterSetName = 'MANUAL')] [boolean]$allowUsersToResetMachines = $false, #desktopSpec.desktopSettings.logoffSettings.allowMultipleSessionsPerUser + [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] [boolean]$allowMultipleSessionsPerUser = $false, #desktopSpec.desktopSettings.logoffSettings.deleteOrRefreshMachineAfterLogoff + [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] [ValidateSet('NEVER', 'DELETE', 'REFRESH')] [string]$deleteOrRefreshMachineAfterLogoff = 'NEVER', @@ -3612,25 +3776,34 @@ function New-HVPool { #DesktopDisplayProtocolSettings #desktopSpec.desktopSettings.logoffSettings.supportedDisplayProtocols + [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] + [Parameter(Mandatory = $false,ParameterSetName = 'MANUAL')] [ValidateSet('RDP', 'PCOIP', 'BLAST')] [string[]]$supportedDisplayProtocols = @('RDP', 'PCOIP', 'BLAST'), #desktopSpec.desktopSettings.logoffSettings.defaultDisplayProtocol - [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] + [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] + [Parameter(Mandatory = $false,ParameterSetName = 'LINKED_CLONE')] + [Parameter(Mandatory = $false,ParameterSetName = 'MANUAL')] [ValidateSet('RDP', 'PCOIP', 'BLAST')] [string]$defaultDisplayProtocol = 'PCOIP', #desktopSpec.desktopSettings.logoffSettings.allowUsersToChooseProtocol + [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] + [Parameter(Mandatory = $false,ParameterSetName = 'MANUAL')] [int]$allowUsersToChooseProtocol = $true, #desktopSpec.desktopSettings.logoffSettings.enableHTMLAccess + [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] + [Parameter(Mandatory = $false,ParameterSetName = 'MANUAL')] [boolean]$enableHTMLAccess = $false, # DesktopPCoIPDisplaySettings #desktopSpec.desktopSettings.logoffSettings.pcoipDisplaySettings.renderer3D + [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] [ValidateSet('MANAGE_BY_VSPHERE_CLIENT', 'AUTOMATIC', 'SOFTWARE', 'HARDWARE', 'DISABLED')] [string]$renderer3D = 'DISABLED', @@ -3657,13 +3830,19 @@ function New-HVPool { # flashSettings #desktopSpec.desktopSettings.flashSettings.quality [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] + [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] + [Parameter(Mandatory = $false,ParameterSetName = 'FULL_CLONE')] + [Parameter(Mandatory = $false,ParameterSetName = 'MANUAL')] [ValidateSet('NO_CONTROL', 'LOW', 'MEDIUM', 'HIGH')] - [string]$quality = 'NO_CONTROL', + [string]$Quality = 'NO_CONTROL', #desktopSpec.desktopSettings.flashSettings.throttling [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] + [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] + [Parameter(Mandatory = $false,ParameterSetName = 'FULL_CLONE')] + [Parameter(Mandatory = $false,ParameterSetName = 'MANUAL')] [ValidateSet('DISABLED', 'CONSERVATIVE', 'MODERATE', 'AGGRESSIVE')] - [string]$throttling = 'DISABLED', + [string]$Throttling = 'DISABLED', #mirageConfigurationOverrides #desktopSpec.desktopSettings.mirageConfigurationOverrides.overrideGlobalSetting @@ -3725,7 +3904,7 @@ function New-HVPool { [string] $ResourcePool, - #desktopSpec.automatedDesktopSpec.virtualCenterProvisioningSettings.virtualCenterProvisioningData.datacenter if LINKED_CLONE, INSTANT_CLONE, FULL_CLONE + #desktopSpec.automatedDesktopSpec.virtualCenterProvisioningSettings.virtualCenterProvisioningData.datacenter if LINKED_CLONE, INSTANT_CLONE, FULL_CLONE [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] [Parameter(Mandatory = $false,ParameterSetName = 'FULL_CLONE')] @@ -3739,7 +3918,7 @@ function New-HVPool { [string[]] $Datastores, - #desktopSpec.automatedDesktopSpec.virtualCenterProvisioningSettings.virtualCenterStorageSettings.datastores.storageOvercommit if LINKED_CLONE, INSTANT_CLONE, FULL_CLONE + #desktopSpec.automatedDesktopSpec.virtualCenterProvisioningSettings.virtualCenterStorageSettings.datastores.storageOvercommit if LINKED_CLONE, INSTANT_CLONE, FULL_CLONE [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] [Parameter(Mandatory = $false,ParameterSetName = 'FULL_CLONE')] @@ -3868,12 +4047,12 @@ function New-HVPool { [boolean] $EnableProvisioning = $true, - #desktopSpec.automatedDesktopSpec.virtualCenterProvisioningSettings.stopOnProvisioningError if LINKED_CLONE, INSTANT_CLONE, FULL_CLONE + #desktopSpec.automatedDesktopSpec.virtualCenterProvisioningSettings.stopProvisioningOnError if LINKED_CLONE, INSTANT_CLONE, FULL_CLONE [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] [Parameter(Mandatory = $false,ParameterSetName = 'FULL_CLONE')] [boolean] - $StopOnProvisioningError = $true, + $StopProvisioningOnError = $true, [Parameter(Mandatory = $false,ParameterSetName = "LINKED_CLONE")] [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] @@ -3980,7 +4159,8 @@ function New-HVPool { [string] $CustType, - #desktopSpec.automatedDesktopSpec.customizationSettings.reusePreExistingAccounts if LINKED_CLONE + #desktopSpec.automatedDesktopSpec.customizationSettings.reusePreExistingAccounts if LINKED_CLONE, INSTANT_CLONE + [Parameter(Mandatory = $false,ParameterSetName = 'INSTANT_CLONE')] [Parameter(Mandatory = $false,ParameterSetName = 'LINKED_CLONE')] [Boolean] $ReusePreExistingAccounts = $false, @@ -4147,6 +4327,7 @@ function New-HVPool { $adContainer = $jsonObject.AutomatedDesktopSpec.CustomizationSettings.AdContainer } $custType = $jsonObject.AutomatedDesktopSpec.CustomizationSettings.CustomizationType + $reusePreExistingAccounts = $jsonObject.AutomatedDesktopSpec.CustomizationSettings.reusePreExistingAccounts if ($jsonObject.AutomatedDesktopSpec.ProvisioningType -eq "INSTANT_CLONE_ENGINE") { $InstantClone = $true if ($null -ne $jsonObject.AutomatedDesktopSpec.CustomizationSettings.CloneprepCustomizationSettings) { @@ -4167,7 +4348,6 @@ function New-HVPool { 'SYS_PREP' { $sysprepCustomizationSettings = $jsonObject.AutomatedDesktopSpec.CustomizationSettings.SysprepCustomizationSettings $sysPrepName = $sysprepCustomizationSettings.customizationSpec - $reusePreExistingAccounts = $jsonObject.AutomatedDesktopSpec.CustomizationSettings.reusePreExistingAccounts } 'QUICK_PREP' { $powerOffScriptName = $jsonObject.AutomatedDesktopSpec.CustomizationSettings.QuickprepCustomizationSettings.PowerOffScriptName @@ -4259,20 +4439,20 @@ function New-HVPool { $redirectWindowsProfile = $false } } - if ($null -ne $jsonObject.AutomatedDesktopSpec.VirtualCenterProvisioningSettings.viewStorageAcceleratorSettings) { - $useViewStorageAccelerator = $jsonObject.AutomatedDesktopSpec.VirtualCenterProvisioningSettings.viewStorageAcceleratorSettings.UseViewStorageAccelerator + if ($null -ne $jsonObject.AutomatedDesktopSpec.VirtualCenterProvisioningSettings.VirtualCenterStorageSettings.viewStorageAcceleratorSettings) { + $useViewStorageAccelerator = $jsonObject.AutomatedDesktopSpec.VirtualCenterProvisioningSettings.VirtualCenterStorageSettings.viewStorageAcceleratorSettings.UseViewStorageAccelerator if ($useViewStorageAccelerator -and $LinkedClone) { - $viewComposerDiskTypes = $jsonObject.AutomatedDesktopSpec.VirtualCenterProvisioningSettings.viewStorageAcceleratorSettings.ViewComposerDiskTypes + $viewComposerDiskTypes = $jsonObject.AutomatedDesktopSpec.VirtualCenterProvisioningSettings.VirtualCenterStorageSettings.viewStorageAcceleratorSettings.ViewComposerDiskTypes } if (! $InstantClone -and $useViewStorageAccelerator) { - $regenerateViewStorageAcceleratorDays = $jsonObject.AutomatedDesktopSpec.VirtualCenterProvisioningSettings.viewStorageAcceleratorSettings.RegenerateViewStorageAcceleratorDays - if ($null -ne $jsonObject.AutomatedDesktopSpec.VirtualCenterProvisioningSettings.viewStorageAcceleratorSettings.blackoutTimes) { - $blackoutTimesList =$jsonObject.AutomatedDesktopSpec.VirtualCenterProvisioningSettings.viewStorageAcceleratorSettings.blackoutTimes + $regenerateViewStorageAcceleratorDays = $jsonObject.AutomatedDesktopSpec.VirtualCenterProvisioningSettings.VirtualCenterStorageSettings.viewStorageAcceleratorSettings.RegenerateViewStorageAcceleratorDays + if ($null -ne $jsonObject.AutomatedDesktopSpec.VirtualCenterProvisioningSettings.VirtualCenterStorageSettings.viewStorageAcceleratorSettings.blackoutTimes) { + $blackoutTimesList =$jsonObject.AutomatedDesktopSpec.VirtualCenterProvisioningSettings.VirtualCenterStorageSettings.viewStorageAcceleratorSettings.blackoutTimes foreach ($blackout in $blackoutTimesList) { $blackoutObj = New-Object VMware.Hv.DesktopBlackoutTime $blackoutObj.Days = $blackout.Days $blackoutObj.StartTime = $blackout.StartTime - $blackoutObj.EndTime = $blackoutObj.EndTime + $blackoutObj.EndTime = $blackout.EndTime $blackoutTimes += $blackoutObj } } @@ -4911,7 +5091,6 @@ function Get-HVPoolProvisioningData { return $vmObject } - function Get-HVHostOrClusterID { <# .Synopsis @@ -4945,7 +5124,7 @@ function Get-HVHostOrClusterID { if ($hoctn.container) { foreach ($node in $hoctn.treeContainer.children) { $id = Get-HVHostOrClusterID $node - if ($id -ne $null) { + if ($null -ne $id) { return $id } } @@ -4983,7 +5162,7 @@ function Get-HVResourcePoolID { } foreach ($child in $rpi.children) { $id = Get-HVResourcePoolID $child - if ($id -ne $null) { + if ($null -ne $id) { return $id } } @@ -5028,7 +5207,7 @@ function Get-HVAccessGroupID { } foreach ($child in $element.children) { $id = Get-HVAccessGroupID $child - if ($id -ne $null) { + if ($null -ne $id) { return $id } } @@ -5201,7 +5380,7 @@ function Get-HVPoolCustomizationSetting { } $whereClause = [string]::Join(' -and ', $strFilterSet) $scriptBlock = [Scriptblock]::Create($whereClause) - $instantCloneEngineDomainAdministrator = $insDomainAdministrators | Where $scriptBlock + $instantCloneEngineDomainAdministrator = $insDomainAdministrators | Where-Object $scriptBlock If ($null -ne $instantCloneEngineDomainAdministrator) { $instantCloneEngineDomainAdministrator = $instantCloneEngineDomainAdministrator[0].id } elseif ($null -ne $insDomainAdministrators) { @@ -5211,6 +5390,7 @@ function Get-HVPoolCustomizationSetting { throw "No Instant Clone Engine Domain Administrator found with netBiosName: [$netBiosName]" } $desktopSpecObj.AutomatedDesktopSpec.CustomizationSettings.CloneprepCustomizationSettings = Get-CustomizationObject + $desktopSpecObj.AutomatedDesktopSpec.CustomizationSettings.ReusePreExistingAccounts = $reusePreExistingAccounts $desktopSpecObj.AutomatedDesktopSpec.CustomizationSettings.CloneprepCustomizationSettings.InstantCloneEngineDomainAdministrator = $instantCloneEngineDomainAdministrator $desktopSpecObj.AutomatedDesktopSpec.CustomizationSettings.CloneprepCustomizationSettings.powerOffScriptName = $powerOffScriptName $desktopSpecObj.AutomatedDesktopSpec.CustomizationSettings.CloneprepCustomizationSettings.powerOffScriptParameters = $powerOffScriptParameters @@ -5230,7 +5410,7 @@ function Get-HVPoolCustomizationSetting { } $whereClause = [string]::Join(' -and ', $strFilterSet) $scriptBlock = [Scriptblock]::Create($whereClause) - $ViewComposerDomainAdministratorID = $lcDomainAdministrators | Where $scriptBlock + $ViewComposerDomainAdministratorID = $lcDomainAdministrators | Where-Object $scriptBlock If ($null -ne $ViewComposerDomainAdministratorID) { $ViewComposerDomainAdministratorID = $ViewComposerDomainAdministratorID[0].id } elseif ($null -ne $lcDomainAdministrators) { @@ -5238,7 +5418,7 @@ function Get-HVPoolCustomizationSetting { } if ($null -eq $ViewComposerDomainAdministratorID) { throw "No Composer Domain Administrator found with netBiosName: [$netBiosName]" - } + } if ($custType -eq 'SYS_PREP') { $desktopSpecObj.AutomatedDesktopSpec.CustomizationSettings.CustomizationType = 'SYS_PREP' $desktopSpecObj.AutomatedDesktopSpec.CustomizationSettings.SysprepCustomizationSettings = Get-CustomizationObject @@ -5262,6 +5442,7 @@ function Get-HVPoolCustomizationSetting { throw "The customization type: [$custType] is not supported for LinkedClone Pool" } $desktopSpecObj.AutomatedDesktopSpec.CustomizationSettings.DomainAdministrator = $ViewComposerDomainAdministratorID + $desktopSpecObj.AutomatedDesktopSpec.CustomizationSettings.ReusePreExistingAccounts = $reusePreExistingAccounts } elseIf ($FullClone) { if ($custType -eq 'SYS_PREP') { $desktopSpecObj.AutomatedDesktopSpec.CustomizationSettings.CustomizationType = 'SYS_PREP' @@ -5358,7 +5539,7 @@ function Test-HVPoolSpec { if (! (($PoolObject.AutomatedDesktopSpec.UserAssignment.UserAssignment -eq "FLOATING") -or ($PoolObject.AutomatedDesktopSpec.UserAssignment.UserAssignment -eq "DEDICATED")) ) { Throw "UserAssignment must be FLOATING or DEDICATED" } - if ($PoolObject.AutomatedDesktopSpec.ProvisioningType -eq $null) { + if ($null -eq $PoolObject.AutomatedDesktopSpec.ProvisioningType) { Throw "Pool Provisioning type is empty, need to be configured" } $provisionTypeArray = @('VIRTUAL_CENTER', 'VIEW_COMPOSER', 'INSTANT_CLONE_ENGINE') @@ -6890,6 +7071,239 @@ function Get-Machine ($Pool,$MachineList) { return $machines } +function Get-HVBaseImageVM { + <# + .Synopsis + Gets a list of compatible base image virtual machines. + + .DESCRIPTION + Queries and returns BaseImageVmInfo for the specified vCenter Server. + + .PARAMETER HvServer + Reference to Horizon View Server to query the virtual machines from. If the value is not passed or null then + first element from global:DefaultHVServers would be considered in place of hvServer. + + .PARAMETER VirtualCenter + A parameter to specify which vCenter Server to check base image VMs for. It can be specified as a String, + containing the name of the vCenter, or as a vCenter object as returned by Get-HVvCenterServer. If the value is + not passed or null then first element returned from Get-HVvCenterServer would be considered in place of VirtualCenter. + + .PARAMETER Type + A parameter to define the type of compatability to check the base image VM list against. Valid options are 'VDI', 'RDS', or 'ALL' + 'VDI' will return all desktop compatible Base Image VMs. + 'RDS' will return all RDSH compatible Base Image VMs. + 'ALL' will return all Base Image VMs, regardless of compatibility. + The default value is 'ALL'. + + .PARAMETER Name + The name of a virtual machine (if known), to filter Base Image VMs on. Wildcards are accepted. If Name is specified, then Type + is not considered for filtering. + + .EXAMPLE + Get-HVBaseImageVM -VirtualCenter 'vCenter1' -Type VDI + + .EXAMPLE + Get-HVBaseImageVM -VirtualCenter $vCenter1 -Type ALL + + .EXAMPLE + Get-HVBaseImageVM -Name '*WIN10*' + + .OUTPUTS + Returns array of object type VMware.Hv.BaseImageVmInfo + + .NOTES + Author : Matt Frey. + Author email : mfrey@vmware.com + Version : 1.0 + + ===Tested Against Environment==== + Horizon View Server Version : 7.7 + PowerCLI Version : PowerCLI 11.2.0 + PowerShell Version : 5.1 + #> + + [cmdletbinding( + DefaultParameterSetName='Type' + )] + + param( + [Parameter(Mandatory = $false)] + $HvServer = $null, + + [Parameter(Mandatory = $false)] + $VirtualCenter = $null, + + [Parameter(Mandatory = $false,ParameterSetName = 'Type')] + [ValidateSet('VDI','RDS','ALL')] + $Type = 'VDI', + + [Parameter(Mandatory = $false,ParameterSetName = 'Name')] + [string]$Name = $null + ) + + begin { + $services = Get-ViewAPIService -hvServer $hvServer + + if ($null -eq $services) { + Write-Error "Could not retrieve ViewApi services from connection object" + break + } + + if ($null -eq $PSBoundParameters.VirtualCenter) { + $VirtualCenterId = Get-HVvCenterServer | Select-Object -First 1 -ExpandProperty Id + } else { + $objType = $VirtualCenter.getType() | Select-Object -ExpandProperty Name + Switch ($objType) { + 'String' { + $VirtualCenterId = Get-HVvCenterServer -Name $VirtualCenter | Select-Object -ExpandProperty Id + } + 'VirtualCenterInfo' { + $VirtualCenterId = $VirtualCenter | Select-Object -ExpandProperty Id + } + 'VirtualCenterId' { + $VirtualCenterId = $VirtualCenter + } + } + } + + } + + process { + + $BaseImageVMList = $services.BaseImageVM.BaseImageVM_List($VirtualCenterId) + + #For all conditions, see https://vdc-download.vmware.com/vmwb-repository/dcr-public/3721109b-48a5-4ffb-a0ad-6d6a44f2f288/ff45dfca-1050-4265-93ef-4e7d702322e4/vdi.utils.virtualcenter.BaseImageVm.BaseImageVmIncompatibleReasons.html + + If ($null -ne $PSBoundParameters.Name) { + $CompatibleBaseImageVMs = $BaseImageVMList | Where-Object {$_.Name -like $Name} + } Else { + Switch ($Type) { + + 'VDI' { + $CompatibleBaseImageVMs = $BaseImageVMList | Where-Object { + ($_.IncompatibleReasons.InUseByDesktop -eq $false) -and + ($_.IncompatibleReasons.InUseByLinkedCloneDesktop -eq $false) -and + ($_.IncompatibleReasons.ViewComposerReplica -eq $false) -and + ($_.IncompatibleReasons.UnsupportedOS -eq $false) -and + ($_.IncompatibleReasons.NoSnapshots -eq $false) -and + (($null -eq $_.IncompatibleReasons.InstantInternal) -or ($_.IncompatibleReasons.InstantInternal -eq $false)) + } + } + 'RDS' { + $CompatibleBaseImageVMs = $BaseImageVMList | Where-Object { + ($_.IncompatibleReasons.InUseByDesktop -eq $false) -and + ($_.IncompatibleReasons.InUseByLinkedCloneDesktop -eq $false) -and + ($_.IncompatibleReasons.ViewComposerReplica -eq $false) -and + ($_.IncompatibleReasons.UnsupportedOSForLinkedCloneFarm -eq $false) -and + ($_.IncompatibleReasons.NoSnapshots -eq $false) -and + (($null -eq $_.IncompatibleReasons.InstantInternal) -or ($_.IncompatibleReasons.InstantInternal -eq $false)) + } + } + 'ALL' { + $CompatibleBaseImageVMs = $BaseImageVMList + } + + } + } + + } + + end { + + return $CompatibleBaseImageVMs + + } +} + +function Get-HVBaseImageSnapshot { + <# + .Synopsis + Gets a list of compatible base image virtual machines. + + .DESCRIPTION + Queries and returns BaseImageVmInfo for the specified vCenter Server. + + .PARAMETER HvServer + Reference to Horizon View Server to query the virtual machines from. If the value is not passed or null then + first element from global:DefaultHVServers would be considered in place of hvServer. + + .PARAMETER BaseImageVM + The BaseImageVM to query snapshots for. This parameter is required. Wildcards are accepted. This parameter also supports + pipeline operations with Get-HVBaseImageVM + + .EXAMPLE + Get-HVBaseImageSnapshots -BaseImageVM 'WIN10-BaseImage' + + .EXAMPLE + Get-HVBaseImageSnapshots -BaseImageVM '*WIN10*' + + .EXAMPLE + Get-HVBaseImageVM -Name 'WIN10-BaseImage' | Get-HVBaseImageSnapshots + + .OUTPUTS + Array of object type VMware.Hv.BaseImageSnapshotInfo + + .NOTES + Author : Matt Frey. + Author email : mfrey@vmware.com + Version : 1.0 + + ===Tested Against Environment==== + Horizon View Server Version : 7.7 + PowerCLI Version : PowerCLI 11.2.0 + PowerShell Version : 5.1 + #> + + [cmdletbinding( + DefaultParameterSetName='Type' + )] + + param( + [Parameter(Mandatory = $false)] + $HvServer = $null, + + [Parameter(Mandatory = $true,ValueFromPipeLine=$true)] + $BaseImageVM = $null + ) + + begin { + $services = Get-ViewAPIService -hvServer $hvServer + + if ($null -eq $services) { + Write-Error "Could not retrieve ViewApi services from connection object" + break + } + + } + + process { + + if ($null -ne $PSBoundParameters.BaseImageVM) { + $objType = $BaseImageVM.getType() | Select-Object -ExpandProperty Name + Switch ($objType) { + 'String' { + $BaseImageVMObj = Get-HVBaseImageVM -Name $BaseImageVM + } + 'BaseImageVMInfo' { + $BaseImageVMObj = $BaseImageVM + } + 'Object[]' { + Write-Error 'This function cannot accept an array of Base Image VMs. You must specify only a single Base Image VM.' + Break + } + } + $BaseImageSnapshotList = $services.BaseImageSnapshot.BaseImageSnapshot_List($BaseImageVMObj.Id) + } + + } + + end { + + return $BaseImageSnapshotList + + } +} + function Set-HVPoolSpec { param( [Parameter(Mandatory = $true)] @@ -7043,7 +7457,7 @@ function Find-HVMachine { } $whereClause = [string]::Join(' -and ', $strFilterSet) $scriptBlock = [Scriptblock]::Create($whereClause) - $machineList += $queryResults.results | where $scriptBlock + $machineList += $queryResults.results | Where-Object $scriptBlock $GetNext = $true } while ($queryResults.remainingCount -gt 0) $query_service_helper.QueryService_Delete($services, $queryResults.id) @@ -7116,10 +7530,7 @@ function Get-HVMachine { PowerShell Version : 5.0 #> - [CmdletBinding( - SupportsShouldProcess = $true, - ConfirmImpact = 'High' - )] + [CmdletBinding()] param( [Parameter(Mandatory = $false)] @@ -7161,7 +7572,6 @@ function Get-HVMachine { $machineList = Find-HVMachine -Param $PSBoundParameters if (!$machineList) { Write-Host "Get-HVMachine: No Virtual Machine(s) Found with given search parameters" - break } $queryResults = @() $desktop_helper = New-Object VMware.Hv.MachineService @@ -7240,10 +7650,7 @@ function Get-HVMachineSummary { PowerShell Version : 5.0 #> - [CmdletBinding( - SupportsShouldProcess = $true, - ConfirmImpact = 'High' - )] + [CmdletBinding()] param( [Parameter(Mandatory = $false)] @@ -7365,7 +7772,7 @@ function Get-HVPoolSpec { if (! $DesktopInfoPsObj.GlobalEntitlementData.GlobalEntitlement) { $DesktopPsObj.GlobalEntitlementData = $null } else { - $entityId.Id = $DesktopInfoPsObj.GlobalEntitlementData.GlobalEntitlement.Id + $entityId = $DesktopInfoPsObj.GlobalEntitlementData.GlobalEntitlement $DesktopPsObj.GlobalEntitlementData = Get-HVInternalName -EntityId $entityId } @@ -7518,7 +7925,7 @@ function Get-DataStoreName { ) $dataStoresObj = @() $entityId = New-Object VMware.Hv.EntityId - $datastores | % { + $datastores | ForEach-Object { $entityId.Id = $_.datastore.Id $dataStoresObj += , (New-Object PsObject -Property @{ datastore = Get-HVInternalName -EntityId $entityId; @@ -7561,10 +7968,7 @@ function Get-HVInternalName { PowerCLI Version : PowerCLI 6.5, PowerCLI 6.5.1 PowerShell Version : 5.0 #> - [CmdletBinding( - SupportsShouldProcess = $true, - ConfirmImpact = 'High' - )] + [CmdletBinding()] param( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] @@ -7607,15 +8011,15 @@ function Get-HVInternalName { return $Info.Base.Username } 'BaseImageVm' { - $info = $services.BaseImageVm.BaseImageVm_List($VcId) | where { $_.id.id -eq $EntityId.id } + $info = $services.BaseImageVm.BaseImageVm_List($VcId) | Where-Object { $_.id.id -eq $EntityId.id } return $info.name } 'BaseImageSnapshot' { - $info = $services.BaseImageSnapshot.BaseImageSnapshot_List($BaseImageVmId) | where { $_.id.id -eq $EntityId.id } + $info = $services.BaseImageSnapshot.BaseImageSnapshot_List($BaseImageVmId) | Where-Object { $_.id.id -eq $EntityId.id } return $info.name } 'VmTemplate' { - $info = $services.VmTemplate.VmTemplate_List($VcId) | where { $_.id.id -eq $EntityId.id } + $info = $services.VmTemplate.VmTemplate_List($VcId) | Where-Object { $_.id.id -eq $EntityId.id } return $info.name } 'ViewComposerDomainAdministrator' { @@ -7624,6 +8028,16 @@ function Get-HVInternalName { $info = $services.ViewComposerDomainAdministrator.ViewComposerDomainAdministrator_Get($AdministratorId) return $info.base.userName } + 'GlobalApplicationEntitlement' { + $info = $services.GlobalApplicationEntitlement.GlobalApplicationEntitlement_Get($EntityId) + return $info.base.displayName + } + 'GlobalEntitlement' { + $GlobalEntitlementID = New-Object VMware.Hv.GlobalEntitlementId + $GlobalEntitlementID.Id = $EntityID.Id + $info = $services.GlobalEntitlement.GlobalEntitlement_Get($GlobalEntitlementID) + return $info.base.displayname + } default { $base64String = $tokens[$tokens.Length-1] $mod = $base64String.Length % 4 @@ -7644,10 +8058,7 @@ function Get-HVInternalName { function Get-UserInfo { - [CmdletBinding( - SupportsShouldProcess = $true, - ConfirmImpact = 'High' - )] + [CmdletBinding()] param( [Parameter(Mandatory = $true)] [ValidatePattern("^.+?[@\\].+?$")] @@ -7969,10 +8380,7 @@ function Get-HVEntitlement { #> - [CmdletBinding( - SupportsShouldProcess = $true, - ConfirmImpact = 'High' - )] + [CmdletBinding()] param( [Parameter(Mandatory = $false)] [ValidatePattern("^.+?[@\\].+?$")] @@ -8013,10 +8421,10 @@ function Get-HVEntitlement { $userInfo = Get-UserInfo -UserName $User $UserOrGroupName = $userInfo.Name $Domain = $userInfo.Domain - $nameFilter = Get-HVQueryFilter 'base.name' -Eq $UserOrGroupName + $nameFilter = Get-HVQueryFilter 'base.loginName' -Eq $UserOrGroupName $AndFilter += $nameFilter - $doaminFilter = Get-HVQueryFilter 'base.domain' -Eq $Domain - $AndFilter += $doaminFilter + $domainFilter = Get-HVQueryFilter 'base.domain' -Eq $Domain + $AndFilter += $domainFilter } if ($type -eq 'group'){ $IsGroup = ($Type -eq 'Group') @@ -8037,7 +8445,7 @@ function Get-HVEntitlement { } $AndFilter = Get-HVQueryFilter -And -Filters $AndFilter $results = (Get-HVQueryResult -EntityType EntitledUserOrGroupLocalSummaryView -Filter $AndFilter -HvServer $HvServer) - $results = $results | where {$_.localData.desktops -ne $null} + $results = $results | Where-Object {$null -ne $_.localData.desktops} } "Application" { if ($ResourceName) { @@ -8051,7 +8459,7 @@ function Get-HVEntitlement { } $AndFilter = Get-HVQueryFilter -And -Filters $AndFilter $results = (Get-HVQueryResult -EntityType EntitledUserOrGroupLocalSummaryView -Filter $AndFilter -HvServer $HvServer) - $results = $results | where {$_.localData.applications -ne $null} + $results = $results | Where-Object {$null -ne $_.localData.applications} } "URLRedirection" { $localFilter = @() @@ -8072,11 +8480,11 @@ function Get-HVEntitlement { } $localFilter = Get-HVQueryFilter -And -Filters $localFilter $localResults = Get-HVQueryResult -EntityType EntitledUserOrGroupLocalSummaryView -Filter $localFilter -HvServer $HvServer - $results += ($localResults | where {$_.localData.urlRedirectionSettings -ne $null}) + $results += ($localResults | Where-Object {$null -ne $_.localData.urlRedirectionSettings}) if ($cpaEnabled) { $globalFilter = Get-HVQueryFilter -And -Filters $globalFilter $globalResults = Get-HVQueryResult -EntityType EntitledUserOrGroupGlobalSummaryView -Filter $globalFilter -HvServer $HvServer - $globalResults = $globalResults | where {$_.globalData.urlRedirectionSettings -ne $null} + $globalResults = $globalResults | Where-Object {$null -ne $_.globalData.urlRedirectionSettings} $results += $globalResults } } @@ -8096,7 +8504,7 @@ function Get-HVEntitlement { } $AndFilter = Get-HVQueryFilter -And -Filters $AndFilter $results = (Get-HVQueryResult -EntityType EntitledUserOrGroupGlobalSummaryView -Filter $AndFilter -HvServer $HvServer) - $results = $results| where {$_.globalData.globalApplicationEntitlements -ne $null} + $results = $results| Where-Object {$null -ne $_.globalData.globalApplicationEntitlements} } "GlobalEntitlement" { if (! $cpaEnabled) { @@ -8114,13 +8522,12 @@ function Get-HVEntitlement { } $AndFilter = Get-HVQueryFilter -And -Filters $AndFilter $results = (Get-HVQueryResult -EntityType EntitledUserOrGroupGlobalSummaryView -Filter $AndFilter -HvServer $HvServer) - $results = $results | where {$_.globalData.globalEntitlements -ne $null} + $results = $results | Where-Object {$null -ne $_.globalData.globalEntitlements} } } if (! $results) { Write-Host "Get-HVEntitlement: No entitlements found with given search parameters" - break - } + } return $results } end { @@ -8813,7 +9220,7 @@ function Find-HVGlobalEntitlement { } $whereClause = [string]::Join(' -and ', $strFilterSet) $scriptBlock = [Scriptblock]::Create($whereClause) - $GeList = $queryResults.results | where $scriptBlock + $GeList = $queryResults.results | Where-Object $scriptBlock } Return $GeList } @@ -8857,10 +9264,7 @@ function Get-HVGlobalEntitlement { PowerShell Version : 5.0 #> -[CmdletBinding( - SupportsShouldProcess = $true, - ConfirmImpact = 'High' - )] +[CmdletBinding()] param( [Parameter(Mandatory = $false)] [ValidateNotNullOrEmpty()] @@ -9213,10 +9617,7 @@ The get-hvglobalsession gets all local session by using view API service object( PowerShell Version : 5.0 #> -[CmdletBinding( - SupportsShouldProcess = $true, - ConfirmImpact = 'High' -)] +[CmdletBinding()] param( [Parameter(Mandatory = $false)] @@ -9309,6 +9710,16 @@ function Set-HVApplicationIcon { } process { + if (!(Test-Path $IconPath)) { + Write-Error "File:[$IconPath] does not exist." + break + } + + if ([IO.Path]::GetExtension($IconPath) -ne '.png') { + Write-Error "Unsupported file format:[$IconPath]. Only PNG image files are supported." + break + } + try { $appInfo = Get-HVQueryResult -EntityType ApplicationInfo -Filter (Get-HVQueryFilter data.name -Eq $ApplicationName) -HvServer $HvServer } catch { @@ -9322,11 +9733,6 @@ function Set-HVApplicationIcon { break } - if (!(Test-Path $IconPath)) { - Write-Error "File:[$IconPath] does not exists" - break - } - $spec = New-Object VMware.Hv.ApplicationIconSpec $base = New-Object VMware.Hv.ApplicationIconBase @@ -9350,23 +9756,25 @@ function Set-HVApplicationIcon { break } - $ApplicationIconHelper = New-Object VMware.Hv.ApplicationIconService - try { - $ApplicationIconId = $ApplicationIconHelper.ApplicationIcon_CreateAndAssociate($services, $spec) - } catch { - if ($_.Exception.InnerException.MethodFault.GetType().name.Equals('EntityAlreadyExists')) { - # This icon is already part of LDAP and associated with some other application(s). - # In this case, call updateAssociations - $applicationIconId = $_.Exception.InnerException.MethodFault.Id - Write-Host "Some application(s) already have an association for the specified icon." - $ApplicationIconHelper.ApplicationIcon_UpdateAssociations($services, $applicationIconId, @($appInfo.Id)) - Write-Host "Successfully updated customized icon association for Application:[$ApplicationName]." - break - } - Write-Host "Error in associating customized icon for Application:[$ApplicationName] $_" - break + If ($Force -or $PSCmdlet.ShouldProcess($ApplicationName)) { + $ApplicationIconHelper = New-Object VMware.Hv.ApplicationIconService + try { + $ApplicationIconId = $ApplicationIconHelper.ApplicationIcon_CreateAndAssociate($services, $spec) + } catch { + if ($_.Exception.InnerException.MethodFault.GetType().name.Equals('EntityAlreadyExists')) { + # This icon is already part of LDAP and associated with some other application(s). + # In this case, call updateAssociations + $applicationIconId = $_.Exception.InnerException.MethodFault.Id + Write-Host "Some application(s) already have an association for the specified icon." + $ApplicationIconHelper.ApplicationIcon_UpdateAssociations($services, $applicationIconId, @($appInfo.Id)) + Write-Host "Successfully updated customized icon association for Application:[$ApplicationName]." + break + } + Write-Host "Error in associating customized icon for Application:[$ApplicationName] $_" + break + } + Write-Host "Successfully associated customized icon for Application:[$ApplicationName]." } - Write-Host "Successfully associated customized icon for Application:[$ApplicationName]." } end { @@ -9455,13 +9863,17 @@ Function Remove-HVApplicationIcon { break } - try { - $ApplicationIconHelper.ApplicationIcon_RemoveAssociations($services, $brokerIcon, @($appInfo.Id)) - } catch { - Write-Error "Error in removing the customized icon association for Application:[$ApplicationName] $_ " - break + if ($Force -or $PSCmdlet.ShouldProcess($ApplicationName)) { + + try { + $ApplicationIconHelper.ApplicationIcon_RemoveAssociations($services, $brokerIcon, @($appInfo.Id)) + } catch { + Write-Error "Error in removing the customized icon association for Application:[$ApplicationName] $_ " + break + } + Write-Host "Successfully removed customized icon association for Application:[$ApplicationName]." + } - Write-Host "Successfully removed customized icon association for Application:[$ApplicationName]." } end { @@ -9498,10 +9910,7 @@ function Get-HVGlobalSettings { PowerShell Version : 5.0 #> - [CmdletBinding( - SupportsShouldProcess = $true, - ConfirmImpact = 'High' - )] + [CmdletBinding()] param( [Parameter(Mandatory = $false)] @@ -9846,10 +10255,16 @@ function Set-HVGlobalSettings { if ($enableIPSecForSecurityServerPairing) { $updates += Get-MapEntry -key 'securityData.enableIPSecForSecurityServerPairing' -Value $enableIPSecForSecurityServerPairing } - - $global_settings_helper = New-Object VMware.Hv.GlobalSettingsService - $global_settings_helper.GlobalSettings_Update($services,$updates) + if ($Force -or $PSCmdlet.ShouldProcess($HVServer.Name)) { + + $global_settings_helper = New-Object VMware.Hv.GlobalSettingsService + + $global_settings_helper.GlobalSettings_Update($services,$updates) + + Write-Host "Global settings updated." + + } } @@ -9858,19 +10273,19 @@ function Set-HVGlobalSettings { } } -function get-HVlocalsession { +function Get-HVLocalSession { <# .SYNOPSIS Provides a list with all sessions on the local pod (works in CPA and non-CPA) .DESCRIPTION -The get-hvlocalsession gets all local session by using view API service object(hvServer) of Connect-HVServer cmdlet. +The Get-HVLocalSession gets all local session by using view API service object(hvServer) of Connect-HVServer cmdlet. .PARAMETER HvServer View API service object of Connect-HVServer cmdlet. .EXAMPLE - Get-hvlocalsession + Get-HVLocalSession Get all local sessions .NOTES @@ -9884,10 +10299,7 @@ The get-hvlocalsession gets all local session by using view API service object(h PowerShell Version : 5.0 #> - [CmdletBinding( - SupportsShouldProcess = $true, - ConfirmImpact = 'High' - )] + [CmdletBinding()] param( [Parameter(Mandatory = $false)] @@ -9899,7 +10311,7 @@ The get-hvlocalsession gets all local session by using view API service object(h Write-Error "Could not retrieve ViewApi services from connection object." break } - + $query_service_helper = New-Object VMware.Hv.QueryServiceService $query = New-Object VMware.Hv.QueryDefinition @@ -9958,205 +10370,233 @@ function Reset-HVMachine { PowerShell Version : 5.0 #> - [CmdletBinding( - SupportsShouldProcess = $true, - ConfirmImpact = 'High' - )] - - param( - - [Parameter(Mandatory = $true)] - [string] - $MachineName, - - [Parameter(Mandatory = $false)] - $HvServer = $null - ) + [CmdletBinding( + SupportsShouldProcess = $true, + ConfirmImpact = 'High' + )] - - $services = Get-ViewAPIService -hvServer $hvServer - if ($null -eq $services) { - Write-Error "Could not retrieve ViewApi services from connection object" - break - } - - $machineList = Find-HVMachine -Param $PSBoundParameters - if (!$machineList) { - Write-Host "Reset-HVMachine: No Virtual Machine(s) Found with given search parameters" - break + param( + + [Parameter(Mandatory = $true)] + [string] + $MachineName, + + [Parameter(Mandatory = $false)] + $HvServer = $null + ) + + Begin { + + $services = Get-ViewAPIService -hvServer $hvServer + + if ($null -eq $services) { + Write-Error "Could not retrieve ViewApi services from connection object" + break + } + + $machineList = Find-HVMachine -Param $PSBoundParameters + + if (!$machineList) { + Write-Host "Reset-HVMachine: No Virtual Machine(s) Found with given search parameters" + break + } } - foreach ($machine in $machinelist){ - $services.machine.Machine_ResetMachines($machine.id) + Process { + if ($Force -or $PSCmdlet.ShouldProcess($MachineName)) { + foreach ($machine in $machinelist){ + $services.machine.Machine_ResetMachines($machine.id) + } + } + } + End { + [System.gc]::collect() } } -function Remove-HVMachine(){ +function Remove-HVMachine { <# .Synopsis - Remove a Horizon View desktop or desktops. - + Remove a Horizon View desktop or desktops. + .DESCRIPTION - Deletes a VM or an array of VM's from Horizon. Utilizes an Or query filter to match machine names. + Deletes a VM or an array of VM's from Horizon. Utilizes an Or query filter to match machine names. .PARAMETER HVServer - The Horizon server where the machine to be deleted resides.Parameter is not mandatory, - but if you do not specify the server, than make sure you are connected to a Horizon server + The Horizon server where the machine to be deleted resides. Parameter is not mandatory, + but if you do not specify the server, than make sure you are connected to a Horizon server first with connect-hvserver. .PARAMETER MachineNames - The name or names of the machine(s) to be deleted. Accepts a single VM or an array of VM names.This is a mandatory parameter. + The name or names of the machine(s) to be deleted. Accepts a single VM or an array of VM names.This is a mandatory parameter. + + .PARAMETER DeleteFromDisk + Determines whether the Machine VM should be deleted from vCenter Server. This is only applicable for managed machines. + This must always be true for machines in linked and instant clone desktops. + This defaults to true for linked and instant clone machines and false for all other types. .EXAMPLE - remove-HVMachine -HVServer 'horizonserver123' -MachineNames 'LAX-WIN10-002' - Deletes VM 'LAX-WIN10-002' from HV Server 'horizonserver123' + Remove-HVMachine -HVServer 'horizonserver123' -MachineNames 'LAX-WIN10-002' + Deletes VM 'LAX-WIN10-002' from HV Server 'horizonserver123' .EXAMPLE - remove-HVMachine -HVServer 'horizonserver123' -MachineNames $machines - Deletes VM's contained within an array of machine names from HV Server 'horizonserver123' - + Remove-HVMachine -HVServer 'horizonserver123' -MachineNames $machines + Deletes VM's contained within an array of machine names from HV Server 'horizonserver123' + + .EXAMPLE + Remove-HVMachine -HVServer 'horizonserver123' -MachineNames 'ManualVM01' -DeleteFromDisk:$false + Deletes VM 'ManualVM01' from Horizon inventory, but not from vSphere. Note this only works for Full Clone VMs. + .NOTES Author : Jose Rodriguez Author email : jrodsguitar@gmail.com Version : 1.0 - + ===Tested Against Environment==== Horizon View Server Version : 7.1.1 PowerCLI Version : PowerCLI 6.5, PowerCLI 6.5.1 PowerShell Version : 5.0 #> - - [CmdletBinding( - SupportsShouldProcess = $true, + + [CmdletBinding( + SupportsShouldProcess = $true, ConfirmImpact = 'High' - )] - - param( - + )] + + param( + [Parameter(Mandatory = $true)] [array] - $MachineNames, - + $MachineNames, + + [Parameter(Mandatory = $false)] + [switch]$DeleteFromDisk, + [Parameter(Mandatory = $false)] $HVServer = $null - ) + ) -#Connect to HV Server -$services = Get-ViewAPIService -HVServer $HVServer - - if ($null -eq $services) { - Write-Error "Could not retrieve ViewApi services from connection object" - break - } - -#Connect to Query Service -$queryService = New-Object 'Vmware.Hv.QueryServiceService' -#QUery Definition -$queryDefinition = New-Object 'Vmware.Hv.QueryDefinition' -#Query Filter -$queryDefinition.queryEntityType = 'MachineNamesView' - -#Create Filter Set so we can populate it with QueryFilterEquals data -[VMware.Hv.queryfilter[]]$filterSet = @() -foreach($machine in $machineNames){ - - #queryfilter values - $queryFilterEquals = New-Object VMware.Hv.QueryFilterEquals - $queryFilterEquals.memberName = "base.name" - $queryFilterEquals.value = "$machine" - - $filterSet += $queryFilterEquals - -} - -#Or Filter -$orFilter = New-Object VMware.Hv.QueryFilterOr -$orFilter.filters = $filterSet - -#Set Definition filter to value of $orfilter -$queryDefinition.filter = $orFilter - -#Retrieve query results. Returns all machines to be deleted -$queryResults = $queryService.QueryService_Query($services,$queryDefinition) - -#Assign VM Object to variable -$deleteThisMachine = $queryResults.Results - -#Machine Service -$machineService = new-object VMware.Hv.MachineService - -#Get Machine Service machine object -$deleteMachine = $machineService.Machine_GetInfos($services,$deleteThisMachine.Id) - -#If sessions exist on the machines we are going to delete than force kill those sessions. -#The deleteMachines method will not work if there are any existing sessions so this step is very important. -write-host "Attemtping log off of machines" - -if($deleteMachine.base.session.id){ -$trys = 0 - - do{ - foreach($session in $deleteMachine.base.session){ - - $sessions = $null - [VMware.Hv.SessionId[]]$sessions += $session - - } - - try{ - - write-host "`n" - write-host "Attemtping log off of machines" - write-host "`n" - $logOffSession = new-object 'VMware.Hv.SessionService' - $logOffSession.Session_LogoffSessionsForced($services,$sessions) - - #Wait more for Sessions to end - - Start-Sleep -Seconds 5 - - } - - catch{ - - Write-Host "Attempted to Log Off Sessions from below machines but recieved an error. This doesn't usually mean it failed. Typically the session is succesfully logged off but takes some time" - write-host "`n" - write-host ($deleteMachine.base.Name -join "`n") - - start-sleep -seconds 5 - - } - - if(($trys -le 10)){ - - write-host "`n" - write-host "Retrying Logoffs: $trys times" - #Recheck existing sessions - $deleteMachine = $machineService.Machine_GetInfos($services,$deleteThisMachine.Id) - - } - - $trys++ + Begin { + #Connect to HV Server + $services = Get-ViewAPIService -HVServer $HVServer + if ($null -eq $services) { + Write-Error "Could not retrieve ViewApi services from connection object" + break } - until((!$deleteMachine.base.session.id) -or ($trys -gt 10)) - + #Connect to Query Service + $queryService = New-Object 'Vmware.Hv.QueryServiceService' + #QUery Definition + $queryDefinition = New-Object 'Vmware.Hv.QueryDefinition' + #Query Filter + $queryDefinition.queryEntityType = 'MachineNamesView' + } + Process { + #Create Filter Set so we can populate it with QueryFilterEquals data + [VMware.Hv.queryfilter[]]$filterSet = @() + foreach($machine in $machineNames){ + + #queryfilter values + $queryFilterEquals = New-Object VMware.Hv.QueryFilterEquals + $queryFilterEquals.memberName = "base.name" + $queryFilterEquals.value = "$machine" + + $filterSet += $queryFilterEquals + } + + #Or Filter + $orFilter = New-Object VMware.Hv.QueryFilterOr + $orFilter.filters = $filterSet + + #Set Definition filter to value of $orfilter + $queryDefinition.filter = $orFilter + + #Retrieve query results. Returns all machines to be deleted + $queryResults = $queryService.QueryService_Query($services,$queryDefinition) + + #Assign VM Object to variable + $deleteThisMachine = $queryResults.Results + + if ($Force -or $PSCmdlet.ShouldProcess($deleteThisMachine)) { + + #Machine Service + $machineService = new-object VMware.Hv.MachineService + + #Get Machine Service machine object + $deleteMachine = $machineService.Machine_GetInfos($services,$deleteThisMachine.Id) + + #If sessions exist on the machines we are going to delete than force kill those sessions. + #The deleteMachines method will not work if there are any existing sessions so this step is very important. + write-host "Attempting log off of machines" + + if($deleteMachine.base.session.id){ + $trys = 0 + + do{ + + foreach($session in $deleteMachine.base.session){ + + $sessions = $null + [VMware.Hv.SessionId[]]$sessions += $session + + } + + try{ + + write-host "`n" + write-host "Attempting log off of machines" + write-host "`n" + $logOffSession = new-object 'VMware.Hv.SessionService' + $logOffSession.Session_LogoffSessionsForced($services,$sessions) + + #Wait more for Sessions to end + Start-Sleep -Seconds 5 + + } + + catch{ + + Write-Host "Attempted to Log Off Sessions from below machines but recieved an error. This doesn't usually mean it failed. Typically the session is succesfully logged off but takes some time" + write-host "`n" + write-host ($deleteMachine.base.Name -join "`n") + + start-sleep -seconds 5 + + } + + if(($trys -le 10)){ + + write-host "`n" + write-host "Retrying Logoffs: $trys times" + #Recheck existing sessions + $deleteMachine = $machineService.Machine_GetInfos($services,$deleteThisMachine.Id) + + } + + $trys++ + + } + + until((!$deleteMachine.base.session.id) -or ($trys -gt 10)) + + } + + #Create delete spec for the DeleteMachines method + $deleteSpec = [VMware.Hv.MachineDeleteSpec]::new() + $deleteSpec.DeleteFromDisk = $DeleteFromDisk + $deleteSpec.ArchivePersistentDisk = $false + + #Delete the machines + if($DeleteFromDisk){write-host "Attempting to Delete:"}else{write-host "Attempting to remove from inventory:"} + Write-Output ($deleteMachine.base.Name -join "`n") + $machineService.Machine_DeleteMachines($services,$deleteMachine.id,$deleteSpec) + } + } + End { + [System.gc]::collect() + } } -#Create delete spec for the DeleteMachines method -$deleteSpec = [VMware.Hv.MachineDeleteSpec]::new() -$deleteSpec.DeleteFromDisk = $true -$deleteSpec.ArchivePersistentDisk = $false - -#Delete the machines -write-host "Attempting to Delete:" -Write-Output ($deleteMachine.base.Name -join "`n") -$bye = $machineService.Machine_DeleteMachines($services,$deleteMachine.id,$deleteSpec) - -[System.gc]::collect() - -} - -function get-hvhealth { +function Get-HVHealth { <# .Synopsis Pulls health information from Horizon View @@ -10166,7 +10606,7 @@ function get-hvhealth { .PARAMETER Servicename The name of the service to query the health for. - This will default to Connection server health. + This will default to Connection server health. Available services are ADDomain,CertificateSSOConnector,ConnectionServer,EventDatabase,SAMLAuthenticator,SecurityServer,ViewComposer,VirtualCenter,Pod .PARAMETER HvServer @@ -10174,12 +10614,12 @@ function get-hvhealth { first element from global:DefaultHVServers would be considered in-place of hvServer .EXAMPLE - get-hvhealth -service connectionserver + Get-HVHealth -service connectionserver Returns health for the connectionserver(s) .EXAMPLE - get-hvhealth -service ViewComposer + Get-HVHealth -service ViewComposer Returns health for the View composer server(s) .NOTES @@ -10193,15 +10633,12 @@ function get-hvhealth { PowerShell Version : 5.0 #> - [CmdletBinding( - SupportsShouldProcess = $true, - ConfirmImpact = 'High' - )] + [CmdletBinding()] param( [Parameter(Mandatory = $false)] - [ValidateSet('ADDomain', 'CertificateSSOConnector', 'ConnectionServer', 'EventDatabase', 'SAMLAuthenticator', 'SecurityServer', 'ViewComposer', 'VirtualCenter', 'pod')] + [ValidateSet('ADDomain', 'CertificateSSOConnector', 'ConnectionServer', 'EventDatabase', 'SAMLAuthenticator', 'SecurityServer', 'ViewComposer', 'VirtualCenter', 'Pod')] [string] $Servicename = 'ConnectionServer', @@ -10355,7 +10792,7 @@ function remove-hvpodfederation { [System.gc]::collect() } -function get-hvpodfederation { +function Get-HVPodFederation { <# .Synopsis Returns information about a Horizon View Pod Federation (Cloud Pod Architecture) @@ -10368,7 +10805,7 @@ function get-hvpodfederation { first element from global:DefaultHVServers would be considered in-place of hvServer .EXAMPLE - get-hvpodfederation + Get-HVPodFederation Returns information about a Horizon View Pod Federation .NOTES @@ -10384,7 +10821,7 @@ function get-hvpodfederation { [CmdletBinding( SupportsShouldProcess = $false, - ConfirmImpact = 'High' + ConfirmImpact = 'None' )] param( @@ -10636,7 +11073,7 @@ function set-hvpodfederation { $podservicehelper=$podservice.read($services) $podservicehelper.getDatahelper().setdisplayname($name) $podservice.update($services, $podservicehelper) - get-hvpodfederation + Get-HVPodFederation [System.gc]::collect() } @@ -10886,4 +11323,1468 @@ function remove-hvsite { [System.gc]::collect() } -Export-ModuleMember Add-HVDesktop,Add-HVRDSServer,Connect-HVEvent,Disconnect-HVEvent,Get-HVPoolSpec,Get-HVInternalName, Get-HVEvent,Get-HVFarm,Get-HVFarmSummary,Get-HVPool,Get-HVPoolSummary,Get-HVMachine,Get-HVMachineSummary,Get-HVQueryResult,Get-HVQueryFilter,New-HVFarm,New-HVPool,Remove-HVFarm,Remove-HVPool,Set-HVFarm,Set-HVPool,Start-HVFarm,Start-HVPool,New-HVEntitlement,Get-HVEntitlement,Remove-HVEntitlement, Set-HVMachine, New-HVGlobalEntitlement, Remove-HVGlobalEntitlement, Get-HVGlobalEntitlement, Set-HVApplicationIcon, Remove-HVApplicationIcon, Get-HVGlobalSettings, Set-HVGlobalSettings, Set-HVGlobalEntitlement, Get-HVResourceStructure, Get-hvlocalsession, Get-HVGlobalSession, Reset-HVMachine, Remove-HVMachine, Get-HVHealth, new-hvpodfederation, remove-hvpodfederation, get-hvpodfederation, register-hvpod, unregister-hvpod, set-hvpodfederation,get-hvsite,new-hvsite,set-hvsite,remove-hvsite +function Get-HVHomeSite { + <# + .Synopsis + Gets the configured Horizon View Homesites + + .DESCRIPTION + Gets the configured Horizon View Homesites + + .PARAMETER Group + User principal name of a group + + .PARAMETER HvServer + Reference to Horizon View Server to query the virtual machines from. If the value is not passed or null then + first element from global:DefaultHVServers would be considered in-place of hvServer + + .EXAMPLE + Get-HVHomeSite + + .EXAMPLE + Get-HVHomeSite -group group@domain + + .NOTES + Author : Wouter Kursten + Author email : wouter@retouw.nl + Version : 1.0 + + ===Tested Against Environment==== + Horizon View Server Version : 7.4 + PowerCLI Version : PowerCLI 10 + PowerShell Version : 5.0 + #> + + [CmdletBinding( + SupportsShouldProcess = $false, + ConfirmImpact = 'High' + )] + + param( + [Parameter(Mandatory = $false)] + [ValidatePattern("^.+?[@\\].+?$")] + [String] + $Group, + + [Parameter(Mandatory = $false)] + $HvServer = $null + ) + + begin{ + $services = Get-ViewAPIService -hvServer $hvServer + if ($null -eq $services) { + Write-Error "Could not retrieve ViewApi services from connection object" + break + } + } + + process{ + $hsresults = Get-HVQueryResult -EntityType UserHomeSiteInfo -HvServer $HvServer + $resultsoverview=@() + + foreach ($hsresult in $hsresults){ + if ($hsresult.Globalentitlement){ + $Globalentitlement = ($services.GlobalEntitlement.GlobalEntitlement_Get($hsresult.base.GlobalEntitlement)).base.displayname + } + else{ + $Globalentitlement="" + } + + if (($hsresult.globalapplicationEntitlement)){ + $GlobalApplicationEntitlement = ($services.GlobalApplicationEntitlement.GlobalApplicationEntitlement_Get($hsresult.base.GlobalApplicationEntitlement)).base.displayname + } + else{ + $GlobalApplicationEntitlement="" + } + + $resultsoverview+=New-Object PSObject -Property @{"id" = ($hsresult).id; + "Group" = ($services.ADUserOrGroup.ADUserOrGroup_Get(($hsresult.base).userorgroup)).base.displayname; + "Site" = ($services.site.site_Get($hsresult.base.site)).base.displayname; + "Globalentitlement" =$Globalentitlement; + "Globalapplicationentitlement" =$GlobalApplicationEntitlement; + } + } + if ($group){ + $results=$resultsoverview | where-object {$_.Group -eq $group} | select-object id,Group,Site,Globalentitlement,GlobalApplicationEntitlement + } + else{ + $results=$resultsoverview | select-object id,Group,Site,Globalentitlement,GlobalApplicationEntitlement + } + return $results + [System.gc]::collect() + } + +} + +function New-HVHomeSite { + <# + .Synopsis + Defines a homesite within a Horizon View Cloud Pod architecture + + .DESCRIPTION + Creates a new homesite within a Cloud Pod Archtitecture. By default it will be applied to everything + but the choice can be made to only apply for a single global entitlement or singel global application entitlement + + .PARAMETER Group + User principal name of a group + + .PARAMETER Site + Name of the Horizon View Site + + .PARAMETER globalEntitlement + Name of the global entitlement + + .PARAMETER globalApplicationEntitlement + Name of the global application entitlement + + .PARAMETER HvServer + Reference to Horizon View Server to query the virtual machines from. If the value is not passed or null then + first element from global:DefaultHVServers would be considered in-place of hvServer + + .EXAMPLE + New-HVHomeSite -group group@domain -site SITE + + .EXAMPLE + New-HVHomeSite -group group@domain -site SITE -globalapplicationentitlement ge-ap01 + + .EXAMPLE + New-HVHomeSite -group group@domain -site SITE -globalentitlement GE_Production + + .NOTES + Author : Wouter Kursten + Author email : wouter@retouw.nl + Version : 1.0 + + ===Tested Against Environment==== + Horizon View Server Version : 7.4 + PowerCLI Version : PowerCLI 10.1.1 + PowerShell Version : 5.0 + #> + + + [CmdletBinding(DefaultParameterSetName="Default")] + param( + [Parameter(Mandatory = $true,ParameterSetName="Default")] + [Parameter(ParameterSetName = "globalEntitlement")] + [Parameter(ParameterSetName = "globalApplicationEntitlement")] + [ValidatePattern("^.+?[@\\].+?$")] + [String] + $Group, + + [Parameter(Mandatory = $true,ParameterSetName="Default")] + [Parameter(ParameterSetName = "globalEntitlement")] + [Parameter(ParameterSetName = "globalApplicationEntitlement")] + [String] + $Site, + + [Parameter(Mandatory = $false,ParameterSetName="globalEntitlement")] + [String] + $globalEntitlement , + + [Parameter(Mandatory = $false,ParameterSetName="globalApplicationEntitlement")] + [String] + $globalApplicationEntitlement , + + [Parameter(Mandatory = $false,ParameterSetName="Default")] + [Parameter(ParameterSetName = "globalEntitlement")] + [Parameter(ParameterSetName = "globalApplicationEntitlement")] + $HvServer = $null + ) + + begin{ + $services = Get-ViewAPIService -hvServer $hvServer + if ($null -eq $services) { + Write-Error "Could not retrieve ViewApi services from connection object" + break + } + } + + process { + $groupinfo = Get-UserInfo -UserName $Group + $UserOrGroupName = $groupinfo.Name + $Domain = $groupinfo.Domain + $filter1 = Get-HVQueryFilter 'base.name' -Eq $UserOrGroupName + $filter2 = Get-HVQueryFilter 'base.domain' -Eq $Domain + $filter3 = Get-HVQueryFilter 'base.group' -Eq $true + $andFilter = Get-HVQueryFilter -And -Filters @($filter1, $filter2, $filter3) + $adresults = Get-HVQueryResult -EntityType ADUserOrGroupSummaryView -Filter $andFilter -HvServer $HvServer + + if ($adresults.length -ne 1) { + Write-host "Unable to find specific group with given search parameters" + break + } + $userhomesitebase=new-object VMware.Hv.UserHomeSiteBase + $userhomesitebase.UserOrGroup=$adresults.id + $userhomesitebase.site=($services.site.site_list() | where-object {$_.base.displayname -eq $site}).id + if ($globalEntitlement){ + $geresults = Get-HVQueryResult -EntityType GlobalEntitlementSummaryView -HvServer $HvServer + $geid=$geresults | where-object {$_.base.displayname -eq $globalEntitlement} + $userhomesitebase.globalEntitlement=$geid.id + } + elseif($globalApplicationEntitlement){ + $gaefilter1 = Get-HVQueryFilter 'data.name' -Eq $globalApplicationEntitlement + $gaeresults = Get-HVQueryResult -EntityType ApplicationInfo -Filter $gaefilter1 -HvServer $HvServer + $userhomesitebase.GlobalApplicationEntitlement=$gaeresults.id + } + $services.UserHomeSite.UserHomeSite_Create($userhomesitebase) + } +} + +function Set-HVEventDatabase { + <# + .Synopsis + Registers or changes a Horizon View Event database. + + .DESCRIPTION + Registers or changes a Horizon View Event database + + .PARAMETER ServerName + Name of the database server (Required) + + .PARAMETER Databasetype + Database type, possible options: MYSQL,SQLSERVER,ORACLE. Defaults to SQLSERVER + + .PARAMETER DatabasePort + Port number on the database server to which View will send events. Defaults to 1433. + + .PARAMETER Databasename + Name of the Database (required) + + .PARAMETER TablePrefix + Prefix to use for the Event Databse. Allowed characters are letters, numbers, and the characters @, $, #, _, and may not be longer than 6 characters. + + .PARAMETER UserName + UserName to connect to the database (required) + + .PARAMETER Password + Password of the user connecting to the database in Securestring format. + Can be created with: $password = Read-Host 'Domain Password' -AsSecureString + + .PARAMETER eventtime + Time to show the events for. Possible options are ONE_WEEK, TWO_WEEKS, THREE_WEEKS, ONE_MONTH,TWO_MONTHS, THREE_MONTHS, SIX_MONTHS + + .PARAMETER EventNewTime + Time in days to classify events for new. Range 1-3 + + .PARAMETER HvServer + Reference to Horizon View Server to query the virtual machines from. If the value is not passed or null then + first element from global:DefaultHVServers would be considered in-place of hvServer + + .EXAMPLE + register-hveventdatabase -server SERVER@domain -database DATABASENAME -username USER@domain -password $password + + .NOTES + Author : Wouter Kursten + Author email : wouter@retouw.nl + Version : 1.0 + + ===Tested Against Environment==== + Horizon View Server Version : 7.4 + PowerCLI Version : PowerCLI 10 + PowerShell Version : 5.0 + #> + + [CmdletBinding( + SupportsShouldProcess = $false, + ConfirmImpact = 'High' + )] + + param( + [Parameter(Mandatory = $true)] + [string] + $ServerName, + + [Parameter(Mandatory = $false)] + [string] + $DatabaseType = "SQLSERVER", + + [Parameter(Mandatory = $false)] + [int] + $DatabasePort = 1433, + + [Parameter(Mandatory = $true)] + [string] + $DatabaseName, + + [Parameter(Mandatory = $false)] + [string][ValidateLength(1,6)] + $TablePrefix, + + [Parameter(Mandatory = $true)] + + [String] + $UserName, + + [Parameter(Mandatory = $true)] + [securestring] + $password, + + [Parameter(Mandatory = $false)] + [ValidateSet('ONE_WEEK','TWO_WEEKS','THREE_WEEKS','ONE_MONTH','TWO_MONTHS','THREE_MONTHS','SIX_MONTHS')] + [string] + $eventtime="TWO_WEEKS", + + [Parameter(Mandatory = $false)] + [ValidateRange(1,3)] + [int] + $eventnewtime = 2, + + [Parameter(Mandatory = $false)] + $HvServer = $null + ) + + $services = Get-ViewAPIService -hvServer $hvServer + if ($null -eq $services) { + Write-Error "Could not retrieve ViewApi services from connection object" + break + } + $temppw = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($password) + $PlainevdbPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($temppw) + $dbupassword = New-Object VMware.Hv.SecureString + $enc = [system.Text.Encoding]::UTF8 + $dbupassword.Utf8String = $enc.GetBytes($PlainevdbPassword) + + $eventservice=new-object vmware.hv.eventdatabaseservice + $eventservicehelper=$eventservice.getEventDatabaseInfoHelper() + $eventsettings=new-object VMware.Hv.EventDatabaseEventSettings + $eventdatabase=new-object VMware.Hv.EventDatabaseSettings + $eventsettings.ShowEventsForTime=$eventtime + $eventsettings.ClassifyEventsAsNewForDays=$eventnewtime + $eventdatabase.Server=$ServerName + $eventdatabase.type=$DatabaseType + $eventdatabase.port=$DatabasePort + $eventdatabase.name=$DatabaseName + $eventdatabase.username=$UserName + if($TablePrefix){ + $eventdatabase.tablePrefix=$tableprefix + } + + $eventdatabase.password=$dbupassword + $eventservicehelper.setDatabase($eventdatabase) + $eventservicehelper.setsettings($eventsettings) + $eventservice.update($services, $eventservicehelper) + + [System.gc]::collect() +} + +function Get-HVEventDatabase { + <# + .Synopsis + Retreives information about the configured Event Database + + .DESCRIPTION + Collects information about the configured event database for aHorizon View pod + + .PARAMETER HvServer + Reference to Horizon View Server to query the virtual machines from. If the value is not passed or null then + first element from global:DefaultHVServers would be considered in-place of hvServer + + .EXAMPLE + Get-HVEventDatabase + + .NOTES + Author : Wouter Kursten + Author email : wouter@retouw.nl + Version : 1.0 + + ===Tested Against Environment==== + Horizon View Server Version : 7.4 + PowerCLI Version : PowerCLI 10 + PowerShell Version : 5.0 + #> + + [CmdletBinding( + SupportsShouldProcess = $false, + ConfirmImpact = 'High' + )] + + param( + [Parameter(Mandatory = $false)] + $HvServer = $null + ) + + $services = Get-ViewAPIService -hvServer $hvServer + if ($null -eq $services) { + Write-Error "Could not retrieve ViewApi services from connection object" + break + } + + $eventdatabase=$services.EventDatabase.EventDatabase_Get() + if ($eventdatabase.eventdatabaseset -eq $False){ + write-output "No Event Database configuration found" + } + elseif ($eventdatabase.eventdatabaseset -eq $true){ + $Eventdatabaseoverview=@() + $Eventdatabaseoverview+=New-Object PSObject -Property @{"Servername" = $eventdatabase.Database.Server; + "Type" = $eventdatabase.Database.Type; + "DatabaseName" = $eventdatabase.Database.Name; + "UserName" = $eventdatabase.Database.UserName; + "TablePrefix" = $eventdatabase.Database.TablePrefix; + "ShowEventsForTime" = $eventdatabase.settings.ShowEventsForTime; + "ClassifyEventsAsNewForDays" = $eventdatabase.settings.ClassifyEventsAsNewForDays; + } | select-object Servername,Type,DatabaseName,UserName,TablePrefix,ShowEventsForTime,ClassifyEventsAsNewForDays + } + return $Eventdatabaseoverview + [System.gc]::collect() +} + +function Clear-HVEventDatabase { + <# + .Synopsis + Clears configurationof the configured Event Database + + .DESCRIPTION + Clears configurationof the configured Event Database + + .PARAMETER HvServer + Reference to Horizon View Server to query the virtual machines from. If the value is not passed or null then + first element from global:DefaultHVServers would be considered in-place of hvServer + + .EXAMPLE + Clear-HVEventDatabase + + .NOTES + Author : Wouter Kursten + Author email : wouter@retouw.nl + Version : 1.0 + + ===Tested Against Environment==== + Horizon View Server Version : 7.4 + PowerCLI Version : PowerCLI 10 + PowerShell Version : 5.0 + #> + + [CmdletBinding( + SupportsShouldProcess = $true, + ConfirmImpact = 'High')] + + param( + [Parameter(Mandatory = $false)] + $HvServer = $null + ) + + PROCESS { + + $services = Get-ViewAPIService -hvServer $hvServer + if ($null -eq $services) { + Write-Error "Could not retrieve ViewApi services from connection object" + break + } + if ($pscmdlet.ShouldProcess($($msg))) { + $services.EventDatabase.EventDatabase_Clear() + } + [System.gc]::collect() + } +} + +function Set-HVlicense { + <# + .Synopsis + Sets or changes the license for Horizon View + + .DESCRIPTION + Sets or changes the license for Horizon View + + .PARAMETER license + License key (string) + + .PARAMETER HvServer + Reference to Horizon View Server to query the virtual machines from. If the value is not passed or null then + first element from global:DefaultHVServers would be considered in-place of hvServer + + .EXAMPLE + set-hvlicense -license "LICENSE-KEY" + Returns information about the sites within a Horizon View Pod Federation. + + .NOTES + Author : Wouter Kursten + Author email : wouter@retouw.nl + Version : 1.0 + + ===Tested Against Environment==== + Horizon View Server Version : 7.4,7.5 + PowerCLI Version : PowerCLI 10 + PowerShell Version : 5.0 + #> + + [CmdletBinding( + SupportsShouldProcess = $false, + ConfirmImpact = 'High' + )] + + param( + [Parameter(Mandatory = $true)] + [string] + $license, + + [Parameter(Mandatory = $false)] + $HvServer = $null + ) + + + $services = Get-ViewAPIService -hvServer $hvServer + if ($null -eq $services) { + Write-Error "Could not retrieve ViewApi services from connection object" + break + } + + try { + $services.license.license_set($license) + } + catch { + write-error $_.exception message + break + } + $licenseresult=$services.license.license_get() + return $licenseresult + [System.gc]::collect() +} + + +function Get-HVlicense { + <# + .Synopsis + Gets the license for Horizon View + + .DESCRIPTION + Gets the license for Horizon View + + + .PARAMETER HvServer + Reference to Horizon View Server to query the virtual machines from. If the value is not passed or null then + first element from global:DefaultHVServers would be considered in-place of hvServer + + .EXAMPLE + get-hvlicense + + + .NOTES + Author : Wouter Kursten + Author email : wouter@retouw.nl + Version : 1.0 + + ===Tested Against Environment==== + Horizon View Server Version : 7.4,7.5 + PowerCLI Version : PowerCLI 10 + PowerShell Version : 5.0 + #> + + [CmdletBinding( + SupportsShouldProcess = $false, + ConfirmImpact = 'High' + )] + + param( + [Parameter(Mandatory = $false)] + $HvServer = $null + ) + + + $services = Get-ViewAPIService -hvServer $hvServer + if ($null -eq $services) { + Write-Error "Could not retrieve ViewApi services from connection object" + break + } + + $license=$services.license.license_get() + return $license + [System.gc]::collect() +} + +function Set-HVInstantCloneMaintenance { + <# + .Synopsis + Enable or disable instant clone maintanence mode + + .DESCRIPTION + Toggles a host in instant clone maintanence mode. Specify the VMHost name and enable or disable to toggle. + + .PARAMETER VMHost + ESXi Host name to modify the InstantClone.Maintenance attribute + + .PARAMETER Enable + Enable Instant Clone maintenance mode. + + .PARAMETER Disable + Disable Instant Clone maintenance mode + + .EXAMPLE + Set-HvInstantCloneMaintenance -VMHost -Enable $true + Set-HvInstantCloneMaintenance -VMHost -Disable $true + + .NOTES + Author : Jack McMichael + Author email : @jackwmc4 / jackwmc4@gmail.com + Version : 1.0 + + ===Tested Against Environment==== + Horizon View Server Version : 7.6 + PowerCLI Version : PowerCLI 11 + PowerShell Version : 5.1 + #> + + [CmdletBinding( + SupportsShouldProcess = $true, + ConfirmImpact = 'High')] + + param( + [Parameter(Mandatory=$true, Position=0)] + [string] + $VMHost, + + [Parameter(Mandatory = $false)] + [switch] + $Enable, + + [Parameter(Mandatory = $false)] + [switch] + $Disable, + + [Parameter(Mandatory = $false)] + $HvServer = $null + ) + + begin { + $services = Get-ViewAPIService -hvServer $hvServer + if ($null -eq $services) { + Write-Error "Could not retrieve ViewApi services from connection object" + break + } + } + + process { + if ($Enable) { + if ((Get-Annotation -Entity (Get-VMHost -Name $VMHost) -CustomAttribute "InstantClone.Maintenance").Value -eq ""){ + Set-Annotation -Entity (Get-VMHost -Name $VMHost) -CustomAttribute "InstantClone.Maintenance" -Value "1" | Out-Null + Write-Host "Instant Clone Maintenance Mode: Enabling for $VMHost...(This could take some time)" + } + while ((Get-Annotation -Entity (Get-VMHost -Name $VMHost) -CustomAttribute "InstantClone.Maintenance").Value -ne "2") { + Start-Sleep -Seconds 10 + } + } elseif ($Disable) { + if (-not (Get-Annotation -Entity (Get-VMHost -Name $VMHost) -CustomAttribute "InstantClone.Maintenance").Value -eq "") { + Set-Annotation -Entity (Get-VMHost -Name $VMHost) -CustomAttribute "InstantClone.Maintenance" -Value "" | Out-Null + Write-Host "Instant Clone Maintenance Mode: Disabling for $VMHost" + } + Set-VMhost $VMHost -State Connected | Out-Null + } + [System.gc]::collect() + } +} + +Function Get-HVApplication { +<# +.Synopsis + Gets the application information. + +.DESCRIPTION + Gets the application information. This will be useful to find out whether the specified application exists or not. If the application name is not specified, this will lists all the applications in the Pod. + +.PARAMETER ApplicationName + Name of the application. + +.PARAMETER HvServer + View API service object of Connect-HVServer cmdlet. + +.PARAMETER FormatList + Displays the list of the available applications in Table Format if this parameter is set to True. + +.EXAMPLE + Get-HVApplication -ApplicationName 'App1' -HvServer $HvServer + Queries and returns 'App1' information. + +.EXAMPLE + Get-HVApplication -HvServer $HvServer -FormatList:$True + Lists all the applications in the Pod. + +.OUTPUTS + Returns the information of the specified application if it specified, else displays all the available applications. + +.NOTES + Author : Samiullasha S + Author email : ssami@vmware.com + Version : 1.2 + + ===Tested Against Environment==== + Horizon View Server Version : 7.8.0 + PowerCLI Version : PowerCLI 11.1 + PowerShell Version : 5.0 +#> + param ( + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [string]$ApplicationName = $Null, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + $HvServer = $Null, + + [Parameter(Mandatory = $False)] + [string]$FormatList = $False + ) + begin { + $services = Get-ViewAPIService -HvServer $HvServer + if ($null -eq $services) { + Write-Error "Could not retrieve View API services from connection object." + break + } + } + process { + if ($ApplicationName) { + $eqFilter = Get-HVQueryFilter 'data.name' -Eq $ApplicationName + $ResourceObjs = Get-HVQueryResult -EntityType ApplicationInfo -Filter $eqFilter -HvServer $HvServer + if(!$ResourceObjs){Write-host "No application found with specified name: $ApplicationName"; return} + Write-host "Application found with specified name: $ApplicationName" + return $ResourceObjs + } + $ResourceObjs = Get-HVQueryResult -EntityType ApplicationInfo -HvServer $HvServer + if ($FormatList -eq $True){ + return $ResourceObjs.data | Format-Table -AutoSize + } else { + return $ResourceObjs + } + + } + end { + [System.GC]::Collect() + } +} + +Function Remove-HVApplication { +<# +.Synopsis + Removes the specified application if exists. + +.DESCRIPTION + Removes the specified application if exists. + +.PARAMETER ApplicationName + Application to be deleted. + The name of the application must be given that is to be searched for and remove if exists. + +.PARAMETER HvServer + View API service object of Connect-HVServer cmdlet. + +.EXAMPLE + Remove-HVApplication -ApplicationName 'App1' -HvServer $HvServer + Removes 'App1', if exists. + +.OUTPUTS + Removes the specified application if exists. + +.NOTES + Author : Samiullasha S + Author email : ssami@vmware.com + Version : 1.2 + + ===Tested Against Environment==== + Horizon View Server Version : 7.8.0 + PowerCLI Version : PowerCLI 11.1 + PowerShell Version : 5.0 +#> +[CmdletBinding( + SupportsShouldProcess = $true, + ConfirmImpact = 'High' +)] +param ( + [Parameter(Mandatory = $True, ValueFromPipeline = $True)] + [string]$ApplicationName, + + [Parameter(Mandatory = $False)] + $HvServer = $null + ) + begin { + $services = Get-ViewAPIService -HvServer $HvServer + if ($null -eq $services) { + Write-Error "Could not retrieve View API services from connection object" + break + } + } + process { + $App= Get-HVApplication -ApplicationName $ApplicationName -HvServer $HvServer + if (!$App) { + Write-Host "Application '$ApplicationName' not found. $_" + return + } + $AppService= New-Object VMware.Hv.ApplicationService + if ($pscmdlet.ShouldProcess($ApplicationName)) { + $AppService.Application_Delete($services,$App.Id) + if ($?) { + Write-Host "'$ApplicationName' has been successfully removed." + } + } + } + end { + [System.GC]::Collect() + } +} + +Function New-HVManualApplication { +<# +.Synopsis + Creates a Manual Application. + +.DESCRIPTION + Creates Application manually with given parameters. + +.PARAMETER HvServer + View API service object of Connect-HVServer cmdlet. + +.PARAMETER Name + The Application name is the unique identifier used to identify this Application. + +.PARAMETER DisplayName + The display name is the name that users will see when they connect to view client. If the display name is left blank, it defaults to Name. + +.PARAMETER Description + The description is a set of notes about the Application. + +.PARAMETER ExecutablePath + Path to Application executable. + +.PARAMETER Version + Application version. + +.PARAMETER Publisher + Application publisher. + +.PARAMETER Enabled + Indicates if Application is enabled. + +.PARAMETER EnablePreLaunch + Application can be pre-launched if value is true. + +.PARAMETER ConnectionServerRestrictions + Connection server restrictions. This is a list of tags that access to the application is restricted to. Empty/Null list means that the application can be accessed from any connection server. + +.PARAMETER CategoryFolderName + Name of the category folder in the user's OS containing a shortcut to the application. Unset if the application does not belong to a category. + +.PARAMETER ClientRestrictions + Client restrictions to be applied to Application. Currently it is valid for RDSH pools. + +.PARAMETER ShortcutLocations + Locations of the category folder in the user's OS containing a shortcut to the desktop. The value must be set if categoryFolderName is provided. + +.PARAMETER MultiSessionMode + Multi-session mode for the application. An application launched in multi-session mode does not support reconnect behavior when user logs in from a different client instance. + +.PARAMETER MaxMultiSessions + Maximum number of multi-sessions a user can have in this application pool. + +.PARAMETER StartFolder + Starting folder for Application. + +.PARAMETER Args + Parameters to pass to application when launching. + +.PARAMETER Farm + Farm name. + +.PARAMETER AutoUpdateFileTypes + Whether or not the file types supported by this application should be allowed to automatically update to reflect changes reported by the agent. + +.PARAMETER AutoUpdateOtherFileTypes + Whether or not the other file types supported by this application should be allowed to automatically update to reflect changes reported by the agent. + +.PARAMETER GlobalApplicationEntitlement + The name of a Global Application Entitlement to associate this Application pool with. + +.EXAMPLE + New-HVManualApplication -Name 'App1' -DisplayName 'DisplayName' -Description 'ApplicationDescription' -ExecutablePath "PathOfTheExecutable" -Version 'AppVersion' -Publisher 'PublisherName' -Farm 'FarmName' + Creates a manual application App1 in the farm specified. + +.OUTPUTS + A success message is displayed when done. + +.NOTES + Author : Samiullasha S + Author email : ssami@vmware.com + Version : 1.0 + + ===Tested Against Environment==== + Horizon View Server Version : 7.8.0 + PowerCLI Version : PowerCLI 11.1 + PowerShell Version : 5.0 +#> + param ( + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [VMware.VimAutomation.HorizonView.Impl.V1.ViewServerImpl]$HvServer, + + [Parameter(Mandatory = $True, ValueFromPipeline = $True)] + [string][ValidateLength(1,64)]$Name, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [String][ValidateLength(1,256)]$DisplayName = $Name, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [String][ValidateLength(1,1024)]$Description, + + [Parameter(Mandatory = $True, ValueFromPipeline = $True)] + [String]$ExecutablePath, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [String]$Version, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [String]$Publisher, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [Boolean]$Enabled = $True, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [Boolean]$EnablePreLaunch=$False, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [string[]]$ConnectionServerRestrictions, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True, ParameterSetName = 'categoryFolderName')] + [String][ValidateRange(1,64)]$CategoryFolderName, + + #Below Parameter is for Client restrictions to be applied to Application. Currently it is valid for RDSH pools. + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [Boolean]$clientRestrictions = $False, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True, ParameterSetName = 'categoryFolderName')] + [String[]]$ShortcutLocations, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [ValidateSet('DISABLED','ENABLED_DEFAULT_OFF','ENABLED_DEFAULT_ON','ENABLED_ENFORCED')] + [String]$MultiSessionMode = 'DISABLED', + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [ValidateScript({if(($MultiSessionMode -eq 'ENABLED_DEFAULT_OFF') -or ($MultiSessionMode -eq 'ENABLED_DEFAULT_ON') -or ($MultiSessionMode -eq 'ENABLED_ENFORCED')){$_ -eq 1}})] + [Int]$MaxMultiSessions, + + #Below parameters are for ExecutionData, moved ExecutablePath, Version and Publisher to above from this. + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [String]$StartFolder, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [String]$Args, + + [Parameter(Mandatory = $True, ValueFromPipeline = $True)] + [String]$Farm, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [Boolean]$AutoUpdateFileTypes = $True, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [Boolean]$AutoUpdateOtherFileTypes = $True, + + [Parameter(Mandatory = $False)] + [String]$GlobalApplicationEntitlement = $null + ) + begin { + $services = Get-ViewAPIService -HvServer $HvServer + if ($null -eq $services) { + Write-Error "Could not retrieve View API services from connection object" + break + } + $FarmInfo = Get-HVFarm -FarmName $Farm + if ($null -eq $FarmInfo) { + Write-Error "Could not find the specified Farm." + break + } + if ( $PSBoundParameters.ContainsKey('GlobalApplicationEntitlement') ) { + $GlobalApplicationEntitlementInfo = Get-HVGlobalEntitlement -DisplayName $GlobalApplicationEntitlement + $GlobalApplicationEntitlementId = $GlobalApplicationEntitlementInfo.Id + } else { + $GlobalApplicationEntitlementId = $null + } + + } + process { + $App = Get-HVApplication -ApplicationName $Name -HvServer $HvServer + if ($App) { + Write-Host "Application already exists with the name : $Name" + return + } + $AppData = New-Object VMware.Hv.ApplicationData -Property @{ 'name' = $Name; 'displayName' = $DisplayName; 'description' = $Description; 'enabled' = $Enabled; 'enableAntiAffinityRules' = $EnableAntiAffinityRules; 'antiAffinityPatterns' = $AntiAffinityPatterns; 'antiAffinityCount' = $AntiAffinityCount; 'enablePreLaunch' = $EnablePreLaunch; 'connectionServerRestrictions' = $ConnectionServerRestrictions; 'categoryFolderName' = $CategoryFolderName; 'clientRestrictions' = $ClientRestrictions; 'shortcutLocations' = $ShortcutLocations; 'globalApplicationEntitlement' = $GlobalApplicationEntitlementId } + $ExecutionData = New-Object VMware.Hv.ApplicationExecutionData -Property @{ 'executablePath' = $ExecutablePath; 'version' = $Version; 'publisher' = $Publisher; 'startFolder' = $StartFolder; 'args' = $Args; 'farm' = $FarmInfo.id; 'autoUpdateFileTypes' = $AutoUpdateFileTypes; 'autoUpdateOtherFileTypes' = $AutoUpdateOtherFileTypes} + $AppSpec = New-Object VMware.Hv.ApplicationSpec -Property @{ 'data' = $AppData; 'executionData' = $ExecutionData} + $AppService = New-Object VMware.Hv.ApplicationService + $AppService.Application_Create($services,$AppSpec) + if ($?) { + Write-Host "Application '$Name' created successfully" + return + } + Write-Host "Application creation of '$Name' has failed. $_" + } + end { + [System.GC]::Collect() + } +} + +Function Get-HVPreInstalledApplication { +<# +.Synopsis + Gets the list of Pre-installed Applications from the RDS Server(s). + +.DESCRIPTION + Gets the list of Pre-installed Applications from the RDS Server(s). + +.PARAMETER FarmName + Name of the Farm on which to discover installed applications. + +.PARAMETER HvServer + View API service object of Connect-HVServer cmdlet. + +.EXAMPLE + Get-HVPreInstalledApplication -FarmName 'Farm1' -HvServer $HvServer + Gets the list of Applications present in 'Farm1', if exists. + +.OUTPUTS + Gets the list of Applications from the specified Farm if exists. + +.NOTES + Author : Samiullasha S + Author email : ssami@vmware.com + Version : 1.0 + + ===Tested Against Environment==== + Horizon View Server Version : 7.8.0 + PowerCLI Version : PowerCLI 11.1 + PowerShell Version : 5.0 +#> + param ( + [Parameter(Mandatory = $True, ValueFromPipeline = $True)] + [String][ValidateLength(1,64)]$FarmName, + + [Parameter(Mandatory = $False)] + $HvServer = $null + ) + begin { + $services = Get-ViewAPIService -HvServer $HvServer + if ($null -eq $services) { + Write-Error "Could not retrieve ViewApi services from connection object" + break + } + $Farm = Get-HVFarm -FarmName $FarmName + if($null -eq $Farm) { + Write-Error "Could not find the specified Farm." + break + } + } + process { + $FarmService = New-Object VMware.Hv.FarmService + $Data = $FarmService.Farm_DiscoverInstalledApplications($services,$Farm.Id) + return $Data + } + end { + [System.GC]::Collect() + } +} + +Function New-HVPreInstalledApplication { +<# +.Synopsis + Creates a application pool from Pre-installed applications on RDS Server(s). + +.DESCRIPTION + Creates a application pool from Pre-installed applications on RDS Server(s). + +.PARAMETER HvServer + View API service object of Connect-HVServer cmdlet. + +.PARAMETER ApplicationName + The Application name to search within the Farm for. This should match the output of (Get-HVPreinstalledApplication).Name + +.PARAMETER ApplicationID + The unique identifier for this application. The ApplicationID can only contain alphanumeric characters, dashes, and underscores. If ApplicationID is not specified, it will be set to match the ApplicationName, with the spaces converted to underscore (_). + +.PARAMETER DisplayName + The display name is the name that users will see when they connect with the Horizon Client. If the display name is left blank, it defaults to ApplicationName. + +.PARAMETER FarmName + Farm name. + +.PARAMETER EnablePreLaunch + Application can be pre-launched if value is true. + +.PARAMETER ConnectionServerRestrictions + Connection server restrictions. This is a list of tags that access to the application is restricted to. Empty/Null list means that the application can be accessed from any connection server. + +.PARAMETER CategoryFolderName + Name of the category folder in the user's OS containing a shortcut to the application. Unset if the application does not belong to a category. + +.PARAMETER ClientRestrictions + Client restrictions to be applied to Application. Currently it is valid for RDSH pools. + +.EXAMPLE + New-HVPreInstalledApplication -ApplicationName 'App1' -DisplayName 'DisplayName' -FarmName 'FarmName' + Creates a application App1 from the farm specified. + +.EXAMPLE + New-HVPreInstalledApplication -ApplicationName 'App2' -FarmName FarmManual -EnablePreLaunch $True + Creates a application App2 from the farm specified and the PreLaunch option will be enabled. + +.EXAMPLE + New-HVPreInstalledApplication -ApplicationName 'Excel 2016' -ApplicationID 'Excel-2016' -DisplayName 'Excel' -FarmName 'RDS-FARM-01' + Creates an application, Excel-2016, from the farm RDS-FARM-01. The application will display as 'Excel' to the end user. + +.OUTPUTS + A success message is displayed when done. + +.NOTES + Author : Samiullasha S + Author email : ssami@vmware.com + Version : 1.0 + + ===Tested Against Environment==== + Horizon View Server Version : 7.8.0 + PowerCLI Version : PowerCLI 11.1 + PowerShell Version : 5.0 +#> + param ( + [Parameter(Mandatory = $True, ValueFromPipeline = $True)] + [string][ValidateLength(1,64)]$ApplicationName, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [string][ValidateLength(1,64)][ValidatePattern('(?#Alphanumeric, dashes,and underscores)^[a-zA-Z\d-_]+$')]$ApplicationID = $($ApplicationName -replace " ","_"), + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [String][ValidateLength(1,256)]$DisplayName = $ApplicationName, + + [Parameter(Mandatory = $True, ValueFromPipeline = $True)] + [String][ValidateLength(1,64)]$FarmName, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [Boolean]$EnablePreLaunch=$False, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [string[]]$ConnectionServerRestrictions, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True,ParameterSetName = 'categoryFolderName')] + [String][ValidateRange(1,64)]$CategoryFolderName, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [Boolean]$clientRestrictions = $False, + + [Parameter(Mandatory = $False)] + $HvServer = $null + ) + begin { + $services = Get-ViewAPIService -HvServer $HvServer + if ($null -eq $services) { + Write-Error "Could not retrieve ViewApi services from connection object" + break + } + $FarmInfo = Get-HVFarm -FarmName $FarmName + if($null -eq $FarmInfo) { + Write-Error "Could not find the specified Farm $FarmName." + break + } + } + process { + #Validate the Application name uniqueness with existing applications. + $ResourceObjs = Get-HVApplication -HvServer $HvServer + foreach($App in ($ResourceObjs.Data.Name)) { + if($App -eq $ApplicationID) { + Write-Error "$ApplicationID already exists in the Application Pool. Use the -ApplicationID parameter to specify a unique ID." + return + } + } + #Validate the application name uniqueness with Desktops. + $DesktopSummary = Get-HVQueryResult -EntityType DesktopSummaryView -HvServer $hvserver + foreach($App in $DesktopSummary) { + if($App.DesktopSummaryData.Data.Name -eq $ApplicationID) { + Write-Error "$ApplicationID already exists in the Desktop Pool. Use the -ApplicationID parameter to specify a unique ID." + return + } + } + #get all the applications installed in RDS Server(s). + $AppsInRDS = Get-HVPreinstalledApplication -FarmName $FarmName + $AppFoundInRDS = $False + foreach($App in ($AppsInRDS)) { + if($($App.name) -eq ($ApplicationName)) { + $AppFoundInRDS = $True + $ApplicationData = New-Object VMware.Hv.ApplicationData -Property @{ 'Name' = $ApplicationID; + 'DisplayName' = $DisplayName; + 'EnablePreLaunch' = $EnablePreLaunch; + 'ConnectionServerRestrictions' = $ConnectionServerRestrictions; + 'CategoryFolderName' = $CategoryFolderName; + 'ClientRestrictions' = $ClientRestrictions } + $ExecutionData = New-object VMware.Hv.ApplicationExecutionData -Property @{ 'ExecutablePath' = $App.ExecutionData.ExecutablePath; + 'Version' = $App.ExecutionData.Version; + 'Publisher' = $App.ExecutionData.Publisher; + 'Args' = $App.ExecutionData.Args; + 'StartFolder' = $App.ExecutionData.StartFolder; + 'Farm' = $FarmInfo.Id; + 'AutoUpdateFileTypes' = $App.ExecutionData.AutoUpdateFileTypes; + 'AutoUpdateOtherFileTypes' = $App.executionData.AutoUpdateOtherFileTypes } + $ApplicationSpec = New-Object VMware.Hv.ApplicationSpec -Property @{ 'Data' = $ApplicationData; 'ExecutionData' = $ExecutionData} + $AppService = New-Object VMware.Hv.ApplicationService + $AppService.Application_Create($services,$ApplicationSpec) + if($?) { + Write-Host "Application '$ApplicationId' created successfully" + return + } + Write-Host "Failed to create Application '$ApplicationId'. $_ " + return + } + } + if ($AppFoundInRDS -eq $False) { + Write-Error "$ApplicationName does not exist in any of the RDS Server(s) belongs to the Farm $FarmName. Run (Get-HVPreinstalledApplication -FarmName $FarmName).Name to see a list of valid, preinstalled applications." + } + } + end { + [System.GC]::Collect() + } +} + +function Set-HVApplication { +<# +.Synopsis + Updates settings for an existing Application Pool. + +.DESCRIPTION + Updates settings for an existing Application Pool. It does not update the Application Icon. See Set-HVApplicationIcon for a function to update icons. This function specifically targets ApplicationInfo.Data and Application.ExecutionData properties. + +.PARAMETER HvServer + View API service object of Connect-HVServer cmdlet. + +.PARAMETER Name + The Application name is the unique identifier used to identify this Application. This cannot be updated but is used to specify which application should be updated. + +.PARAMETER DisplayName + The display name is the name that users will see when they connect to view client. If the display name is left blank, it defaults to Name. + +.PARAMETER Description + The description is a set of notes about the Application. + +.PARAMETER GlobalApplicationEntitlement + The name of a Global Application Entitlement to associate this Application pool with. + +.PARAMETER ExecutablePath + Path to Application executable. + +.PARAMETER Version + Application version. + +.PARAMETER Publisher + Application publisher. + +.PARAMETER Enabled + Indicates if Application is enabled. + +.PARAMETER EnablePreLaunch + Application can be pre-launched if value is true. + +.PARAMETER ConnectionServerRestrictions + Connection server restrictions. This is a list of tags that access to the application is restricted to. Empty/Null list means that the application can be accessed from any connection server. + +.PARAMETER CategoryFolderName + Name of the category folder in the user's OS containing a shortcut to the application. Unset if the application does not belong to a category. + +.PARAMETER ClientRestrictions + Client restrictions to be applied to Application. Currently it is valid for RDSH pools. + +.PARAMETER ShortcutLocations + Locations of the category folder in the user's OS containing a shortcut to the desktop. The value must be set if categoryFolderName is provided. + +.PARAMETER StartFolder + Starting folder for Application. + +.PARAMETER Args + Parameters to pass to application when launching. + +.PARAMETER Farm + Farm name. + +.PARAMETER AutoUpdateFileTypes + Whether or not the file types supported by this application should be allowed to automatically update to reflect changes reported by the agent. + +.PARAMETER AutoUpdateOtherFileTypes + Whether or not the other file types supported by this application should be allowed to automatically update to reflect changes reported by the agent. + +.PARAMETER GlobalApplicationEntitlement + Specify the Display Name of a Global Application Entitlement to add this Application Pool to. + +.EXAMPLE + New-HVManualApplication -Name 'App1' -DisplayName 'DisplayName' -Description 'ApplicationDescription' -ExecutablePath "PathOfTheExecutable" -Version 'AppVersion' -Publisher 'PublisherName' -Farm 'FarmName' + Creates a manual application App1 in the farm specified. + +.OUTPUTS + A success message is displayed when done. + +.NOTES + Author : Matt Frey + Author email : mfrey@vmware.com + Version : 1.0 + + ===Tested Against Environment==== + Horizon View Server Version : 7.8.0 + PowerCLI Version : PowerCLI 11.1 + PowerShell Version : 5.1 +#> +param ( + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [VMware.VimAutomation.HorizonView.Impl.V1.ViewServerImpl]$HvServer, + + [Parameter(Mandatory = $True, ValueFromPipeline = $True, Position = 0)] + [string][ValidateLength(1,64)]$Name, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [String][ValidateLength(1,256)]$DisplayName = $Name, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [String][ValidateLength(1,1024)]$Description, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [String]$ExecutablePath, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [String]$Version, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [String]$Publisher, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [Boolean]$Enabled = $True, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [Boolean]$EnablePreLaunch=$False, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [string[]]$ConnectionServerRestrictions, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True, ParameterSetName = 'categoryFolderName')] + [String][ValidateRange(1,64)]$CategoryFolderName, + + #Below Parameter is for Client restrictions to be applied to Application. Currently it is valid for RDSH pools. + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [Boolean]$clientRestrictions = $False, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True, ParameterSetName = 'categoryFolderName')] + [String[]]$ShortcutLocations, + + #Below parameters are for ExecutionData, moved ExecutablePath, Version and Publisher to above from this. + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [String]$StartFolder, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [String]$Args, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [Boolean]$AutoUpdateFileTypes = $True, + + [Parameter(Mandatory = $False, ValueFromPipeline = $True)] + [Boolean]$AutoUpdateOtherFileTypes = $True, + + [Parameter(Mandatory = $False)] + [String]$GlobalApplicationEntitlement = $null +) + begin { + $services = Get-ViewAPIService -HvServer $HvServer + if ($null -eq $services) { + Write-Error "Could not retrieve View API services from connection object" + break + } + } + process { + $App = Get-HVApplication -ApplicationName $Name -HvServer $HvServer + if (!$App) { + Write-Error "Application $App not found. Please check the syntax or spelling." + return + } + + $updates = @() + if ($PSBoundParameters.ContainsKey("DisplayName")) { + $updates += Get-MapEntry -key 'data.displayName' -value $DisplayName + } + if ($PSBoundParameters.ContainsKey("Description")) { + $updates += Get-MapEntry -key 'data.description' -value $Description + } + if ($PSBoundParameters.ContainsKey("Enabled")) { + $updates += Get-MapEntry -key 'data.enabled' -value $Enabled + } + if ($PSBoundParameters.ContainsKey("EnableAntiAffinityRules")) { + $updates += Get-MapEntry -key 'data.enableAntiAffinityRules' -value $EnableAntiAffinityRules + } + if ($PSBoundParameters.ContainsKey("EnableAntiAffinityPatterns")) { + $updates += Get-MapEntry -key 'data.enableAntiAffinityPatterns' -value $EnableAntiAffinityPatterns + } + if ($PSBoundParameters.ContainsKey("EnableAntiAffinityCount")) { + $updates += Get-MapEntry -key 'data.enableAntiAffinityCount' -value $EnableAntiAffinityCount + } + if ($PSBoundParameters.ContainsKey("EnablePreLaunch")) { + $updates += Get-MapEntry -key 'data.enablePreLaunch' -value $EnablePreLaunch + } + if ($PSBoundParameters.ContainsKey("ConnectionServerRestrictions")) { + $updates += Get-MapEntry -key 'data.connectionServerRestrictions' -value $ConnectionServerRestrictions + } + if ($PSBoundParameters.ContainsKey("EnableAntiAffinityRules")) { + $updates += Get-MapEntry -key 'data.enableAntiAffinityRules' -value $EnableAntiAffinityRules + } + if ($PSBoundParameters.ContainsKey("CategoryFolderName")) { + $updates += Get-MapEntry -key 'data.categoryFolderName' -value $CategoryFolderName + } + if ($PSBoundParameters.ContainsKey("ClientRestrictions")) { + $updates += Get-MapEntry -key 'data.clientRestrictions' -value $ClientRestrictions + } + if ($PSBoundParameters.ContainsKey("ShortcutLocations")) { + $updates += Get-MapEntry -key 'data.shortcutLocations' -value $ShortcutLocations + } + if ($PSBoundParameters.ContainsKey("GlobalApplicationEntitlement")) { + $GlobalApplicationEntitlementInfo = Get-HVGlobalEntitlement -DisplayName $GlobalApplicationEntitlement + $GlobalApplicationEntitlementId = $GlobalApplicationEntitlementInfo.Id + $updates += Get-MapEntry -key 'data.globalApplicationEntitlement' -value $GlobalApplicationEntitlementId + } + + if ($PSBoundParameters.ContainsKey("ExecutablePath")) { + $updates += Get-MapEntry -key 'executionData.executablePath' -value $ExecutablePath + } + if ($PSBoundParameters.ContainsKey("Version")) { + $updates += Get-MapEntry -key 'executionData.version' -value $Version + } + if ($PSBoundParameters.ContainsKey("Publisher")) { + $updates += Get-MapEntry -key 'executionData.publisher' -value $Publisher + } + if ($PSBoundParameters.ContainsKey("StartFolder")) { + $updates += Get-MapEntry -key 'executionData.startFolder' -value $StartFolder + } + if ($PSBoundParameters.ContainsKey("Args")) { + $updates += Get-MapEntry -key 'executionData.args' -value $Args + } + if ($PSBoundParameters.ContainsKey("AutoUpdateFileTypes")) { + $updates += Get-MapEntry -key 'executionData.autoUpdateFileTypes' -value $AutoUpdateFileTypes + } + if ($PSBoundParameters.ContainsKey("AutoUpdateOtherFileTypes")) { + $updates += Get-MapEntry -key 'executionData.autoUpdateOtherFileTypes' -value $AutoUpdateOtherFileTypes + } + + $AppService = New-Object VMware.Hv.ApplicationService + $AppService.Application_Update($services,$App.Id,$updates) + if ($?) { + Write-Host "Application '$Name' updated successfully" + return + } + Write-Host "Application update to '$Name' has failed. $_" + } + end { + [System.GC]::Collect() + } +} + +# Object related +Export-ModuleMember -Function Get-HVMachine, Get-HVMachineSummary, Get-HVQueryResult, Get-HVQueryFilter, Get-HVInternalName +# RDS Farm related +Export-ModuleMember -Function Get-HVFarmSummary, Start-HVFarm, Start-HVPool, New-HVFarm, Remove-HVFarm, Get-HVFarm, Set-HVFarm, Add-HVRDSServer +# Desktop Pool related +Export-ModuleMember -Function Get-HVPoolSummary, New-HVPool, Remove-HVPool, Get-HVPool, Set-HVPool, Get-HVPoolSpec, Add-HVDesktop +# Application Pool related +Export-ModuleMember -Function Get-HVApplication, Remove-HVApplication, New-HVManualApplication, Get-HVPreInstalledApplication, New-HVPreInstalledApplication, Set-HVApplication +# Entitlement related +Export-ModuleMember -Function New-HVEntitlement,Get-HVEntitlement,Remove-HVEntitlement +Export-ModuleMember -Function Set-HVMachine, Reset-HVMachine, Remove-HVMachine +# Cloud Pod Architecture related +Export-ModuleMember -Function New-HVGlobalEntitlement, Remove-HVGlobalEntitlement, Get-HVGlobalEntitlement, Set-HVGlobalEntitlement, New-HVPodFederation, Remove-HVPodFederation, Get-HVPodFederation, Set-HVPodFederation +Export-ModuleMember -Function Get-HVSite, New-HVSite, New-HVHomeSite, Remove-HVSite, Get-HVHomeSite, Set-HVSite, Register-HVPod, Unregister-HVPod +# Published App related +Export-ModuleMember -Function Get-HVGlobalSettings, Set-HVApplicationIcon, Remove-HVApplicationIcon, Set-HVGlobalSettings +Export-ModuleMember -Function Get-HVResourceStructure, Get-HVLocalSession, Get-HVGlobalSession +# Event Database related +Export-ModuleMember -Function Get-HVEventDatabase, Set-HVEventDatabase, Clear-HVEventDatabase, Get-HVEvent, Connect-HVEvent, Disconnect-HVEvent +# vCenter Server related +Export-ModuleMember -Function Get-HVvCenterServer, Get-HVvCenterServerHealth +# Misc/other related +Export-ModuleMember -Function Get-HVlicense, Set-HVlicense, Get-HVHealth, Set-HVInstantCloneMaintenance, Get-HVBaseImageVM, Get-HVBaseImageVMSnapshot \ No newline at end of file diff --git a/Modules/VMware.VCGChecker/Export-VCGReport.ps1 b/Modules/VMware.VCGChecker/Export-VCGReport.ps1 new file mode 100644 index 0000000..3774915 --- /dev/null +++ b/Modules/VMware.VCGChecker/Export-VCGReport.ps1 @@ -0,0 +1,1057 @@ +# +# Generate the html report and save it to the report folder +# TODO: change to the class +Function Export-VCGReport { + Param( + [Parameter(Mandatory=$true)] $Data, + [Parameter(Mandatory=$true)] $Dir + ) + if (!(Test-Path $Dir)) { + New-Item -Type directory -Confirm:$false -Path $Dir -Force |Out-Null + } + + $Data,$flag = refactorData $Data + + $null=Generate_CsvReport $Data $Dir + $null=Generate_HtmlReport $Data $Dir + $null=Generate_SummaryReport $Data $Dir +} +Function Generate_HtmlReport($Data, $Dir) { + info ("Generating compatibility detail report...") + $content = $generalHead + $content += '

ESXi Hardware Compatibility Report for {0}

' -f $Data.hostname + $content += $generalBodyBase + if (-not(checkVersion($Data))) { + $content += 'Installed Release' + } + else { + $content += 'Checked Release' + } + $content += $generalBodyRest + foreach ($VCResource in $Data) { + $checkVersion = $VCResource.checkRelease + $Count1 = $VCResource.DCResource.HostResource.ComponentResource.Count + $Process = '' + if ($VCResource.hostname -ne 'null') { + $Process += '{1}' -f $Count1, [string]$VCResource.hostname + } + else { + $Process += '{1}' -f $Count1, '/' + } + foreach ($DCResource in $VCResource.DCResource) { + $Count2 = $DCResource.HostResource.ComponentResource.Count + if ($DCResource.dcname -ne 'null') { + $Process += '{1}' -f [string]$Count2, [string]$DCResource.dcname + } + else { + $Process += '{1}' -f [string]$Count2, '/' + } + foreach ($HostResourceOne in $DCResource.HostResource) { + $Count = $HostResourceOne.ComponentResource.count + $Process += '{1}' -f $Count, $HostResourceOne.HostName + foreach ($OneDevice in $HostResourceOne.ComponentResource) { + if ($OneDevice.type -eq 'Server') { + # $InfoServer = "" | Select HostName, Manufacturer, Model, CPU, Version, Bios, CpuFeature, Uuid, VcgLink, Status, FoundRelease, MatchResult, Warnings + $InfoServer = @{} + $InfoServer.HostName = $HostResourceOne.hostname + $InfoServer.Version = $HostResourceOne.version + $InfoServer.Manufacturer = $OneDevice.vendor + $InfoServer.Model = $OneDevice.model + $InfoServer.CPU = $OneDevice.cpumodel + $InfoServer.Bios = $OneDevice.biosversion + $InfoServer.CpuFeature = $OneDevice.cpufeatureid + $InfoServer.Uuid = $OneDevice.uuid + $InfoServer.VcgLink = $OneDevice.vcgLink + $InfoServer.Status = formatStatus($OneDevice.status) + $InfoServer.MatchResult = $OneDevice.matchResult + $InfoServer.Warnings = (([string]$OneDevice.warnings) -split "More information")[0] + # server info + $Process += 'Server' + $Process += '{0}' -f $InfoServer.Model + $Process += '{0}' -f $InfoServer.Manufacturer + if (-not $checkVersion) { + $Process += '{0}' -f $InfoServer.Version + } + else { + $Process += '{0}' -f $checkVersion + } + $Process += '{0}' -f $InfoServer.Status + $Process += '{0},
CpuFeature:{1},
Bios:{2}' -f $InfoServer.CPU, $InfoServer.CpuFeature, $InfoServer.Bios + if ($InfoServer.VcgLink.Count -gt 0) { + $Process += '{0}
' -f $InfoServer.Warnings + foreach ($link in $InfoServer.VcgLink) { + $Process += ' VCG link
' -f $link + } + $Process += '' + } + else + {$Process += '{0}
N/A' -f $InfoServer.Warnings} + $Process += '' + } + else { + # $InfoPci = "" | Select model, vendor, Vid, Did, Svid, Ssid, Driver, DriverVersion, Version, Pccid, VcgLink, Status, FoundRelease, MatchResult, Warnings + $InfoPci = @{} + $InfoPci.model = $OneDevice.model + $InfoPci.vendor = $OneDevice.vendor + $InfoPci.Vid = $OneDevice.vid + $InfoPci.Did = $OneDevice.did + $InfoPci.Svid = $OneDevice.svid + $InfoPci.Ssid = $OneDevice.ssid + $InfoPci.Driver = $OneDevice.driver + $InfoPci.DriverVersion = $OneDevice.driverversion + $InfoPci.Version = $HostResourceOne.version + $InfoPci.Pccid = $OneDevice.pciid + $InfoPci.VcgLink = $OneDevice.vcgLink + $InfoPci.Status = formatStatus($OneDevice.status) + $InfoPci.MatchResult = $OneDevice.matchResult + $InfoPci.Warnings = (([string]$OneDevice.warnings) -split "More information")[0] + # IO info + # TODO:Variable information coverage, need to be modified + $Process += '' + $Process += 'IO Device' + $Process += '{0}' -f $InfoPci.model + $Process += '{0}' -f $InfoPci.vendor + if (-not $checkVersion) { + $Process += '{0}' -f $InfoPci.Version + } + else { + $Process += '{0}' -f $checkVersion + } + $Process += '{0}' -f $InfoPci.Status + $Process += 'PCI ID:{0}
Driver:{1} Version:{2}' -f $InfoPci.Pccid, $InfoPci.Driver, $InfoPci.DriverVersion + if ($InfoPci.VcgLink.Count -gt 0) { + $Process += '{0}
' -f $InfoPci.Warnings + foreach ($link in $InfoPci.VcgLink) { + $Process += ' VCG link
' -f $link + } + $Process += '' + } + else + {$Process += '{0}
N/A' -f $InfoPci.Warnings} + $Process += '' + } + } + } + } + $content += $Process + } + $content += $generalFooter + #define filename and filepath + $dataTime = Get-Date -Format 'yyyy-M-d_h-m' + $vcName = vcName($Data) + $filename = 'compreport_' + $vcName + $dataTime + '.html' + $filePath = $Dir + '\' + $filename + #save report + $content |Out-File -FilePath $filePath -Encoding utf8| Out-Null + info ("Report " + "'" + $filePath + "'" + " has been created!") +} + +Function Generate_SummaryReport($Data, $Dir) { + info ("Generating compatibility summary report...") + $content = $summaryHead + $vcCount = $Data.length + $barsWidth = 45 / ($vcCount+1) + $content += 'var barsWidth = {0};' -f $barsWidth + # get vCName arry and host count + $vcNameArray = @() + foreach ($DCResource in $Data) { + $vcNameArray += $DCResource.DCResource[0].vcname + } + + $content += "var vCname = [" + foreach ($vc in $vcNameArray) { + $content += '"{0}",' -f $vc + } + $content += "];" + # Count Compatible or unpgrade + $compatibleCountFormat = '[' + $mayNotCompatibleCountFormat = '[' + $UnabletoUpgradeCountFormat = '[' + foreach ($VCResource in $Data) { + $checkVersion = $VCResource.checkRelease + $compatibleCount = 0 + $notcompatibleCount = 0 + $UnabletoUpgradeCount = 0 + foreach ($DCResource in $VCResource.DCResource) { + foreach ($HostResourceOne in $DCResource.HostResource) { + foreach ($OneDevice in $HostResourceOne.ComponentResource) { + $flagcompatible = 0 + # if($checkVersion){ + # if(-not($OneDevice.upgrade)){ + # $flagcompatible = 'null' + # break + # } + # } + #whether compatible + if ($OneDevice.status -ne 'Compatible') { + $flagcompatible = 0 + break + } + else { + $flagcompatible = 1 + } + #whether upgrade + } + + if ($flagcompatible -eq 1) { + $compatibleCount += 1 + } + elseif($flagcompatible -eq 0){ + $notcompatibleCount += 1 + } + + elseif($flagcompatible -eq 'null') { + $UnabletoUpgradeCount += 1 + } + } + } + $compatibleCountFormat += $compatibleCount + $compatibleCountFormat += ',' + $mayNotCompatibleCountFormat += $notcompatibleCount + $mayNotCompatibleCountFormat += ',' + $UnabletoUpgradeCountFormat += $UnabletoUpgradeCount + $UnabletoUpgradeCountFormat += ',' + } + $compatibleCountFormat += ',]' + $mayNotCompatibleCountFormat += ',]' + $UnabletoUpgradeCountFormat += ']' + + $dataDict = [Ordered]@{} + + if (-not(checkVersion($Data))) { + $content += 'var lengendSeries = ["Compatible","May Not Compatible"];' + $content += $hostCountHead + + $dataDict.Insert(0, "Compatible", $compatibleCountFormat) + $dataDict.Insert(1, "May Not Compatible", $mayNotCompatibleCountFormat) + } + else { + $content += 'var lengendSeries = ["Compatible","May Not Compatible","Unable to upgrade"];' + $content += $hostCountHead + + $dataDict.Insert(0, "Compatible", $compatibleCountFormat) + $dataDict.Insert(1, "May Not Compatible", $mayNotCompatibleCountFormat) + $dataDict.Insert(2, "Unable to upgrade", $UnabletoUpgradeCountFormat) + } + [System.Collections.IEnumerator]$dataDict = $dataDict.Keys.GetEnumerator(); + $formatContent = formatHostCountGraphic $dataDict + + $content += $formatContent + $content += $hostCountRest + + + # Host Compatibility + $compatibleCount = 0 + $mayNotcompatibleCount = 0 + $unableUpgradeCount = 0 + foreach ($VCResource in $Data) { + foreach ($DCResource in $VCResource.DCResource) { + foreach ($HostResourceOne in $DCResource.HostResource) { + foreach ($OneDevice in $HostResourceOne.ComponentResource) { + #whether compatible + $flagcompatible = 0 + # if ($checkVersion){ + # if (-not($OneDevice.upgrade)){ + # $flagcompatible = 'null' + # break + # } + # } + if ($OneDevice.status -ne 'Compatible') { + $flagcompatible = 0 + break + } + else { + $flagcompatible = 1 + } + + } + if ($flagcompatible -eq 1) { + $compatibleCount += 1 + } + elseif ($flagcompatible -eq 0) { + $mayNotcompatibleCount += 1 + } + elseif ($flagcompatible -eq 'null') { + $unableUpgradeCount += 1 + } + } + } + } + + if (-not(checkVersion($Data))) { + $content += "var seriesCount = {'Compatible':$compatibleCount, 'May Not Compatible':$mayNotcompatibleCount,};" + $content += "var lengendSeries = ['Compatible','May Not Compatible'];" + $content += "var catalog = [ + {value:seriesCount['Compatible'], name:'Compatible'}, + {value:seriesCount['May Not Compatible'], name:'May Not Compatible'}, + ];" + $content += "var colors = [colorsC,colorsM];" + } + else { + $content += "var seriesCount = {'Compatible':$compatibleCount, 'May Not Compatible':$mayNotcompatibleCount,'Unable to Upgrade':$unableUpgradeCount};" + $content += "var lengendSeries = ['Compatible','May Not Compatible','Unable to Upgrade'];" + $content += "var catalog = [ + {value:seriesCount['Compatible'], name:'Compatible'}, + {value:seriesCount['May Not Compatible'], name:'May Not Compatible'}, + {value:seriesCount['Unable to Upgrade'], name:'Unable to Upgrade'}, + ];" + $content += "var colors = [colorsC,colorsM,colorsU];" + } + + $content += $hostCompatible + + + #Host Model Compatibility by vCenter + if (-not(checkVersion($Data))) { + $serverSource = "[['series', 'Compatible', 'May Not Compatible',]," + } + else { + $serverSource = "[['series', 'Compatible','May Not compatible','No Upgrade Path']," + } + + foreach ($VCResource in $Data) { + $compatibleCount = 0 + $mayNotCompatibleCount = 0 + $unableUpgradeCount = 0 + $checkVersion = $VCResource.checkRelease + foreach ($DCResourceOne in $VCResource.DCResource) { + foreach ($HostResourceOne in $DCResourceOne.HostResource) { + $flagcompatible = 0 + foreach ($ComoenentResourceOne in $HostResourceOne.ComponentResource) { + #whether compatible + if ($ComoenentResourceOne.type -eq 'Server') { + # if ($checkVersion) { + # if (-not($ComoenentResourceOne.upgrade)) { + # $flagcompatible = 'null' + # break + # } + # } + if ($ComoenentResourceOne.status -ne 'Compatible') { + $flagcompatible = 0 + } + else { + $flagcompatible = 1 + } + break + + } + } + if ($flagcompatible -eq 1) { + $compatibleCount += 1 + } + elseif ($flagcompatible -eq 0) { + $mayNotcompatibleCount += 1 + } + elseif ($flagcompatible -eq 'null') { + $unableUpgradeCount += 1 + } + } + } + if (-not $checkVersion) { + $serverSource += '["{0}",{1},{2}],' -f $DCResourceOne.vcname, $compatibleCount, $mayNotCompatibleCount + } + else { + $serverSource += '["{0}",{1},{2},{3}],' -f $DCResourceOne.vcname, $compatibleCount, $mayNotCompatibleCount, $unableUpgradeCount + } + } + $serverSource += '];' + $content += 'var serverSource = {0}' -f $serverSource + $content += $hostModelCompatibleHead + + if (-not $checkVersion) { + $colorsArray = 'colorsC', 'colorsM' + } + else { + $colorsArray = 'colorsC', 'colorsM', 'colorsU' + } + foreach ($colors in $colorsArray) { + $content += $hostModelCompatibleBody + $content += "color:$colors}," + } + $content += $hostModelCompatibleRest + + #count IO Device compatibility by vCenter + if (-not(checkVersion($Data))) { + $ioSource = "[['series', 'Compatible', 'May Not Compatible',]," + } + else { + $ioSource = "[['series', 'Compatible','May Not Compatible','No Upgrade Path',]," + } + + foreach ($VCResource in $Data) { + $compatibleCount = 0 + $mayNotCompatibleCount = 0 + $unableUpgradeCount = 0 + $checkVersion = $VCResource.checkRelease + foreach ($DCResourceOne in $VCResource.DCResource) { + foreach ($HostResourceOne in $DCResourceOne.HostResource) { + $flagcompatible = 0 + foreach ($ComoenentResourceOne in $HostResourceOne.ComponentResource) { + if ($ComoenentResourceOne.type -eq 'IO Device') { + # if ($checkVersion) { + # if (-not($ComoenentResourceOne.upgrade)) { + # $flagcompatible = 'null' + # } + # } + if ($ComoenentResourceOne.status -ne 'Compatible') { + $flagcompatible = 0 + } + else { + $flagcompatible = 1 + } + + if ($flagcompatible -eq 1) { + $compatibleCount += 1 + } + elseif ($flagcompatible -eq 0) { + $mayNotCompatibleCount += 1 + } + elseif ($flagcompatible -eq 'null') { + $unableUpgradeCount += 1 + } + } + } + + } + } + if (-not $checkVersion) { + $ioSource += '["{0}",{1},{2}],' -f $DCResourceOne.vcname, $compatibleCount, $mayNotCompatibleCount + } + else { + $ioSource += '["{0}",{1},{2},{3}],' -f $DCResourceOne.vcname, $compatibleCount, $mayNotCompatibleCount, $unableUpgradeCount + } + } + + $ioSource += '];' + $content += 'var ioSource = {0}' -f $ioSource + $content += $ioCompatibleHead + if (-not $checkVersion) { + $colorsArray = 'colorsC', 'colorsM' + } + else { + $colorsArray = 'colorsC', 'colorsM', 'colorsU' + } + foreach ($colors in $colorsArray) { + $content += $ioCompatibleBody + $content += "color:$colors}," + } + $content += $ioCompatibleRest + + $dataTime = Get-Date -Format 'yyyy-M-d_h-m' + $vcName = vcName($Data) + $filename = 'sumreport_' + $vcName + $dataTime + '.html' + $filePath = $Dir + '\' + $filename + # Out-put a html report + $content |Out-File -FilePath $filePath -Encoding utf8| Out-Null + info ("Report " + "'" + $filePath + "'" + " has been created!") +} + +Function Generate_CsvReport($Data, $Dir) { + info("Generating compatibility csv report") + #define header + $content = '' + $content += "VC," + $content += "DataCenter," + $content += "Host," + $content += "Type," + $content += "Model Name," + $content += "Vendor," + if (-not(checkVersion($Data))) { + $content += "Installed Release," + } + else { + $content += "Checked Release," + } + $content += "Compatible Status," + $content += "Hardware Detail," + $content += "Comments," + $content += 'VCG Link,' + $content += "`n" + + #formate content + foreach ($VCResource in $Data) { + $checkVersion = $VCResource.checkRelease + foreach ($DCResourceOne in $VCResource.DCResource) { + foreach ($HostResourceOne in $DCResourceOne.HostResource) { + $installVersion = $HostResourceOne.version + foreach ($ComoenentResourceOne in $HostResourceOne.ComponentResource) { + if ($DCResourceOne.vcname -ne 'null') { + $content += "{0}," -f $DCResourceOne.vcname + } + else { + $content += "{0}," -f '/' + } + #DataCenterDetail + if ($DCResourceOne.dcname -ne 'null') { + $content += "{0}," -f $DCResourceOne.dcname + } + else { + $content += "{0}," -f '/' + } + #Host + $content += "{0}," -f $HostResourceOne.hostname + #Type + $content += "{0}," -f $ComoenentResourceOne.type + #Model Name + $content += '"{0}",' -f $ComoenentResourceOne.model + #Vendor + $content += '"{0}",' -f $ComoenentResourceOne.vendor + if (-not $checkVersion) { + #Installed Release + $content += '"{0}",' -f $installVersion + } + else { + $content += '"{0}",' -f $checkVersion + } + #Status + $content += '"{0}",' -f (formatStatus($ComoenentResourceOne.status)) + #CompatibleHardware + if ($ComoenentResourceOne.type -eq 'IO Device') { + $CompatibleHardware = "'PCI ID:{0}, Driver:{1} {2}" -f $ComoenentResourceOne.pciid, $ComoenentResourceOne.Driver, $ComoenentResourceOne.DriverVersion + } + else { + $CompatibleHardware = "'CPU: {0}(Feature:{1}) BIOS:{2}" -f $ComoenentResourceOne.cpumodel, $ComoenentResourceOne.cpufeatureid, $ComoenentResourceOne.biosversion + } + $content += '"{0}",' -f $CompatibleHardware + + #Comments + + if ($ComoenentResourceOne.Warnings.Count -gt 0) { + $Comments = $ComoenentResourceOne.Warnings + } + else { + $Comments ='N/A' + } + + $content += '"{0}",' -f $Comments + + #VCG Link + $VCGLink = '' + foreach ($link in $ComoenentResourceOne.VcgLink) { + $VCGLink += $link + $VCGLink += ' ' + } + $content += '"{0}",' -f $VCGLink + $content += "`n" + } + } + } + } + + #define filename and path + $dataTime = Get-Date -Format 'yyyy-M-d_h-m' + $vcName = vcName($Data) + $filename = 'compreport_' + $vcName + $dataTime + '.csv' + $filePath = $Dir + '\' + $filename + #save csv report + info ("Report " + "'" + $filePath + "'" + " has been created!") + $content |Out-File -FilePath $filePath -Encoding utf8| Out-Null + return $content +} +Function refactorData ($data) { + $DCResource,$flag = refactorDC $data + $data,$flag = refactorVC $DCResource + return $data, $true +} + +Function refactorDC($data) { + $DCResource = @() + $HostResource = @() + $HR = @{} + $DC = @{} + + $ReData = $data + + $HR.__type__ = $ReData[0].__type__ + $HR.vcname = $ReData[0].vcname + $HR.dcname = $ReData[0].dcname + $HR.hostname = $ReData[0].hostname + $HR.apitype = $ReData[0].apitype + $HR.powerstatus = $ReData[0].powerstatus + $HR.version = $ReData[0].version + $HR.fullname = $ReData[0].fullname + $HR.connectionstatus = $ReData[0].connectionstatus + $HR.ComponentResource = $ReData[0].ComponentResource + $HostResource += $HR # HostResource = [{'hostname':'10.110.126.170'}] + $DC.dcname = $ReData[0].dcname #$DC={'dcname':'ha-datacenter'} + $DC.vcname = $ReData[0].vcname + $DC.HostResource = $HostResource #$DC={'dcname':'ha-datacenter','HostResource':[{'hostname':'10.110.126.170'}]} + $DC.checkRelease = $ReData[0].checkRelease + + $DCResource += $DC #$DCResource = [{'dcname':'ha-datacenter','HostResource':[{'hostname':'10.110.126.170'},]}] + $dcname = $ReData[0].dcname + $vcname = $ReData[0].vcname + $DcIndex = 0 + for ($i = 1; $i -lt $ReData.Count; $i++) { + $temp = $ReData[$i] + $HR = @{} + if ($temp.dcname -eq $dcname -and $temp.vcname -eq $vcname) { + $HR.__type__ = $temp.__type__ + $HR.vcname = $temp.vcname + $HR.dcname = $temp.dcname + $HR.hostname = $temp.hostname + $HR.apitype = $temp.apitype + $HR.powerstatus = $temp.powerstatus + $HR.version = $temp.version + $HR.fullname = $temp.fullname + $HR.connectionstatus = $temp.connectionstatus + $HR.ComponentResource = $temp.ComponentResource + $DCResource[$DcIndex].HostResource += $HR + } + else { + $DcIndex += 1 + $DCResource += @{} #$DCResource = [{'dcname':'ha-datacenter','HostResource':[{'hostname':'10.110.126.170'},{'hostname':'10.110.126.171'}]},{}] + $DCResource[$DcIndex].dcname = $temp.dcname # [{'dcname':'ha-datacenter','HostResource':[{'hostname':'10.110.126.170'},{'hostname':'10.110.126.171'}]},{'dcname':'hw-datacenter'}] + $DCResource[$DcIndex].vcname = $temp.vcname + $DCResource[$DcIndex].checkRelease = $temp.checkRelease + $DCResource[$DcIndex].HostResource = @() # [{'dcname':'ha-datacenter','HostResource':[{'hostname':'10.110.126.170'},{'hostname':'10.110.126.171'}]},{'dcname':'hw-datacenter','HostResource':[]}] + $HR = @{} + $HR.__type__ = $temp.__type__ + $HR.vcname = $temp.vcname + $HR.dcname = $temp.dcname + $HR.hostname = $temp.hostname + $HR.apitype = $temp.apitype + $HR.powerstatus = $temp.powerstatus + $HR.version = $temp.version + $HR.fullname = $temp.fullname + $HR.connectionstatus = $temp.connectionstatus + $HR.ComponentResource = $temp.ComponentResource + $DCResource[$DcIndex].HostResource += $HR # [{'dcname':'ha-datacenter','HostResource':[{'hostname':'10.110.126.170'},{'hostname':'10.110.126.171'}]},{'dcname':'hw-datacenter','HostResource':[{'hostname':'10.110.126.173'}]}] + $dcname = $temp.dcname + $vcname = $temp.vcname + } + } + return $DCResource,$true + # return $DCResource +} + +Function refactorVC ($data) { + $VCResource = @() + $DCResource = @() + $VC = @{} + $DCResource += $data[0] + $VC.DCResource = $DCResource + $VC.hostname = $data[0].vcName + $VC.checkRelease = $data[0].checkRelease + + $VCResource += $VC + $vcname = $data[0].vcname + $VcIndex = 0 + for ($i = 1 ; $i -lt $data.Count; $i++){ + $temp = $data[$i] + if ($vcname -eq $temp.vcname) { + $VCResource[$VcIndex].DCResource += $temp + } + else { + $VcIndex += 1 + $DCResource = @() + $VC = @{} + $DCResource += $temp + $VC.hostname = $temp.vcName + $VC.DCResource = $DCResource + $VC.checkRelease = $temp.checkRelease + $VCResource += $VC + $vcname = $temp.vcname + } + } + return $VCResource,$true +} + +Function vcName($Data) { + $vcName = '' + foreach ($VCResource in $Data) { + $vcName += $VCResource.hostname + $vcName += '_' + } + return $vcName +} + +Function checkVersion($Data) { + foreach ($VCResource in $Data) { + $checkVersion = $VCResource.checkRelease + return $checkVersion + } +} + +Function formatStatus($status) { + if ($status -eq 'MayNotBeCompatible') { + return 'May Not Be Compatible' + } + else { + return $status + } +} + +Function formatHostCountGraphic($dataDict) { + while ($dataDict.MoveNext()) { + $items = $dataDict.Key + + if ($items -eq 'Compatible') { + $colors = 'colorsC' + } + elseif ($items -eq 'May Not Compatible') { + $colors = 'colorsM' + } + elseif ($items -eq 'Unable to upgrade') { + $colors = 'colorsU' + } + + $content += $hostCountBody + $items = "'{0}'" -f $items + $content += 'name: {0},' -f $items + $content += 'data: {0},' -f $dataDict.Value + $content += 'color: {0},' -f $colors + $content += '},' + } + + return $content +} + + +#Detail report +$generalHead = @' + + + + + + + + + ESXi Compatible Report + + + +'@ + +$generalBodyBase = @' +

[WARNING] The compatible status may not be fully accurate, please validate it with the official VMware Compatibility Guide

+ + +
+ + + + + + + + + + +'@ + +$generalBodyRest = @' + + + + + + +'@ + +$generalFooter = @' + +
VCDataCenterHostTypeModel NameVendorCompatible StatusHardware DetailComments
+
+ + + +'@ + + +#Summary report +$summaryHead = @' + + + + + Summary Report + + + + + + + +
+
+
+
+
+ +
+ + +'@ + diff --git a/Modules/VMware.VCGChecker/Get-VCGHWInfo.ps1 b/Modules/VMware.VCGChecker/Get-VCGHWInfo.ps1 new file mode 100644 index 0000000..229608f --- /dev/null +++ b/Modules/VMware.VCGChecker/Get-VCGHWInfo.ps1 @@ -0,0 +1,310 @@ +<# +Copyright 2018 VMware, Inc. All rights reserved. +#> + +# Class to manage Host resources +Class HostResource { + [VMware.VimAutomation.Types.VMHost] $vmhost + [string] $vcname + [string] $clustername + [string] $dcname + [string] $hostname + [string] $apitype + [string] $powerstatus + [string] $productname + [string] $version + [string] $fullname + [string] $connectionstatus + [string] $checkRelease + [int] $port + [Array] $ComponentResource = @() + [Array] $JsonProperties = @('__type__', 'dcname', 'vcname','clustername','hostname', 'apitype', + 'powerstatus', 'productname', 'version', 'fullname', 'connectionstatus','checkRelease') + + HostResource( + [VMware.VimAutomation.Types.VMHost] $vmhost) { + $this.vmhost = $vmhost + $view =$vmhost|Get-View + $vCenter_IP = $view.Summary.ManagementServerIp + if($vCenter_IP){ + $this.vcname =$vCenter_IP + $this.dcname = (Get-Datacenter -VMHost $vmhost).Name + $this.clustername = (Get-Cluster -VMHost $vmhost).Name + }else{ + $this.vcname =$this.vmhost.Name + } + $this.hostname = $this.vmhost.Name + $summary = $this.vmhost.ExtensionData.Summary + $this.powerstatus = $summary.runtime.powerState + $this.connectionstatus = $summary.runtime.connectionState + $this.apitype = $summary.Config.Product.apiType + $this.fullname = $summary.Config.Product.FullName + $this.version = $summary.Config.Product.version + $this.productname = $summary.Config.Product.licenseProductName + $this.port = 443 + } + + [Array] query_components() { + if ($this.ComponentResource.Count -eq 0) { + # Get server info + for($count_retry=0;$count_retry -lt 3;$count_retry ++){ + try{ + $svrResoure = [ServerResource]::new() + $svrResoure.set_data($this.vmhost) + $this.ComponentResource += $svrResoure + break + }catch{ + error('query components server for '+$this.vmhost.Name +' error, retry it ' +($count_retry+1) +' times') + } + } + # Get PCI devices + for($count_retry=0;$count_retry -lt 3;$count_retry ++){ + try{ + $this.query_pcidevices() + break + }catch{ + error('query components pcidevice for '+$this.vmhost.Name +' error, retry it ' +($count_retry+1) +' times') + if($count_retry -eq 2){ + error('query components pcidevice for '+$this.vmhost.Name +' faild') + } + } + } + } + return $this.ComponentResource + } + + [void] query_pcidevices() { + $EsxCliV2 = Get-EsxCli -V2 -VMHost $this.vmhost + $AllPciDevice = $EsxCliV2.hardware.pci.list.invoke() + foreach ($Pci in $AllPciDevice) { + # Ignore USB controllers, iLO/iDRAC devices + if ($Pci.DeviceName -like "*USB*" -or $Pci.DeviceName -like "*iLO*" -or $Pci.DeviceName -like "*iDRAC*") { + continue + } + # Get the NICs and storage adapters. + # We found NIC and storage adapters usually have module ID other than 0 or 1 + $pciDevice = [IoDeviceResource]::new() + if ($Pci.ModuleID -ne 0 -and $Pci.ModuleID -ne -1) { + if (!$this.is_pcidevice_exist($Pci)) { + $pciDevice.set_data($Pci, $EsxCliV2) + $this.ComponentResource += $pciDevice + } + } + } + } + + [boolean] is_pcidevice_exist($device) { + foreach ($pci in $this.ComponentResource) { + if ($pci.psobject.TypeNames[0] -eq "IoDeviceResource") { + $vid = [String]::Format("{0:x4}", [int]$device.VendorID) + $did = [String]::Format("{0:x4}", [int]$device.DeviceID) + $svid = [String]::Format("{0:x4}", [int]$device.SubVendorID) + $ssid = [String]::Format("{0:x4}", [int]$device.SubDeviceID) + if ($pci.vid -eq $vid -and $pci.did -eq $did -and + $pci.svid -eq $svid -and $pci.ssid -eq $ssid) { + return $true + } + } + } + return $false + } + + [object] to_jsonobj() { + $Json = $this | Select-Object -Property $this.JsonProperties + $ComponentChildren = @() + $this.ComponentResource | ForEach-Object {$ComponentChildren += $_.to_jsonobj()} + $Json | Add-Member -Name "ComponentResource" -Value $ComponentChildren -MemberType NoteProperty + + return $Json + } + + [string] get_host_status() { + if ($this.powerstatus -and $this.powerstatus -ne 'unknown') { + return $this.powerstatus + } + if ($this.connectionstatus) { + return ("Server " + $this.connectionstatus) + } + else { + return "Server status is unknown" + } + } + + [string] get_prompt_name() { + if ($this.apitype) { + $start = $this.apitype + } + else { + $start = "Host" + } + return $start + " " + $this.hostname + } +} + + +# Class to manage server resources +Class ServerResource { + [string] $type + [string] $model + [string] $vendor + [string] $biosversion + [string] $cpumodel + [string] $cpufeatureid + [string] $uuid + [string] $status + [array] $matchResult + [array] $warnings + [string] $vcgLink + [array] $updateRelease + + [VMware.VimAutomation.Types.VMHost] $vmhost + [Array] $JsonProperties = @('__type__','type', 'model', 'vendor', 'biosversion', + 'cpumodel', 'cpufeatureid', 'uuid','status','matchResult','warnings','vcgLink','updateRelease') + + + [void] set_data( + [VMware.VimAutomation.Types.VMHost] $vmhost) { + $this.vmhost = $vmhost + $this.type = "Server" + $this.model = $this.vmhost.Model + $this.vendor = $this.vmhost.Manufacturer + $this.biosversion = $this.vmhost.ExtensionData.Hardware.BiosInfo.BiosVersion + $this.cpumodel = $this.vmhost.ProcessorType + $cpuFeature = $this.vmhost.ExtensionData.Hardware.CpuFeature + if ($cpuFeature -and $cpuFeature.Count -gt 2) { + $this.cpufeatureid = $this.vmhost.ExtensionData.Hardware.CpuFeature[1].Eax + } + $this.uuid = $this.vmhost.ExtensionData.Hardware.systeminfo.uuid + } + + [object] to_jsonobj() { + return $this | Select-Object -Property $this.JsonProperties + } + +} + +# Class to manage each IO device +Class IoDeviceResource { + + [string] $type + [string] $model + [string] $deviceid + [string] $device + [string] $comptype + [string] $vid + [string] $did + [string] $svid + [string] $ssid + [string] $pciid + [string] $vendor + [string] $driver + [string] $driverversion + [string] $firmware + [string] $status + [array] $matchResult + [array] $warnings + [string] $vcgLink + [array] $updateRelease + + [Array] $JsonProperties = @('__type__','type', 'model', 'deviceid', 'device', + 'comptype', 'vid', 'did', 'svid', 'ssid', 'pciid', + 'vendor', 'driver', 'driverversion', 'firmware','status','matchResult','warnings','vcgLink','updateRelease') + + [void] set_data( + [object] $pci, + [object] $EsxCli) { + $this.type = "IO Device" + $this.model = $Pci.DeviceName + $this.deviceid = $pci.Address + $this.device = $pci.VMKernelName + $this.vid = [String]::Format("{0:x4}", [int]$Pci.VendorID) + $this.did = [String]::Format("{0:x4}", [int]$Pci.DeviceID) + $this.svid = [String]::Format("{0:x4}", [int]$Pci.SubVendorID) + $this.ssid = [String]::Format("{0:x4}", [int]$Pci.SubDeviceID) + $this.pciid = $this.vid + ":" + $this.did + ":" + $this.svid + ":" + $this.ssid + $this.vendor = $pci.VendorName + $this.driver = $Pci.ModuleName + $this.driverversion = "N/A" + $this.firmware = "N/A" + + + # Set component type and driverversion, firmware + if ($this.device -match 'nic') { + $arg = @{} + $arg['nicname'] = $this.device + $nic = $EsxCli.network.nic.get.invoke($arg) + $this.comptype = "Physical NIC" + $this.driverversion = $nic.driverinfo.Version + $this.firmware = $nic.driverinfo.FirmwareVersion + } + elseif ($this.device -match 'hba') { + $arg = @{} + $arg['module'] = $this.driver + $module = $EsxCli.system.module.get.invoke($arg) + $this.comptype = "Storage Adapter" + $this.driverversion = $module.Version + } + } + + [object] to_jsonobj() { + return $this | Select-Object -Property $this.JsonProperties + } + + [string] get_id_detail() { + return $this.driver + " (PCIId:" + $this.pciid + ")" + } +} + +# Class to manage IO device group +Class IoDeviceResourceGroup { + [Array] $iodevices = @() + [Array] $nics = @() + [Array] $adapters = @() + + [void] append_nic([IODeviceResource] $nic) { + $this.iodevices += $nic + $this.nics += $nic + } + + [void] append_storage_adapter([IODeviceResource] $adapter) { + $this.iodevices += $adapter + $this.adapters += $adapter + } + + [boolean] has_nics() { + return $this.nics.Count > 0 + } + + [boolean] has_storage_adapters() { + return $this.adapters.Count > 0 + } + +} + + +# +# Collect hardware inventory data from all the hosts +# +Function Get-VCGHWInfo { + Param( + [Parameter(Mandatory=$true)] $vmHosts + ) + # Collect the hardware data + $Data = @() + foreach($vmHost in $vmHosts) { + $vm = [HostResource]::new($vmHost) + try { + info ("Collecting hardware data from " + $vm.hostname) + $null = $vm.query_components() + if($vm.powerstatus -eq 'poweredOn' -and $vm.connectionstatus -eq 'connected'){ + $Data += $vm + info ("Collecting hardware data from " + $vm.hostname +' success') + } + } + catch { + error ("Failed to collect hardware data from " + $vm.hostname) + } + } + + return $Data +} \ No newline at end of file diff --git a/Modules/VMware.VCGChecker/Get-VCGStatus.ps1 b/Modules/VMware.VCGChecker/Get-VCGStatus.ps1 new file mode 100644 index 0000000..426d6ce --- /dev/null +++ b/Modules/VMware.VCGChecker/Get-VCGStatus.ps1 @@ -0,0 +1,168 @@ +$Uuid = [guid]::NewGuid() +$Headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" +$Headers.add("x-request-id", $Uuid) +$Headers.add("x-api-toolid", "180209100001") +$Headers.add("x-api-key", "SJyb8QjK2L") +$Url_Perfix = 'https://apigw.vmware.com/m4/compatibility/v1' +$Url = $Url_Perfix + "/compatible/servers/search?" +$UrlPci = $Url_Perfix + "/compatible/iodevices/search?" +$apiQurryDict=@{} + +# +# Ping remote api server. +# +Function PingApiServer(){ + $apiServerIp='apigw.vmware.com' + $results =Test-Connection $apiServerIp -Quiet + if($results -ne $true){ + error ("Failed to access VMware Compatibility API, + Unable to use comparison function, only view basic hardware information; + you can use 'Get-VCGHWInfo -g ' create hardware json, + then use 'Check-VCGStatus -f ' load hardware json file to comapre when connect an available network") + Exit(1) + } +} + +# +# Get the web request. +# +Function Get-WebRequest($VCGurl) { + try { + $req = Invoke-WebRequest -Headers $Headers -Uri $VCGUrl -ErrorVariable $err -UseBasicParsing + } + catch { + if ($err[0].errorrecord.exception.response) { + error ("WebReponse code:" + $err[0].errorrecord.exception.response.statuscode.value__) + error ($exitScript) + Exit(1) + } + else { + error ("Failed to check " + $type + " data for " + $HostResource.hostname) + error ("Failed to access VMware Compatibility API, please check your Internet connection or contact VMware Compatibility API administrator") + error ("Exit the script") + Exit(1) + } + } + return $req +} + +Function Get-RemoteApiTitleString([object]$device,$EsxiVersion){ + if ($device.type -eq 'Server') { + $Title = $device.model + $device.vendor + $device.cpufeatureid + $device.biosversion +$EsxiVersion + } + else{ + $Title = $device.vid + $device.did + $device.Svid + $device.Ssid + $EsxiVersion + } + return $Title +} + +Function Get-ResponseFromApi([object]$device,$EsxiVersion){ + if ($device.type -eq 'Server') { + $VCGUrl = $Url + "model=" + $device.model + "&releaseversion=" + $EsxiVersion ` + + "&vendor=" + $device.vendor + "&cpuFeatureId=" + $device.cpufeatureid ` + + "&bios=" + $device.biosversion + debug ("Model:" + $device.model) + debug ("VCG Url:" + $VCGUrl) + $Headers.GetEnumerator() | ForEach-Object {debug ("Req Header:" + $_.key + ":" + $_.value)} + $request = Get-WebRequest $VCGUrl + $Response = ConvertFrom-Json -InputObject $request -Erroraction 'silentlycontinue' + } + elseif ($device.type -eq 'IO Device') { + $VCGUrl = $UrlPci + "vid=0X" + $device.vid + "&did=0X" + $device.did + "&svid=0X" + $device.Svid ` + + "&ssid=0X" + $device.Ssid + "&releaseversion=" + $EsxiVersion ` + + "&driver=" + $device.Driver + "&driverversion=" + $device.driverversion + "&firmware=N/A" + debug ("Model:" + $device.model) + debug ("VCG Url:" + $VCGUrl) + $Headers.GetEnumerator() | ForEach-Object {debug ("Req Header:" + $_.key + ":" + $_.value)} + $request = Get-WebRequest $VCGUrl + $Response = ConvertFrom-Json -InputObject $request -Erroraction 'silentlycontinue' + } + return $Response +} +# +# Get the data from api +# +Function Get-VCGData($HostResource) { + foreach ($device in $HostResource.ComponentResource) { + if ($HostResource.checkRelease) { + $EsxiVersion = $HostResource.checkRelease + } + else { + $EsxiVersion = $HostResource.version + } + $temp=0 + $title=Get-RemoteApiTitleString $device $EsxiVersion + if($apiQurryDict.Count -eq 0){ + $Response= Get-ResponseFromApi $device $EsxiVersion + $apiQurryDict.Add($title,$Response) + }else{ + foreach($onetitle in $apiQurryDict.keys){ + if($onetitle -eq $title){ + $Response= $apiQurryDict[$onetitle] + $temp=1 + break + } + } + if($temp -eq 0){ + $Response= Get-ResponseFromApi $device $EsxiVersion + $apiQurryDict.Add($title,$Response) + } + } + + if ($Response.matches) { + foreach ($match in $Response.matches) { + $device.vcgLink += [string]$match.vcgLink + } + } + else { + foreach ($potentialMatche in $Response.potentialMatches) { + $device.vcgLink += [string]$potentialMatche.vcgLink + } + } + $device.status = [string]$Response.searchResult.status + $device.matchResult = [string]$Response.searchResult.matchResult + $device.warnings = $Response.searchResult.warnings + $device.updateRelease = [string]$Response.searchOption.foundRelease + } +} + +# +# Send the hardware data to VCG API and handle returned result +# +Function Get-DataFromRemoteApi([object]$servers) { + info ("Checking hardware compatibility result with VMware Compatibility Guide API...") + info ("This may take a few minutes depending on your network.") + for ($idx = 0; $idx -lt $servers.Count; $idx++) { + $server = $servers[$idx] + $i = $idx + 1 + info ([string]$i + "/" + [string]$servers.Count + " - Checking hardware compatibility results for " + $server.hostname) + if (!$server -or $server.ComponentResource.Count -eq 0) { + error('Failed to get the hardware info.') + Exit(1) + } + Get-VCGData $server + } + return $servers +} + +Function Get-VCGStatus{ + Param( + [Parameter(Mandatory=$true)] $Data, + [Parameter(Mandatory=$false)] $Version + ) + $checkRelease = $Version + PingApiServer + + foreach ($vmHost in $Data) { + # $vmHost|add-member -Name "checkRelease" -value $checkRelease -MemberType NoteProperty -Force + $vmHost.checkRelease=$checkRelease + } + + $results = Get-DataFromRemoteApi($Data) + if ($results.Count -eq 0) { + error ("Failed to get compatibility results. No report will be generated") + error ("Exit the script") + Exit(1) + } + return $results +} \ No newline at end of file diff --git a/Modules/VMware.VCGChecker/README.md b/Modules/VMware.VCGChecker/README.md new file mode 100644 index 0000000..79007d4 --- /dev/null +++ b/Modules/VMware.VCGChecker/README.md @@ -0,0 +1,41 @@ +# About +This module is designed to ease the work of collecting hardware inventory data and compare it with VMware's official VCG data. Before deploying vSphere, it is required to validate your physical machines with VCG to make sure all the devices in your physical machines are compatible with the vSphere version you want to install. It is a time-consuming and painful experience to collect hardware/driver/firmware data from all of the machines, especially when you have a huge number of machines in your data center. + +# How It Works +By using this module, it will automate the data collection and comparison work. + +When running the module, it will connect to the target vCenter or ESXi to read the hardware data. It is a read-only operation and nothing on the target hosts will be changed. There is almost no impact on the machine's performance as the read operation takes just few seconds. + +The module will then send your hardware inventory data to VMware's offical website to conduct a compatibility check. The result will be 'Compatible', 'May not be compatible' or 'Not compatible'. +* Compatible: the hardware is compatible with the given vSphere release. Link to that VCG page will be provided. +* May not be compatible: manual check is required to confirm the compatibility status of this hardware. A few potential matching VCG records will be provided. +* Not compatible: the hardware is not compatible with the given vSphere release. + +After the checking is completed, the module will generate reports in different formats for your review and future use. A summary view in html will give you an overview of your machines compatibility status; an html file with device details to view each device/driver/firmware you have, their compatibility with vSphere version you specified and links to the corresponding VCG documents online; a csv file with device details to allow customization on report in Excel or by your own tool. + +# Usage +Considering many data center may have control on internet access, we create 3 cmdlets to meet various situations. +* Get-VCGHWInfo: cmdlet to collect hardware info +* Get-VCGStatus: cmdlet to check hardware compatibility by query VCG website +* Export-VCGReport: cmdlet to export the summary/html/csv reports + +1. You need to first import this module after you import PowerCLI module +PS> Import-Module <path_to_VMware.VCGChecker.psd1> + +2. Connect to the target vSphere hosts using Connect-VIServer and get VMHosts +PS> Connect-VIServer -Server <server> -User <username> -Password <password> +PS> $vmhosts = Get-VMHost + +3. Collect the hardware data +PS> $hwdata = Get-VCGHWInfo -vmHosts $vmhosts +Note: if you don't have internet access, you need to connect your client to internet before proceeding to the next step. + +4. Specify the target vSphere release you want to check and submit the hardware data to VMware website +PS> $vcgdata= Get-VCGStatus -Data $hwdata -Version '<release>' + +5. Save the compatibility reports +PS> Export-VCGReport -Data $vcgdata -Dir <dir> + +# Known Limitation +* The module is not able to get the firmware version for HBA devices. +* The module is not able to get the HDD/SSD data. diff --git a/Modules/VMware.VCGChecker/Save-VCGJsonFile.ps1 b/Modules/VMware.VCGChecker/Save-VCGJsonFile.ps1 new file mode 100644 index 0000000..785fc00 --- /dev/null +++ b/Modules/VMware.VCGChecker/Save-VCGJsonFile.ps1 @@ -0,0 +1,17 @@ +Function Save-VCGJsonFile{ + Param( + [Parameter(Mandatory=$true)] $FileName, + [Parameter(Mandatory=$true)] $Data, + [Parameter(Mandatory=$true)] $Dir + ) + $json = @() + $Data | ForEach-Object { $json += $_.to_jsonobj()} + + if (!(Test-Path $Dir)) { + New-Item -Type directory -Confirm:$false -Path $Dir -Force |Out-Null + } + + $Path= $Dir + '\' + $FileName + '.json' + info ("Saving data to " + $Path) + ConvertTo-Json -Depth 10 -Compress $json | Out-File -encoding 'UTF8' -FilePath $Path +} \ No newline at end of file diff --git a/Modules/VMware.VCGChecker/VMware.VCGChecker.psd1 b/Modules/VMware.VCGChecker/VMware.VCGChecker.psd1 new file mode 100644 index 0000000..12493af --- /dev/null +++ b/Modules/VMware.VCGChecker/VMware.VCGChecker.psd1 @@ -0,0 +1,90 @@ +# +# Module manifest for module 'VMware.VCGChecker' +# +# Generated by: fdai@vmware.com, zhangta@vmware.com, linweij@vmware.com +# +# Generated on: 11/15/18 +# + +@{ + + # Script module or binary module file associated with this manifest. + # RootModule = 'VMware.VCGChecker.psm1' + + # Version number of this module. + ModuleVersion = '1.0.0' + + # Supported PSEditions + # CompatiblePSEditions = @() + + # ID used to uniquely identify this module + # GUID = '' + + # Author of this module + Author = 'Frank Dai, Tao Zhang, Linwei Jiang' + + # Company or vendor of this module + CompanyName = 'VMware' + + # Copyright statement for this module + Copyright = '(c) 2018 VMware. All rights reserved.' + + # Description of the functionality provided by this module + Description = 'PowerShell Module for Checking Hardware Compatibility Status' + + RequiredModules = @('VMware.VimAutomation.Core') + + # Modules to import as nested modules of the module specified in RootModule/ModuleToProcess + NestedModules = 'Get-VCGHWInfo.ps1','Get-VCGStatus.ps1','Export-VCGReport.ps1', 'Save-VCGJsonFile.ps1', 'logger.ps1' + + # Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export. + FunctionsToExport = 'Get-VCGHWInfo', 'Get-VCGStatus', 'Export-VCGReport', 'Save-VCGJsonFile' + # Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export. + CmdletsToExport = @() + + # Variables to export from this module + VariablesToExport = '*' + + # Aliases to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no aliases to export. + AliasesToExport = @() + + # DSC resources to export from this module + # DscResourcesToExport = @() + + # List of all modules packaged with this module + # ModuleList = @() + + # List of all files packaged with this module + # FileList = @() + + # Private data to pass to the module specified in RootModule/ModuleToProcess. This may also contain a PSData hashtable with additional module metadata used by PowerShell. + PrivateData = @{ + + PSData = @{ + + # Tags applied to this module. These help with module discovery in online galleries. + # Tags = @() + + # A URL to the license for this module. + # LicenseUri = '' + + # A URL to the main website for this project. + # ProjectUri = '' + + # A URL to an icon representing this module. + # IconUri = '' + + # ReleaseNotes of this module + # ReleaseNotes = '' + + } # End of PSData hashtable + + } # End of PrivateData hashtable + + # HelpInfo URI of this module + # HelpInfoURI = '' + + # Default prefix for commands exported from this module. Override the default prefix using Import-Module -Prefix. + # DefaultCommandPrefix = '' + + } \ No newline at end of file diff --git a/Modules/VMware.VCGChecker/logger.ps1 b/Modules/VMware.VCGChecker/logger.ps1 new file mode 100644 index 0000000..686611a --- /dev/null +++ b/Modules/VMware.VCGChecker/logger.ps1 @@ -0,0 +1,112 @@ +<# +Copyright 2018 VMware, Inc. All rights reserved. + +#> + +# Messages +$HEADER_OK = "[OK] " +$HEADER_INFO = "[INFO] " +$HEADER_WARNING = "[WARNING] " +$HEADER_ERR = "[ERROR] " + +Class DebugLog +{ + # Static variables of the logger class + static [string] $CAFILE_PATH = "./.certs/" + + [boolean] $debug + [string] $logfile + + DebugLog() + { + $this.debug = $false + $this.logfile = $null + if (!(Test-Path $this::CAFILE_PATH)) + { + New-Item -Type directory -Confirm:$false -Path $this::CAFILE_PATH + } + } + + [void] SetDebug( + [boolean] $debug, + [string] $hostname + ){ + if (!$hostname) {$hostname = ''} + $this.debug = $debug + if ($this.debug) + { + $this.logfile = $this::CAFILE_PATH + $hostname + [DateTime]::Now.ToString("_yyyy-MM-dd_HH-mm") + ".log" + }else{ + $this.logfile = $null + } + } + + [void] log_vars( + [string] $message, + [object] $var + ){ + $this.log($message + $var) + } + + [void] log( + [string] $message + ){ + if (!$this.debug -or !$this.logfile) {return} + try + { + $message | Out-File $this.logfile -Append + }catch { + Out-Host -InputObject ("[Exception] Failed to write to a logfile: " + $this.logfile) + Out-Host -InputObject $_ + } + } +} + +Function debug_vars( + [string] $message, + [object] $var) +{ + $logger.log_vars($message, $var) +} + +Function debug( + [string] $message) +{ + $logger.log($message) +} + +Function vcglog( + [string] $message, + [string] $header="") +{ + $msg = $header + $message + $logger.log($msg) + Out-Host -InputObject $msg +} + +Function ok( + [string] $message) +{ + vcglog $message $HEADER_OK +} + +Function warning( + [string] $message) +{ + vcglog $message $HEADER_WARNING +} + +Function info( + [string] $message) +{ + vcglog $message $HEADER_INFO +} + +Function error( + [string] $message) +{ + vcglog $message $HEADER_ERR +} + +$logger = [DebugLog]::new() +$logger.SetDebug($true, "vcc-debug") \ No newline at end of file diff --git a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 index 9eca367..46e5fb2 100644 --- a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 +++ b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psd1 @@ -36,7 +36,14 @@ Description = 'PowerShell Module for Managing NSX-T on VMware Cloud on AWS' PowerShellVersion = '6.0' # Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export. -FunctionsToExport = 'Connect-NSXTProxy', 'Get-NSXTSegment', 'New-NSXTSegment', 'Remove-NSXTSegment', 'Get-NSXTGroup', 'New-NSXTGroup', 'Remove-NSXTGroup', 'Get-NSXTService', 'New-NSXTService', 'Get-NSXTFirewall', 'New-NSXTFirewall', 'Remove-NSXTFirewall' +FunctionsToExport = 'Connect-NSXTProxy', 'Get-NSXTSegment', 'New-NSXTSegment', 'Remove-NSXTSegment', ` +'Get-NSXTGroup', 'New-NSXTGroup', 'Remove-NSXTGroup', 'Get-NSXTServiceDefinition', 'New-NSXTServiceDefinition', ` +'Get-NSXTFirewall', 'New-NSXTFirewall', 'Remove-NSXTFirewall', 'Get-NSXTDistFirewallSection', ` +'Get-NSXTDistFirewall', 'New-NSXTDistFirewall', 'Remove-NSXTDistFirewall', 'Get-NSXTRouteTable', ` +'Get-NSXTOverviewInfo', 'Get-NSXTInfraScope', 'Get-NSXTInfraGroup', 'New-NSXTRouteBasedVPN', ` +'Get-NSXTRouteBasedVPN', 'Remove-NSXTRouteBasedVPN', 'Remove-NSXTServiceDefinition', 'New-NSXTDistFirewallSection', 'Get-NSXTDistFirewallSection', ` +'New-NSXTPolicyBasedVPN', 'Get-NSXTPolicyBasedVPN', 'Remove-NSXTPolicyBasedVPN', 'Get-NSXTDNS', 'Set-NSXTDNS', 'Get-NSXTPublicIP', 'New-NSXTPublicIP', ` +'Get-NSXTNatRule', 'New-NSXTNatRule', 'Remove-NSXTNatRule' # Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export. CmdletsToExport = @() diff --git a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 index 3bfdfe3..42be532 100644 --- a/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 +++ b/Modules/VMware.VMC.NSXT/VMware.VMC.NSXT.psm1 @@ -37,7 +37,7 @@ Function Connect-NSXTProxy { } } - $results = Invoke-WebRequest -Uri "https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize?refresh_token=$RefreshToken" -Method POST -ContentType "application/json" -UseBasicParsing -Headers @{"csp-auth-token"="$RefreshToken"} + $results = Invoke-WebRequest -Uri "https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize" -Method POST -Headers @{accept='application/json'} -Body "refresh_token=$RefreshToken" if($results.StatusCode -ne 200) { Write-Host -ForegroundColor Red "Failed to retrieve Access Token, please ensure your VMC Refresh Token is valid and try again" break @@ -83,7 +83,7 @@ Function Get-NSXTSegment { If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { $method = "GET" - $segmentsURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/networks/cgw/segments" + $segmentsURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-1s/cgw/segments" if($Troubleshoot) { Write-Host -ForegroundColor cyan "`n[DEBUG] - $METHOD`n$segmentsURL`n" @@ -96,8 +96,14 @@ Function Get-NSXTSegment { $requests = Invoke-WebRequest -Uri $segmentsURL -Method $method -Headers $global:nsxtProxyConnection.headers } } catch { - Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" - break + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Segments" + Write-Error "`n($_.Exception.Message)`n" + break + } } if($requests.StatusCode -eq 200) { @@ -112,7 +118,7 @@ Function Get-NSXTSegment { $subnets = $segment.subnets $network = $subnets.network - $gateway = $subnets.gateway_addresses + $gateway = $subnets.gateway_address $dhcpRange = $subnets.dhcp_ranges $tmp = [pscustomobject] @{ @@ -125,8 +131,6 @@ Function Get-NSXTSegment { $results+=$tmp } $results - } else { - Write-Error "Failed to retrieve NSX-T Segments" } } } @@ -147,38 +151,46 @@ Function New-NSXTSegment { .DESCRIPTION This cmdlet creates a new NSX-T Segment (Logical Networks) .EXAMPLE - New-NSXTSegment -Name "sddc-cgw-network-4" -Gateway "192.168.4.1" -Prefix "24" -DHCP -DHCPRange "192.168.4.2-192.168.4.254" + New-NSXTSegment -Name "sddc-cgw-network-4" -Gateway "192.168.4.1/24" -DHCP -DHCPRange "192.168.4.2-192.168.4.254" + .EXAMPLE + New-NSXTSegment -Name "sddc-cgw-network-4" -Gateway "192.168.4.1/24" -DHCP -DHCPRange "192.168.4.2-192.168.4.254" -DomainName 'vmc.local' + .EXAMPLE + New-NSXTSegment -Name "sddc-cgw-network-5" -Gateway "192.168.5.1/24" #> Param ( [Parameter(Mandatory=$True)]$Name, [Parameter(Mandatory=$True)]$Gateway, - [Parameter(Mandatory=$True)]$Prefix, [Parameter(Mandatory=$False)]$DHCPRange, + [Parameter(Mandatory=$False)]$DomainName, [Switch]$DHCP, [Switch]$Troubleshoot ) If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { if($DHCP) { - $dhcpConf = @($DHCPRange) + $subnets = @{ + gateway_address = $gateway; + dhcp_ranges = @($DHCPRange) + } } else { - $dhcpConf = @($null) - } - - $subnets = @{ - gateway_addresses = @($gateway); - prefix_len = $Prefix; - dhcp_ranges = $dhcpConf + $subnets = @{ + gateway_address = $gateway; + } } $payload = @{ display_name = $Name; subnets = @($subnets) } + + if($DomainName) { + $payload.domain_name = $DomainName + } + $body = $payload | ConvertTo-Json -depth 4 $method = "PUT" - $newSegmentsURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/networks/cgw/segments/$Name" + $newSegmentsURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-1s/cgw/segments/$Name" if($Troubleshoot) { Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$newSegmentsURL`n" @@ -192,16 +204,19 @@ Function New-NSXTSegment { $requests = Invoke-WebRequest -Uri $newSegmentsURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers } } catch { - Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" - break + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in creating new NSX-T Segment" + Write-Error "`n($_.Exception.Message)`n" + break + } } if($requests.StatusCode -eq 200) { - Write-Host "Succesfully created new NSX-T Segment $Name" + Write-Host "Successfully created new NSX-T Segment $Name" ($requests.Content | ConvertFrom-Json) | select display_name, id - } else { - Write-Error "Failed to create new NSX-T Segment" - } } } @@ -231,7 +246,7 @@ Function Remove-NSXTSegment { If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { $method = "DELETE" - $deleteSegmentsURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/networks/cgw/segments/$Id" + $deleteSegmentsURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-1s/cgw/segments/$Id" if($Troubleshoot) { Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$deleteSegmentsURL`n" @@ -244,15 +259,18 @@ Function Remove-NSXTSegment { $requests = Invoke-WebRequest -Uri $deleteSegmentsURL -Method $method -Headers $global:nsxtProxyConnection.headers } } catch { - Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" - break + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in removing NSX-T Segments" + Write-Error "`n($_.Exception.Message)`n" + break + } } if($requests.StatusCode -eq 200) { - Write-Host "Succesfully removed NSX-T Segment $Name" - } else { - Write-Error "Failed to remove NSX-T Segments" - + Write-Host "Successfully removed NSX-T Segment $Name" } } } @@ -285,7 +303,7 @@ Function Get-NSXTFirewall { If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { $method = "GET" - $edgeFirewallURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/$($GatewayType.toLower())/edge-communication-maps/default" + $edgeFirewallURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/$($GatewayType.toLower())/gateway-policies/default" if($Troubleshoot) { Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$edgeFirewallURL`n" @@ -298,12 +316,18 @@ Function Get-NSXTFirewall { $requests = Invoke-WebRequest -Uri $edgeFirewallURL -Method $method -Headers $global:nsxtProxyConnection.headers } } catch { - Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" - break + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Firewall Rules" + Write-Error "`n($_.Exception.Message)`n" + break + } } if($requests.StatusCode -eq 200) { - $rules = ($requests.Content | ConvertFrom-Json).communication_entries + $rules = ($requests.Content | ConvertFrom-Json).rules if ($PSBoundParameters.ContainsKey("Name")){ $rules = $rules | where {$_.display_name -eq $Name} @@ -323,7 +347,11 @@ Function Get-NSXTFirewall { Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$sourceGroupURL`n" } try { - $requests = Invoke-WebRequest -Uri $sourceGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $sourceGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $sourceGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers + } } catch { Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" break @@ -345,7 +373,11 @@ Function Get-NSXTFirewall { Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$destionationGroupURL`n" } try { - $requests = Invoke-WebRequest -Uri $destionationGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $destionationGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $destionationGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers + } } catch { Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" break @@ -367,7 +399,11 @@ Function Get-NSXTFirewall { Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$serviceGroupURL`n" } try { - $requests = Invoke-WebRequest -Uri $serviceGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $serviceGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $serviceGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers + } } catch { Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" break @@ -377,6 +413,27 @@ Function Get-NSXTFirewall { } } + $scopeEntries = $rule.scope + $scopes = @() + foreach ($scopeEntry in $scopeEntries) { + $scopeLabelURL = $global:nsxtProxyConnection.Server + "/policy/api/v1" + $scopeEntry + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$scopeLabelURL`n" + } + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $scopeLabelURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $scopeLabelURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } + $scope = ($requests.Content | ConvertFrom-Json) + $scopes += $scope.display_name + } + $tmp = [pscustomobject] @{ SequenceNumber = $rule.sequence_number; Name = $rule.display_name; @@ -384,14 +441,13 @@ Function Get-NSXTFirewall { Source = $source; Destination = $destination; Services = $service; + Scope = $scopes; Action = $rule.action; } $results+=$tmp } $results - } else { - Write-Error "Failed to retrieve NSX-T Firewall Rules" } } } @@ -412,54 +468,93 @@ Function New-NSXTFirewall { .DESCRIPTION This cmdlet creates a new NSX-T Firewall Rule on MGW or CGW .EXAMPLE - New-NSXTFirewall -GatewayType MGW -Name TEST -Id TEST -SourceGroupId ESXI -DestinationGroupId ANY -Service ANY -Logged $true -SequenceNumber 7 -Action ALLOW + New-NSXTFirewall -GatewayType MGW -Name TEST -SourceGroup @("ANY") -DestinationGroup @("ESXI") -Service ANY -Logged $true -SequenceNumber 0 -Action ALLOW #> Param ( [Parameter(Mandatory=$True)]$Name, [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, - [Parameter(Mandatory=$True)]$Id, [Parameter(Mandatory=$True)]$SequenceNumber, - [Parameter(Mandatory=$True)]$SourceGroupId, - [Parameter(Mandatory=$True)]$DestinationGroupId, + [Parameter(Mandatory=$False)]$SourceGroup, + [Parameter(Mandatory=$False)]$DestinationGroup, [Parameter(Mandatory=$True)]$Service, - [Parameter(Mandatory=$True)][ValidateSet("ALLOW","DENY")]$Action, + [Parameter(Mandatory=$True)][ValidateSet("ALLOW","DROP")]$Action, + [Parameter(Mandatory=$false)]$InfraScope, + [Parameter(Mandatory=$false)]$SourceInfraGroup, + [Parameter(Mandatory=$false)]$DestinationInfraGroup, [Parameter(Mandatory=$false)][Boolean]$Logged=$false, [Switch]$Troubleshoot ) If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { - if($DestinationGroupId -eq "ANY") { - $destinationGroups = $DestinationGroupId - } else { - $destinationGroups = "/infra/domains/$($GatewayType.toLower())/groups/$DestinationGroupId" + $generatedId = (New-Guid).Guid + + $destinationGroups = @() + foreach ($group in $DestinationGroup) { + if($group -eq "ANY") { + $destinationGroups = @("ANY") + } else { + $tmp = (Get-NSXTGroup -GatewayType $GatewayType -Name $group).Path + $destinationGroups+= $tmp + } + } + + if($DestinationInfraGroup) { + foreach ($group in $DestinationInfraGroup) { + $tmp = (Get-NSXTInfraGroup -Name $group).Path + $destinationGroups+= $tmp + } } $sourceGroups = @() - foreach ($group in $SourceGroupId) { - $tmp = "/infra/domains/$($GatewayType.toLower())/groups/$group" - $sourceGroups+= $tmp + foreach ($group in $SourceGroup) { + if($group -eq "ANY") { + $sourceGroups = @("ANY") + } else { + $tmp = (Get-NSXTGroup -GatewayType $GatewayType -Name $group).Path + $sourceGroups+= $tmp + } + } + + if($SourceInfraGroup) { + foreach ($group in $SourceInfraGroup) { + $tmp = (Get-NSXTInfraGroup -Name $group).Path + $sourceGroups+= $tmp + } } $services = @() foreach ($serviceName in $Service) { if($serviceName -eq "ANY") { - $tmp = "ANY" + $services = @("ANY") } else { - $tmp = "/infra/services/$serviceName" + $tmp = (Get-NSXTServiceDefinition -Name "$serviceName").Path + $services+=$tmp + } + } + + $scopeLabels = @() + if(!$InfraScope) { + if($GatewayType.toLower() -eq "cgw") { + $scopeLabels = @("/infra/labels/$($GatewayType.toLower())-all") + } else { + $scopeLabels = @("/infra/labels/$($GatewayType.toLower())") + } + } else { + foreach ($infraScopeName in $InfraScope) { + $scope = Get-NSXTInfraScope -Name $infraScopeName + $scopeLabels += $scope.Path } - $services+=$tmp } $payload = @{ display_name = $Name; resource_type = "CommunicationEntry"; - id = $Id; sequence_number = $SequenceNumber; - destination_groups = @($destinationGroups); + destination_groups = $destinationGroups; source_groups = $sourceGroups; logged = $Logged; - scope = @("/infra/labels/$($GatewayType.toLower())"); + scope = $scopeLabels; services = $services; action = $Action; } @@ -467,7 +562,7 @@ Function New-NSXTFirewall { $body = $payload | ConvertTo-Json -depth 5 $method = "PUT" - $newFirewallURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/$($GatewayType.toLower())/edge-communication-maps/default/communication-entries/$Id" + $newFirewallURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/$($GatewayType.toLower())/gateway-policies/default/rules/$generatedId" if($Troubleshoot) { Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$newFirewallURL`n" @@ -481,15 +576,19 @@ Function New-NSXTFirewall { $requests = Invoke-WebRequest -Uri $newFirewallURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers } } catch { - Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" - break + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in creating new NSX-T Firewall Rule" + Write-Error "`n($_.Exception.Message)`n" + break + } } if($requests.StatusCode -eq 200) { - Write-Host "Succesfully created new NSX-T Firewall Rule $Name" + Write-Host "Successfully created new NSX-T Firewall Rule $Name" ($requests.Content | ConvertFrom-Json) | select display_name, id - } else { - Write-Error "Failed to create new NSX-T Firewall Rule" } } } @@ -520,7 +619,7 @@ Function Remove-NSXTFirewall { If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { $method = "DELETE" - $deleteGgroupURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/$($GatewayType.toLower())/edge-communication-maps/default/communication-entries/$Id" + $deleteGgroupURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/$($GatewayType.toLower())/gateway-policies/default/rules/$Id" if($Troubleshoot) { Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$deleteGgroupURL`n" @@ -533,14 +632,18 @@ Function Remove-NSXTFirewall { $requests = Invoke-WebRequest -Uri $deleteGgroupURL -Method $method -Headers $global:nsxtProxyConnection.headers } } catch { - Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" - break + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in creating new NSX-T Firewall Rule" + Write-Error "`n($_.Exception.Message)`n" + break + } } if($requests.StatusCode -eq 200) { - Write-Host "Succesfully removed NSX-T Firewall Rule $Name" - } else { - Write-Error "Failed to create new NSX-T Firewall Rule" + Write-Host "Successfully removed NSX-T Firewall Rule" } } } @@ -586,8 +689,14 @@ Function Get-NSXTGroup { $requests = Invoke-WebRequest -Uri $edgeFirewallGroupsURL -Method $method -Headers $global:nsxtProxyConnection.headers } } catch { - Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" - break + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Groups" + Write-Error "`n($_.Exception.Message)`n" + break + } } if($requests.StatusCode -eq 200) { @@ -619,12 +728,11 @@ Function Get-NSXTGroup { ID = $group.id; Type = $groupType; Members = $members; + Path = $group.path; } $results+=$tmp } $results - } else { - Write-Error "Failed to retrieve NSX-T Groups" } } } @@ -646,18 +754,46 @@ Function New-NSXTGroup { This cmdlet creates a new NSX-T Firewall Rule on MGW or CGW .EXAMPLE New-NSXTGroup -GatewayType MGW -Name Foo -IPAddress @("172.31.0.0/24") + .EXAMPLE + New-NSXTGroup -GatewayType CGW -Name Foo -Tag Bar + .EXAMPLE + New-NSXTGroup -GatewayType CGW -Name Foo -VmName Bar -Operator CONTAINS + .EXAMPLE + New-NSXTGroup -GatewayType CGW -Name Foo -VmName Bar -Operator STARTSWITH #> + [CmdletBinding(DefaultParameterSetName = 'IPAddress')] Param ( [Parameter(Mandatory=$True)]$Name, [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, - [Parameter(Mandatory=$True)][String[]]$IPAddress, + [Parameter(Mandatory=$true, ParameterSetName='IPAddress')][String[]]$IPAddress, + [Parameter(Mandatory=$true, ParameterSetName='Tag')][String]$Tag, + [Parameter(Mandatory=$true, ParameterSetName='VmName')][String]$VmName, + [Parameter(Mandatory=$true, ParameterSetName='VmName')][ValidateSet('CONTAINS','STARTSWITH')][String]$Operator, [Switch]$Troubleshoot ) If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { - $expression = @{ - resource_type = "IPAddressExpression"; - ip_addresses = $IPAddress; + if ($PSCmdlet.ParameterSetName -eq 'Tag') { + $expression = @{ + resource_type = 'Condition' + member_type = 'VirtualMachine' + value = $Tag + key = 'Tag' + operator = 'EQUALS' + } + } elseif ($PSCmdlet.ParameterSetName -eq 'VmName') { + $expression = @{ + resource_type = 'Condition' + member_type = 'VirtualMachine' + value = $VmName + key = 'Name' + operator = $Operator.ToUpper() + } + } else { + $expression = @{ + resource_type = "IPAddressExpression"; + ip_addresses = $IPAddress; + } } $payload = @{ @@ -667,7 +803,8 @@ Function New-NSXTGroup { $body = $payload | ConvertTo-Json -depth 5 $method = "PUT" - $newGroupURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/$($GatewayType.toLower())/groups/$Name" + $generatedId = (New-Guid).Guid + $newGroupURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/$($GatewayType.toLower())/groups/$generatedId" if($Troubleshoot) { Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$newGroupURL`n" @@ -681,15 +818,19 @@ Function New-NSXTGroup { $requests = Invoke-WebRequest -Uri $newGroupURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers } } catch { - Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" - break + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in creating new NSX-T Group" + Write-Error "`n($_.Exception.Message)`n" + break + } } if($requests.StatusCode -eq 200) { - Write-Host "Succesfully created new NSX-T Group $Name" + Write-Host "Successfully created new NSX-T Group $Name" ($requests.Content | ConvertFrom-Json) | select display_name, id - } else { - Write-Error "Failed to create new NSX-T Group" } } } @@ -733,19 +874,23 @@ Function Remove-NSXTGroup { $requests = Invoke-WebRequest -Uri $deleteGgroupURL -Method $method -Headers $global:nsxtProxyConnection.headers } } catch { - Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" - break + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in creating new NSX-T Group" + Write-Error "`n($_.Exception.Message)`n" + break + } } if($requests.StatusCode -eq 200) { - Write-Host "Succesfully removed NSX-T Group $Name" - } else { - Write-Error "Failed to create new NSX-T Group" + Write-Host "Successfully removed NSX-T Group $Name" } } } -Function Get-NSXTService { +Function Get-NSXTServiceDefinition { <# .NOTES =========================================================================== @@ -761,9 +906,9 @@ Function Get-NSXTService { .DESCRIPTION This cmdlet retrieves all NSX-T Services .EXAMPLE - Get-NSXTService + Get-NSXTServiceDefinition .EXAMPLE - Get-NSXTService -Name "WINS" + Get-NSXTServiceDefinition -Name "WINS" #> param( [Parameter(Mandatory=$false)][String]$Name, @@ -785,8 +930,14 @@ Function Get-NSXTService { $requests = Invoke-WebRequest -Uri $serviceGroupsURL -Method $method -Headers $global:nsxtProxyConnection.headers } } catch { - Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" - break + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Services" + Write-Error "`n($_.Exception.Message)`n" + break + } } if($requests.StatusCode -eq 200) { @@ -809,17 +960,70 @@ Function Get-NSXTService { Protocol = $serviceProtocol; Source = $serviceSourcePorts; Destination = $serviceDestinationPorts; + Path = $service.path; } $results += $tmp } $results - } else { - Write-Error "Failed to retrieve NSX-T Services" } } } -Function New-NSXTService { +Function Remove-NSXTServiceDefinition { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 04/10/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Removes an NSX-T Service + .DESCRIPTION + This cmdlet removes an NSX-T Service + .EXAMPLE + Remove-NSXTServiceDefinition -Id VMware-Blast -Troubleshoot +#> + Param ( + [Parameter(Mandatory=$True)]$Id, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "DELETE" + $deleteServiceURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/services/$Id" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$deleteServiceURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $deleteServiceURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $deleteServiceURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in removing NSX-T Service" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully removed NSX-T Service $Id" + } + } +} + +Function New-NSXTServiceDefinition { <# .NOTES =========================================================================== @@ -835,7 +1039,7 @@ Function New-NSXTService { .DESCRIPTION This cmdlet creates a new NSX-T Service .EXAMPLE - New-NSXTService -Name "MyHTTP2" -Protocol TCP -DestinationPorts @("8080","8081") + New-NSXTServiceDefinition -Name "MyHTTP2" -Protocol TCP -DestinationPorts @("8080","8081") #> Param ( [Parameter(Mandatory=$True)]$Name, @@ -875,15 +1079,1849 @@ Function New-NSXTService { $requests = Invoke-WebRequest -Uri $newServiceURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers } } catch { - Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" - break + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in creating new NSX-T Service" + Write-Error "`n($_.Exception.Message)`n" + break + } } if($requests.StatusCode -eq 200) { - Write-Host "Succesfully created new NSX-T Service $Name" + Write-Host "Successfully created new NSX-T Service $Name" ($requests.Content | ConvertFrom-Json) | select display_name, id - } else { - Write-Error "Failed to create new NSX-T Service" } } -} \ No newline at end of file +} + +Function New-NSXTDistFirewallSection { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 04/19/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Creates new NSX-T Distributed Firewall Section + .DESCRIPTION + This cmdlet to create new NSX-T Distributed Firewall Section + .EXAMPLE + Get-NSXTDistFirewallSection -Name "App Section 1" -Category Application +#> + param( + [Parameter(Mandatory=$false)][String]$Name, + [Parameter(Mandatory=$false)][ValidateSet("Emergency","Infrastructure","Environment","Application")][String]$Category, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $payload = @{ + display_name = $Name; + category = $Category; + resource_type = "CommunicationMap"; + } + + $body = $payload | ConvertTo-Json -depth 5 + + $method = "PUT" + $generatedId = (New-Guid).Guid + $distFirewallSectionURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/cgw/communication-maps/$generatedId" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$distFirewallSectionURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $distFirewallSectionURL -Method $method -Body $body -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $distFirewallSectionURL -Method $method -Body $body -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in creating NSX-T Distributed Firewall Section" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully created new NSX-T Distributed Firewall Section $Section" + ($requests.Content | ConvertFrom-Json) | select display_name, id + } + } +} + +Function Get-NSXTDistFirewallSection { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 04/19/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns all NSX-T Distributed Firewall Sections + .DESCRIPTION + This cmdlet retrieves all NSX-T Distributed Firewall Sections + .EXAMPLE + Get-NSXTDistFirewallSection +#> + param( + [Parameter(Mandatory=$false)][String]$Name, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "GET" + $distFirewallSectionURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/cgw/communication-maps" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$distFirewallSectionURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $distFirewallSectionURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $distFirewallSectionURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Distributed Firewall Section" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + $sections = ($requests.Content | ConvertFrom-Json).results + + if ($PSBoundParameters.ContainsKey("Name")){ + $sections = $sections | where {$_.display_name -eq $Name} + } + + $sections | Sort-Object -Propert display_name | select display_name, id + } + } +} + +Function Remove-NSXTDistFirewallSection { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 04/20/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Removes an NSX-T Distributed Firewall Section + .DESCRIPTION + This cmdlet removes an NSX-T Distributed Firewall Section + .EXAMPLE + Remove-NSXTDistFirewallSection -Id -Troubleshoot +#> + Param ( + [Parameter(Mandatory=$True)]$Id, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "DELETE" + $deleteDistFirewallSectioneURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/cgw/communication-maps/$Id" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$deleteDistFirewallSectioneURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $deleteDistFirewallSectioneURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $deleteDistFirewallSectioneURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in removing NSX-T Distributed Firewall Section" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully removed NSX-T Distributed Firewall Section $Id" + } + } +} + +Function Get-NSXTDistFirewall { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 01/01/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns all NSX-T Distributed Firewall Rules for a given Section + .DESCRIPTION + This cmdlet retrieves all NSX-T Distributed Firewall Rules for a given Section + .EXAMPLE + Get-NSXTDistFirewall -SectionName "App Section 1" +#> + param( + [Parameter(Mandatory=$true)][String]$SectionName, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + try { + $distGroupId = (Get-NSXTDistFirewallSection -Name $SectionName).Id + } + catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Host -ForegroundColor Red "`nUnable to find NSX-T Distributed Firewall Section named $SectionName`n" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + $method = "GET" + $distFirewallURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/cgw/communication-maps/$distGroupId" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$distFirewallURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $distFirewallURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $distFirewallURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Distributed Firewall Rules" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + $rules = ($requests.Content | ConvertFrom-Json).communication_entries + + $results = @() + foreach ($rule in $rules | Sort-Object -Property sequence_number) { + $sourceGroups = $rule.source_groups + $source = @() + foreach ($sourceGroup in $sourceGroups) { + if($sourceGroup -eq "ANY") { + $source += $sourceGroup + break + } else { + $sourceGroupURL = $global:nsxtProxyConnection.Server + "/policy/api/v1" + $sourceGroup + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$sourceGroupURL`n" + } + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $sourceGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $sourceGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + Write-Host -ForegroundColor Red "`nFailed to retrieve Source Group Rule mappings`n" + break + } + $group = ($requests.Content | ConvertFrom-Json) + $source += $group.display_name + } + } + + $destinationGroups = $rule.destination_groups + $destination = @() + foreach ($destinationGroup in $destinationGroups) { + if($destinationGroup -eq "ANY") { + $destination += $destinationGroup + break + } else { + $destionationGroupURL = $global:nsxtProxyConnection.Server + "/policy/api/v1" + $destinationGroup + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$destionationGroupURL`n" + } + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $destionationGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $destionationGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + Write-Host -ForegroundColor Red "`nFailed to retireve Destination Group Rule mappings`n" + break + } + $group = ($requests.Content | ConvertFrom-Json) + $destination += $group.display_name + } + } + + $serviceGroups = $rule.services + $service = @() + foreach ($serviceGroup in $serviceGroups) { + if($serviceGroup -eq "ANY") { + $service += $serviceGroup + break + } else { + $serviceGroupURL = $global:nsxtProxyConnection.Server + "/policy/api/v1" + $serviceGroup + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$serviceGroupURL`n" + } + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $serviceGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $serviceGroupURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + Write-Host -ForegroundColor Red "`nFailed to retrieve Services Rule mappings`n" + break + } + $group = ($requests.Content | ConvertFrom-Json) + $service += $group.display_name + } + } + + $tmp = [pscustomobject] @{ + SequenceNumber = $rule.sequence_number; + Name = $rule.display_name; + ID = $rule.id; + Source = $source; + Destination = $destination; + Services = $service; + Action = $rule.action; + } + $results+=$tmp + } + $results + } + } +} + +Function New-NSXTDistFirewall { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 01/03/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Creates a new NSX-T Distribuged Firewall Rule + .DESCRIPTION + This cmdlet creates a new NSX-T Distribuged Firewall Rule + .EXAMPLE + New-NSXTDistFirewall -Name "App1 to Web1" -Section "App Section 1" ` + -SourceGroup "App Server 1" ` + -DestinationGroup "Web Server 1" ` + -Service HTTPS -Logged $true ` + -SequenceNumber 10 ` + -Action ALLOW +#> + Param ( + [Parameter(Mandatory=$True)]$Name, + [Parameter(Mandatory=$True)]$Section, + [Parameter(Mandatory=$True)]$SequenceNumber, + [Parameter(Mandatory=$True)]$SourceGroup, + [Parameter(Mandatory=$True)]$DestinationGroup, + [Parameter(Mandatory=$True)]$Service, + [Parameter(Mandatory=$True)][ValidateSet("ALLOW","DROP")]$Action, + [Parameter(Mandatory=$false)][Boolean]$Logged=$false, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + + $sectionId = (Get-NSXTDistFirewallSection -Name $Section)[0].Id + + $destinationGroups = @() + foreach ($group in $DestinationGroup) { + if($group -eq "ANY") { + $destinationGroups = @("ANY") + } else { + $tmp = (Get-NSXTGroup -GatewayType CGW -Name $group).Path + $destinationGroups+= $tmp + } + } + + $sourceGroups = @() + foreach ($group in $SourceGroup) { + if($group -eq "ANY") { + $sourceGroups = @("ANY") + } else { + $tmp = (Get-NSXTGroup -GatewayType CGW -Name $group).Path + $sourceGroups+= $tmp + } + } + + $services = @() + foreach ($serviceName in $Service) { + if($serviceName -eq "ANY") { + $services = @("ANY") + } else { + $tmp = "/infra/services/$serviceName" + $services+=$tmp + } + } + + $payload = @{ + display_name = $Name; + sequence_number = $SequenceNumber; + destination_groups = $destinationGroups; + source_groups = $sourceGroups; + logged = $Logged; + scope = @("ANY"); + services = $services; + action = $Action.ToUpper(); + } + + $body = $payload | ConvertTo-Json -depth 5 + + $method = "PUT" + $generatedId = (New-Guid).Guid + $newDistFirewallURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/cgw/communication-maps/$($sectionId)/communication-entries/$generatedId" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$newDistFirewallURL`n" + Write-Host -ForegroundColor cyan "[DEBUG]`n$body`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $newDistFirewallURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $newDistFirewallURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in creating new NSX-T Distributed Firewall Rule" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully created new NSX-T Distributed Firewall Rule $Name" + ($requests.Content | ConvertFrom-Json) | select display_name, id + } + } +} + +Function Remove-NSXTDistFirewall { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 01/03/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Removes an NSX-T Distributed Firewall Rule + .DESCRIPTION + This cmdlet removes an NSX-T Distributed Firewall Rule + .EXAMPLE + Remove-NSXTFirewall -Id TEST -Troubleshoot +#> + Param ( + [Parameter(Mandatory=$True)]$Id, + [Parameter(Mandatory=$True)]$Section, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $sectionId = (Get-NSXTDistFirewallSection -Name $Section).Id + $dfwId = (Get-NSXTDistFirewall -SectionName $Section | where { $_.id -eq $Id}).Id + + $method = "DELETE" + $deleteDistFirewallURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/domains/cgw/communication-maps/$sectionId/communication-entries/$dfwId" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$deleteDistFirewallURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $deleteDistFirewallURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $deleteDistFirewallURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in removing NSX-T Distributed Firewall Rule" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully removed NSX-T Distributed Firewall Rule" + } + } +} + +Function Get-NSXTRouteTable { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 02/02/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Retrieves NSX-T Routing Table + .DESCRIPTION + This cmdlet retrieves NSX-T Routing Table. By default, it shows all routes but you can filter by BGP, CONNECTED or STATIC routes + .EXAMPLE + Get-NSXTRouteTable + .EXAMPLE + Get-NSXTRouteTable -RouteSource BGP + .EXAMPLE + Get-NSXTRouteTable -RouteSource CONNECTED + .EXAMPLE + Get-NSXTRouteTable -RouteSource STATIC + .EXAMPLE + Get-NSXTRouteTable -RouteSource BGP -Troubleshoot +#> + Param ( + [Parameter(Mandatory=$False)][ValidateSet("BGP","CONNECTED","STATIC")]$RouteSource, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "GET" + $routeTableURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-0s/vmc/routing-table?enforcement_point_path=/infra/deployment-zones/default/enforcement-points/vmc-enforcementpoint" + + if($RouteSource) { + $routeTableURL = $routeTableURL + "&route_source=$RouteSource" + } + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$routeTableURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $routeTableURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $routeTableURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Routing Table" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully retrieved NSX-T Routing Table`n" + $routeTables = ($requests.Content | ConvertFrom-Json).results + + foreach ($routeTable in $routeTables) { + Write-Host "EdgeNode: $($routeTable.edge_node)" + Write-Host "Entries: $($routeTable.count)" + + $routeEntries = $routeTable.route_entries + $routeEntryResults = @() + foreach ($routeEntry in $routeEntries) { + $routeEntryResults += $routeEntry + } + $routeEntryResults | select network,next_hop,admin_distance,route_type | ft + } + } + } +} + +Function Get-NSXTOverviewInfo { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 02/02/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Retrieves NSX-T Overview including the VPN internet IP Address and SDDC Infra/Mgmt Subnets, etc. + .DESCRIPTION + This cmdlet retrieves NSX-T Overview details including the VPN internet IP Address and SDDC Infra/Mgmt Subnets, etc. + .EXAMPLE + Get-NSXTOverviewInfo +#> +Param ( + [Parameter(Mandatory=$False)][ValidateSet("BGP","CONNECTED","STATIC")]$RouteSource, + [Switch]$Troubleshoot +) + +If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "GET" + $overviewURL = $global:nsxtProxyConnection.Server + "/cloud-service/api/v1/infra/sddc-user-config" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$overviewURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $overviewURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $overviewURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Overview Information" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully retrieved NSX-T Overview Information" + ($requests.Content | ConvertFrom-Json) + } +} +} + +Function Get-NSXTInfraScope { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 03/14/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns all NSX-T Infrastructure Scopes + .DESCRIPTION + This cmdlet retrieves all NSX-T Infrastructure Scopes + .EXAMPLE + Get-NSXTInfraScope + .EXAMPLE + Get-NSXTInfraGroup -Name "VPN Tunnel Interface" + #> + param( + [Parameter(Mandatory=$false)][String]$Name, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "GET" + $infraLabelURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/labels" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$infraLabelURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $infraLabelURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $infraLabelURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Infrastructure Scopes" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + $infraLables = ($requests.Content | ConvertFrom-Json).results + + if ($PSBoundParameters.ContainsKey("Name")){ + $infraLables = $infraLables | where {$_.display_name -eq $Name} + } + + $results = @() + foreach ($infraLabel in $infraLables) { + $tmp = [pscustomobject] @{ + Name = $infraLabel.display_name; + Id = $infraLabel.Id; + Path = $infraLabel.Path; + } + $results+=$tmp + } + $results + } + } +} + +Function Get-NSXTInfraGroup { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 03/14/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns all NSX-T Infrastructure Groups for CGW + .DESCRIPTION + This cmdlet retrieves all NSX-T Infrastructure Groups for CGW + .EXAMPLE + Get-NSXTInfraGroup + .EXAMPLE + Get-NSXTInfraGroup -Name "S3 Prefixes" + #> + param( + [Parameter(Mandatory=$false)][String]$Name, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "GET" + $infraGroupsURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-0s/vmc/groups" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$infraGroupsURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $infraGroupsURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $infraGroupsURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Infrastructure Groups" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + $groups = ($requests.Content | ConvertFrom-Json).results + + if ($PSBoundParameters.ContainsKey("Name")){ + $groups = $groups | where {$_.display_name -eq $Name} + } + + $results = @() + foreach ($group in $groups) { + $tmp = [pscustomobject] @{ + Name = $group.display_name; + ID = $group.id; + Path = $group.path; + } + $results+=$tmp + } + $results + } + } +} + +Function New-NSXTRouteBasedVPN { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 04/13/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns all NSX-T Infrastructure Scopes + .DESCRIPTION + This cmdlet retrieves all NSX-T Infrastructure Scopes + .EXAMPLE + New-NSXTRouteBasedVPN -Name VPN3 ` + -PublicIP 18.184.241.223 ` + -RemotePublicIP 18.194.148.62 ` + -BGPLocalIP 169.254.51.2 ` + -BGPRemoteIP 169.254.51.1 ` + -BGPLocalASN 65056 ` + -BGPremoteASN 64512 ` + -BGPNeighborID 60 ` + -TunnelEncryption AES_256 ` + -TunnelDigestEncryption SHA2_256 ` + -IKEEncryption AES_256 ` + -IKEDigestEncryption SHA2_256 ` + -DHGroup GROUP14 ` + -IKEVersion IKE_V1 ` + -PresharedPassword VMware123. ` + -Troubleshoot + #> + param( + [Parameter(Mandatory=$true)][String]$Name, + [Parameter(Mandatory=$true)][String]$PublicIP, + [Parameter(Mandatory=$true)][String]$RemotePublicIP, + [Parameter(Mandatory=$true)][String]$BGPLocalIP, + [Parameter(Mandatory=$true)][String]$BGPRemoteIP, + [Parameter(Mandatory=$false)][int]$BGPLocalPrefix=30, + [Parameter(Mandatory=$true)][ValidateRange(64512,65534)][int]$BGPLocalASN, + [Parameter(Mandatory=$true)][ValidateRange(64512,65534)][int]$RemoteBGPASN, + [Parameter(Mandatory=$true)][String]$BGPNeighborID, + [Parameter(Mandatory=$true)][String][ValidateSet("AES_128","AES_256","AES_GCM_128","AES_GCM_192","AES_GCM_256")]$TunnelEncryption, + [Parameter(Mandatory=$true)][String][ValidateSet("SHA1","SHA2_256")]$TunnelDigestEncryption, + [Parameter(Mandatory=$true)][String][ValidateSet("AES_128","AES_256","AES_GCM_128","AES_GCM_192","AES_GCM_256")]$IKEEncryption, + [Parameter(Mandatory=$true)][String][ValidateSet("SHA1","SHA2_256")]$IKEDigestEncryption, + [Parameter(Mandatory=$true)][String][ValidateSet("GROUP2","GROUP5","GROUP14","GROUP15","GROUP16")]$DHGroup, + [Parameter(Mandatory=$true)][String][ValidateSet("IKE_V1","IKE_V2","IKE_FLEX")]$IKEVersion, + [Parameter(Mandatory=$true)][String]$PresharedPassword, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + + ## Configure BGP ASN + + $payload = @{ + local_as_num = $BGPLocalASN; + } + $body = $payload | ConvertTo-Json -Depth 5 + + $ASNmethod = "patch" + $bgpAsnURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-0s/vmc/locale-services/default/bgp" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $ASNmethod`n$bgpAsnURL`n" + Write-Host -ForegroundColor cyan "[DEBUG]`n$body`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $bgpAsnURL -Body $body -Method $ASNmethod -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $bgpAsnURL -Body $body -Method $ASNmethod -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in updating BGP ASN" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + ## Configure BGP Neighbor + + $payload = @{ + resource_type = "BgpNeighborConfig"; + id = $BGPNeighborID; + remote_as_num = $RemoteBGPASN; + neighbor_address = $BGPRemoteIP; + } + $body = $payload | ConvertTo-Json -Depth 5 + + $method = "put" + $bgpNeighborURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-0s/vmc/locale-services/default/bgp/neighbors/$BGPNeighborID" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$bgpNeighborURL`n" + Write-Host -ForegroundColor cyan "[DEBUG]`n$body`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $bgpNeighborURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $bgpNeighborURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in configuring BGP Neighbor" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + ## Configure Route Based Policy VPN + + $TunnelSubnets = @{ + ip_addresses = @("$BGPLocalIP"); + prefix_length = $BGPLocalPrefix; + } + + $payload = @{ + display_name = $Name; + enabled = $true; + local_address = $PublicIP; + remote_private_address = $RemotePublicIP; + remote_public_address = $RemotePublicIP; + passphrases = @("$PresharedPassword"); + tunnel_digest_algorithms = @("$TunnelDigestEncryption"); + ike_digest_algorithms = @("$IKEDigestEncryption"); + ike_encryption_algorithms = @("$IKEEncryption"); + enable_perfect_forward_secrecy = $true; + dh_groups = @("$DHGroup"); + ike_version = $IKEVersion; + l3vpn_session = @{ + resource_type = "RouteBasedL3VpnSession"; + tunnel_subnets = @($TunnelSubnets); + default_rule_logging = $false; + force_whitelisting = $false; + routing_config_path = "/infra/tier-0s/vmc/locale-services/default/bgp/neighbors/$BGPNeighborID"; + }; + tunnel_encryption_algorithms = @("$TunnelEncryption"); + } + $body = $payload | ConvertTo-Json -Depth 5 + + $routeBasedVPNURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-0s/vmc/locale-services/default/l3vpns/$Name" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$bgpNeighborURL`n" + Write-Host -ForegroundColor cyan "[DEBUG]`n$body`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $routeBasedVPNURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $routeBasedVPNURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in configuring Route Based VPN" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully created Route Based VPN" + ($requests.Content | ConvertFrom-Json) + } + } + } + } +} + +Function Get-NSXTRouteBasedVPN { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 04/13/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns all NSX-T Route Based VPN Tunnels + .DESCRIPTION + This cmdlet retrieves all NSX-T Route Based VPN Tunnels description + .EXAMPLE + Get-NSXTRouteBasedVPN + .EXAMPLE + Get-NSXTRouteBasedVPN -Name "VPN-T1" + #> + param( + [Parameter(Mandatory=$false)][String]$Name, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "GET" + $routeBaseVPNURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-0s/vmc/locale-services/default/l3vpns" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$routeBaseVPNURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $routeBaseVPNURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $routeBaseVPNURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Route Based VPN Tunnels" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + $groups = ($requests.Content | ConvertFrom-Json).results + if ($PSBoundParameters.ContainsKey("Name")){ + $groups = $groups | where {$_.display_name -eq $Name} + } + + $results = @() + foreach ($group in $groups) { + if($group.l3vpn_session.resource_type -eq "RouteBasedL3VpnSession") { + $tmp = [pscustomobject] @{ + Name = $group.display_name; + ID = $group.id; + Path = $group.path; + Routing_Config_Path = $group.l3vpn_session.routing_config_path; + Local_IP = $group.local_address; + Remote_Public_IP = $group.remote_public_address; + Tunnel_IP_Address = $group.l3vpn_session.tunnel_subnets.ip_addresses + IKE_Version = $group.ike_version; + IKE_Encryption = $group.ike_encryption_algorithms; + IKE_Digest = $group.ike_digest_algorithms; + Tunnel_Encryption = $group.tunnel_encryption_algorithms; + Tunnel_Digest = $group.tunnel_digest_algorithms; + DH_Group = $group.dh_groups; + Created_by = $group._create_user; + Last_Modified_by = $group._last_modified_user; + } + $results+=$tmp + } + } + $results + } + } +} + +Function Remove-NSXTRouteBasedVPN { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 04/13/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Removes a route based VPN Tunnel and it's associated BGP neighbor + .DESCRIPTION + This cmdlet removes a route based VPN Tunnel and it's associated BGP neighbor + .EXAMPLE + Remove-NSXTRouteBasedVPN -Name VPN1 -Troubleshoot +#> + Param ( + [Parameter(Mandatory=$True)]$Name, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $TunnelId = (Get-NSXTRouteBasedVPN -Name $Name).ID + $path = (Get-NSXTRouteBasedVPN -Name $Name).RoutingConfigPath + + # Delete IPSEC tunnel + $method = "DELETE" + $deleteVPNtunnelURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-0s/vmc/locale-services/default/l3vpns/$TunnelId" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$deleteVPNtunnelURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $deleteVPNtunnelURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $deleteVPNtunnelURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in removing NSX-T IPSEC Tunnel: $Name" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully removed NSX-T IPSEC Tunnel: $Name" + } + + # Delete BGP Neighbor + $method = "DELETE" + $deleteBGPnbURL = $global:nsxtProxyConnection.Server + "/policy/api/v1$path" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$deleteBGPnbURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $deleteBGPnbURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $deleteBGPnbURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in removing NSX-T BGP Neighbor" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully removed NSX-T BGP Neighbor" + } + } +} + +Function New-NSXTPolicyBasedVPN { +<# +.NOTES +=========================================================================== +Created by: William Lam +Date: 05/09/2019 +Organization: VMware +Blog: http://www.virtuallyghetto.com +Twitter: @lamw +=========================================================================== + +.SYNOPSIS + Creates a new NSX-T Policy Based VPN +.DESCRIPTION + This cmdlet creates a new NSX-T Policy Based VPN +.EXAMPLE + New-NSXTPolicyBasedVPN -Name Policy1 ` + -LocalIP 18.194.102.229 ` + -RemotePublicIP 3.122.124.16 ` + -RemotePrivateIP 169.254.90.1 ` + -SequenceNumber 0 ` + -SourceIPs @("192.168.4.0/24", "192.168.5.0/24") ` + -DestinationIPs @("172.204.10.0/24", "172.204.20.0/24") ` + -TunnelEncryption AES_256 ` + -TunnelDigestEncryption SHA2_256 ` + -IKEEncryption AES_256 ` + -IKEDigestEncryption SHA2_256 ` + -DHGroup GROUP14 ` + -IKEVersion IKE_V1 ` + -PresharedPassword VMware123. ` + -Troubleshoot +#> + param( + [Parameter(Mandatory=$true)][String]$Name, + [Parameter(Mandatory=$true)][String]$LocalIP, + [Parameter(Mandatory=$true)][String]$RemotePublicIP, + [Parameter(Mandatory=$true)][String]$RemotePrivateIP, + [Parameter(Mandatory=$True)]$SequenceNumber, + [Parameter(Mandatory=$true)][String[]]$SourceIPs, + [Parameter(Mandatory=$true)][String[]]$DestinationIPs, + [Parameter(Mandatory=$true)][String][ValidateSet("AES_128","AES_256","AES_GCM_128","AES_GCM_192","AES_GCM_256")]$TunnelEncryption, + [Parameter(Mandatory=$true)][String][ValidateSet("SHA1","SHA2_256")]$TunnelDigestEncryption, + [Parameter(Mandatory=$true)][String][ValidateSet("AES_128","AES_256","AES_GCM_128","AES_GCM_192","AES_GCM_256")]$IKEEncryption, + [Parameter(Mandatory=$true)][String][ValidateSet("SHA1","SHA2_256")]$IKEDigestEncryption, + [Parameter(Mandatory=$true)][String][ValidateSet("GROUP2","GROUP5","GROUP14","GROUP15","GROUP16")]$DHGroup, + [Parameter(Mandatory=$true)][String][ValidateSet("IKE_V1","IKE_V2","IKE_FLEX")]$IKEVersion, + [Parameter(Mandatory=$true)][String]$PresharedPassword, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + + $generatedId = (New-Guid).Guid + + $sources = @() + foreach ($source in $SourceIPs) { + $tmp = @{ subnet = $source} + $sources+=$tmp + } + + $destinations = @() + foreach ($destination in $DestinationIPs) { + $tmp = @{ subnet = $destination} + $destinations+=$tmp + } + + $payload = @{ + display_name = $Name; + enabled = $true; + local_address = $LocalIP; + remote_private_address = $RemotePrivateIP; + remote_public_address = $RemotePublicIP; + passphrases = @("$PresharedPassword"); + tunnel_digest_algorithms = @("$TunnelDigestEncryption"); + tunnel_encryption_algorithms = @("$TunnelEncryption"); + ike_digest_algorithms = @("$IKEDigestEncryption"); + ike_encryption_algorithms = @("$IKEEncryption"); + enable_perfect_forward_secrecy = $true; + dh_groups = @("$DHGroup"); + ike_version = $IKEVersion; + + l3vpn_session = @{ + resource_type = "PolicyBasedL3VpnSession"; + rules = @( + @{ + id = $generatedId; + display_name = $generatedId; + sequence_number = $SequenceNumber; + sources = @($sources) + destinations = @($destinations) + } + ) + } + } + $body = $payload | ConvertTo-Json -Depth 5 + + $method = "put" + $policyBasedVPNURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-0s/vmc/locale-services/default/l3vpns/$Name" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $METHOD`n$policyBasedVPNURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $policyBasedVPNURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $policyBasedVPNURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in configuring Policy Based VPN" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully created Policy Based VPN" + ($requests.Content | ConvertFrom-Json) + } + } +} + +Function Get-NSXTPolicyBasedVPN { +<# +.NOTES +=========================================================================== +Created by: William Lam +Date: 05/09/2019 +Organization: VMware +Blog: http://www.virtuallyghetto.com +Twitter: @lamw +=========================================================================== + +.SYNOPSIS + Returns all NSX-T Policy Based VPN Tunnels +.DESCRIPTION + This cmdlet retrieves all NSX-T Policy Based VPN Tunnels description +.EXAMPLE + Get-NSXTPolicyBasedVPN +.EXAMPLE + Get-NSXTPolicyBasedVPN -Name "VPN-T1" +#> + param( + [Parameter(Mandatory=$false)][String]$Name, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "GET" + $policyBaseVPNURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-0s/vmc/locale-services/default/l3vpns" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$routeBaseVPNURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $policyBaseVPNURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $policyBaseVPNURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Policy Based VPN Tunnels" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + $groups = ($requests.Content | ConvertFrom-Json).results + if ($PSBoundParameters.ContainsKey("Name")){ + $groups = $groups | where {$_.display_name -eq $Name} + } + + $results = @() + foreach ($group in $groups) { + if($group.l3vpn_session.resource_type -eq "PolicyBasedL3VpnSession") { + $tmp = [pscustomobject] @{ + Name = $group.display_name; + ID = $group.id; + Path = $group.path; + Local_IP = $group.local_address; + Remote_Public_IP = $group.remote_public_address; + Tunnel_IP_Address = $group.remote_private_address; + IKE_Version = $group.ike_version; + IKE_Encryption = $group.ike_encryption_algorithms; + IKE_Digest = $group.ike_digest_algorithms; + Tunnel_Encryption = $group.tunnel_encryption_algorithms; + Tunnel_Digest = $group.tunnel_digest_algorithms; + DH_Group = $group.dh_groups; + IP_Sources = $group.l3vpn_session.rules.sources.subnet; + IP_Destinations = $group.l3vpn_session.rules.destinations.subnet + Created_by = $group._create_user; + Last_Modified_by = $group._last_modified_user; + } + $results+=$tmp + } + } + $results + } + } +} + +Function Remove-NSXTPolicyBasedVPN { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 05/09/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Removes a policy based VPN Tunnel + .DESCRIPTION + This cmdlet removes a policy based VPN Tunnel + .EXAMPLE + Remove-NSXTPolicyBasedVPN -Name "Policy1" -Troubleshoot +#> + Param ( + [Parameter(Mandatory=$True)]$Name, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $TunnelId = (Get-NSXTPolicyBasedVPN -Name $Name).ID + + # Delete IPSEC tunnel + $method = "DELETE" + $deleteVPNtunnelURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-0s/vmc/locale-services/default/l3vpns/$TunnelId" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$deleteVPNtunnelURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $deleteVPNtunnelURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $deleteVPNtunnelURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in removing NSX-T VPN Tunnel: $Name" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully removed NSX-T VPN Tunnel: $Name" + } + } +} + +Function Get-NSXTDNS { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 06/08/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns DNS Zone configuration for MGW or CGW + .DESCRIPTION + This cmdlet retrieves DNS Zone configuration for MGW or CGW + .EXAMPLE + Get-NSXTDNS -GatewayType MGW + .EXAMPLE + Get-NSXTDNS -GatewayType CGW +#> + param( + [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "GET" + $dnsURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/dns-forwarder-zones/$($GatewayType.toLower())-dns-zone" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$dnsURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $dnsURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $dnsURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T DNS Zones" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + $dnsZone = ($requests.Content | ConvertFrom-Json) + + $results = [pscustomobject] @{ + Name = $dnsZone.display_name; + DNS1 = $dnsZone.upstream_servers[0]; + DNS2 = $dnsZone.upstream_servers[1]; + Domain = $dnsZone.dns_domain_names; + } + $results + } + } +} + +Function Set-NSXTDNS { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 06/08/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns DNS Zone configuration for MGW or CGW + .DESCRIPTION + This cmdlet retrieves DNS Zone configuration for MGW or CGW + .EXAMPLE + Set-NSXTDNS -GatewayType MGW -DNS @("192.168.1.14","192.168.1.15") + .EXAMPLE + Set-NSXTDNS -GatewayType CGW -DNS @("8.8.8.8") +#> + param( + [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, + [Parameter(Mandatory=$true)][String[]]$DNS, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "PATCH" + $dnsURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/dns-forwarder-zones/$($GatewayType.toLower())-dns-zone" + + $payload = @{ + upstream_servers = @($DNS) + } + + $body = $payload | ConvertTo-Json -Depth 5 + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$dnsURL`n" + Write-Host -ForegroundColor cyan "[DEBUG]`n$body`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $dnsURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $dnsURL -Body $body -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in updating NSX-T DNS Zones" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully updated NSX-T DNS for $GatewayType" + } + } +} + +Function Get-NSXTPublicIP { + param( + [Parameter(Mandatory=$false)][String]$Name, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "GET" + $publicIPURL = ($global:nsxtProxyConnection.Server).replace("/sks-nsxt-manager","") + "/cloud-service/api/v1/infra/public-ips" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$publicIPURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $publicIPURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $publicIPURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Public IPs" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + $results = ($requests.Content | ConvertFrom-Json).results | select display_name,id,ip + + if ($PSBoundParameters.ContainsKey("Name")){ + $results | where {$_.display_name -eq $Name} + } else { + $results + } + } + } +} + +Function New-NSXTPublicIP { + Param( + [Parameter(Mandatory=$false)][String]$Name, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "PUT" + $publicIPURL = ($global:nsxtProxyConnection.Server).replace("/sks-nsxt-manager","") + "/cloud-service/api/v1/infra/public-ips/$($Name)" + + $payload = @{ + display_name = "$Name"; + } + + $body = $payload | ConvertTo-Json + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$publicIPURL`n" + Write-Host -ForegroundColor cyan "[DEBUG]`n$body`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $publicIPURL -Method $method -Body $body -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $publicIPURL -Method $method -Body $body -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Public IPs" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully requested new NSX-T Public IP Address" + ($requests.Content | ConvertFrom-Json) | select display_name,id,ip + } + } +} + +Function Remove-NSXTPublicIP { + Param( + [Parameter(Mandatory=$false)][String]$Name, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "DELETE" + $publicIPURL = ($global:nsxtProxyConnection.Server).replace("/sks-nsxt-manager","") + "/cloud-service/api/v1/infra/public-ips/$($Name)" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$publicIPURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $publicIPURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $publicIPURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in deleting NSX-T Public IPs" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully deleted NSX-T Public IP Address $Name" + } + } +} + +Function Get-NSXTNatRule { + param( + [Parameter(Mandatory=$false)][String]$Name, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "GET" + $natURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-1s/cgw/nat/USER/nat-rules" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$natURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $natURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $natURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in retrieving NSX-T Public IPs" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + $results = ($requests.Content | ConvertFrom-Json).results | select id,display_name,sequence_number,source_network,translated_network,destination_network,translated_ports,service,scope + + if ($PSBoundParameters.ContainsKey("Name")){ + $results | where {$_.display_name -eq $Name} + } else { + $results + } + } + } +} + +Function New-NSXTNatRule { + Param( + [Parameter(Mandatory=$true)][String]$Name, + [Parameter(Mandatory=$true)][String]$PublicIP, + [Parameter(Mandatory=$true)][String]$InternalIP, + [Parameter(Mandatory=$true)][String]$Service, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + $method = "PUT" + $natURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-1s/cgw/nat/USER/nat-rules/$($Name)" + + if($service -eq "ANY") { + $payload = @{ + display_name = $Name; + action = "REFLEXIVE"; + service = ""; + translated_network = $PublicIP; + source_network = $InternalIP; + scope = @("/infra/labels/cgw-public"); + firewall_match = "MATCH_INTERNAL_ADDRESS"; + logging = $false; + enabled = $true; + sequence_number = 0; + } + } else { + $nsxtService = Get-NSXTServiceDefinition -Name $Service + $servicePath = $nsxtService.path + $servicePort = $nsxtService.Destination + + $payload = @{ + display_name = $Name; + action = "DNAT"; + service = $servicePath; + translated_network = $InternalIP; + translated_ports = $servicePort; + destination_network = $PublicIP + scope = @("/infra/labels/cgw-public"); + firewall_match = "MATCH_EXTERNAL_ADDRESS"; + logging = $false; + enabled = $true; + sequence_number = 0; + } + } + + $body = $payload | ConvertTo-Json -Depth 5 + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$natURL`n" + Write-Host -ForegroundColor cyan "[DEBUG]`n$body`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $natURL -Method $method -Body $body -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $natURL -Method $method -Body $body -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in creating NSX-T NAT Rule" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully create new NAT Rule" + ($requests.Content | ConvertFrom-Json) | select id,display_name,sequence_number,source_network,translated_network,destination_network,translated_ports,service,scope + } + } +} + +Function Remove-NSXTNatRule { + Param( + [Parameter(Mandatory=$false)][String]$Name, + [Switch]$Troubleshoot + ) + + If (-Not $global:nsxtProxyConnection) { Write-error "No NSX-T Proxy Connection found, please use Connect-NSXTProxy" } Else { + + $natRuleId = (Get-NSXTNatRule -Name $Name).id + + $method = "DELETE" + $natURL = $global:nsxtProxyConnection.Server + "/policy/api/v1/infra/tier-1s/cgw/nat/USER/nat-rules/$($natRuleId)" + + if($Troubleshoot) { + Write-Host -ForegroundColor cyan "`n[DEBUG] - $method`n$natURL`n" + } + + try { + if($PSVersionTable.PSEdition -eq "Core") { + $requests = Invoke-WebRequest -Uri $natURL -Method $method -Headers $global:nsxtProxyConnection.headers -SkipCertificateCheck + } else { + $requests = Invoke-WebRequest -Uri $natURL -Method $method -Headers $global:nsxtProxyConnection.headers + } + } catch { + if($_.Exception.Response.StatusCode -eq "Unauthorized") { + Write-Host -ForegroundColor Red "`nThe NSX-T Proxy session is no longer valid, please re-run the Connect-NSXTProxy cmdlet to retrieve a new token`n" + break + } else { + Write-Error "Error in deleting NSX-T NAT Rule" + Write-Error "`n($_.Exception.Message)`n" + break + } + } + + if($requests.StatusCode -eq 200) { + Write-Host "Successfully deleted NAT Rule $Name" + } + } +} diff --git a/Modules/VMware.VMC/VMware.VMC.psd1 b/Modules/VMware.VMC/VMware.VMC.psd1 index b33fca9..397ab8d 100755 Binary files a/Modules/VMware.VMC/VMware.VMC.psd1 and b/Modules/VMware.VMC/VMware.VMC.psd1 differ diff --git a/Modules/VMware.VMC/VMware.VMC.psm1 b/Modules/VMware.VMC/VMware.VMC.psm1 index 6605a14..7914c64 100644 --- a/Modules/VMware.VMC/VMware.VMC.psm1 +++ b/Modules/VMware.VMC/VMware.VMC.psm1 @@ -1,1011 +1,1630 @@ -Function Get-VMCCommand { -<# - .NOTES - =========================================================================== - Created by: VMware - Date: 11/17/2017 - Organization: VMware - Blog: http://vmware.com/go/powercli - Twitter: @powercli - =========================================================================== - - .SYNOPSIS - Returns all cmdlets for VMware Cloud on AWS - .DESCRIPTION - This cmdlet will allow you to return all cmdlets included in the VMC module - .EXAMPLE - Get-VMCCommand - .EXAMPLE - Get-Command -Module VMware.VMC - .NOTES - You can either use this cmdlet or the Get-Command cmdlet as seen in Example 2 -#> - Get-command -Module VMware.VimAutomation.Vmc - Get-Command -Module VMware.VMC - -} -Function Connect-VMCVIServer { -<# - .NOTES - =========================================================================== - Created by: VMware - Date: 11/17/2017 - Organization: VMware - Blog: http://vmware.com/go/powercli - Twitter: @powercli - =========================================================================== - - .SYNOPSIS - Cmdlet to connect to your VMC vCenter Server - .DESCRIPTION - This will connect you to both the VMC ViServer as well as the CiSServer at the same time. - .EXAMPLE - Connect-VMCVIServer -Server -User -Password - .NOTES - Easiest way is to pipe through your credentials from Get-VMCSDDCDefaultCredential -#> - Param ( - [Parameter(Mandatory=$true)]$Org, - [Parameter(Mandatory=$true)]$Sddc, - [switch]$Autologin - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - $creds = Get-VMCSDDCDefaultCredential -Org $Org -Sddc $Sddc - Write-Host "Connecting to VMC vCenter Server" $creds.vc_public_ip - Connect-VIServer -Server $creds.vc_public_ip -User $creds.cloud_username -Password $creds.cloud_password | Add-Member -MemberType Noteproperty -Name Location -Value "VMC" - Write-Host "Connecting to VMC CIS Endpoint" $creds.vc_public_ip - Connect-CisServer -Server $creds.vc_public_ip -User $creds.cloud_username -Password $creds.cloud_password | Add-Member -MemberType Noteproperty -Name Location -Value "VMC" - } -} -Function Get-VMCOrg { -<# - .NOTES - =========================================================================== - Created by: VMware - Date: 11/17/2017 - Organization: VMware - Blog: http://vmware.com/go/powercli - Twitter: @powercli - =========================================================================== - - .SYNOPSIS - Return the Orgs that you are a part of - .DESCRIPTION - Depending on what you've purchased, you may be a part of one or more VMC Orgs. This will return your orgs - .EXAMPLE - Get-VMCOrg - .EXAMPLE - Get-VMCOrg -Name - .NOTES - Return all the info about the orgs you are a part of -#> - Param ( - [Parameter(Mandatory=$false)]$Name - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use Connect-VMC to connect" } Else { - $orgService = Get-VMCService com.vmware.vmc.orgs - if ($PSBoundParameters.ContainsKey("Name")){ - $orgs = $orgService.list() | Where {$_.display_name -match $Name} - } Else { - $orgs = $orgService.list() - } - $Orgs | Select display_name, name, user_name, created, id - } -} -Function Get-VMCSDDC { -<# - .NOTES - =========================================================================== - Created by: VMware - Date: 11/17/2017 - Organization: VMware - Blog: http://vmware.com/go/powercli - Twitter: @powercli - =========================================================================== - - .SYNOPSIS - Returns all of the SDDCs you are associated to - .DESCRIPTION - Returns all of the SDDCs ayou are associated to - .EXAMPLE - Get-VMCSDDC -Org - .EXAMPLE - Get-VMCSDDC -Name -Org -#> - Param ( - [Parameter(Mandatory=$True)]$Org, - [Parameter(Mandatory=$false)]$Name - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - if ($PSBoundParameters.ContainsKey("Org")){ - $orgs = Get-VMCOrg -Name $Org - } else { - $orgs = Get-VMCOrg - } - - foreach ($org in $orgs) { - $orgID = $org.ID - $sddcService = Get-VMCService com.vmware.vmc.orgs.sddcs - if ($PSBoundParameters.ContainsKey("Name")){ - $sddcService.list($OrgID) | Where {$_.name -match $Name} - } Else { - $sddcService.list($OrgID) - } - } - } -} -Function Get-VMCTask { -<# - .NOTES - =========================================================================== - Created by: VMware - Date: 11/17/2017 - Organization: VMware - Blog: http://vmware.com/go/powercli - Twitter: @powercli - =========================================================================== - - .SYNOPSIS - Returns all of the VMC Tasks - .DESCRIPTION - Returns all of the VMC Tasks that have either occurred or are in process - .EXAMPLE - Get-VMCTask -#> - Param ( - [Parameter(Mandatory=$True)]$Org - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - if ($PSBoundParameters.ContainsKey("Org")){ - $orgs = Get-VMCOrg -Name $Org - } else { - $orgs = Get-VMCOrg - } - - foreach ($org in $orgs) { - $orgID = $org.ID - $taskService = Get-VMCService com.vmware.vmc.orgs.tasks - $taskService.list($OrgID) | Select * -ExcludeProperty Help - } - } -} -Function Get-VMCSDDCDefaultCredential { -<# - .NOTES - =========================================================================== - Created by: VMware - Date: 11/17/2017 - Organization: VMware - Blog: http://vmware.com/go/powercli - Twitter: @powercli - =========================================================================== - - .SYNOPSIS - Returns the default credential for the SDDC - .DESCRIPTION - Returns the default credential for the sddc - .EXAMPLE - Get-VMCSDDCDefaultCredential -Org - .EXAMPLE - Get-VMCSDDCDefaultCredential -Sddc -Org -#> - Param ( - [Parameter(Mandatory=$true)]$Org, - [Parameter(Mandatory=$false)]$Sddc - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - if ($PSBoundParameters.ContainsKey("Sddc")){ - $sddcs = Get-VMCSDDC -Name $Sddc -Org $Org - } else { - $sddcs = Get-VMCSDDC -Org $Org - } - - foreach ($sddc in $sddcs) { - $sddc.resource_config | Select-object vc_url, vc_management_ip, vc_public_ip, cloud_username, cloud_password - } - } -} -Function Get-VMCSDDCPublicIP { -<# - .NOTES - =========================================================================== - Created by: VMware - Date: 11/17/2017 - Organization: VMware - Blog: http://vmware.com/go/powercli - Twitter: @powercli - =========================================================================== - - .SYNOPSIS - Returns your Public IPs - .DESCRIPTION - Returns your Public IPs - .EXAMPLE - Get-VMCSDDCPublicIP -Org - .EXAMPLE - Get-VMCSDDCPublicIP -Sddc -Org - .NOTES - Return your Public IPs that you have assigned to your account -#> - Param ( - [Parameter(Mandatory=$true)]$Org, - [Parameter(Mandatory=$false)]$Sddc - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - if ($PSBoundParameters.ContainsKey("Sddc")){ - $sddcs = Get-VMCSDDC -Name $Sddc -Org $Org - } else { - $sddcs = Get-VMCSDDC -Org $Org - } - - foreach ($sddc in $sddcs) { - $sddc.resource_config.Public_ip_pool - } - } -} -Function Get-VMCVMHost { - Param ( - [Parameter(Mandatory=$false)]$Sddc, - [Parameter(Mandatory=$true)]$Org - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - if ($PSBoundParameters.ContainsKey("Sddc")){ - $sddcs = Get-VMCSDDC -Name $Sddc -Org $Org - } else { - $sddcs = Get-VMCSDDC -Org $Org - } - - $results = @() - foreach ($sddc in $sddcs) { - foreach ($vmhost in $sddc.resource_config.esx_hosts) { - $tmp = [pscustomobject] @{ - esx_id = $vmhost.esx_id; - name = $vmhost.name; - hostname = $vmhost.hostname; - esx_state = $vmhost.esx_state; - sddc_id = $sddc.id; - org_id = $sddc.org_id; - } - $results += $tmp - } - $results - } - } -} -Function Get-VMCSDDCVersion { -<# - .NOTES - =========================================================================== - Created by: VMware - Date: 11/17/2017 - Organization: VMware - Blog: http://vmware.com/go/powercli - Twitter: @powercli - =========================================================================== - - .SYNOPSIS - Returns SDDC Version - .DESCRIPTION - Returns Version of the SDDC - .EXAMPLE - Get-VMCSDDCVersion -Name -Org -#> - Param ( - [Parameter(Mandatory=$True)]$Org, - [Parameter(Mandatory=$false)]$Name - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - if ($PSBoundParameters.ContainsKey("Org")){ - $orgs = Get-VMCOrg -Name $Org - } else { - $orgs = Get-VMCOrg - } - - foreach ($org in $orgs) { - $orgID = $org.ID - $sddcService = Get-VMCService com.vmware.vmc.orgs.sddcs - if ($PSBoundParameters.ContainsKey("Name")){ - ($sddcService.list($OrgID) | Where {$_.name -match $Name}).resource_config.sddc_manifest | Select *version - } Else { - ($sddcService.list($OrgID)).resource_config.sddc_manifest | Select *version - } - } - } -} - -Function Get-VMCFirewallRule { - <# - .NOTES - =========================================================================== - Created by: William Lam - Date: 11/19/2017 - Organization: VMware - Blog: https://www.virtuallyghetto.com - Twitter: @lamw - =========================================================================== - - .SYNOPSIS - Retruns VMC Firewall Rules for a given Gateway (MGW or CGW) - .DESCRIPTION - Retruns VMC Firewall Rules for a given Gateway (MGW or CGW) - .EXAMPLE - Get-VMCFirewallRule -OrgName -SDDCName -GatewayType - .EXAMPLE - Get-VMCFirewallRule -OrgName -SDDCName -GatewayType -ShowAll - #> - param( - [Parameter(Mandatory=$false)][String]$SDDCName, - [Parameter(Mandatory=$false)][String]$OrgName, - [Parameter(Mandatory=$false)][Switch]$ShowAll, - [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType - ) - - if($GatewayType -eq "MGW") { - $EdgeId = "edge-1" - } else { - $EdgeId = "edge-2" - } - - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - $firewallConfigService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config - - $firewallRules = ($firewallConfigService.get($orgId, $sddcId, $EdgeId)).firewall_rules.firewall_rules - if(-not $ShowAll) { - $firewallRules = $firewallRules | where { $_.rule_type -ne "default_policy" -and $_.rule_type -ne "internal_high" -and $_.name -ne "vSphere Cluster HA" -and $_.name -ne "Outbound Access" } | Sort-Object -Property rule_tag - } else { - $firewallRules = $firewallRules | Sort-Object -Property rule_tag - } - - $results = @() - foreach ($firewallRule in $firewallRules) { - if($firewallRule.source.ip_address.Count -ne 0) { - $source = $firewallRule.source.ip_address - } else { $source = "ANY" } - - if($firewallRule.application.service.protocol -ne $null) { - $protocol = $firewallRule.application.service.protocol - } else { $protocol = "ANY" } - - if($firewallRule.application.service.port -ne $null) { - $port = $firewallRule.application.service.port - } else { $port = "ANY" } - - $tmp = [pscustomobject] @{ - ID = $firewallRule.rule_id; - Name = $firewallRule.name; - Type = $firewallRule.rule_type; - Action = $firewallRule.action; - Protocol = $protocol; - Port = $port; - SourceAddress = $source - DestinationAddress = $firewallRule.destination.ip_address; - } - $results+=$tmp - } - $results - } - - Function Export-VMCFirewallRule { - <# - .NOTES - =========================================================================== - Created by: William Lam - Date: 11/19/2017 - Organization: VMware - Blog: https://www.virtuallyghetto.com - Twitter: @lamw - =========================================================================== - - .SYNOPSIS - Exports all "customer" created VMC Firewall Rules to JSON file - .DESCRIPTION - Exports all "customer" created VMC Firewall Rules to JSON file - .EXAMPLE - Export-VMCFirewallRule -OrgName -SDDCName -GatewayType -Path "C:\Users\lamw\Desktop\VMCFirewallRules.json" - #> - param( - [Parameter(Mandatory=$false)][String]$SDDCName, - [Parameter(Mandatory=$false)][String]$OrgName, - [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, - [Parameter(Mandatory=$false)][String]$Path - ) - - if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } - - if($GatewayType -eq "MGW") { - $EdgeId = "edge-1" - } else { - $EdgeId = "edge-2" - } - - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - if(-not $orgId) { - Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" - break - } - if(-not $sddcId) { - Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" - break - } - - $firewallConfigService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config - - $firewallRules = ($firewallConfigService.get($orgId, $sddcId, $EdgeId)).firewall_rules.firewall_rules - if(-not $ShowAll) { - $firewallRules = $firewallRules | where { $_.rule_type -ne "default_policy" -and $_.rule_type -ne "internal_high" -and $_.name -ne "vSphere Cluster HA" -and $_.name -ne "Outbound Access" } | Sort-Object -Property rule_tag - } else { - $firewallRules = $firewallRules | Sort-Object -Property rule_tag - } - - $results = @() - $count = 0 - foreach ($firewallRule in $firewallRules) { - if($firewallRule.source.ip_address.Count -ne 0) { - $source = $firewallRule.source.ip_address - } else { - $source = "ANY" - } - - $tmp = [pscustomobject] @{ - Name = $firewallRule.name; - Action = $firewallRule.action; - Protocol = $firewallRule.application.service.protocol; - Port = $firewallRule.application.service.port; - SourcePort = $firewallRule.application.service.source_port; - ICMPType = $firewallRule.application.service.icmp_type; - SourceAddress = $firewallRule.source.ip_address; - DestinationAddress = $firewallRule.destination.ip_address; - Enabled = $firewallRule.enabled; - Logging = $firewallRule.logging_enabled; - } - $count+=1 - $results+=$tmp - } - if($Path) { - Write-Host -ForegroundColor Green "Exporting $count VMC Firewall Rules to $Path ..." - $results | ConvertTo-Json | Out-File $Path - } else { - $results | ConvertTo-Json - } - } - - Function Import-VMCFirewallRule { - <# - .NOTES - =========================================================================== - Created by: William Lam - Date: 11/19/2017 - Organization: VMware - Blog: https://www.virtuallyghetto.com - Twitter: @lamw - =========================================================================== - - .SYNOPSIS - Imports VMC Firewall Rules from exported JSON configuration file - .DESCRIPTION - Imports VMC Firewall Rules from exported JSON configuration file - .EXAMPLE - Import-VMCFirewallRule -OrgName -SDDCName -GatewayType -Path "C:\Users\lamw\Desktop\VMCFirewallRules.json" - #> - param( - [Parameter(Mandatory=$false)][String]$SDDCName, - [Parameter(Mandatory=$false)][String]$OrgName, - [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, - [Parameter(Mandatory=$false)][String]$Path - ) - - if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } - - if($GatewayType -eq "MGW") { - $EdgeId = "edge-1" - } else { - $EdgeId = "edge-2" - } - - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - if(-not $orgId) { - Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" - break - } - if(-not $sddcId) { - Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" - break - } - - $firewallService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config.rules - - $vmcFirewallRulesJSON = Get-Content -Raw $Path | ConvertFrom-Json - - # Create top level Firewall Rules Object - $firewallRules = $firewallService.Help.add.firewall_rules.Create() - # Create top top level Firewall Rule Spec which will be an array of individual Firewall rules as we process them in next section - $ruleSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Create() - - foreach ($vmcFirewallRule in $vmcFirewallRulesJSON) { - # Create Individual Firewall Rule Element Spec - $ruleElementSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.Create() - - # AppSpec - $appSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.application.Create() - # ServiceSpec - $serviceSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.application.service.Element.Create() - - $protocol = $null - if($vmcFirewallRule.Protocol -ne $null) { - $protocol = $vmcFirewallRule.Protocol - } - $serviceSpec.protocol = $protocol - - # Process ICMP Type from JSON - $icmpType = $null - if($vmcFirewallRule.ICMPType -ne $null) { - $icmpType = $vmcFirewallRule.ICMPType - } - $serviceSpec.icmp_type = $icmpType - - # Process Source Ports from JSON - $sourcePorts = @() - if($vmcFirewallRule.SourcePort -eq "any" -or $vmcFirewallRule.SourcePort -ne $null) { - foreach ($port in $vmcFirewallRule.SourcePort) { - $sourcePorts+=$port - } - } else { - $sourcePorts = @("any") - } - $serviceSpec.source_port = $sourcePorts - - # Process Ports from JSON - $ports = @() - if($vmcFirewallRule.Port -ne "null") { - foreach ($port in $vmcFirewallRule.Port) { - $ports+=$port - } - } - $serviceSpec.port = $ports - $addSpec = $appSpec.service.Add($serviceSpec) - - # Create Source Spec - $srcSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.source.Create() - $srcSpec.exclude = $false - # Process Source Address from JSON - $sourceAddess = @() - if($vmcFirewallRule.SourceAddress -ne "null") { - foreach ($address in $vmcFirewallRule.SourceAddress) { - $sourceAddess+=$address - } - } - $srcSpec.ip_address = $sourceAddess; - - # Create Destination Spec - $destSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.destination.Create() - $destSpec.exclude = $false - # Process Destination Address from JSON - $destinationAddess = @() - if($vmcFirewallRule.DestinationAddress -ne "null") { - foreach ($address in $vmcFirewallRule.DestinationAddress) { - $destinationAddess+=$address - } - } - $destSpec.ip_address = $destinationAddess - - # Add various specs - if($vmcFirewallRule.Protocol -ne $null -and $vmcFirewallRule.port -ne $null) { - $ruleElementSpec.application = $appSpec - } - - $ruleElementSpec.source = $srcSpec - $ruleElementSpec.destination = $destSpec - $ruleElementSpec.rule_type = "user" - - # Process Enabled from JSON - $fwEnabled = $false - if($vmcFirewallRule.Enabled -eq "true") { - $fwEnabled = $true - } - $ruleElementSpec.enabled = $fwEnabled - - # Process Logging from JSON - $loggingEnabled = $false - if($vmcFirewallRule.Logging -eq "true") { - $loggingEnabled = $true - } - $ruleElementSpec.logging_enabled = $loggingEnabled - - $ruleElementSpec.action = $vmcFirewallRule.Action - $ruleElementSpec.name = $vmcFirewallRule.Name - - # Add the individual FW rule spec into our overall firewall rules array - Write-host "Creating VMC Firewall Rule Spec:" $vmcFirewallRule.Name "..." - $ruleSpecAdd = $ruleSpec.Add($ruleElementSpec) - } - $firewallRules.firewall_rules = $ruleSpec - - Write-host "Adding VMC Firewall Rules ..." - $firewallRuleAdd = $firewallService.add($orgId,$sddcId,$EdgeId,$firewallRules) - } - - Function Remove-VMCFirewallRule { - <# - .NOTES - =========================================================================== - Created by: William Lam - Date: 11/19/2017 - Organization: VMware - Blog: https://www.virtuallyghetto.com - Twitter: @lamw - =========================================================================== - - .SYNOPSIS - Removes VMC Firewall Rule given Rule Id - .DESCRIPTION - Removes VMC Firewall Rule given Rule Id - .EXAMPLE - Remove-VMCFirewallRule -OrgName -SDDCName -GatewayType -RuleId - #> - param( - [Parameter(Mandatory=$false)][String]$SDDCName, - [Parameter(Mandatory=$false)][String]$OrgName, - [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, - [Parameter(Mandatory=$false)][String]$RuleId - ) - - if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } - - if($GatewayType -eq "MGW") { - $EdgeId = "edge-1" - } else { - $EdgeId = "edge-2" - } - - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - if(-not $orgId) { - Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" - break - } - if(-not $sddcId) { - Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" - break - } - - $firewallService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config.rules - Write-Host "Removing VMC Firewall Rule Id $RuleId ..." - $firewallService.delete($orgId,$sddcId,$EdgeId,$RuleId) - } - -Function Get-VMCLogicalNetwork { - <# - .NOTES - =========================================================================== - Created by: Kyle Ruddy - Date: 03/06/2018 - Organization: VMware - Blog: https://thatcouldbeaproblem.com - Twitter: @kmruddy - =========================================================================== - - .SYNOPSIS - Retruns VMC Logical Networks for a given SDDC - .DESCRIPTION - Retruns VMC Logical Networks for a given SDDC - .EXAMPLE - Get-VMCLogicalNetwork -OrgName -SDDCName - .EXAMPLE - Get-VMCLogicalNetwork -OrgName -SDDCName -LogicalNetworkName - #> - param( - [Parameter(Mandatory=$true)][String]$SDDCName, - [Parameter(Mandatory=$true)][String]$OrgName, - [Parameter(Mandatory=$false)][String]$LogicalNetworkName - - ) - - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - if(-not $orgId) { - Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" - break - } - if(-not $sddcId) { - Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" - break - } - - $logicalNetworkService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.logical - - $logicalNetworks = ($logicalNetworkService.get_0($orgId, $sddcId)).data | Sort-Object -Property id - - if($LogicalNetworkName) { - $logicalNetworks = $logicalNetworks | Where-Object {$_.Name -eq $LogicalNetworkName} - } - - $results = @() - foreach ($logicalNetwork in $logicalNetworks) { - $tmp = [pscustomobject] @{ - ID = $logicalNetwork.id; - Name = $logicalNetwork.name; - SubnetMask = $logicalNetwork.subnets.address_groups.prefix_length; - Gateway = $logicalNetwork.subnets.address_groups.primary_address; - DHCPipRange = $logicalNetwork.dhcp_configs.ip_pools.ip_range; - DHCPdomain = $logicalNetwork.dhcp_configs.ip_pools.domain_name; - CGatewayID = $logicalNetwork.cgw_id; - CGateway = $logicalNetwork.cgw_name; - } - $results+=$tmp - } - $results -} - -Function Remove-VMCLogicalNetwork { - <# - .NOTES - =========================================================================== - Created by: Kyle Ruddy - Date: 03/06/2018 - Organization: VMware - Blog: https://thatcouldbeaproblem.com - Twitter: @kmruddy - =========================================================================== - - .SYNOPSIS - Removes Logical Network given ID - .DESCRIPTION - Removes Logical Network given ID - .EXAMPLE - Remove-VMCLogicalNetwork -OrgName -SDDCName -LogicalNetworkName - #> - [cmdletbinding(SupportsShouldProcess = $true,ConfirmImpact='High')] - param( - [Parameter(Mandatory=$true)][String]$SDDCName, - [Parameter(Mandatory=$true)][String]$OrgName, - [Parameter(Mandatory=$true)][String]$LogicalNetworkName - ) - - if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } - - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - $lsId = (Get-VMCLogicalNetwork -OrgName $OrgName -SDDCName $SDDCName -LogicalNetworkName $LogicalNetworkName).Id - - if(-not $orgId) { - Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" - break - } - if(-not $sddcId) { - Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" - break - } - if(-not $lsId) { - Write-Host -ForegroundColor red "Unable to find SDDC $LogicalNetworkName, please verify input" - break - } - - $logicalNetworkService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.logical - $logicalNetworkService.delete($orgId,$sddcId,$lsId) -} - -Function New-VMCLogicalNetwork { - <# - .NOTES - =========================================================================== - Created by: Kyle Ruddy - Date: 03/06/2018 - Organization: VMware - Blog: https://thatcouldbeaproblem.com - Twitter: @kmruddy - =========================================================================== - - .SYNOPSIS - Creates a new Logical Network - .DESCRIPTION - Creates a new Logical Network - .EXAMPLE - New-VMCLogicalNetwork -OrgName -SDDCName -LogicalNetworkName -SubnetMask -Gateway - #> - [cmdletbinding(SupportsShouldProcess = $true,ConfirmImpact='High')] - param( - [Parameter(Mandatory=$true)][String]$SDDCName, - [Parameter(Mandatory=$true)][String]$OrgName, - [Parameter(Mandatory=$true)][String]$LogicalNetworkName, - [Parameter(Mandatory=$true)][String]$SubnetMask, - [Parameter(Mandatory=$true)][String]$Gateway - ) - - if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } - - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - if(-not $orgId) { - Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" - break - } - if(-not $sddcId) { - Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" - break - } - - $logicalNetworkService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.logical - $logicalNetworkSpec = $logicalNetworkService.Help.create.sddc_network.Create() - $logicalNetworkSpec.name = $LogicalNetworkName - $logicalNetworkSpec.cgw_id = "edge-2" - $logicalNetworkSpec.cgw_name = "SDDC-CGW-1" - $logicalNetworkAddressGroupSpec = $logicalNetworkService.Help.create.sddc_network.subnets.address_groups.Element.Create() - $logicalNetworkAddressGroupSpec.prefix_length = $SubnetMask - $logicalNetworkAddressGroupSpec.primary_address = $Gateway - - $logicalNetworkSpec.subnets.address_groups.Add($logicalNetworkAddressGroupSpec) | Out-Null - $logicalNetworkService.create($orgId, $sddcId, $logicalNetworkSpec) - Get-VMCLogicalNetwork -OrgName $OrgName -SDDCName $SDDCName -LogicalNetworkName $LogicalNetworkName -} - -Function Get-VMCSDDCSummary { - <# - .NOTES - =========================================================================== - Created by: VMware - Date: 09/04/18 - Organization: VMware - Blog: https://www.virtuallyghetto.com - Twitter: @lamw - =========================================================================== - - .SYNOPSIS - Returns a number of useful informational data about a given SDDC within VMC Org - .DESCRIPTION - Returns Version, Create/Expiration Date, Deployment Type, Region, AZ, Instance Type, VPC CIDR & NSX-T - .EXAMPLE - Get-VMCSDDCSummary -Name -Org - #> - Param ( - [Parameter(Mandatory=$True)]$OrgName, - [Parameter(Mandatory=$True)]$SDDCName - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - $orgId = (Get-VMCOrg -Name $Org).Id - $sddcId = (Get-VMCSDDC -Name $Name -Org $Org).Id - - $sddcService = Get-VmcService "com.vmware.vmc.orgs.sddcs" - $sddc = $sddcService.get($orgId,$sddcId) - - $results = [pscustomobject] @{ - Version = $sddc.resource_config.sddc_manifest.vmc_version; - CreateDate = $sddc.created; - ExpirationDate = $sddc.expiration_date; - DeploymentType = $sddc.resource_config.deployment_type; - Region = $sddc.resource_config.region; - AvailabilityZone = $sddc.resource_config.availability_zones; - InstanceType = $sddc.resource_config.sddc_manifest.esx_ami.instance_type; - VpcCIDR = $sddc.resource_config.vpc_info.vpc_cidr; - NSXT = $sddc.resource_config.nsxt; - } - $results - } -} - -Function Get-VMCPublicIP { - <# - .NOTES - =========================================================================== - Created by: William Lam - Date: 09/12/2018 - Organization: VMware - Blog: http://www.virtuallyghetto.com - Twitter: @lamw - =========================================================================== - - .SYNOPSIS - Retrieves all public IP Addresses for a given SDDC - .DESCRIPTION - This cmdlet retrieves all public IP Address for a given SDDC - .EXAMPLE - Get-VMCPublicIP -OrgName $OrgName -SDDCName $SDDCName - #> - Param ( - [Parameter(Mandatory=$True)]$OrgName, - [Parameter(Mandatory=$True)]$SDDCName - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - $publicIPService = Get-VmcService "com.vmware.vmc.orgs.sddcs.publicips" - $publicIPs = $publicIPService.list($orgId,$sddcId) - - $publicIPs | select public_ip, name, allocation_id - } - } - - Function New-VMCPublicIP { - <# - .NOTES - =========================================================================== - Created by: William Lam - Date: 09/12/2018 - Organization: VMware - Blog: http://www.virtuallyghetto.com - Twitter: @lamw - =========================================================================== - - .SYNOPSIS - Request a new public IP Address for a given SDDC - .DESCRIPTION - This cmdlet requests a new public IP Address for a given SDDC - .EXAMPLE - New-VMCPublicIP -OrgName $OrgName -SDDCName $SDDCName -Description "Test for Randy" - #> - Param ( - [Parameter(Mandatory=$True)]$OrgName, - [Parameter(Mandatory=$True)]$SDDCName, - [Parameter(Mandatory=$False)]$Description - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - $publicIPService = Get-VmcService "com.vmware.vmc.orgs.sddcs.publicips" - - $publicIPSpec = $publicIPService.Help.create.spec.Create() - $publicIPSpec.count = 1 - $publicIPSpec.names = @($Description) - - Write-Host "Requesting a new public IP Address for your SDDC ..." - $results = $publicIPService.create($orgId,$sddcId,$publicIPSpec) - } - } - - Function Remove-VMCPublicIP { - <# - .NOTES - =========================================================================== - Created by: William Lam - Date: 09/12/2018 - Organization: VMware - Blog: http://www.virtuallyghetto.com - Twitter: @lamw - =========================================================================== - - .SYNOPSIS - Removes a specific public IP Addresses for a given SDDC - .DESCRIPTION - This cmdlet removes a specific public IP Address for a given SDDC - .EXAMPLE - Remove-VMCPublicIP -OrgName $OrgName -SDDCName $SDDCName -AllocationId "eipalloc-0567acf34e436c01f" - #> - Param ( - [Parameter(Mandatory=$True)]$OrgName, - [Parameter(Mandatory=$True)]$SDDCName, - [Parameter(Mandatory=$True)]$AllocationId - ) - - If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { - $orgId = (Get-VMCOrg -Name $OrgName).Id - $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id - - $publicIPService = Get-VmcService "com.vmware.vmc.orgs.sddcs.publicips" - - Write-Host "Deleting public IP Address with ID $AllocationId ..." - $results = $publicIPService.delete($orgId,$sddcId,$AllocationId) - } - } - -Export-ModuleMember -Function 'Get-VMCCommand', 'Connect-VMCVIServer', 'Get-VMCOrg', 'Get-VMCSDDC', 'Get-VMCTask', 'Get-VMCSDDCDefaultCredential', 'Get-VMCSDDCPublicIP', 'Get-VMCVMHost', 'Get-VMCSDDCVersion', 'Get-VMCFirewallRule', 'Export-VMCFirewallRule', 'Import-VMCFirewallRule', 'Remove-VMCFirewallRule', 'Get-VMCLogicalNetwork', 'Remove-VMCLogicalNetwork', 'New-VMCLogicalNetwork', 'Get-VMCSDDCSummary', 'Get-VMCPublicIP', 'New-VMCPublicIP', 'Remove-VMCPublicIP' +Function Get-VMCCommand { +<# + .NOTES + =========================================================================== + Created by: VMware + Date: 11/17/2017 + Organization: VMware + Blog: http://vmware.com/go/powercli + Twitter: @powercli + =========================================================================== + + .SYNOPSIS + Returns all cmdlets for VMware Cloud on AWS + .DESCRIPTION + This cmdlet will allow you to return all cmdlets included in the VMC module + .EXAMPLE + Get-VMCCommand + .EXAMPLE + Get-Command -Module VMware.VMC + .NOTES + You can either use this cmdlet or the Get-Command cmdlet as seen in Example 2 +#> + Get-command -Module VMware.VimAutomation.Vmc + Get-Command -Module VMware.VMC + +} +Function Connect-VMCVIServer { +<# + .NOTES + =========================================================================== + Created by: VMware + Date: 11/17/2017 + Organization: VMware + Blog: http://vmware.com/go/powercli + Twitter: @powercli + =========================================================================== + + .SYNOPSIS + Cmdlet to connect to your VMC vCenter Server + .DESCRIPTION + This will connect you to both the VMC ViServer as well as the CiSServer at the same time. + .EXAMPLE + Connect-VMCVIServer -Server -User -Password + .NOTES + Easiest way is to pipe through your credentials from Get-VMCSDDCDefaultCredential +#> + Param ( + [Parameter(Mandatory=$true)]$Org, + [Parameter(Mandatory=$true)]$Sddc, + [switch]$Autologin, + [switch]$UseManagementIP + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + $creds = Get-VMCSDDCDefaultCredential -Org $Org -Sddc $Sddc + If($UseManagementIP){ + $Server = $creds.vc_management_ip + }Else{ + $Server = $creds.vc_public_ip + } + + Write-Host "Connecting to VMC vCenter Server" $Server + Connect-VIServer -Server $Server -User $creds.cloud_username -Password $creds.cloud_password | Add-Member -MemberType Noteproperty -Name Location -Value "VMC" + Write-Host "Connecting to VMC CIS Endpoint" $Server + Connect-CisServer -Server $Server -User $creds.cloud_username -Password $creds.cloud_password | Add-Member -MemberType Noteproperty -Name Location -Value "VMC" + } +} + +Function Get-VMCOrg { +<# + .NOTES + =========================================================================== + Created by: VMware + Date: 11/17/2017 + Organization: VMware + Blog: http://vmware.com/go/powercli + Twitter: @powercli + =========================================================================== + + .SYNOPSIS + Return the Orgs that you are a part of + .DESCRIPTION + Depending on what you've purchased, you may be a part of one or more VMC Orgs. This will return your orgs + .EXAMPLE + Get-VMCOrg + .EXAMPLE + Get-VMCOrg -Name + .NOTES + Return all the info about the orgs you are a part of +#> + Param ( + [Parameter(Mandatory=$false)]$Name + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use Connect-VMC to connect" } Else { + $orgService = Get-VMCService com.vmware.vmc.orgs + if ($PSBoundParameters.ContainsKey("Name")){ + $orgs = $orgService.list() | Where {$_.display_name -eq $Name} + } Else { + $orgs = $orgService.list() + } + $Orgs | Select display_name, name, user_name, created, id + } +} +Function Get-VMCSDDC { +<# + .NOTES + =========================================================================== + Created by: VMware + Date: 11/17/2017 + Organization: VMware + Blog: http://vmware.com/go/powercli + Twitter: @powercli + =========================================================================== + + .SYNOPSIS + Returns all of the SDDCs you are associated to + .DESCRIPTION + Returns all of the SDDCs ayou are associated to + .EXAMPLE + Get-VMCSDDC -Org + .EXAMPLE + Get-VMCSDDC -Name -Org +#> + Param ( + [Parameter(Mandatory=$True)]$Org, + [Parameter(Mandatory=$false)]$Name + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + if ($PSBoundParameters.ContainsKey("Org")){ + $orgs = Get-VMCOrg -Name $Org + } else { + $orgs = Get-VMCOrg + } + + foreach ($org in $orgs) { + $orgID = $org.ID + $sddcService = Get-VMCService com.vmware.vmc.orgs.sddcs + if ($PSBoundParameters.ContainsKey("Name")){ + $sddcService.list($OrgID) | Where {$_.name -eq $Name} + } Else { + $sddcService.list($OrgID) + } + } + } +} +Function Get-VMCTask { +<# + .NOTES + =========================================================================== + Created by: VMware + Date: 11/17/2017 + Organization: VMware + Blog: http://vmware.com/go/powercli + Twitter: @powercli + =========================================================================== + + .SYNOPSIS + Returns all of the VMC Tasks + .DESCRIPTION + Returns all of the VMC Tasks that have either occurred or are in process + .EXAMPLE + Get-VMCTask +#> + Param ( + [Parameter(Mandatory=$True)]$Org + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + if ($PSBoundParameters.ContainsKey("Org")){ + $orgs = Get-VMCOrg -Name $Org + } else { + $orgs = Get-VMCOrg + } + + foreach ($org in $orgs) { + $orgID = $org.ID + $taskService = Get-VMCService com.vmware.vmc.orgs.tasks + $taskService.list($OrgID) | Select * -ExcludeProperty Help + } + } +} +Function Get-VMCSDDCDefaultCredential { +<# + .NOTES + =========================================================================== + Created by: VMware + Date: 11/17/2017 + Organization: VMware + Blog: http://vmware.com/go/powercli + Twitter: @powercli + =========================================================================== + + .SYNOPSIS + Returns the default credential for the SDDC + .DESCRIPTION + Returns the default credential for the sddc + .EXAMPLE + Get-VMCSDDCDefaultCredential -Org + .EXAMPLE + Get-VMCSDDCDefaultCredential -Sddc -Org +#> + Param ( + [Parameter(Mandatory=$true)]$Org, + [Parameter(Mandatory=$false)]$Sddc + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + if ($PSBoundParameters.ContainsKey("Sddc")){ + $sddcs = Get-VMCSDDC -Name $Sddc -Org $Org + } else { + $sddcs = Get-VMCSDDC -Org $Org + } + + foreach ($sddc in $sddcs) { + $sddc.resource_config | Select-object vc_url, vc_management_ip, vc_public_ip, cloud_username, cloud_password + } + } +} +Function Get-VMCSDDCPublicIP { +<# + .NOTES + =========================================================================== + Created by: VMware + Date: 11/17/2017 + Organization: VMware + Blog: http://vmware.com/go/powercli + Twitter: @powercli + =========================================================================== + + .SYNOPSIS + Returns your Public IPs + .DESCRIPTION + Returns your Public IPs + .EXAMPLE + Get-VMCSDDCPublicIP -Org + .EXAMPLE + Get-VMCSDDCPublicIP -Sddc -Org + .NOTES + Return your Public IPs that you have assigned to your account +#> + Param ( + [Parameter(Mandatory=$true)]$Org, + [Parameter(Mandatory=$false)]$Sddc + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + if ($PSBoundParameters.ContainsKey("Sddc")){ + $sddcs = Get-VMCSDDC -Name $Sddc -Org $Org + } else { + $sddcs = Get-VMCSDDC -Org $Org + } + + foreach ($sddc in $sddcs) { + $sddc.resource_config.Public_ip_pool + } + } +} +Function Get-VMCVMHost { + Param ( + [Parameter(Mandatory=$false)]$Sddc, + [Parameter(Mandatory=$true)]$Org + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + if ($PSBoundParameters.ContainsKey("Sddc")){ + $sddcs = Get-VMCSDDC -Name $Sddc -Org $Org + } else { + $sddcs = Get-VMCSDDC -Org $Org + } + + $results = @() + foreach ($sddc in $sddcs) { + foreach ($vmhost in $sddc.resource_config.esx_hosts) { + $tmp = [pscustomobject] @{ + esx_id = $vmhost.esx_id; + name = $vmhost.name; + hostname = $vmhost.hostname; + esx_state = $vmhost.esx_state; + sddc_id = $sddc.id; + org_id = $sddc.org_id; + } + $results += $tmp + } + $results + } + } +} +Function Get-VMCSDDCVersion { +<# + .NOTES + =========================================================================== + Created by: VMware + Date: 11/17/2017 + Organization: VMware + Blog: http://vmware.com/go/powercli + Twitter: @powercli + =========================================================================== + + .SYNOPSIS + Returns SDDC Version + .DESCRIPTION + Returns Version of the SDDC + .EXAMPLE + Get-VMCSDDCVersion -Name -Org +#> + Param ( + [Parameter(Mandatory=$True)]$Org, + [Parameter(Mandatory=$false)]$Name + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + if ($PSBoundParameters.ContainsKey("Org")){ + $orgs = Get-VMCOrg -Name $Org + } else { + $orgs = Get-VMCOrg + } + + foreach ($org in $orgs) { + $orgID = $org.ID + $sddcService = Get-VMCService com.vmware.vmc.orgs.sddcs + if ($PSBoundParameters.ContainsKey("Name")){ + ($sddcService.list($OrgID) | Where {$_.name -match $Name}).resource_config.sddc_manifest | Select *version + } Else { + ($sddcService.list($OrgID)).resource_config.sddc_manifest | Select *version + } + } + } +} +Function Get-VMCFirewallRule { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 11/19/2017 + Organization: VMware + Blog: https://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Retruns VMC Firewall Rules for a given Gateway (MGW or CGW) + .DESCRIPTION + Retruns VMC Firewall Rules for a given Gateway (MGW or CGW) + .EXAMPLE + Get-VMCFirewallRule -OrgName -SDDCName -GatewayType + .EXAMPLE + Get-VMCFirewallRule -OrgName -SDDCName -GatewayType -ShowAll + #> + param( + [Parameter(Mandatory=$false)][String]$SDDCName, + [Parameter(Mandatory=$false)][String]$OrgName, + [Parameter(Mandatory=$false)][Switch]$ShowAll, + [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType + ) + + if($GatewayType -eq "MGW") { + $EdgeId = "edge-1" + } else { + $EdgeId = "edge-2" + } + + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + $firewallConfigService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config + + $firewallRules = ($firewallConfigService.get($orgId, $sddcId, $EdgeId)).firewall_rules.firewall_rules + if(-not $ShowAll) { + $firewallRules = $firewallRules | where { $_.rule_type -ne "default_policy" -and $_.rule_type -ne "internal_high" -and $_.name -ne "vSphere Cluster HA" -and $_.name -ne "Outbound Access" } | Sort-Object -Property rule_tag + } else { + $firewallRules = $firewallRules | Sort-Object -Property rule_tag + } + + $results = @() + foreach ($firewallRule in $firewallRules) { + if($firewallRule.source.ip_address.Count -ne 0) { + $source = $firewallRule.source.ip_address + } else { $source = "ANY" } + + if($firewallRule.application.service.protocol -ne $null) { + $protocol = $firewallRule.application.service.protocol + } else { $protocol = "ANY" } + + if($firewallRule.application.service.port -ne $null) { + $port = $firewallRule.application.service.port + } else { $port = "ANY" } + + $tmp = [pscustomobject] @{ + ID = $firewallRule.rule_id; + Name = $firewallRule.name; + Type = $firewallRule.rule_type; + Action = $firewallRule.action; + Protocol = $protocol; + Port = $port; + SourceAddress = $source + DestinationAddress = $firewallRule.destination.ip_address; + } + $results+=$tmp + } + $results + } +Function Export-VMCFirewallRule { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 11/19/2017 + Organization: VMware + Blog: https://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Exports all "customer" created VMC Firewall Rules to JSON file + .DESCRIPTION + Exports all "customer" created VMC Firewall Rules to JSON file + .EXAMPLE + Export-VMCFirewallRule -OrgName -SDDCName -GatewayType -Path "C:\Users\lamw\Desktop\VMCFirewallRules.json" + #> + param( + [Parameter(Mandatory=$false)][String]$SDDCName, + [Parameter(Mandatory=$false)][String]$OrgName, + [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, + [Parameter(Mandatory=$false)][String]$Path + ) + + if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } + + if($GatewayType -eq "MGW") { + $EdgeId = "edge-1" + } else { + $EdgeId = "edge-2" + } + + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + if(-not $orgId) { + Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" + break + } + if(-not $sddcId) { + Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" + break + } + + $firewallConfigService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config + + $firewallRules = ($firewallConfigService.get($orgId, $sddcId, $EdgeId)).firewall_rules.firewall_rules + if(-not $ShowAll) { + $firewallRules = $firewallRules | where { $_.rule_type -ne "default_policy" -and $_.rule_type -ne "internal_high" -and $_.name -ne "vSphere Cluster HA" -and $_.name -ne "Outbound Access" } | Sort-Object -Property rule_tag + } else { + $firewallRules = $firewallRules | Sort-Object -Property rule_tag + } + + $results = @() + $count = 0 + foreach ($firewallRule in $firewallRules) { + if($firewallRule.source.ip_address.Count -ne 0) { + $source = $firewallRule.source.ip_address + } else { + $source = "ANY" + } + + $tmp = [pscustomobject] @{ + Name = $firewallRule.name; + Action = $firewallRule.action; + Protocol = $firewallRule.application.service.protocol; + Port = $firewallRule.application.service.port; + SourcePort = $firewallRule.application.service.source_port; + ICMPType = $firewallRule.application.service.icmp_type; + SourceAddress = $firewallRule.source.ip_address; + DestinationAddress = $firewallRule.destination.ip_address; + Enabled = $firewallRule.enabled; + Logging = $firewallRule.logging_enabled; + } + $count+=1 + $results+=$tmp + } + if($Path) { + Write-Host -ForegroundColor Green "Exporting $count VMC Firewall Rules to $Path ..." + $results | ConvertTo-Json | Out-File $Path + } else { + $results | ConvertTo-Json + } +} +Function Import-VMCFirewallRule { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 11/19/2017 + Organization: VMware + Blog: https://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Imports VMC Firewall Rules from exported JSON configuration file + .DESCRIPTION + Imports VMC Firewall Rules from exported JSON configuration file + .EXAMPLE + Import-VMCFirewallRule -OrgName -SDDCName -GatewayType -Path "C:\Users\lamw\Desktop\VMCFirewallRules.json" + #> + param( + [Parameter(Mandatory=$false)][String]$SDDCName, + [Parameter(Mandatory=$false)][String]$OrgName, + [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, + [Parameter(Mandatory=$false)][String]$Path + ) + + if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } + + if($GatewayType -eq "MGW") { + $EdgeId = "edge-1" + } else { + $EdgeId = "edge-2" + } + + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + if(-not $orgId) { + Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" + break + } + if(-not $sddcId) { + Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" + break + } + + $firewallService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config.rules + + $vmcFirewallRulesJSON = Get-Content -Raw $Path | ConvertFrom-Json + + # Create top level Firewall Rules Object + $firewallRules = $firewallService.Help.add.firewall_rules.Create() + # Create top top level Firewall Rule Spec which will be an array of individual Firewall rules as we process them in next section + $ruleSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Create() + + foreach ($vmcFirewallRule in $vmcFirewallRulesJSON) { + # Create Individual Firewall Rule Element Spec + $ruleElementSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.Create() + + # AppSpec + $appSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.application.Create() + # ServiceSpec + $serviceSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.application.service.Element.Create() + + $protocol = $null + if($vmcFirewallRule.Protocol -ne $null) { + $protocol = $vmcFirewallRule.Protocol + } + $serviceSpec.protocol = $protocol + + # Process ICMP Type from JSON + $icmpType = $null + if($vmcFirewallRule.ICMPType -ne $null) { + $icmpType = $vmcFirewallRule.ICMPType + } + $serviceSpec.icmp_type = $icmpType + + # Process Source Ports from JSON + $sourcePorts = @() + if($vmcFirewallRule.SourcePort -eq "any" -or $vmcFirewallRule.SourcePort -ne $null) { + foreach ($port in $vmcFirewallRule.SourcePort) { + $sourcePorts+=$port + } + } else { + $sourcePorts = @("any") + } + $serviceSpec.source_port = $sourcePorts + + # Process Ports from JSON + $ports = @() + if($vmcFirewallRule.Port -ne "null") { + foreach ($port in $vmcFirewallRule.Port) { + $ports+=$port + } + } + $serviceSpec.port = $ports + $addSpec = $appSpec.service.Add($serviceSpec) + + # Create Source Spec + $srcSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.source.Create() + $srcSpec.exclude = $false + # Process Source Address from JSON + $sourceAddess = @() + if($vmcFirewallRule.SourceAddress -ne "null") { + foreach ($address in $vmcFirewallRule.SourceAddress) { + $sourceAddess+=$address + } + } + $srcSpec.ip_address = $sourceAddess; + + # Create Destination Spec + $destSpec = $firewallService.Help.add.firewall_rules.firewall_rules.Element.destination.Create() + $destSpec.exclude = $false + # Process Destination Address from JSON + $destinationAddess = @() + if($vmcFirewallRule.DestinationAddress -ne "null") { + foreach ($address in $vmcFirewallRule.DestinationAddress) { + $destinationAddess+=$address + } + } + $destSpec.ip_address = $destinationAddess + + # Add various specs + if($vmcFirewallRule.Protocol -ne $null -and $vmcFirewallRule.port -ne $null) { + $ruleElementSpec.application = $appSpec + } + + $ruleElementSpec.source = $srcSpec + $ruleElementSpec.destination = $destSpec + $ruleElementSpec.rule_type = "user" + + # Process Enabled from JSON + $fwEnabled = $false + if($vmcFirewallRule.Enabled -eq "true") { + $fwEnabled = $true + } + $ruleElementSpec.enabled = $fwEnabled + + # Process Logging from JSON + $loggingEnabled = $false + if($vmcFirewallRule.Logging -eq "true") { + $loggingEnabled = $true + } + $ruleElementSpec.logging_enabled = $loggingEnabled + + $ruleElementSpec.action = $vmcFirewallRule.Action + $ruleElementSpec.name = $vmcFirewallRule.Name + + # Add the individual FW rule spec into our overall firewall rules array + Write-host "Creating VMC Firewall Rule Spec:" $vmcFirewallRule.Name "..." + $ruleSpecAdd = $ruleSpec.Add($ruleElementSpec) + } + $firewallRules.firewall_rules = $ruleSpec + + Write-host "Adding VMC Firewall Rules ..." + $firewallRuleAdd = $firewallService.add($orgId,$sddcId,$EdgeId,$firewallRules) +} +Function Remove-VMCFirewallRule { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 11/19/2017 + Organization: VMware + Blog: https://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Removes VMC Firewall Rule given Rule Id + .DESCRIPTION + Removes VMC Firewall Rule given Rule Id + .EXAMPLE + Remove-VMCFirewallRule -OrgName -SDDCName -GatewayType -RuleId + #> + param( + [Parameter(Mandatory=$false)][String]$SDDCName, + [Parameter(Mandatory=$false)][String]$OrgName, + [Parameter(Mandatory=$true)][ValidateSet("MGW","CGW")][String]$GatewayType, + [Parameter(Mandatory=$false)][String]$RuleId + ) + + if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } + + if($GatewayType -eq "MGW") { + $EdgeId = "edge-1" + } else { + $EdgeId = "edge-2" + } + + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + if(-not $orgId) { + Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" + break + } + if(-not $sddcId) { + Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" + break + } + + $firewallService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config.rules + Write-Host "Removing VMC Firewall Rule Id $RuleId ..." + $firewallService.delete($orgId,$sddcId,$EdgeId,$RuleId) +} +Function Get-VMCLogicalNetwork { + <# + .NOTES + =========================================================================== + Created by: Kyle Ruddy + Date: 03/06/2018 + Organization: VMware + Blog: https://www.kmruddy.com + Twitter: @kmruddy + =========================================================================== + + .SYNOPSIS + Retruns VMC Logical Networks for a given SDDC + .DESCRIPTION + Retruns VMC Logical Networks for a given SDDC + .EXAMPLE + Get-VMCLogicalNetwork -OrgName -SDDCName + .EXAMPLE + Get-VMCLogicalNetwork -OrgName -SDDCName -LogicalNetworkName + #> + param( + [Parameter(Mandatory=$true)][String]$SDDCName, + [Parameter(Mandatory=$true)][String]$OrgName, + [Parameter(Mandatory=$false)][String]$LogicalNetworkName + + ) + + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + if(-not $orgId) { + Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" + break + } + if(-not $sddcId) { + Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" + break + } + + # @LucD22 - 21/10/18 - Fix for issue #176 VMware.VMC module only lists firts 20 Logical networks + # Loop until entries (total_count) are returned + + $index = [long]0 + + $logicalNetworks = do{ + $netData = $logicalNetworkService.get_0($orgId,$sddcId,$pagesize,$index) + $netData.data | Sort-Object -Property id + $index = $index + $netdata.paging_info.page_size + } + until($index -ge $netData.paging_info.total_count) + + if($LogicalNetworkName) { + $logicalNetworks = $logicalNetworks | Where-Object {$_.Name -eq $LogicalNetworkName} + } + + $results = @() + foreach ($logicalNetwork in $logicalNetworks) { + $tmp = [pscustomobject] @{ + ID = $logicalNetwork.id; + Name = $logicalNetwork.name; + SubnetMask = $logicalNetwork.subnets.address_groups.prefix_length; + Gateway = $logicalNetwork.subnets.address_groups.primary_address; + DHCPipRange = $logicalNetwork.dhcp_configs.ip_pools.ip_range; + DHCPdomain = $logicalNetwork.dhcp_configs.ip_pools.domain_name; + CGatewayID = $logicalNetwork.cgw_id; + CGateway = $logicalNetwork.cgw_name; + } + $results+=$tmp + } + $results +} +Function Remove-VMCLogicalNetwork { + <# + .NOTES + =========================================================================== + Created by: Kyle Ruddy + Date: 03/06/2018 + Organization: VMware + Blog: https://www.kmruddy.com + Twitter: @kmruddy + =========================================================================== + + .SYNOPSIS + Removes Logical Network given ID + .DESCRIPTION + Removes Logical Network given ID + .EXAMPLE + Remove-VMCLogicalNetwork -OrgName -SDDCName -LogicalNetworkName + #> + [cmdletbinding(SupportsShouldProcess = $true,ConfirmImpact='High')] + param( + [Parameter(Mandatory=$true)][String]$SDDCName, + [Parameter(Mandatory=$true)][String]$OrgName, + [Parameter(Mandatory=$true)][String]$LogicalNetworkName + ) + + if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } + + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + $lsId = (Get-VMCLogicalNetwork -OrgName $OrgName -SDDCName $SDDCName -LogicalNetworkName $LogicalNetworkName).Id + + if(-not $orgId) { + Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" + break + } + if(-not $sddcId) { + Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" + break + } + if(-not $lsId) { + Write-Host -ForegroundColor red "Unable to find SDDC $LogicalNetworkName, please verify input" + break + } + + $logicalNetworkService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.logical + $logicalNetworkService.delete($orgId,$sddcId,$lsId) +} +Function New-VMCLogicalNetwork { +<# + .NOTES + =========================================================================== + Created by: Kyle Ruddy + Date: 03/06/2018 + Organization: VMware + Blog: https://www.kmruddy.com + Twitter: @kmruddy + =========================================================================== + + .SYNOPSIS + Creates a new Logical Network + .DESCRIPTION + Creates a new Logical Network + .EXAMPLE + New-VMCLogicalNetwork -OrgName -SDDCName -LogicalNetworkName -SubnetMask -Gateway +#> + [cmdletbinding(SupportsShouldProcess = $true,ConfirmImpact='High')] + param( + [Parameter(Mandatory=$true)][String]$SDDCName, + [Parameter(Mandatory=$true)][String]$OrgName, + [Parameter(Mandatory=$true)][String]$LogicalNetworkName, + [Parameter(Mandatory=$true)][String]$SubnetMask, + [Parameter(Mandatory=$true)][String]$Gateway + ) + + if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } + + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + if(-not $orgId) { + Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" + break + } + if(-not $sddcId) { + Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" + break + } + + $logicalNetworkService = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.logical + $logicalNetworkSpec = $logicalNetworkService.Help.create.sddc_network.Create() + $logicalNetworkSpec.name = $LogicalNetworkName + $logicalNetworkSpec.cgw_id = "edge-2" + $logicalNetworkSpec.cgw_name = "SDDC-CGW-1" + $logicalNetworkAddressGroupSpec = $logicalNetworkService.Help.create.sddc_network.subnets.address_groups.Element.Create() + $logicalNetworkAddressGroupSpec.prefix_length = $SubnetMask + $logicalNetworkAddressGroupSpec.primary_address = $Gateway + + $logicalNetworkSpec.subnets.address_groups.Add($logicalNetworkAddressGroupSpec) | Out-Null + $logicalNetworkService.create($orgId, $sddcId, $logicalNetworkSpec) + Get-VMCLogicalNetwork -OrgName $OrgName -SDDCName $SDDCName -LogicalNetworkName $LogicalNetworkName +} +Function Get-VMCSDDCSummary { + <# + .NOTES + =========================================================================== + Created by: VMware + Date: 09/04/18 + Organization: VMware + Blog: https://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Returns a number of useful informational data about a given SDDC within VMC Org + .DESCRIPTION + Returns Version, Create/Expiration Date, Deployment Type, Region, AZ, Instance Type, VPC CIDR & NSX-T + .EXAMPLE + Get-VMCSDDCSummary -Name -Org + #> + Param ( + [Parameter(Mandatory=$True)]$Org, + [Parameter(Mandatory=$True)]$Name + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + $orgId = (Get-VMCOrg -Name $Org).Id + $sddcId = (Get-VMCSDDC -Name $Name -Org $Org).Id + + $sddcService = Get-VmcService "com.vmware.vmc.orgs.sddcs" + $sddc = $sddcService.get($orgId,$sddcId) + + $results = [pscustomobject] @{ + Version = $sddc.resource_config.sddc_manifest.vmc_version; + CreateDate = $sddc.created; + ExpirationDate = $sddc.expiration_date; + DeploymentType = $sddc.resource_config.deployment_type; + Region = $sddc.resource_config.region; + AvailabilityZone = $sddc.resource_config.availability_zones; + InstanceType = $sddc.resource_config.sddc_manifest.esx_ami.instance_type; + VpcCIDR = $sddc.resource_config.vpc_info.vpc_cidr; + NSXT = $sddc.resource_config.nsxt; + VPC_VGW = $sddc.resource_config.vpc_info.vgw_id; + } + $results + } +} +Function Get-VMCPublicIP { + <# + .NOTES + =========================================================================== + Created by: William LamVPC_VGW + Date: 09/12/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Retrieves all public IP Addresses for a given SDDC + .DESCRIPTION + This cmdlet retrieves all public IP Address for a given SDDC + .EXAMPLE + Get-VMCPublicIP -OrgName $OrgName -SDDCName $SDDCName + #> + Param ( + [Parameter(Mandatory=$True)]$OrgName, + [Parameter(Mandatory=$True)]$SDDCName + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + $publicIPService = Get-VmcService "com.vmware.vmc.orgs.sddcs.publicips" + $publicIPs = $publicIPService.list($orgId,$sddcId) + + $publicIPs | select public_ip, name, allocation_id + } +} + +Function New-VMCPublicIP { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/12/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Request a new public IP Address for a given SDDC + .DESCRIPTION + This cmdlet requests a new public IP Address for a given SDDC + .EXAMPLE + New-VMCPublicIP -OrgName $OrgName -SDDCName $SDDCName -Description "Test for Randy" + #> + Param ( + [Parameter(Mandatory=$True)]$OrgName, + [Parameter(Mandatory=$True)]$SDDCName, + [Parameter(Mandatory=$False)]$Description + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + $publicIPService = Get-VmcService "com.vmware.vmc.orgs.sddcs.publicips" + + $publicIPSpec = $publicIPService.Help.create.spec.Create() + $publicIPSpec.count = 1 + $publicIPSpec.names = @($Description) + + Write-Host "Requesting a new public IP Address for your SDDC ..." + $results = $publicIPService.create($orgId,$sddcId,$publicIPSpec) + } +} + +Function Remove-VMCPublicIP { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/12/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Removes a specific public IP Addresses for a given SDDC + .DESCRIPTION + This cmdlet removes a specific public IP Address for a given SDDC + .EXAMPLE + Remove-VMCPublicIP -OrgName $OrgName -SDDCName $SDDCName -AllocationId "eipalloc-0567acf34e436c01f" + #> + Param ( + [Parameter(Mandatory=$True)]$OrgName, + [Parameter(Mandatory=$True)]$SDDCName, + [Parameter(Mandatory=$True)]$AllocationId + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + $publicIPService = Get-VmcService "com.vmware.vmc.orgs.sddcs.publicips" + + Write-Host "Deleting public IP Address with ID $AllocationId ..." + $results = $publicIPService.delete($orgId,$sddcId,$AllocationId) + } +} + +Function Set-VMCSDDC { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 01/12/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Rename an SDDC + .DESCRIPTION + This cmdlet renames an SDDC + .EXAMPLE + Set-VMCSDDC -SDDC $SDDCName -OrgName $OrgName -Name $NewSDDCName + #> + Param ( + [Parameter(Mandatory=$True)]$SDDCName, + [Parameter(Mandatory=$True)]$OrgName, + [Parameter(Mandatory=$True)]$Name + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + $sddc = Get-VMCSDDC -Org $OrgName -Name $SDDCName + if($sddc) { + $sddcService = Get-VmcService com.vmware.vmc.orgs.sddcs + $renameSpec = $sddcService.help.patch.sddc_patch_request.Create() + $renameSpec.name = $Name + + Write-Host "`nRenaming SDDC `'$SDDCName`' to `'$Name`' ...`n" + $results = $sddcService.patch($sddc.org_id,$sddc.id,$renameSpec) + } + } +} + +Function New-VMCPublicIP { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/12/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Request a new public IP Address for a given SDDC + .DESCRIPTION + This cmdlet requests a new public IP Address for a given SDDC + .EXAMPLE + New-VMCPublicIP -OrgName $OrgName -SDDCName $SDDCName -Description "Test for Randy" +#> + Param ( + [Parameter(Mandatory=$True)]$OrgName, + [Parameter(Mandatory=$True)]$SDDCName, + [Parameter(Mandatory=$False)]$Description + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + $publicIPService = Get-VmcService "com.vmware.vmc.orgs.sddcs.publicips" + + $publicIPSpec = $publicIPService.Help.create.spec.Create() + $publicIPSpec.count = 1 + $publicIPSpec.names = @($Description) + + Write-Host "Requesting a new public IP Address for your SDDC ..." + $results = $publicIPService.create($orgId,$sddcId,$publicIPSpec) + } +} + +Function Remove-VMCPublicIP { +<# + .NOTES + =========================================================================== + Created by: William Lam + Date: 09/12/2018 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Removes a specific public IP Addresses for a given SDDC + .DESCRIPTION + This cmdlet removes a specific public IP Address for a given SDDC + .EXAMPLE + Remove-VMCPublicIP -OrgName $OrgName -SDDCName $SDDCName -AllocationId "eipalloc-0567acf34e436c01f" +#> + Param ( + [Parameter(Mandatory=$True)]$OrgName, + [Parameter(Mandatory=$True)]$SDDCName, + [Parameter(Mandatory=$True)]$AllocationId + ) + + If (-Not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect" } Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + $publicIPService = Get-VmcService "com.vmware.vmc.orgs.sddcs.publicips" + + Write-Host "Deleting public IP Address with ID $AllocationId ..." + $results = $publicIPService.delete($orgId,$sddcId,$AllocationId) + } +} + +Function Get-VMCEdge { +<# +.NOTES +=========================================================================== +Created by: Luc Dekens +Date: 23/10/2018 +Organization: Community +Blog: http://lucd.info +Twitter: @LucD22 +=========================================================================== + +.SYNOPSIS + Returns all the VMC Edges +.DESCRIPTION + Returns all the VMC Edges +.EXAMPLE + Get-VMCEdge -OrgName $orgName -SddcName $SDDCName -EdgeType gatewayServices +#> + Param ( + [Parameter(Mandatory=$True)] + [string]$OrgName, + [Parameter(Mandatory=$True)] + [string]$SDDCName, + [ValidateSet('gatewayServices','distributedRouter')] + [string]$EdgeType = '' + ) + + If (-Not $global:DefaultVMCServers) { + Write-error "No VMC Connection found, please use the Connect-VMC to connect" + } + Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + + $edgeService = Get-VmcService -Name 'com.vmware.vmc.orgs.sddcs.networks.edges' + $index = [long]0 + $edges = do{ + $edgeData = $edgeService.get($orgId,$sddcId,$EdgeType,'',$index) + $edgeData.edge_page.data | Sort-Object -Property id + $index = $index + $edgeData.edge_page.paging_info.page_size + } + until($index -ge $edgeData.paging_info.total_count) + $edges | %{ + [pscustomobject]@{ + Name = $_.Name + Id = $_.id + Type = $_.edge_type + State = $_.state + Status = $_.edge_status + VNics = $_.number_of_connected_vnics + TenantId = $_.tenant_id + } + } + } +} + +Function Get-VMCEdgeStatus { +<# +.NOTES +=========================================================================== +Created by: Luc Dekens +Date: 23/10/2018 +Organization: Community +Blog: http://lucd.info +Twitter: @LucD22 +=========================================================================== + +.SYNOPSIS + Returns the status of the gateway +.DESCRIPTION + Retrieve the status of the specified management or compute gateway (NSX Edge). +.EXAMPLE + Get-VMCEdgeStatus -OrgName $orgName -SddcName $SDDCName -Edge $EdgeName +#> + Param ( + [Parameter(Mandatory=$True)] + [string]$OrgName, + [Parameter(Mandatory=$True)] + [string]$SDDCName, + [Parameter(Mandatory=$True)] + [string]$EdgeName + ) + + If (-Not $global:DefaultVMCServers) { + Write-error "No VMC Connection found, please use the Connect-VMC to connect" + } + Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + $edgeId = Get-VMCEdge -SDDCName $SDDCName -Org $OrgName | where{$_.Name -eq $EdgeName} | select -ExpandProperty Id + + $statusService = Get-VmcService -Name 'com.vmware.vmc.orgs.sddcs.networks.edges.status' + $status = $statusService.get($orgId,$sddcId,$edgeId) + + $vmStatus = $status.edge_vm_status | %{ + [pscustomobject]@{ + Name = $_.name + State = $_.edge_VM_status + HAState = $_.ha_state + Index = $_.index + } + } + $featureStatus = $status.feature_statuses | %{ + [pscustomobject]@{ + Service = $_.service + Status = $_.status + } + } + [pscustomobject]@{ + Time = [timezone]::CurrentTimeZone.ToLocalTime(([datetime]'1/1/1970').AddSeconds($status.timestamp/1000)) + Status = $status.edge_status + PublishStatus = $status.publish_status + SystemStatus = $_.system_status + NicInUse = $status.ha_vnic_in_use + } + } +} + +Function Get-VMCEdgeNic { +<# +.NOTES +=========================================================================== +Created by: Luc Dekens +Date: 23/10/2018 +Organization: Community +Blog: http://lucd.info +Twitter: @LucD22 +=========================================================================== + +.SYNOPSIS + Returns all interfaces for the gateway +.DESCRIPTION + Retrieve all interfaces for the specified management or compute gateway (NSX Edge). +.EXAMPLE + Get-VMCEdgeNic -OrgName $orgName -SddcName $SDDCName -Edge $EdgeName +#> + Param ( + [Parameter(Mandatory=$True)] + [string]$OrgName, + [Parameter(Mandatory=$True)] + [string]$SDDCName, + [Parameter(Mandatory=$True)] + [string]$EdgeName + ) + + If (-Not $global:DefaultVMCServers) { + Write-error "No VMC Connection found, please use the Connect-VMC to connect" + } + Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + $edgeId = Get-VMCEdge -SDDCName $SDDCName -Org $OrgName | where{$_.Name -eq $EdgeName} | select -ExpandProperty Id + + $vnicService = Get-VmcService -Name 'com.vmware.vmc.orgs.sddcs.networks.edges.vnics' + $vnicService.get($orgId,$sddcId,$edgeId) | select -ExpandProperty vnics | %{ + [pscustomobject]@{ + Label = $_.label + Name = $_.Name + Type = $_.type + Index = $_.index + IsConnected = $_.is_connected + Portgroup = $_.portgroup_name + } + } + } +} + +Function Get-VMCEdgeNicStat { +<# +.NOTES +=========================================================================== +Created by: Luc Dekens +Date: 23/10/2018 +Organization: Community +Blog: http://lucd.info +Twitter: @LucD22 +=========================================================================== + +.SYNOPSIS + Returns statistics for the gateway interfaces +.DESCRIPTION + Retrieve interface statistics for a management or compute gateway (NSX Edge). +.EXAMPLE + Get-VMCEdgeNicStat -OrgName $orgName -SddcName $SDDCName -Edge $EdgeName +#> + [CmdletBinding(DefaultParameterSetName='Default')] + Param ( + [Parameter(Mandatory=$True)] + [string]$OrgName, + [Parameter(Mandatory=$True)] + [string]$SDDCName, + [Parameter(Mandatory=$True)] + [string]$EdgeName +# [DateTime]$Start, +# [DateTime]$Finish + ) + + If (-Not $global:DefaultVMCServers) { + Write-error "No VMC Connection found, please use the Connect-VMC to connect" + } + Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + $edgeId = Get-VMCEdge -SDDCName $SDDCName -Org $OrgName | where{$_.Name -eq $EdgeName} | select -ExpandProperty Id + +# $epoch = Get-Date 01/01/1970 +# +# if($start){ +# $startEpoch = (New-TimeSpan -Start $epoch -End $Start.ToUniversalTime()).TotalMilliseconds +# } +# if($Finish){ +# $finishEpoch = (New-TimeSpan -Start $epoch -End $Finish.ToUniversalTime()).TotalMilliseconds +# } + + $vnicStatService = Get-VmcService -Name 'com.vmware.vmc.orgs.sddcs.networks.edges.statistics.interfaces' +# $stats = $vnicStatService.get($orgId,$sddcId,$edgeId,[long]$startEpoch,[long]$finishEpoch) + $stats = $vnicStatService.get($orgId,$sddcId,$edgeId) + + $stats.data_dto | Get-Member -MemberType NoteProperty | where{$_.Name -ne 'Help'} | %{$_.Name} | %{ + $stats.data_dto."$_" | %{ + [pscustomobject]@{ + vNIC = $_.vnic + Timestamp = [timezone]::CurrentTimeZone.ToLocalTime(([datetime]'1/1/1970').AddSeconds($_.timestamp)) + In = $_.in + Out = $_.out + Unit = 'Kbps' + Interval = $stats.meta_dto.interval + } + } + } + } +} + +Function Get-VMCEdgeUplinkStat { +<# +.NOTES +=========================================================================== +Created by: Luc Dekens +Date: 23/10/2018 +Organization: Community +Blog: http://lucd.info +Twitter: @LucD22 +=========================================================================== + +.SYNOPSIS + Returns statistics for the uplink interfaces +.DESCRIPTION + Retrieve uplink interface statistics for a management or compute gateway (NSX Edge). +.EXAMPLE + Get-VMCEdgeUplinkStat -OrgName $orgName -SddcName $SDDCName -Edge $EdgeName +#> + Param ( + [Parameter(Mandatory=$True)] + [string]$OrgName, + [Parameter(Mandatory=$True)] + [string]$SDDCName, + [Parameter(Mandatory=$True)] + [string]$EdgeName +# [DateTime]$Start, +# [DateTime]$Finish + ) + + If (-Not $global:DefaultVMCServers) { + Write-error "No VMC Connection found, please use the Connect-VMC to connect" + } + Else { + $orgId = (Get-VMCOrg -Name $OrgName).Id + $sddcId = (Get-VMCSDDC -Name $SDDCName -Org $OrgName).Id + $edgeId = Get-VMCEdge -SDDCName $SDDCName -Org $OrgName | where{$_.Name -eq $EdgeName} | select -ExpandProperty Id + +# $epoch = Get-Date 01/01/1970 +# +# if($start){ +# $startEpoch = (New-TimeSpan -Start $epoch -End $Start.ToUniversalTime()).TotalMilliseconds +# } +# if($Finish){ +# $finishEpoch = (New-TimeSpan -Start $epoch -End $Finish.ToUniversalTime()).TotalMilliseconds +# } + + $uplinkStatService = Get-VmcService -Name 'com.vmware.vmc.orgs.sddcs.networks.edges.statistics.interfaces.uplink' +# $stats = $uplinkStatService.get($orgId,$sddcId,$edgeId,[long]$startEpoch,[long]$finishEpoch) + $stats = $uplinkStatService.get($orgId,$sddcId,$edgeId) + + $stats.data_dto | Get-Member -MemberType NoteProperty | where{$_.Name -ne 'Help'} | %{$_.Name} | %{ + if($stats.data_dto."$_".Count -ne 0){ + $stats.data_dto."$_" | %{ + [pscustomobject]@{ + vNIC = $_.vnic + Timestamp = [timezone]::CurrentTimeZone.ToLocalTime(([datetime]'1/1/1970').AddSeconds($_.timestamp)) + In = $_.in + Out = $_.out + Unit = 'Kbps' + Interval = $stats.meta_dto.interval + } + } + } + } + } +} +Function New-VMCSDDCCluster { + <# + .NOTES + =========================================================================== + Created by: Kyle Ruddy + Date: 03/16/2019 + Organization: VMware + Blog: https://www.kmruddy.com + Twitter: @kmruddy + =========================================================================== + + .SYNOPSIS + Creates a new cluster for the designated SDDC + .DESCRIPTION + Creates a new cluster + .EXAMPLE + New-VMCSDDCCluster -OrgName -SDDCName -HostCount 1 -CPUCoreCount 8 + #> + [cmdletbinding(SupportsShouldProcess = $true,ConfirmImpact='High')] + param( + [Parameter(Mandatory=$true)][String]$OrgName, + [Parameter(Mandatory=$true)][String]$SDDCName, + [Parameter(Mandatory=$true)][Int]$HostCount, + [Parameter(Mandatory=$true)][ValidateSet("8","16","32")]$CPUCoreCount + ) + + if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } + + $orgId = Get-VMCOrg -Name $OrgName | Select-Object -ExpandProperty Id + $sddcId = Get-VMCSDDC -Name $SDDCName -Org $OrgName | Select-Object -ExpandProperty Id + + if(-not $orgId) { + Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" + break + } + if(-not $sddcId) { + Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" + break + } + + $sddcClusterSvc = Get-VmcService -Name com.vmware.vmc.orgs.sddcs.clusters + + $sddcClusterCreateSpec = $sddcClusterSvc.Help.create.cluster_config.Create() + $sddcClusterCreateSpec.host_cpu_cores_count = $CPUCoreCount + $sddcClusterCreateSpec.num_hosts = $HostCount + + $sddcClusterTask = $sddcClusterSvc.Create($org.Id, $sddc.Id, $sddcClusterCreateSpec) + $sddcClusterTask | Select-Object Id,Task_Type,Status,Created | Format-Table +} +Function Get-VMCSDDCCluster { + <# + .NOTES + =========================================================================== + Created by: Kyle Ruddy + Date: 03/16/2019 + Organization: VMware + Blog: https://www.kmruddy.com + Twitter: @kmruddy + =========================================================================== + + .SYNOPSIS + Retreives cluster information for the designated SDDC + .DESCRIPTION + Lists cluster information for an SDDC + .EXAMPLE + Get-VMCSDDCCluster -OrgName -SDDCName -HostCount 1 -CPUCoreCount 8 + #> + [cmdletbinding(SupportsShouldProcess = $true,ConfirmImpact='Low')] + param( + [Parameter(Mandatory=$true)][String]$OrgName, + [Parameter(Mandatory=$true)][String]$SddcName + ) + + if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } + + $orgId = Get-VMCOrg -Name $OrgName | Select-Object -ExpandProperty Id + $sddcId = Get-VMCSDDC -Name $SDDCName -Org $OrgName | Select-Object -ExpandProperty Id + + if(-not $orgId) { + Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" + break + } + if(-not $sddcId) { + Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" + break + } + + $clusterOutput = @() + $sddcClusters = Get-VMCSDDC -Org $OrgName -Name $SDDCName | Select-Object -ExpandProperty resource_config | Select-Object -ExpandProperty clusters + foreach ($c in $sddcClusters) { + $tempCluster = "" | Select-Object Id, Name, State + $tempCluster.Id = $c.cluster_id + $tempCluster.Name = $c.cluster_name + $tempCluster.State = $c.cluster_state + $clusterOutput += $tempCluster + } + return $clusterOutput +} +Function New-VMCSDDCCluster { + <# + .NOTES + =========================================================================== + Created by: Kyle Ruddy + Date: 03/16/2019 + Organization: VMware + Blog: https://www.kmruddy.com + Twitter: @kmruddy + =========================================================================== + + .SYNOPSIS + Creates a new cluster for the designated SDDC + .DESCRIPTION + Creates a new cluster + .EXAMPLE + New-VMCSDDCCluster -OrgName -SDDCName -HostCount 1 -CPUCoreCount 8 + #> + [cmdletbinding(SupportsShouldProcess = $true,ConfirmImpact='High')] + param( + [Parameter(Mandatory=$true)][String]$OrgName, + [Parameter(Mandatory=$true)][String]$SddcName, + [Parameter(Mandatory=$true)][Int]$HostCount, + [Parameter(Mandatory=$false)][ValidateSet("8","16","36","48")]$CPUCoreCount + ) + + if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } + + $orgId = Get-VMCOrg -Name $OrgName | Select-Object -ExpandProperty Id + $sddcId = Get-VMCSDDC -Name $SDDCName -Org $OrgName | Select-Object -ExpandProperty Id + + if(-not $orgId) { + Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" + break + } + if(-not $sddcId) { + Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" + break + } + + $sddcClusterSvc = Get-VmcService -Name com.vmware.vmc.orgs.sddcs.clusters + + $sddcClusterCreateSpec = $sddcClusterSvc.Help.create.cluster_config.Create() + $sddcClusterCreateSpec.host_cpu_cores_count = $CPUCoreCount + $sddcClusterCreateSpec.num_hosts = $HostCount + + $sddcClusterTask = $sddcClusterSvc.Create($org.Id, $sddc.Id, $sddcClusterCreateSpec) + $sddcClusterTask | Select-Object Id,Task_Type,Status,Created | Format-Table +} +Function Remove-VMCSDDCCluster { + <# + .NOTES + =========================================================================== + Created by: Kyle Ruddy + Date: 03/16/2019 + Organization: VMware + Blog: https://www.kmruddy.com + Twitter: @kmruddy + =========================================================================== + + .SYNOPSIS + Removes a specified cluster from the designated SDDC + .DESCRIPTION + Deletes a cluster from an SDDC + .EXAMPLE + Remove-VMCSDDCCluster -OrgName -SDDCName -Cluster + #> + [cmdletbinding(SupportsShouldProcess = $true,ConfirmImpact='High')] + param( + [Parameter(Mandatory=$true)][String]$OrgName, + [Parameter(Mandatory=$true)][String]$SDDCName, + [Parameter(Mandatory=$true)][String]$ClusterName + ) + + if (-not $global:DefaultVMCServers) { Write-error "No VMC Connection found, please use the Connect-VMC to connect"; break } + + $orgId = Get-VMCOrg -Name $OrgName | Select-Object -ExpandProperty Id + $sddcId = Get-VMCSDDC -Name $SDDCName -Org $OrgName | Select-Object -ExpandProperty Id + $clusterId = Get-VMCSDDCCluster -SddcName $SDDCName -OrgName $OrgName | Where-Object {$_.Name -eq $ClusterName} | Select-Object -ExpandProperty Id + + if(-not $orgId) { + Write-Host -ForegroundColor red "Unable to find Org $OrgName, please verify input" + break + } + if(-not $sddcId) { + Write-Host -ForegroundColor red "Unable to find SDDC $SDDCName, please verify input" + break + } + if(-not $clusterId) { + Write-Host -ForegroundColor red "Unable to find cluster $ClusterName, please verify input" + break + } + + $sddcClusterTask = $sddcClusterSvc.Delete($orgId, $sddcId, $clusterId) + $sddcClusterTask | Select-Object Id,Task_Type,Status,Created | Format-Table +} + +Export-ModuleMember -Function 'Get-VMCCommand', 'Connect-VMCVIServer', 'Get-VMCOrg', 'Get-VMCSDDC', + 'Get-VMCTask', 'Get-VMCSDDCDefaultCredential', 'Get-VMCSDDCPublicIP', 'Get-VMCVMHost', + 'Get-VMCSDDCVersion', 'Get-VMCFirewallRule', 'Export-VMCFirewallRule', 'Import-VMCFirewallRule', + 'Remove-VMCFirewallRule', 'Get-VMCLogicalNetwork', 'Remove-VMCLogicalNetwork', 'New-VMCLogicalNetwork', + 'Get-VMCSDDCSummary', 'Get-VMCPublicIP', 'New-VMCPublicIP', 'Remove-VMCPublicIP', 'Set-VMCSDDC', + 'Get-VMCEdge', 'Get-VMCEdgeNic', 'Get-VMCEdgeStatus', 'Get-VMCEdgeNicStat', 'Get-VMCEdgeUplinkStat', + 'Get-VMCSDDCCluster', 'New-VMCSDDCCluster', 'Remove-VMCSDDCCluster' \ No newline at end of file diff --git a/Modules/VMware.VMEncryption/VMware.VMEncryption.psd1 b/Modules/VMware.VMEncryption/VMware.VMEncryption.psd1 index aa83854..8a93a97 100644 --- a/Modules/VMware.VMEncryption/VMware.VMEncryption.psd1 +++ b/Modules/VMware.VMEncryption/VMware.VMEncryption.psd1 @@ -49,7 +49,7 @@ Copyright = 'Copyright (c) 2016 VMware, Inc. All rights reserved.' # Modules that must be imported into the global environment prior to importing this module RequiredModules = @( -@{"ModuleName"="VMware.VimAutomation.Core";"ModuleVersion"="10.1.0.8346946"} +@{"ModuleName"="VMware.VimAutomation.Core";"ModuleVersion"="10.1.0.8344055"} ) # Assemblies that must be loaded prior to importing this module diff --git a/Modules/VMware.VsanEncryption/README.md b/Modules/VMware.VsanEncryption/README.md new file mode 100644 index 0000000..8037171 --- /dev/null +++ b/Modules/VMware.VsanEncryption/README.md @@ -0,0 +1,7 @@ +Prerequisites/Steps to use this module: + +1. This module only works for vSphere products that support vSAN Encryption. E.g. vSAN 6.6 and later with a vSAN Enterprise license +2. All the functions in this module only work for KMIP Servers. +3. Install the latest version of Powershell and PowerCLI(11). +4. Import this module by running: Import-Module -Name "location of this module" +5. Get-Command -Module "This module Name" to list all available functions. \ No newline at end of file diff --git a/Modules/VMware.VsanEncryption/VMware.VsanEncryption.psd1 b/Modules/VMware.VsanEncryption/VMware.VsanEncryption.psd1 new file mode 100644 index 0000000..47b0ca3 Binary files /dev/null and b/Modules/VMware.VsanEncryption/VMware.VsanEncryption.psd1 differ diff --git a/Modules/VMware.VsanEncryption/VMware.VsanEncryption.psm1 b/Modules/VMware.VsanEncryption/VMware.VsanEncryption.psm1 new file mode 100644 index 0000000..870bd44 --- /dev/null +++ b/Modules/VMware.VsanEncryption/VMware.VsanEncryption.psm1 @@ -0,0 +1,341 @@ +# Script Module : VMware.VsanEncryption +# Version : 1.0 +# Author : Jase McCarty, VMware Storage & Availability Business Unit + +# Copyright © 2018 VMware, Inc. All Rights Reserved. + +# Permission is hereby granted, free of charge, to any person obtaining a copy of +# this software and associated documentation files (the "Software"), to deal in +# the Software without restriction, including without limitation the rights to +# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +# of the Software, and to permit persons to whom the Software is furnished to do +# so, subject to the following conditions: + +# The above copyright notice and this permission notice shall be included in all +# copies or substantial portions of the Software. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +# SOFTWARE. + + +Function Invoke-VsanEncryptionRekey { + <# + .SYNOPSIS + This function will initiate a ReKey of a vSAN Cluster. Shallow ReKeying (KEK Only) or Deep ReKeying (DEK Also) are supported, as well as Reduced Redundancy if necessary. + + .DESCRIPTION + This function will initiate a ReKey of a vSAN Cluster. Shallow ReKeying (KEK Only) or Deep ReKeying (DEK Also) are supported, as well as Reduced Redundancy if necessary. + + .PARAMETER Cluster + Specifies the Cluster to perform the rekey process on + + .PARAMETER DeepRekey + Use to invoke a Deep Rekey ($true) or a Shallow ($false or omit) + + .PARAMETER ReducedRedundancy + For clusters that have 4 or more hosts, this will allow for reduced redundancy. + For clusters that have 2 or 3 hosts, this does not need to be set (can be). + + .EXAMPLE + C:\PS>Invoke-VsanEncryptionRekey -Cluster "ClusterName" -DeepRekey $true/$false -ReducedRedundancy $true/$false + + #> + + # Set our Parameters + [CmdletBinding()]Param( + [Parameter(Mandatory = $True)][String]$Cluster, + [Parameter(Mandatory = $False)][Boolean]$DeepRekey, + [Parameter(Mandatory = $False)][Boolean]$ReducedRedundancy + ) + + # Get the Cluster + $VsanCluster = Get-Cluster -Name $Cluster + + # Get the vSAN Cluster Configuration View + $VsanVcClusterConfig = Get-VsanView -Id "VsanVcClusterConfigSystem-vsan-cluster-config-system" + + # Get Encryption State + $EncryptedVsan = $VsanVcClusterConfig.VsanClusterGetConfig($VsanCluster.ExtensionData.MoRef).DataEncryptionConfig + + # If vSAN is enabled and it is Encrypted + If($VsanCluster.vSanEnabled -And $EncryptedVsan.EncryptionEnabled){ + + # Get a count of hosts to guarantee reduced redundancy for 2 and 3 node clusters + $HostCount = $VsanCluster | Select @{n="count";e={($_ | Get-VMHost).Count}} + + # If reduced redundancy is specified, or there are less than 4 hosts, force reduced redundancy + If (($ReducedRedundancy -eq $true) -or ($HostCount.Value -lt 4)) { + + } + # Determine Rekey Type for messaging + Switch ($DeepRekey) { + $true { $ReKeyType = "deep"} + default { $ReKeyType = "shallow"} + } + + # Determine Reduced Redundancy for messaging + Switch ($ReducedRedundancy) { + $true { $RRMessage = "with reduced redundancy"} + default { $RRMessage = ""} + } + + # Echo task being performed + Write-Host "Executing $ReKeyType rekey of vSAN Cluster $VsanCluster $RRMessage" + + # Execute the rekeying task + $ReKeyTask = $VsanVcClusterConfig.VsanEncryptedClusterRekey_Task($VsanCluster.ExtensionData.MoRef,$DeepRekey,$ReducedRedundancy) + } +} + +Function Set-VsanEncryptionKms { + <# + .SYNOPSIS + This function will set the KMS to be used with vSAN Encryption + + .DESCRIPTION + This function will set the KMS to be used with vSAN Encryption + + .PARAMETER Cluster + Specifies the Cluster to set the KMS server for + + .PARAMETER KmsCluster + Use to set the KMS Cluster to be used with vSAN Encryption + + .EXAMPLE + C:\PS>Set-VsanEncryptionKms -Cluster "ClusterName" -KmsCluster "vCenter KMS Cluster Entry" + + #> + + # Set our Parameters + [CmdletBinding()]Param( + [Parameter(Mandatory = $True)][String]$Cluster, + [Parameter(Mandatory = $False)][String]$KmsCluster + ) + + # Get the Cluster + $VsanCluster = Get-Cluster -Name $Cluster + + # Get the list of KMS Servers that are included + $KmsClusterList = Get-KmsCluster + + # Was a KMS Cluster Specified? + # Specified: Is it in the list? + # Is it not in the list? + # Not Specified: Present a list + If ($KmsCluster) { + If ($KmsClusterList.Name.Contains($KmsCluster)) { + Write-Host "$KmsCluster In the list, proceeding" -ForegroundColor Green + $KmsClusterProfile = $KmsClusterList | Where-Object {$_.Name -eq $KmsCluster} + } else { + + $Count = 0 + Foreach ($KmsClusterItem in $KmsClusterList) { + Write-Host "$Count) $KmsClusterItem " + $Count = $Count + 1 + } + $KmsClusterEntry = Read-Host -Prompt "$KmsCluster is not valid, please select one of the existing KMS Clusters to use" + Write-Host $KmsClusterList[$KmsClusterEntry] + $KmsClusterProfile = $KmsClusterList[$KmsClusterEntry] + } + } else { + + $Count = 0 + Foreach ($KmsClusterItem in $KmsClusterList) { + Write-Host "$Count) $KmsClusterItem " + $Count = $Count + 1 + } + $KmsClusterEntry = Read-Host -Prompt "No KMS provided, please select one of the existing KMS Clusters to use" + Write-Host $KmsClusterList[$KmsClusterEntry] + $KmsClusterProfile = $KmsClusterList[$KmsClusterEntry] + } + + # Get the vSAN Cluster Configuration View + $VsanVcClusterConfig = Get-VsanView -Id "VsanVcClusterConfigSystem-vsan-cluster-config-system" + + # Get Encryption State + $EncryptedVsan = $VsanVcClusterConfig.VsanClusterGetConfig($VsanCluster.ExtensionData.MoRef).DataEncryptionConfig + + # If vSAN is enabled and it is Encrypted + If($VsanCluster.vSanEnabled -And $EncryptedVsan.EncryptionEnabled){ + + If ($EncryptedVsan.KmsProviderId.Id -eq $KmsClusterProfile.Name) { + # If the Specified KMS Profile is the KMS Profile being used, then don't do anything + Write-Host $EncryptedVsan.KmsProviderId.Id "is already the assigned KMS Cluster Profile, exiting" + } else { + Write-Host "Changing the KMS Profile to $KmsClusterProfile on Cluster $VsanCluster" + + # Setup the KMS Provider Id Specification + $KmsProviderIdSpec = New-Object VMware.Vim.KeyProviderId + $KmsProviderIdSpec.Id = $KmsClusterProfile.Name + + # Setup the Data Encryption Configuration Specification + $DataEncryptionConfigSpec = New-Object VMware.Vsan.Views.VsanDataEncryptionConfig + $DataEncryptionConfigSpec.KmsProviderId = $KmsProviderIdSpec + $DataEncryptionConfigSpec.EncryptionEnabled = $true + + # Set the Reconfigure Specification to use the Data Encryption Configuration Spec + $vsanReconfigSpec = New-Object VMware.Vsan.Views.VimVsanReconfigSpec + $vsanReconfigSpec.DataEncryptionConfig = $DataEncryptionConfigSpec + + # Execute the task of changing the KMS Cluster Profile Being Used + $ChangeKmsTask = $VsanVcClusterConfig.VsanClusterReconfig($VsanCluster.ExtensionData.MoRef,$vsanReconfigSpec) + } + + } + } + + Function Get-VsanEncryptionKms { + <# + .SYNOPSIS + This function will set the KMS to be used with vSAN Encryption + + .DESCRIPTION + This function will set the KMS to be used with vSAN Encryption + + .PARAMETER Cluster + Specifies the Cluster to set the KMS server for + + .EXAMPLE + C:\PS>Get-VsanEncryptionKms -Cluster "ClusterName" + #> + + # Set our Parameters + [CmdletBinding()]Param([Parameter(Mandatory = $True)][String]$Cluster) + + # Get the Cluster + $VsanCluster = Get-Cluster -Name $Cluster + + # Get the vSAN Cluster Configuration View + $VsanVcClusterConfig = Get-VsanView -Id "VsanVcClusterConfigSystem-vsan-cluster-config-system" + + # Get Encryption State + $EncryptedVsan = $VsanVcClusterConfig.VsanClusterGetConfig($VsanCluster.ExtensionData.MoRef).DataEncryptionConfig + + # If vSAN is enabled and it is Encrypted + If($VsanCluster.vSanEnabled -And $EncryptedVsan.EncryptionEnabled){ + + $EncryptedVsan.KmsProviderId.Id + } +} + +Function Set-VsanEncryptionDiskWiping { + <# + .SYNOPSIS + This function will update the Disk Wiping option in vSAN Encryption + + .DESCRIPTION + This function will update the Disk Wiping option in vSAN Encryption + + .PARAMETER Cluster + Specifies the Cluster set the Disk Wiping Setting on + + .PARAMETER DiskWiping + Use to set the Disk Wiping setting for vSAN Encryption + + .EXAMPLE + C:\PS>Set-VsanEncryptionDiskWiping -Cluster "ClusterName" -DiskWiping $true + + .EXAMPLE + C:\PS>Set-VsanEncryptionDiskWiping -Cluster "ClusterName" -DiskWiping $false + + #> + + # Set our Parameters + [CmdletBinding()]Param( + [Parameter(Mandatory = $True)][String]$Cluster, + [Parameter(Mandatory = $True)][Boolean]$DiskWiping + ) + + # Get the Cluster + $VsanCluster = Get-Cluster -Name $Cluster + + # Get the vSAN Cluster Configuration View + $VsanVcClusterConfig = Get-VsanView -Id "VsanVcClusterConfigSystem-vsan-cluster-config-system" + + # Get Encryption State + $EncryptedVsan = $VsanVcClusterConfig.VsanClusterGetConfig($VsanCluster.ExtensionData.MoRef).DataEncryptionConfig + + # If vSAN is enabled and it is Encrypted + If($VsanCluster.vSanEnabled -And $EncryptedVsan.EncryptionEnabled){ + + # Determine Rekey Type for messaging + Switch ($DiskWiping) { + $true { $DiskWipingSetting = "enabled" } + default { $DiskWipingSetting = "disabled" } + } + + # Check to see the current Disk Wiping value + If ($DiskWiping -eq $EncryptedVsan.EraseDisksBeforeUse) { + Write-Host "Disk Wiping is already $DiskWipingSetting" -ForegroundColor "Green" + Write-Host "No action necessary" -ForegroundColor "Green" + + } else { + + Write-Host "Disk Wiping is not set to $DiskWipingSetting" -ForegroundColor "Yellow" + Write-Host "Changing Disk Wiping setting on Cluster $VsanCluster" -ForegroundColor "Blue" + + # Setup the Data Encryption Configuration Specification + $DataEncryptionConfigSpec = New-Object VMware.Vsan.Views.VsanDataEncryptionConfig + $DataEncryptionConfigSpec.EncryptionEnabled = $true + $DataEncryptionConfigSpec.EraseDisksBeforeUse = $DiskWiping + + # Set the Reconfigure Specification to use the Data Encryption Configuration Spec + $vsanReconfigSpec = New-Object VMware.Vsan.Views.VimVsanReconfigSpec + $vsanReconfigSpec.DataEncryptionConfig = $DataEncryptionConfigSpec + + # Execute the task of changing the KMS Cluster Profile Being Used + $VsanVcClusterConfig.VsanClusterReconfig($VsanCluster.ExtensionData.MoRef,$vsanReconfigSpec) + + } + } +} + +Function Get-VsanEncryptionDiskWiping { + <# + .SYNOPSIS + This function will retrieve the Disk Wiping option setting in vSAN Encryption + + .DESCRIPTION + This function will retrieve the Disk Wiping option setting in vSAN Encryption + + .PARAMETER Cluster + Specifies the Cluster set the Disk Wiping Setting on + + .EXAMPLE + C:\PS>Get-VsanEncryptionDiskWiping -Cluster "ClusterName" + + #> + + # Set our Parameters + [CmdletBinding()]Param([Parameter(Mandatory = $True)][String]$Cluster) + + # Get the Cluster + $VsanCluster = Get-Cluster -Name $Cluster + + # Get the vSAN Cluster Configuration View + $VsanVcClusterConfig = Get-VsanView -Id "VsanVcClusterConfigSystem-vsan-cluster-config-system" + + # Get Encryption State + $EncryptedVsan = $VsanVcClusterConfig.VsanClusterGetConfig($VsanCluster.ExtensionData.MoRef).DataEncryptionConfig + + # If vSAN is enabled and it is Encrypted + If($VsanCluster.vSanEnabled -And $EncryptedVsan.EncryptionEnabled){ + + # Change the setting + $EncryptedVsan.EraseDisksBeforeUse + } +} + + + +# Export Function for vSAN Rekeying +Export-ModuleMember -Function Invoke-VsanEncryptionRekey +Export-ModuleMember -Function Set-VsanEncryptionKms +Export-ModuleMember -Function Get-VsanEncryptionKms +Export-ModuleMember -Function Set-VsanEncryptionDiskWiping +Export-ModuleMember -Function Get-VsanEncryptionDiskWiping \ No newline at end of file diff --git a/Modules/Validate-ESXiPackages/Validate-ESXiPackages.psm1 b/Modules/Validate-ESXiPackages/Validate-ESXiPackages.psm1 new file mode 100644 index 0000000..ccf5d85 --- /dev/null +++ b/Modules/Validate-ESXiPackages/Validate-ESXiPackages.psm1 @@ -0,0 +1,82 @@ +function Validate-ESXiPackages { + <# + .DESCRIPTION + Compares all ESXi Host VIBs within a vSphere with a reference Hosts. + + .NOTES + File Name : Validate-ESXiPackages.ps1 + Author : Markus Kraus + Version : 1.0 + State : Ready + + Tested Against Environment: + + vSphere Version: 6.0 U2, 6.5 U1 + PowerCLI Version: PowerCLI 10.0.0 build 7895300 + PowerShell Version: 4.0 + OS Version: Windows Server 2012 R2 + + .LINK + https://mycloudrevolution.com/ + + .EXAMPLE + Validate-ESXiPackages -Cluster (Get-Cluster) -RefernceHost (Get-VMHost | Select-Object -First 1) + + .PARAMETER Cluster + vSphere Cluster to verify + + .PARAMETER RefernceHost + The VIB Reference ESXi Host + #> + + [CmdletBinding()] + param( + [Parameter(Mandatory=$True, ValueFromPipeline=$True, HelpMessage="vSphere Cluster to verify")] + [ValidateNotNullorEmpty()] + [VMware.VimAutomation.ViCore.Impl.V1.Inventory.ComputeResourceImpl] $Cluster, + [Parameter(Mandatory=$True, ValueFromPipeline=$false, HelpMessage="The VIB Reference ESXi Host")] + [ValidateNotNullorEmpty()] + [VMware.VimAutomation.ViCore.Impl.V1.Inventory.InventoryItemImpl] $RefernceHost + ) + + Process { + + #region: Get reference VIBs + $EsxCli2 = Get-ESXCLI -VMHost $RefernceHost -V2 + $RefernceVibList = $esxcli2.software.vib.list.invoke() + #endregion + + #region: Compare reference VIBs + $MyView = @() + foreach ($VmHost in ($Cluster | Get-VMHost)) { + + $EsxCli2 = Get-ESXCLI -VMHost $VmHost -V2 + $VibList = $esxcli2.software.vib.list.invoke() + [Array]$VibDiff = Compare-Object -ReferenceObject $RefernceVibList.ID -DifferenceObject $VibList.ID + + if($VibDiff.Count -gt 0) { + $VibDiffSideIndicator = @() + foreach ($Item in $VibDiff) { + $VibDiffSideIndicator += $($Item.SideIndicator + " " + $Item.InputObject) + } + } + else { + $VibDiffSideIndicator = $null + } + + $Report = [PSCustomObject] @{ + Host = $VmHost.Name + Version = $VmHost.Version + Build = $VmHost.Build + VibDiffCount = $VibDiff.Count + VibDiff = $VibDiff.InputObject + VibDiffSideIndicator = $VibDiffSideIndicator + } + $MyView += $Report + + } + #region: Compare reference VIBs + + $MyView + } +} \ No newline at end of file diff --git a/Modules/vCenterCEIP/vCenterCEIP.psm1 b/Modules/vCenterCEIP/vCenterCEIP.psm1 new file mode 100755 index 0000000..3d5e903 --- /dev/null +++ b/Modules/vCenterCEIP/vCenterCEIP.psm1 @@ -0,0 +1,74 @@ +Function Get-VCenterCEIP { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 01/23/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Retrieves the the Customer Experience Improvement Program (CEIP) setting for vCenter Server + .DESCRIPTION + This cmdlet retrieves the the CEIP setting for vCenter Server + .EXAMPLE + Get-VCenterCEIP + #> + If (-Not $global:DefaultVIServer.IsConnected) { Write-error "No valid VC Connection found, please use the Connect-VIServer to connect"; break } Else { + $ceipSettings = (Get-AdvancedSetting -Entity $global:DefaultVIServer -Name VirtualCenter.DataCollector.ConsentData).Value.toString() | ConvertFrom-Json + $ceipEnabled = $ceipSettings.consentConfigurations[0].consentAccepted + + $tmp = [pscustomobject] @{ + VCENTER = $global:DefaultVIServer.Name; + CEIP = $ceipEnabled; + } + $tmp + } +} +Function Set-VCenterCEIP { + <# + .NOTES + =========================================================================== + Created by: William Lam + Date: 01/23/2019 + Organization: VMware + Blog: http://www.virtuallyghetto.com + Twitter: @lamw + =========================================================================== + + .SYNOPSIS + Enables or Disables the Customer Experience Improvement Program (CEIP) setting for vCenter Server + .DESCRIPTION + This cmdlet enables or disables the CEIP setting for vCenter Server + .EXAMPLE + Set-VCenterCEIP -Enabled + .EXAMPLE + Set-VCenterCEIP -Disabled + #> + Param ( + [Switch]$Enabled, + [Switch]$Disabled + ) + If (-Not $global:DefaultVIServer.IsConnected) { Write-error "No valid VC Connection found, please use the Connect-VIServer to connect"; break } Else { + $ceipSettings = (Get-AdvancedSetting -Entity $global:DefaultVIServer -Name VirtualCenter.DataCollector.ConsentData).Value.toString() | ConvertFrom-Json + If($Enabled) { + $originalVersion = $ceipSettings.version + $ceipSettings.version = [int]$originalVersion + 1 + $ceipSettings.consentConfigurations[0].consentAccepted = $True + $ceipSettings.consentConfigurations[1].consentAccepted = $True + $updatedceipSettings = $ceipSettings | ConvertTo-Json + Write-Host "Enabling Customer Experience Improvement Program (CEIP) ..." + Get-AdvancedSetting -Entity $global:DefaultVIServer -Name VirtualCenter.DataCollector.ConsentData | Set-AdvancedSetting -Value $updatedceipSettings -Confirm:$false + } else { + $originalVersion = $ceipSettings.version + $ceipSettings.version = [int]$originalVersion + 1 + $ceipSettings.consentConfigurations[0].consentAccepted = $False + $ceipSettings.consentConfigurations[1].consentAccepted = $False + $updatedceipSettings = $ceipSettings | ConvertTo-Json + Write-Host "Disablng Customer Experience Improvement Program (CEIP) ..." + Get-AdvancedSetting -Entity $global:DefaultVIServer -Name VirtualCenter.DataCollector.ConsentData | Set-AdvancedSetting -Value $updatedceipSettings -Confirm:$false + } + } +} diff --git a/README.md b/README.md index 86afe3e..a82900f 100644 --- a/README.md +++ b/README.md @@ -20,8 +20,8 @@ * [Security](https://github.com/vmware/PowerCLI-Example-Scripts#security) * [Resource Maintenance](https://github.com/vmware/PowerCLI-Example-Scripts#resource-maintenance) * [Maintenance Ownership](https://github.com/vmware/PowerCLI-Example-Scripts#maintenance-ownership) - * [Filing issues](https://github.com/vmware/PowerCLI-Example-Scripts#filing-isssues) - * [Resolving issues](https://github.com/vmware/PowerCLI-Example-Scripts#resolving-issues) + * [Filing Issues](https://github.com/vmware/PowerCLI-Example-Scripts#filing-isssues) + * [Resolving Issues](https://github.com/vmware/PowerCLI-Example-Scripts#resolving-issues) * [Additional Resources](https://github.com/vmware/PowerCLI-Example-Scripts#additional-resources) * [Discussions](https://github.com/vmware/PowerCLI-Example-Scripts#discussions) * [VMware Sample Exchange](https://github.com/vmware/PowerCLI-Example-Scripts#vmware-sample-exchange) diff --git a/Scripts/At_Your_Fingertips/NewProfile.ps1 b/Scripts/At_Your_Fingertips/NewProfile.ps1 new file mode 100644 index 0000000..66ea5aa --- /dev/null +++ b/Scripts/At_Your_Fingertips/NewProfile.ps1 @@ -0,0 +1,128 @@ +# +# Provide environment information in the PS Console +# +# History: +# 1.0 - August 4th 2019 - LucD +# Initial version (for session HBI1729BU VMworld US 2019) +# 2.0 - September 9th 2019 - virtualex +# Added PowerShell-Core compatibility +# +# 1) PS prompt +# - current (local) time +# - execution time of the previous command +# - shortened PWD +# 2) Window title +# - User/Admin +# - PS-32/64-Edition-Version +# - PCLI version +# - git repo/branch +# - VC/ESXi:defaultServer-User [# connections] + +function prompt +{ + # Current time + $date = (Get-Date).ToString('HH:mm:ss') + Write-Host -Object '[' -NoNewLine + Write-Host -Object $date -ForegroundColor Cyan -BackgroundColor DarkBlue -NoNewline + Write-Host -Object ']' -NoNewLine + + # Execution time previous command + $history = Get-History -ErrorAction Ignore -Count 1 + if ($history) + { + $time = ([DateTime](New-TimeSpan -Start $history.StartExecutionTime -End $history.EndExecutionTime).Ticks).ToString('HH:mm:ss.ffff') + Write-Host -Object '[' -NoNewLine + Write-Host -Object "$time" -ForegroundColor Yellow -BackgroundColor DarkBlue -NoNewLine + Write-Host -Object '] ' -NoNewLine + } + + # Shortened PWD + $path = $pwd.Path.Split('\') + if ($path.Count -gt 3) + { + $path = $path[0], '..', $path[-2], $path[-1] + } + Write-Host -Object "$($path -join '\')" -NoNewLine + + # Prompt function needs to return something, + # otherwise the default 'PS>' will be added + "> " + + # Refresh the window's title + Set-Title +} + +function Set-Title +{ + # Running as Administrator or a regular user + If (($PSEdition -eq 'Core') -and ($IsWindows -eq 'True') -or ($PSEdition -ine 'Core')) + { + $userInfo = [Security.Principal.WindowsIdentity]::GetCurrent() + if ((New-Object Security.Principal.WindowsPrincipal $userInfo).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)) + { + $role = 'Admin' + } + else + { + $role = 'User' + } + } + + # Usertype user@hostname + If (($PSEdition -eq 'Core') -and ($IsWindows -ine 'True')) { + $env:computername = hostname + $user = "$($env:user)@$($env:computername)" + } + Else { + $user = "$role $($userInfo.Name)@$($env:computername)" + } + + # PowerShell environment/PS version + $bits = 32 + if ([Environment]::Is64BitProcess) + { + $bits = 64 + } + $ps = " - PS-$($bits): $PSEdition/$($PSVersionTable.PSVersion.ToString())" + + # PowerCLI version (derived from module VMware.PowerCLI) + $pcliModule = Get-Module -Name VMware.PowerCLI -ListAvailable | + Sort-Object -Property Version -Descending | + Select-Object -First 1 + $pcli = " - PCLI: $(if($pcliModule){$pcliModule.Version.ToString()}else{'na'})" + + # If git is present and if in a git controlled folder, display repositoryname/current_branch + $gitStr = '' + if ((Get-Command -Name 'git' -CommandType Application -ErrorAction SilentlyContinue).Count -gt 0) + { + $gitTopLevel = & { git rev-parse --show-toplevel 2> $null } + if ($gitTopLevel.Length -ne 0) + { + $gitRepo = Split-Path -Path $gitTopLevel -Leaf + $gitBranch = (git branch | Where-Object { $_ -match "\*" }).Trimstart('* ') + $gitStr = " - git: $gitRepo/$gitBranch" + } + } + + # If there is an open vSphere Server connection + # display [VC|ESXi] last_connected_server-connected_user [number of open server connections] + if ($global:defaultviserver) + { + $vcObj = (Get-Variable -Scope global -Name 'DefaultVIServer').Value + if ($vcObj.ProductLine -eq 'vpx') + { + $vcSrv = 'VC' + } + else + { + $vcSrv = 'ESXi' + } + $vc = " - $($vcSrv): $($vcObj.Name)-$($vcObj.User) [$($global:DefaultVIServers.Count)]" + } + + # Update the Window's title + $host.ui.RawUI.WindowTitle = "$user$ps$pcli$vc$gitStr" +} + +# Set title after starting session +Set-Title diff --git a/Scripts/At_Your_Fingertips/install-profile.ps1 b/Scripts/At_Your_Fingertips/install-profile.ps1 new file mode 100644 index 0000000..0d7919f --- /dev/null +++ b/Scripts/At_Your_Fingertips/install-profile.ps1 @@ -0,0 +1,60 @@ +[cmdletbinding(SupportsShouldProcess = $true, ConfirmImpact = 'High')] +param( + # [Parameter(Mandatory = $true)] + [ValidateSet('CurrentUserCurrentHost', 'CurrentUserAllHosts', + 'AllUsersCurrentHost', 'AllUsersAllHosts')] + [string]$Scope, + [switch]$NoClobber, + [switch]$Backup, + [string]$NewProfile = '.\NewProfile.ps1' +) + +if ($PSCmdlet.ShouldProcess("$($Profile.$Scope)", "Create $Scope profile")) +{ + $profilePath = $Profile."$Scope" + Write-Verbose -Message "Target is $profilePath" + $createProfile = $true + if (Test-Path -Path $profilePath) + { + Write-Verbose -Message "Target exists" + if ($NoClobber) + { + Write-Verbose -Message "Cannot overwrite target due to NoClobber" + $createProfile = $false + } + elseif ($Backup) + { + Write-Verbose -Message "Create a backup as $profilePath.bak" + Copy-Item -Path $profilePath -Destination "$profilePath.bak" -Confirm:$false -Force + } + elseif (-not $NoClobber) + { + Write-Verbose -Message "Target will be overwritten" + } + else + { + Write-Verbose -Message "Use -NoClobber:$false or -Backup" + } + } + if ($createProfile) + { + if (-not $NewProfile) + { + $script:MyInvocation.MyCommand | select * + $folder = Split-Path -Parent -Path $script:MyInvocation.MyCommand.Path + $folder = Get-Location + $NewProfile = "$folder\NewProfile.ps1" + } + Write-Verbose -Message "New profile expected at $NewProfile" + if (Test-Path -Path $NewProfile) + { + Write-Verbose -Message "Copy $NewProfile to $profilePath" + Copy-Item -Path $NewProfile -Destination $profilePath -Confirm:$false + } + else + { + Write-Warning -Message "Could not find the new profile file!" + Write-Warning -Message "Use the NewProfile parameter or store a NewProfile.ps1 file in folder $folder." + } + } +} \ No newline at end of file diff --git a/Scripts/ExportImportTags.ps1 b/Scripts/ExportImportTags.ps1 index e6a1ec7..27b8ae1 100644 --- a/Scripts/ExportImportTags.ps1 +++ b/Scripts/ExportImportTags.ps1 @@ -5,15 +5,23 @@ function Export-Tag { [VMware.VimAutomation.ViCore.Types.V1.VIServer]$Server, [Parameter(Mandatory = $True, Position = 2)] - [string]$Destination + [string]$Destination, + + [Parameter(Mandatory = $False, Position = 3)] + [boolean]$ExportAssignments ) # Retrieve all categories $categoryList = Get-TagCategory -Server $server # Retrieve all tags $tagList = Get-Tag -Server $server - # Store the tags and categories in a list to export them at once - $export = @($categoryList, $tagList) + # Store the tags, categories and assignments (if selected) in a list to export them at once + If ($ExportAssignments) { + $tagAssignments = Get-TagAssignment -Server $server + $export = @($categoryList, $tagList, $tagAssignments) + } else { + $export = @($categoryList, $tagList) + } # Export the tags and categories to the specified destination Export-Clixml -InputObject $export -Path $destination } @@ -25,7 +33,10 @@ function Import-Tag { [VMware.VimAutomation.ViCore.Types.V1.VIServer]$Server, [Parameter(Mandatory = $True, Position = 2)] - [string]$Source + [string]$Source, + + [Parameter(Mandatory = $False, Position = 3)] + [boolean]$ImportAssignments ) # Import the tags and categories from the specified source @@ -62,4 +73,23 @@ function Import-Tag { -Server $server ` | Out-Null } -} \ No newline at end of file + + # Restore the assignments if selected + If ($ImportAssignments) { + # Check for assignments in the file + If ($import[2]) { + # If tags were found, assign them + $tagAssignments = $import[2] + ForEach ($assignment in $tagAssignments) { + New-TagAssignment ` + -Tag (Get-Tag -Server $server -Name $assignment.Tag.Name -Category $assignment.Tag.Category) ` + -Entity (Get-VIObjectByVIView -MORef $assignment.Entity.id) ` + -Server $server ` + | Out-Null + } + } else { + # If no assignments were found, output warning + Write-Warning "Source file does not contain tag assignments." + } + } +} diff --git a/Scripts/Get-Migrations.ps1 b/Scripts/Get-Migrations.ps1 new file mode 100644 index 0000000..8336de7 --- /dev/null +++ b/Scripts/Get-Migrations.ps1 @@ -0,0 +1,12 @@ +<# +Script name: get-migrations.ps1 +Created on: 20/12/2018 +Author: Chris Bradshaw @aldershotchris +Description: The purpose of the script is to list the currently running + recently finished VM migrations. +Dependencies: None known +#> +Function Get-Migrations{ + Get-Task | + Where-Object{$_.Name -eq "RelocateVM_Task"} | + Select-Object @{Name="VM";Expression={Get-VM -Id $_.ObjectID}}, State, @{Name="% Complete";Expression={$_.PercentComplete}},StartTime +} diff --git a/Scripts/Get-TriggeredAlarm.ps1 b/Scripts/Get-TriggeredAlarm.ps1 new file mode 100644 index 0000000..a5d8dc6 --- /dev/null +++ b/Scripts/Get-TriggeredAlarm.ps1 @@ -0,0 +1,62 @@ +function Get-TriggeredAlarm { +<# + .SYNOPSIS + This function lists the triggered alarms for the specified entity in vCenter + .DESCRIPTION + List the triggered alarms for the given object + .NOTES + Author: Kyle Ruddy, @kmruddy, kmruddy.com + .PARAMETER VM + Specifies the name of the VM + .PARAMETER VMHost + Specifies the name of the VMHost + .PARAMETER Datacenter + Specifies the name of the Datacenter + .PARAMETER Datastore + Specifies the name of the Datastore + .EXAMPLE + Get-TriggeredAlarm -VM VMname + + Entity Alarm AlarmStatus AlarmMoRef EntityMoRef + ---- ---- ---- ---- ---- + VMname Name Yellow Alarm-MoRef Entity-MoRef +#> + + [CmdletBinding()] + param( + [string]$VM, + [string]$VMHost, + [string]$Datacenter, + [string]$Datastore + ) + BEGIN { + switch ($PSBoundParameters.Keys) { + 'VM' {$entity = Get-VM -Name $vm -ErrorAction SilentlyContinue} + 'VMHost' {$entity = Get-VMHost -Name $VMHost -ErrorAction SilentlyContinue} + 'Datacenter' {$entity = Get-Datacenter -Name $Datacenter -ErrorAction SilentlyContinue} + 'Datastore' {$entity = Get-Datastore -Name $Datastore -ErrorAction SilentlyContinue} + default {$entity = $null} + } + + if ($null -eq $entity) { + Write-Warning "No vSphere object found." + break + } + } + PROCESS { + if ($entity.ExtensionData.TriggeredAlarmState -ne "") { + $alarmOutput = @() + foreach ($alarm in $entity.ExtensionData.TriggeredAlarmState) { + $tempObj = "" | Select-Object -Property Entity, Alarm, AlarmStatus, AlarmMoRef, EntityMoRef + $tempObj.Entity = Get-View $alarm.Entity | Select-Object -ExpandProperty Name + $tempObj.Alarm = Get-View $alarm.Alarm | Select-Object -ExpandProperty Info | Select-Object -ExpandProperty Name + $tempObj.AlarmStatus = $alarm.OverallStatus + $tempObj.AlarmMoRef = $alarm.Alarm + $tempObj.EntityMoRef = $alarm.Entity + $alarmOutput += $tempObj + } + $alarmOutput | Format-Table -AutoSize + } + } + +} \ No newline at end of file diff --git a/Scripts/Move-DatastoreCluster.ps1 b/Scripts/Move-DatastoreCluster.ps1 new file mode 100644 index 0000000..a01d3bb --- /dev/null +++ b/Scripts/Move-DatastoreCluster.ps1 @@ -0,0 +1,34 @@ +function Move-DatastoreCluster { +<# +.SYNOPSIS + Moves a datastore cluster to a new location +.DESCRIPTION + Will move a datastore cluster to a new location +.NOTES + Author: Kyle Ruddy, @kmruddy +.PARAMETER DatastoreCluster + Specifies the datastore cluster you want to move. +.PARAMETER Destination + Specifies a destination where you want to place the datastore cluster +.EXAMPLE + Move-DatastoreCluster -DatastoreCluster $DSCluster -Destination $DSClusterFolder + Moves the $DSCluster datastore cluster to the specified $DSClusterFolder folder. +#> +[CmdletBinding(SupportsShouldProcess = $True)] + param( + [Parameter(Mandatory=$false,Position=0,ValueFromPipelineByPropertyName=$true)] + [VMware.VimAutomation.ViCore.Types.V1.DatastoreManagement.DatastoreCluster]$DatastoreCluster, + [Parameter(Mandatory=$false,Position=1,ValueFromPipelineByPropertyName=$true)] + [VMware.VimAutomation.ViCore.Types.V1.Inventory.Folder]$Destination + ) + + if ($Global:DefaultVIServer.IsConnected -eq $false) { + Write-Warning -Message "No vCenter Server connection found." + break + } + + If ($Pscmdlet.ShouldProcess($DatastoreCluster,"Move Datastore Cluster")) { + $Destination.ExtensionData.MoveIntoFolder($DatastoreCluster.ExtensionData.MoRef) + } + +} \ No newline at end of file diff --git a/Scripts/NVME Info.ps1 b/Scripts/NVME Info.ps1 index 415b298..dd38a10 100644 --- a/Scripts/NVME Info.ps1 +++ b/Scripts/NVME Info.ps1 @@ -1,11 +1,11 @@ <# .NOTES =========================================================================== - Created by: Alan Renouf - Organization: VMware - Blog: http://virtu-al.net - Twitter: @alanrenouf - =========================================================================== + Created by: Alan Renouf + Organization: VMware + Blog: http://virtu-al.net + Twitter: @alanrenouf + =========================================================================== #> Foreach ($vmhost in Get-VMHost) { @@ -24,4 +24,4 @@ Foreach ($vmhost in Get-VMHost) { $esxcli.nvme.device.feature.$feature.get.Invoke($currentfeature) } } -} \ No newline at end of file +} diff --git a/Scripts/ReadVMSnapshotConfig.ps1 b/Scripts/ReadVMSnapshotConfig.ps1 new file mode 100644 index 0000000..fe274ee --- /dev/null +++ b/Scripts/ReadVMSnapshotConfig.ps1 @@ -0,0 +1,104 @@ +function Get-VMSnapshotConfigContent { +<# + .SYNOPSIS + Reads .vmsd file content + + .DESCRIPTION + Build the vmsd file http URI following https://code.vmware.com/apis/358/vsphere#/doc/vim.FileManager.html + and reads its content with the session established by Connect-VIServer + + .INPUTS + VirtualMachine + + .OUTPUTS + String - the content of the vmsd file + + .NOTES + Author: Dimitar Milov + Version: 1.0 + + .EXAMPLE + Get-VM | Get-VMSnapshotConfigContent +#> + +[CmdletBinding()] +param( + [Parameter(Mandatory=$true, ValueFromPipeline=$true)] + [ValidateNotNull()] + [VMware.VimAutomation.Types.VirtualMachine] + $VM +) + +PROCESS { + # Create web client from current session + $sessionKey = $vm.GetClient().ConnectivityService.CurrentUserSession.SoapSessionKey + $certValidationHandler = $vm.GetClient().ConnectivityService.GetValidationHandlerForCurrentServer() + $webClient = [vmware.vimautomation.common.util10.httpclientUtil]::CreateHttpClientWithSessionReuse($certValidationHandler, $sessionKey, $null) + + # Build VMSD file http URI + # https://code.vmware.com/apis/358/vsphere#/doc/vim.FileManager.html + $vmName = $vm.Name + $datastoreName = ($vm | Get-Datastore).Name + $dcName = ($vm | Get-Datacenter).Name + $serverAddress = $vm.GetClient().ConnectivityService.ServerAddress + $vmsdUri = [uri]"https://$serverAddress/folder/$vmName/$vmName.vmsd?dcPath=$dcName&dsName=$datastoreName" + + # Get VMSD content as string + $task = $webClient.GetAsync($vmsdUri) + $task.Wait() + $vmsdContent = $task.Result.Content.ReadAsStringAsync().Result + + # Dispose web client + $webClient.Dispose() + + # Result + $vmsdContent +} + +} + +function Get-VMSnapshotConfigSetting { +<# + .SYNOPSIS + Gets the value of a specified key from the snapshot config file content + + .DESCRIPTION + Reads the VM's snapshot config file and searches for specified key. + If key is found its value is returned as an output + + .INPUTS + VirtualMachine and key + + .OUTPUTS + String - config value for the specified key + + .NOTES + Author: Dimitar Milov + Version: 1.0 + + .EXAMPLE + Get-VM | Get-VMSnapshotConfigSetting -Key "numSentinels" +#> +[CmdletBinding()] +param( + [Parameter(Mandatory=$true, ValueFromPipeline=$true)] + [ValidateNotNull()] + [VMware.VimAutomation.Types.VirtualMachine] + $VM, + + [Parameter(Mandatory=$true)] + [ValidateNotNull()] + [string] + $Key +) + +PROCESS { + $content = Get-VMSnapshotConfigContent -vm $vm + + $keyMatch = $content | Select-String ('{0} = "(?.*)"' -f $key) + + if ($keyMatch.Matches -ne $null) { + $keyMatch.Matches[0].Groups["value"].Value + } +} +} diff --git a/Scripts/Save-PowerCLI.ps1 b/Scripts/Save-PowerCLI.ps1 new file mode 100644 index 0000000..495c153 --- /dev/null +++ b/Scripts/Save-PowerCLI.ps1 @@ -0,0 +1,158 @@ +function Save-PowerCLI { +<# +.SYNOPSIS + Advanced function which can be used to easily download specific versions of PowerCLI from an online gallery +.DESCRIPTION + Downloads a specific version of PowerCLI and all the dependencies at the appropriate version +.NOTES + Author: 1.0 - Dimitar Milov + Author: 2.0 - Kyle Ruddy, @kmruddy + Author: 2.1 - Luc Dekens, @LucD22 + - fixed issue with downloading the correct versions + - added a working cleanup of unwanted versions +.PARAMETER RequiredVersion + Dynamic parameter used to specify the PowerCLI version +.PARAMETER Path + Directory path where the modules should be downloaded +.PARAMETER Repository + Repository to access the PowerCLI modules +.PARAMETER Simple + Switch used to specify the nested version folders should be removed (therefore adding PowerShell 3/4 compatibility) +.EXAMPLE + Save-PowerCLI -RequiredVersion '10.0.0.7895300' -Path .\Downloads\ + Downloads PowerCLI 10.0.0 to the Downloads folder +.EXAMPLE + Save-PowerCLI -RequiredVersion '6.5.2.6268016' -Path .\Downloads\ -Simple + Downloads PowerCLI 6.5.2 to the Downloads folder and removes the nested version folders +#> + [CmdletBinding(SupportsShouldProcess = $True)] + param( + [Parameter(Mandatory = $true, Position = 1)] + [ValidateScript( { Test-Path $_} )] + $Path, + [Parameter(Mandatory = $false, Position = 2)] + [string]$Repository = 'PSGallery', + [Parameter(Mandatory = $false, Position = 3)] + [Switch]$Simple + ) + DynamicParam + { + # Set the dynamic parameters name + $ParameterName = 'RequiredVersion' + + # Create the dictionary + $RuntimeParameterDictionary = New-Object System.Management.Automation.RuntimeDefinedParameterDictionary + + # Create the collection of attributes + $AttributeCollection = New-Object System.Collections.ObjectModel.Collection[System.Attribute] + + # Create and set the parameters' attributes + $ParameterAttribute = New-Object System.Management.Automation.ParameterAttribute + $ParameterAttribute.ValueFromPipeline = $true + $ParameterAttribute.ValueFromPipelineByPropertyName = $true + $ParameterAttribute.Mandatory = $true + $ParameterAttribute.Position = 0 + + # Add the attributes to the attributes collection + $AttributeCollection.Add($ParameterAttribute) + + # Generate and set the ValidateSet + $pcliVersions = Find-Module -Name 'VMware.PowerCLI' -AllVersions + $arrSet = $pcliVersions | select-Object -ExpandProperty Version + $ValidateSetAttribute = New-Object System.Management.Automation.ValidateSetAttribute($arrSet) + + # Add the ValidateSet to the attributes collection + $AttributeCollection.Add($ValidateSetAttribute) + + # Create and return the dynamic parameter + $RuntimeParameter = New-Object System.Management.Automation.RuntimeDefinedParameter($ParameterName, [String], $AttributeCollection) + $RuntimeParameterDictionary.Add($ParameterName, $RuntimeParameter) + return $RuntimeParameterDictionary + } + + begin { + $powercliModuleName = 'VMware.PowerCLI' + $desiredPowerCLIModule = Find-Module -Name $powercliModuleName -RequiredVersion $PSBoundParameters.RequiredVersion -Repository $Repository + + $depsOrder = 'VMware.VimAutomation.Sdk', 'VMware.VimAutomation.Common', 'VMware.Vim', 'VMware.VimAutomation.Cis.Core', 'VMware.VimAutomation.Core', 'VMware.VimAutomation.Nsxt', 'VMware.VimAutomation.Vmc', 'VMware.VimAutomation.Vds', 'VMware.VimAutomation.Srm', 'VMware.ImageBuilder', 'VMware.VimAutomation.Storage', 'VMware.VimAutomation.StorageUtility', 'VMware.VimAutomation.License', 'VMware.VumAutomation', 'VMware.VimAutomation.HorizonView', 'VMware.DeployAutomation', 'VMware.VimAutomation.vROps', 'VMware.VimAutomation.PCloud' + $orderedDependencies = @() + foreach ($depModuleName in $depsOrder) { + $orderedDependencies += $desiredPowerCLIModule.Dependencies | Where-Object {$_.Name -eq $depModuleName} + } + + foreach ($remainingDep in $desiredPowerCLIModule.Dependencies) { + if ($orderedDependencies.Name -notcontains $remainingDep.Name) { + $orderedDependencies += $remainingDep + } + + } + } + + process { + # Save PowerCLI Module Version + $desiredPowerCLIModule | Save-Module -Path $Path + + # Working with the depenent modules + foreach ($dependency in $orderedDependencies) { + if (Get-ChildItem -Path (Join-Path $path $dependency.Name) | Where-Object {$_.Name -ne $dependency.MinimumVersion}) { + # Save dependencies with minimum version + Find-Module $dependency.Name -RequiredVersion $dependency.MinimumVersion | Save-Module -Path $Path + } + } + } + + end { + Get-Item -Path "$($Path)\*" -PipelineVariable dir | + ForEach-Object -Process { + $children = Get-ChildItem -Path $dir.FullName -Directory + if($children.Count -gt 1){ + $tgtVersion = $orderedDependencies.GetEnumerator() | where {$_.Name -eq $dir.Name} + $children | where{$_.Name -ne $tgtVersion.MinimumVersion} | + ForEach-Object -Process { + Remove-Item -Path $_.FullName -Recurse -Force -Confirm:$false + } + } + } + + if ($Simple) { + + function FolderCleanup { + param( + [Parameter(Mandatory = $true, Position = 0)] + [ValidateScript( { Test-Path $_} )] + $ParentFolder, + [Parameter(Mandatory = $true, Position = 1)] + [String]$ModuleName, + [Parameter(Mandatory = $true, Position = 2)] + $Version + ) + + + $topFolder = Get-Item -Path (Join-Path $ParentFolder $ModuleName) + $versionFolder = $topFolder | Get-ChildItem -Directory | Where-Object {$_.Name -eq $Version} + $versionFolder | Get-ChildItem | Copy-Item -Destination $topFolder + + # Checking for any nested folders within the PowerCLI module version folder + if ($versionFolder| Get-ChildItem -Directory) { + + # Obtaining and storing the child items to a variable, then copying the items to the parent folder's nested folder + $nestFolder = $versionFolder| Get-ChildItem -Directory + foreach ($nestDir in $nestFolder) { + $nestDir | Get-ChildItem | Copy-Item -Destination (Join-Path $topFolder $nestDir.Name) + } + + } + + # Removing any of the former, no longer needed, directory structure + $versionFolder| Remove-Item -Recurse -Force + } + + FolderCleanup -ParentFolder $Path -ModuleName $desiredPowerCLIModule.Name -Version $desiredPowerCLIModule.Version + foreach ($cleanUp in $orderedDependencies) { + + FolderCleanup -ParentFolder $Path -ModuleName $cleanUp.Name -Version $cleanUp.MinimumVersion + } + + } + } +} diff --git a/Scripts/Set-ClusterDpm.ps1 b/Scripts/Set-ClusterDpm.ps1 new file mode 100644 index 0000000..82292c2 --- /dev/null +++ b/Scripts/Set-ClusterDpm.ps1 @@ -0,0 +1,63 @@ +<# +.NOTES + Script name: Set-ClusterDpm.ps1 + Created on: 10/10/2019 + Author: Doug Taliaferro, @virtually_doug + Description: Configures Distributed Power Management (DPM) on a cluster. + Dependencies: None known + + ===Tested Against Environment==== + vSphere Version: 6.7 + PowerCLI Version: 11.3.0 + PowerShell Version: 5.1 + OS Version: Windows 7, 10 + Keyword: Cluster, DPM +.SYNOPSIS + Configures Distributed Power Management (DPM). + +.DESCRIPTION + Enables/disables Distributed Power Management (DPM) for one or more clusters and optionally sets the automation level. + +.PARAMETER Clusters + Specifies the name of the cluster(s) you want to configure. + +.PARAMETER DpmEnabled + Indicates whether Distributed Power Management (DPM) should be enabled/disabled. + +.PARAMETER DpmAutomationLevel + Specifies the Distributed Power Management (DPM) automation level. The valid values are 'automated' and 'manual'. + +.EXAMPLE + Set-ClusterDpm -Cluster 'Cluster01' -DpmEnabled:$true + +.EXAMPLE + Get-Cluster | Set-ClusterDpm -DpmEnabled:$true -DpmAutomationLevel 'automated' +#> +[CmdletBinding()] +param ( + [Parameter(Mandatory=$true,ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)] + [Alias('Name')] + [string[]]$Clusters, + + [Parameter(Mandatory=$true)] + [bool]$DpmEnabled, + + [Parameter(Mandatory = $false)] + [ValidateSet('automated','manual')] + [string]$DpmAutomationLevel +) +Begin { + # Create a configuration spec + $spec = New-Object VMware.Vim.ClusterConfigSpecEx + $spec.dpmConfig = New-Object VMware.Vim.ClusterDpmConfigInfo + $spec.dpmConfig.enabled = $DpmEnabled + if ($DpmAutomationLevel) { + $spec.dpmConfig.defaultDpmBehavior = $DpmAutomationLevel + } +} +Process { + ForEach ($cluster in $Clusters) { + # Configure the cluster + (Get-Cluster $cluster).ExtensionData.ReconfigureComputeResource_Task($spec, $true) + } +} diff --git a/Scripts/Set-CustomAttributesInGuestinfo.ps1 b/Scripts/Set-CustomAttributesInGuestinfo.ps1 new file mode 100644 index 0000000..d76d3ee --- /dev/null +++ b/Scripts/Set-CustomAttributesInGuestinfo.ps1 @@ -0,0 +1,84 @@ +<# +.NOTES + Script name: Set-CustomAttributesInGuestinfo.ps1 + Created on: 10/04/2018 + Author: Doug Taliaferro, @virtually_doug + Description: Gets Custom Attributes assigned to a VM and makes them available to the guest OS. + Dependencies: None known + + ===Tested Against Environment==== + vSphere Version: 6.5 + PowerCLI Version: 10.0.0.7893909 + PowerShell Version: 5.1.14409.1005 + OS Version: Windows 7, 10 + Keyword: VM, Attributes, Guestinfo + +.SYNOPSIS + Gets Custom Attributes assigned to a VM and makes them available to the guest OS. + +.DESCRIPTION + Gets the custom attributes assigned to one or more VMs and sets their values in the + VM's 'guestinfo' advanced settings. This makes the attributes available within the + guest OS using VM tools (vmtoolsd.exe) and allows the attributes to be used as metadata + for applications or management agents that run inside the guest. If the attribute name + contains spaces they are removed in naming the advanced setting. + + For example, if a VM has a custom attribute named 'Created On', the advanced setting + becomes: + 'guestinfo.CreatedOn' = '08/08/2018 14:24:17' + + This can be retrieved in the guest OS by running: + vmtoolsd.exe --cmd "info-get guestinfo.CreatedOn" + +.PARAMETER VMs + One or more VMs returned from the Get-VM cmdlet. + +.PARAMETER Attributes + The names of the Custom Attributes to get. If the names contain spaces they must be + enclosed in quotes. The spaces will be removed to name the advanced setting. + +.PARAMETER vCenter + The vCenter server to connect to. Optional if you are already connected. + +.EXAMPLE + .\Set-CustomAttributesInGuestInfo.ps1 -VM (get-vm testvm01) -Attributes 'Created On', 'Created By' + + Gets the custom attributes 'Created On' and 'Created By' for 'testvm01' and sets their + values in 'guestinfo.CreatedOn' and 'guestinfo.CreatedBy'. + +.EXAMPLE + .\Set-CustomAttributesInGuestInfo.ps1-VM (get-cluster Dev-01 | get-vm) -Attributes 'Created On' + + Gets the custom attribute 'Created On' for all VMs in the Dev-01 cluster and sets 'guestinfo.CreatedOn' + on each VM. +#> +#Requires -modules VMware.VimAutomation.Core +[CmdletBinding()] +param ( + [Parameter(Mandatory=$true,Position=0)] + $VMs, + [Parameter(Mandatory=$true,Position=1)] + [string[]]$Attributes, + [string]$vCenter +) +if ($vCenter) { + Connect-VIServer $vCenter +} + +ForEach ($vm in $VMs) { + ForEach ($attributeName in $Attributes) { + # Get the custom attribute with a matcing key name + $customField = $vm.CustomFields | Where-Object Key -eq $attributeName + if ($customField) { + # Remove white space from the attribute name because the advanced + # setting name cannot contain spaces + $attributeNameNoSpaces = $customField.Key -replace '\s','' + $guestinfoName = "guestinfo.$attributeNameNoSpaces" + $guestinfoValue = $customField.Value + Write-Host "$($vm): setting '$guestinfoName' = '$guestinfoValue'" + New-AdvancedSetting -Entity $vm -Name $guestinfoName -Value $guestinfoValue -Confirm:$false -Force | Out-Null + } else { + Write-Host "$($vm): custom attribute '$attributeName' not set on this VM" + } + } +} diff --git a/Scripts/Set-NetworkAdapterOpaqueNetwork.ps1 b/Scripts/Set-NetworkAdapterOpaqueNetwork.ps1 new file mode 100644 index 0000000..1310734 --- /dev/null +++ b/Scripts/Set-NetworkAdapterOpaqueNetwork.ps1 @@ -0,0 +1,50 @@ +function Set-NetworkAdapterOpaqueNetwork { +param( + [Parameter(Mandatory = $true, ValueFromPipeline = $true, Position = 1)] + [VMware.VimAutomation.Types.NetworkAdapter] + $NetworkAdapter, + + [Parameter(Mandatory = $true, Position = 2)] + [string] + $OpaqueNetworkName, + + [Parameter()] + [switch] + $Connected, + + [Parameter()] + [switch] + $StartConnected +) +process { + $opaqueNetwork = Get-View -ViewType OpaqueNetwork | ? {$_.Name -eq $OpaqueNetworkName} + if (-not $opaqueNetwork) { + throw "'$OpaqueNetworkName' network not found." + } + + $opaqueNetworkBacking = New-Object VMware.Vim.VirtualEthernetCardOpaqueNetworkBackingInfo + $opaqueNetworkBacking.OpaqueNetworkId = $opaqueNetwork.Summary.OpaqueNetworkId + $opaqueNetworkBacking.OpaqueNetworkType = $opaqueNetwork.Summary.OpaqueNetworkType + + $device = $NetworkAdapter.ExtensionData + $device.Backing = $opaqueNetworkBacking + + if ($StartConnected) { + $device.Connectable.StartConnected = $true + } + + if ($Connected) { + $device.Connectable.Connected = $true + } + + $spec = New-Object VMware.Vim.VirtualDeviceConfigSpec + $spec.Operation = [VMware.Vim.VirtualDeviceConfigSpecOperation]::edit + $spec.Device = $device + $configSpec = New-Object VMware.Vim.VirtualMachineConfigSpec + $configSpec.DeviceChange = @($spec) + $NetworkAdapter.Parent.ExtensionData.ReconfigVM($configSpec) + + # Output + Get-NetworkAdapter -Id $NetworkAdapter.Id + } +} diff --git a/Scripts/Set-TagsInGuestinfo.ps1 b/Scripts/Set-TagsInGuestinfo.ps1 new file mode 100644 index 0000000..c245c05 --- /dev/null +++ b/Scripts/Set-TagsInGuestinfo.ps1 @@ -0,0 +1,98 @@ +<# +.NOTES + Script name: Set-TagsInGuestinfo.ps1 + Created on: 10/02/2018 + Author: Doug Taliaferro, @virtually_doug + Description: Gets the vSphere Tags assigned to a VM and makes them available to the guest OS. + Dependencies: None known + + ===Tested Against Environment==== + vSphere Version: 6.5 + PowerCLI Version: 10.0.0.7893909 + PowerShell Version: 5.1.14409.1005 + OS Version: Windows 7, 10 + Keyword: VM, Tags, Guestinfo + +.SYNOPSIS + Gets the vSphere Tags assigned to a VM and makes them available to the guest OS. + +.DESCRIPTION + Gets the tags assigned to one or more VMs from one or more categories and sets the tag values + in the VM's 'guestinfo' advanced settings. This makes the tags available within the guest OS + using VM tools (vmtoolsd.exe) and allows the tags to be used as metadata for applications or + management agents that run inside the guest. + + For example, if a VM has a tag named 'Accounting' from the + category 'Departments', the advanced setting becomes: + guestinfo.Departments = Accounting + + This can be retrieved in the guest OS by running: + vmtoolsd.exe --cmd "info-get guestinfo.Departments" + + If multiple tags are assigned from the same category, they are joined using the specified + delimter (a semicolon by default): + guestinfo.Departments = Accounting;Sales + +.PARAMETER VMs + One or more VMs returned from the Get-VM cmdlet. + +.PARAMETER Categories + The names of tag categories that should be set in the advanced settings. + + .PARAMETER Delimiter + The delimiting character used for multiple tags of the same category. Defaults to a + semicolon. + +.PARAMETER vCenter + The vCenter server to connect to. Optional if you are already connected. + +.EXAMPLE + .\Set-TagsInGuestInfo.ps1 -VM (get-vm testvm01) -Categories Departments, Environment + + Gets tags assigned to 'testvm01' in the Departments and Environment categories and + sets their values in 'guestinfo.Departments' and 'guestinfo.Environment'. + +.EXAMPLE + .\Set-TagsInGuestInfo.ps1 -VM (get-cluster Dev-01 | get-vm) -Categories Departments + + Gets tags assigned to all VMs in the Dev-01 cluster and sets 'guestinfo.Departments' + on each VM. +#> +#Requires -modules VMware.VimAutomation.Core +[CmdletBinding()] +param ( + [Parameter(Mandatory=$true,Position=0)] + $VMs, + [Parameter(Mandatory=$true,Position=1)] + [string[]]$Categories, + [string]$Delimiter = ';', + [string]$vCenter +) +if ($vCenter) { + Connect-VIServer $vCenter +} + +ForEach ($categoryName in $Categories) { + $category = Get-TagCategory -Name $categoryName + if ($category) { + $guestinfoName = "guestinfo.$category" + + # Get Tag assignments for the VMs + $tags = Get-TagAssignment -Entity $VMs -Category $category + + # Group the tags by VM (in this case the Entity property of Group-Object) + $groups = $tags | Group-Object -Property Entity + + # Get each VM and set the guestinfo + ForEach ($item in $groups) { + $vm = get-vm $item.Name + # Multiple tags of the same category are joined + $guestinfoValue = $item.Group.Tag.Name -join $Delimiter + + Write-Host "$($vm): setting '$guestinfoName' = '$guestinfoValue'" + New-AdvancedSetting -Entity $vm -Name $guestinfoName -Value $guestinfoValue -Confirm:$false -Force | Out-Null + } + } else { + Write-Host "Category '$categoryName' was not found." + } +} diff --git a/Scripts/VMware_Cloud_on_AWS/VMWonAWS_1nodeDeployment.ps1 b/Scripts/VMware_Cloud_on_AWS/VMWonAWS_1nodeDeployment.ps1 index 8b17b16..2a41690 100644 --- a/Scripts/VMware_Cloud_on_AWS/VMWonAWS_1nodeDeployment.ps1 +++ b/Scripts/VMware_Cloud_on_AWS/VMWonAWS_1nodeDeployment.ps1 @@ -7,9 +7,10 @@ # Set details for SDDC $oauthToken = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx" -$sddcName = "PowerCLI-1Node-SDDC" +$sddcName = "PowerCLI-1Host-SDDC" $hostCount = "1" $awsRegion = "US_WEST_2" +$useAwsAccount = $false # --- Deployment code --- # Connect to VMware Cloud Service @@ -18,19 +19,25 @@ Connect-Vmc -RefreshToken $oauthToken | Out-Null # Get ORG ID $orgSvc = Get-VmcService -Name com.vmware.vmc.orgs $org = $orgSvc.List() -Write-Host "Org:"$org.display_name" ID:"$org.id +Write-Output -InputObject "Org: $($org.display_name) ID: $($org.id)" -# Get Linked Account ID -$connAcctSvc = Get-VmcService -Name com.vmware.vmc.orgs.account_link.connected_accounts -$connAcctId = $connAcctSvc.get($org.id) | Select-Object -ExpandProperty id -Write-Host "Account ID: $connAcctId" +# Check to use the already existing AWS account connection +if ($useAwsAccount -eq $true) { + # Get Linked Account ID + $connAcctSvc = Get-VmcService -Name com.vmware.vmc.orgs.account_link.connected_accounts + $connAcctId = $connAcctSvc.get($org.id) | Select-Object -ExpandProperty id + Write-Output -InputObject "Account ID: $connAcctId" -# Get Subnet ID -$compSubnetSvc = Get-VmcService -Name com.vmware.vmc.orgs.account_link.compatible_subnets -$vpcMap = $compSubnetSvc.Get($org.id, $connAcctId, $region) | Select-Object -ExpandProperty vpc_map -$compSubnets = $vpcMap | Select-Object -ExpandProperty Values | Select-Object -ExpandProperty subnets -$compSubnet = $compSubnets | where {$_.name -ne $null} | Select-Object -first 1 -Write-Host "Subnet CIDR"$compSubnet.subnet_cidr_block"ID:"$compSubnet.subnet_id + # Get Subnet ID + $compSubnetSvc = Get-VmcService -Name com.vmware.vmc.orgs.account_link.compatible_subnets + $vpcMap = $compSubnetSvc.Get($org.id, $connAcctId, $region) | Select-Object -ExpandProperty vpc_map + $compSubnets = $vpcMap | Select-Object -ExpandProperty Values | Select-Object -ExpandProperty subnets + $compSubnet = $compSubnets | where {$_.name -ne $null} | Select-Object -first 1 + Write-Output -InputObject "Subnet CIDR $($compSubnet.subnet_cidr_block) ID: $($compSubnet.subnet_id)" +} +elseif ($useAwsAccount -eq $false) { + Write-Output -InputObject "AWS Account Not Configured - you must connect to an AWS account within 14 days of creating this SDDC" +} # Deploy the SDDC $sddcSvc = Get-VmcService com.vmware.vmc.orgs.sddcs @@ -40,12 +47,20 @@ $sddcCreateSpec.Name = $sddcName $sddcCreateSpec.num_hosts = $hostCount if ($org.properties.values.sddcTypes) {$sddcCreateSpec.sddc_type = "1NODE"} $sddcCreateSpec.Provider = "AWS" -$accountLinkSpec = $sddcSvc.Help.create.sddc_config.account_link_sddc_config.Element.Create() -$accountLinkSpec.connected_account_id = $connAcctId -$custSubId0 = $sddcSvc.Help.create.sddc_config.account_link_sddc_config.Element.customer_subnet_ids.Element.Create() -$custSubId0 = $compSubnet.subnet_id -$accountLinkSpec.customer_subnet_ids.Add($custSubId0) | Out-Null -$sddcCreateSpec.account_link_sddc_config.Add($accountLinkSpec) | Out-Null -$sddcCreateSpec + +if ($useAwsAccount -eq $true) { + $accountLinkSpec = $sddcSvc.Help.create.sddc_config.account_link_sddc_config.Element.Create() + $accountLinkSpec.connected_account_id = $connAcctId + $custSubId0 = $sddcSvc.Help.create.sddc_config.account_link_sddc_config.Element.customer_subnet_ids.Element.Create() + $custSubId0 = $compSubnet.subnet_id + $accountLinkSpec.customer_subnet_ids.Add($custSubId0) | Out-Null + $sddcCreateSpec.account_link_sddc_config.Add($accountLinkSpec) | Out-Null +} +elseif ($useAwsAccount -eq $false) { + $accountLinkDelaySpec = $sddcSvc.Help.create.sddc_config.account_link_config.delay_account_link.Create() + $accountLinkDelaySpec = $true + $sddcCreateSpec.account_link_config.delay_account_link = $accountLinkDelaySpec +} + $newSddc = $sddcSvc.create($org.Id, $sddcCreateSpec) -$newSddc \ No newline at end of file +$newSddc | Select-Object resource_id,status,task_type,start_time,task_id \ No newline at end of file diff --git a/Scripts/VMware_Cloud_on_AWS/VMWonAWS_FirewallRuleAccelerator.ps1 b/Scripts/VMware_Cloud_on_AWS/VMWonAWS_FirewallRuleAccelerator.ps1 new file mode 100644 index 0000000..de5b870 --- /dev/null +++ b/Scripts/VMware_Cloud_on_AWS/VMWonAWS_FirewallRuleAccelerator.ps1 @@ -0,0 +1,209 @@ +# Author: Kyle Ruddy +# Product: VMware Cloud on AWS +# Description: VMware Cloud on AWS Firewall Rule Accelerator for PowerCLI +# Requirements: +# - PowerShell 3.x or newer +# - PowerCLI 6.5.4 or newer +# - Use Default IP Addresses +# - Use NSX-V on VMware Cloud on AWS + +#---------- USER VARIABLES ---------------------------------------- + +$oauthToken = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx" +$orgId = 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx' +$sddcId = 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx' + +# ---------- DO NOT MODIFY BELOW THIS ------------------------------ + + +Connect-Vmc -RefreshToken $oauthToken | Out-Null + +$orgSvc = Get-VmcService -Name com.vmware.vmc.orgs + +if ($orgId) { + $org = $orgSvc.List() | where {$_.id -eq $orgId} +} +else {$org = $orgSvc.List()} + +if ($org -eq $null) {Write-Output "No Org Found. Exiting."; break} + +$sddcSvc = Get-VmcService -Name com.vmware.vmc.orgs.sddcs + +if ($sddcId) { + $sddc = $sddcSvc.Get($org.id, $sddcId) +} +else {$sddc = $sddcSvc.List($org.id)} + +if ($sddc -eq $null) {Write-Output "No SDDC Found. Exiting."; break} +elseif ($sddc -is [array]) {Write-Output "Multiple SDDCs Found. Please Specify an SDDC ID. Exiting."; break} + +$edgeSvc = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges +$mgwEdge = ($edgeSvc.Get($org.id,$sddcId,'gatewayServices') | Select-Object -ExpandProperty edge_page).data | where {$_.id -eq 'edge-1'} + +$ipsecSvc = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.ipsec.config +$ipsecVPN = $ipsecSvc.Get($org.id, $sddcId, $mgwEdge.id) + +$localSubnet = $ipsecVPN.sites.sites.local_subnets.subnets +$vpnSubnet = $ipsecVPN.sites.sites.peer_subnets.subnets +$vcMgmtIP = $sddc.resource_config.vc_management_ip +$vcPublicIP = $sddc.resource_config.vc_public_ip +$esxSubnet = $sddc.resource_config.esx_host_subnet +$ipsecVPNname = $ipsecVPN.sites.sites.name + +function Add-VMCFirewallRule { + <# + .NOTES + =========================================================================== + Created by: Kyle Ruddy + Date: 08/22/2018 + Organization: VMware + Blog: https://www.kmruddy.com + Twitter: @kmruddy + =========================================================================== + .SYNOPSIS + Creates a Firewall Rule for a given SDDC + .DESCRIPTION + Creates a Firewall Rule for a given SDDC + .EXAMPLE + Add-VMCFirewallRule -OrgId -sddcId -FwRuleName -SourceIpAddress -DestIpAddress -Service + + #> + param( + [Parameter(Mandatory=$true)] + [String]$OrgId, + [Parameter(Mandatory=$true)] + [String]$SddcId, + [Parameter(Mandatory=$false)] + [ValidateSet('Management Gateway','Compute Gateway')] + [String]$Edge = 'Management Gateway', + [Parameter(Mandatory=$true)] + [String]$FwRuleName, + [Parameter(Mandatory=$false)] + $SourceIpAddress, + [Parameter(Mandatory=$false)] + $DestIpAddress, + [Parameter(Mandatory=$true)] + [ValidateSet('HTTPS','ICMP','SSO','Provisioning','Any','Remote Console')] + [String]$Service, + [Parameter(Mandatory=$false)] + [ValidateSet('accept')] + $FwAction = 'accept' + + ) + + if ($edge -eq 'Management Gateway') {$EdgeId = 'edge-1'} + elseif ($edge -eq 'Compute Gateway') {$EdgeId = 'edge-2'} + else {Write-Output "No Valid Edge Input Found."} + + $fwRuleSvc = Get-VmcService com.vmware.vmc.orgs.sddcs.networks.edges.firewall.config.rules + + $ruleElementSpec = $fwRuleSvc.Help.add.firewall_rules.firewall_rules.Element.Create() + $fwRules = $fwRuleSvc.Help.add.firewall_rules.Create() + $ruleSpec = $fwRuleSvc.Help.add.firewall_rules.firewall_rules.Create() + + # AppSpec + $appSpec = $fwRuleSvc.Help.add.firewall_rules.firewall_rules.Element.application.Create() + # ServiceSpec + $serviceSpec = $fwRuleSvc.Help.add.firewall_rules.firewall_rules.Element.application.service.Element.Create() + + if ($Service -eq 'HTTPS') { + $protocol = 'TCP' + $port = @("443") + } + elseif ($Service -eq 'ICMP') { + $protocol = 'ICMP' + $icmpType = 'any' + + } + elseif ($Service -eq 'SSO') { + $protocol = 'TCP' + $port = @("7444") + } + elseif ($Service -eq 'Provisioning') { + $protocol = 'TCP' + $port = @("902") + } + elseif ($Service -eq 'Any') { + $protocol = 'Any' + $port = $null + } + elseif ($Service -eq 'Remote Console') { + $protocol = 'TCP' + $port = @("903") + } + else {Write-Output "No Protocol Found."; break} + + $serviceSpec.protocol = $protocol + + # Process ICMP Type from JSON + $icmpType = $null + if($protocol -eq 'ICMP') { + $icmpType = 'any' + } + + if ($icmpType) { + $serviceSpec.icmp_type = $icmpType} + if ($port) { + $serviceSpec.port = $port + $serviceSpec.source_port = @("any") + } + + $addSpec = $ruleElementSpec.application.service.Add($serviceSpec) + + + # Create Source Spec + if($SourceIpAddress) { + $srcSpec = $fwRuleSvc.Help.add.firewall_rules.firewall_rules.Element.source.Create() + $srcSpec.exclude = $false + $srcSpec.ip_address = @($SourceIpAddress) + $ruleElementSpec.source = $srcSpec + } + + + # Create Destination Spec + if($DestIpAddress) { + $destSpec = $fwRuleSvc.Help.add.firewall_rules.firewall_rules.Element.destination.Create() + $destSpec.exclude = $false + $destSpec.ip_address = @($DestIpAddress) + $ruleElementSpec.destination = $destSpec + + } + + + $ruleElementSpec.rule_type = "user" + $ruleElementSpec.enabled = $true + $ruleElementSpec.logging_enabled = $false + + $ruleElementSpec.action = $FwAction + $ruleElementSpec.name = $FwRuleName + + # Add the individual FW rule spec into our overall firewall rules array + Write-Output "Creating VMC Firewall Rule: $FwRuleName" + $ruleSpecAdd = $ruleSpec.Add($ruleElementSpec) + + $fwRules.firewall_rules = $ruleSpec + $fwRuleAdd = $fwRuleSvc.add($orgId,$sddcId,$EdgeId,$fwRules) + +} + + +# vCenter (ANY) to VPN +Add-VMCFirewallRule -OrgId $org.Id -sddcId $sddc.id -FwRuleName "vCenter (ANY) to $ipsecVPNname" -SourceIpAddress $vcMgmtIP -DestIpAddress $vpnSubnet -Service 'Any' + +# ESXi (ANY) to VPN +Add-VMCFirewallRule -OrgId $org.Id -sddcId $sddc.id -FwRuleName "ESXi (ANY) to $ipsecVPNname" -SourceIpAddress $esxSubnet,'10.2.16.0/20' -DestIpAddress $vpnSubnet -Service 'Any' + +# VPN to vCenter (HTTPS) +Add-VMCFirewallRule -OrgId $org.Id -sddcId $sddc.id -FwRuleName "$ipsecVPNname to vCenter (HTTPS)" -SourceIpAddress $vpnSubnet -DestIpAddress $vcMgmtIP -Service 'HTTPS' + +# VPN to vCenter (ICMP) +Add-VMCFirewallRule -OrgId $org.Id -sddcId $sddc.id -FwRuleName "$ipsecVPNname to vCenter (ICMP)" -SourceIpAddress $vpnSubnet -DestIpAddress $vcMgmtIP -Service 'ICMP' + +# VPN to ESXi (Provisioning) +Add-VMCFirewallRule -OrgId $org.Id -sddcId $sddc.id -FwRuleName "$ipsecVPNname to ESXi (Provisioning)" -SourceIpAddress $vpnSubnet -DestIpAddress $esxSubnet,'10.2.16.0/20' -Service 'Provisioning' + +# VPN to ESXi (Remove Console) +Add-VMCFirewallRule -OrgId $org.Id -sddcId $sddc.id -FwRuleName "$ipsecVPNname to ESXi (Remote Console)" -SourceIpAddress $vpnSubnet -DestIpAddress $esxSubnet,'10.2.16.0/20' -Service 'Remote Console' + +# VPN to ESXi (ICMP) +Add-VMCFirewallRule -OrgId $org.Id -sddcId $sddc.id -FwRuleName "$ipsecVPNname to ESXi (ICMP)" -SourceIpAddress $vpnSubnet -DestIpAddress $esxSubnet,'10.2.16.0/20' -Service 'ICMP' \ No newline at end of file diff --git a/Scripts/VMware_Cloud_on_AWS/VMWonAWS_InviteUsers.ps1 b/Scripts/VMware_Cloud_on_AWS/VMWonAWS_InviteUsers.ps1 new file mode 100644 index 0000000..59ddb7a --- /dev/null +++ b/Scripts/VMware_Cloud_on_AWS/VMWonAWS_InviteUsers.ps1 @@ -0,0 +1,114 @@ +<# +.SYNOPSIS + Takes email address input in order to create VMware Cloud on AWS invites for the desired Organization +.DESCRIPTION + Script which can be used to automate the process of adding new users to a specified VMware Cloud on AWS Organization +.NOTES + Author: Kyle Ruddy, @kmruddy, kmruddy.com +.PARAMETER newUserEmail + Plain text email address or array of email addresses +.PARAMETER roleName + Desired role name of the new users, default is Organization Member +.EXAMPLE + PS > ./VMWonAWS_InviteUsers.ps1 -newUserEmail 'testuser@vmware.com' +.EXAMPLE + PS > ./VMWonAWS_InviteUsers.ps1 -newUserEmail $arrayOfEmailAddresses +#> +[CmdletBinding(SupportsShouldProcess=$True)] + param ( + + [Parameter (Mandatory = $True, Position=0)] + $newUserEmail, + [Parameter (Mandatory = $False, Position=1)] + [ValidateSet("Organization Member","Organization Owner","Support User")] + [string]$roleName = "Organization Member" + ) + + # Set Static Variables for your environment + $oauthToken = 'xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' + $orgID = 'xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' + + ### DO NOT MODIFY CODE BELOW THIS LINE ### + $inviteReport = @() + $userEmail = @() + + # Email Validation Testing + if ($newUserEmail -is [array]) { + foreach ($email in $newUserEmail) { + try { + $userEmail += [mailAddress]$email | select-object -ExpandProperty Address + } + catch { + Write-Warning "$email is not a valid email address" + } + } + } + else { + try { + $userEmail += [mailAddress]$newUserEmail | select-object -ExpandProperty Address + } + catch { + Write-Warning "$newUserEmail is not a valid email address" + } + } + + if ($userEmail.Count -eq 0) { + Write-Warning "No valid email addresses found." + Break + } + + # Validation and translation of the role name to the role ID + if ($roleName -eq 'Organization Member') { + $orgRoleNames = @("org_member") + } + elseif ($roleName -eq 'Organization Owner') { + $orgRoleNames = @("org_owner") + } + elseif ($roleName -eq 'Support User') { + $orgRoleNames = @("support_user") + } + + # Creating custom objects to start building out the body input + $bodyObj = new-object -TypeName System.Object + $SvcRoleNames = @("vmc-user:full") + $SvcDefinitionLink = '/csp/gateway/slc/api/definitions/external/ybUdoTC05kYFC9ZG560kpsn0I8M_' + $bodyObj | Add-Member -Name 'orgRoleNames' -MemberType Noteproperty -Value $orgRoleNames + $serviceRolesDtos = New-Object -TypeName System.Object + $serviceRolesDtos | Add-Member -Name 'serviceDefinitionLink' -MemberType Noteproperty -Value $SvcDefinitionLink + $serviceRolesDtos | Add-Member -Name 'serviceRoleNames' -MemberType Noteproperty -Value $SvcRoleNames + $bodyObj | Add-Member -Name 'serviceRolesDtos' -MemberType Noteproperty -Value @($serviceRolesDtos) + $bodyObj | Add-Member -Name 'usernames' -MemberType Noteproperty -Value $userEmail + $body = $bodyObj | ConvertTo-Json -Depth 100 + + # Connecting to the REST API service for authentication and then to perform the POST method + $connection = Invoke-WebRequest -Uri "https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize?refresh_token=$oauthToken" -Method Post + $accesskey = ($connection.content | Convertfrom-json).access_token + $inviteUsers = Invoke-WebRequest -Uri "https://console.cloud.vmware.com/csp/gateway/am/api/orgs/$orgID/invitations" -headers @{"csp-auth-token"="$accesskey"} -Method Post -Body $body -ContentType "application/json" + + # Outputting the successful invite which was just created + $orgInviteRefResponse = Invoke-WebRequest -Uri "https://console.cloud.vmware.com/csp/gateway/am/api/orgs/$orgid/invitations" -headers @{"csp-auth-token"="$accessKey"} -Method Get + if ($orgInviteRefResponse) { + $orgInviteRefObject = $orgInviteRefResponse | ConvertFrom-Json + + foreach ($inviteRef in $orgInviteRefObject) { + $link = $inviteRef.refLink + $orgInviteResponse = Invoke-WebRequest -Uri "https://console.cloud.vmware.com$link" -headers @{"csp-auth-token"="$accessKey"} -Method Get + + $orgInviteObject = $orgInviteResponse.content | ConvertFrom-Json + + foreach ($emailInput in $userEmail) { + + if ($orgInviteObject.username -eq $emailInput) { + $i = New-Object System.Object + $i | Add-Member -Type NoteProperty -Name InviteID -Value $orgInviteObject.refLink.Substring($orgInviteObject.refLink.Length - 36) + $i | Add-Member -Type NoteProperty -Name Username -Value $orgInviteObject.username + $i | Add-Member -Type NoteProperty -Name Status -Value $orgInviteObject.status + $i | Add-Member -Type NoteProperty -Name OrgRoles -Value ($orgInviteObject.OrgRoleNames -join ", ") + $i | Add-Member -Type NoteProperty -Name Requester -Value $orgInviteObject.generatedBy + $inviteReport += $i + } + } + } + } + + return $inviteReport \ No newline at end of file diff --git a/Scripts/VMware_Cloud_on_AWS/XRef-VMC-Services.ps1 b/Scripts/VMware_Cloud_on_AWS/XRef-VMC-Services.ps1 new file mode 100644 index 0000000..eb591bb --- /dev/null +++ b/Scripts/VMware_Cloud_on_AWS/XRef-VMC-Services.ps1 @@ -0,0 +1,37 @@ +$refreshToken = 'your-refresh-token' + +$reportPath = '.\VMC-services.xlsx' + +Connect-Vmc -RefreshToken $refreshToken > $null + +$columns = @{} +$services = Get-VmcService | Sort-Object -Property Name +$services | ForEach-Object -Process { + $_.Help | Get-Member -MemberType NoteProperty | where{'Constants','Documentation' -notcontains $_.Name} | + ForEach-Object -Process { + if(-not $columns.ContainsKey($_.Name)){ + $columns.Add($_.Name,'') + } + } +} +$columns = $columns.Keys | Sort-Object +$report = @() +foreach($service in $services){ + $obj = [ordered]@{ + Name = $service.Name + } + $columns | ForEach-Object -Process { + $obj.Add($_,'') + } + + $service.Help | Get-Member -MemberType NoteProperty | where{'Constants','Documentation' -notcontains $_.Name} | + ForEach-Object -Process { +# $obj.Item($_.Name) = "$($service.Help.$($_.Name).Documentation)" + $obj.Item($_.Name) = "X" + } + $report += New-Object PSObject -Property $obj +} +$report | Export-Excel -Path $reportPath -WorksheetName 'Services' -FreezeTopRow -BoldTopRow -AutoSize -Show + +Disconnect-Vmc -Confirm:$false + diff --git a/Scripts/backup-esxi-host-configuration.ps1 b/Scripts/backup-esxi-host-configuration.ps1 new file mode 100644 index 0000000..924ca06 --- /dev/null +++ b/Scripts/backup-esxi-host-configuration.ps1 @@ -0,0 +1,22 @@ +<# +Script name: backup-esxi-host-configuration.ps1 +Created on: 09/10/2018 +Author: Gerasimos Alexiou, @jerrak0s +Description: The purpose of the script is to backup esxi host configuration for restore purposes. +Dependencies: None known + +===Tested Against Environment==== +vSphere Version: 6.5 U2 +PowerCLI Version: PowerCLI 10.1.1 +PowerShell Version: 5.1 +OS Version: Windows 10 +Keyword: Backup Configuration ESXi Host +#> + + +$serverIp = Read-Host 'What is the server ip address:' +$path = Read-Host 'Give path where backup configuration will be stored:' +$serverPass = Read-Host 'What is the server root password:' -AsSecureString +Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$false +Connect-VIServer serverip -user "root" -password $serverPass +Get-VMHostFirmware -vmhost serverip -BackupConfiguration -DestinationPath $path \ No newline at end of file