Friday, July 31, 2015

Increment those IP addresses

Have you ever wanted to perform a certain kind of action on a range of ip addresses using powercli or powershell? Well, I have.
for ex:
foreach ($host in $hosts) {scriptblock}
and here I only have the 1st ip of the hosts and the rest should auto increment.
Well thanks to Lucd (If you have ever seen anyone answering all the powercli queries on vmware communities) we have it now.
#let's get the 1st ip address
$host1 = Read-Host "type the 1st ip address"

#Then let us have the number of ip addresses that you want
$max = Read-Host "Maximum nubmer of ip addresses?"

#now split that ip address and retain the 1st 3 octets which will be fixed
$fixed = $host1.Split('.')[0..2]

#now let us have the last octet of the host's ip address
$last = [int]($host1.Split('.')[3])

#let us subtract 1 from the maximum number of IPs that we want since it counts from 0
$max_hosts = $max - 1

#now let us increment the $last octet with a +1 till we get $max_hosts of ip addresses
$hosts =
$last..($last + $max_hosts) | %{
    [string]::Join('.',$fixed) + "." + $_
}

#now let us print the results to the screen
$hosts

Get this IPincrementer on github.

Powershell guest OS report

So if you are someone who needs to audit the VMs that you deploy then you might want to look into something like this.
Let us say you want to check the report of cpu, memory on your guest VMs.
$cpuinfo = gwmi -Class Win32_Processor
$cpu = $cpuino | Select-Object Caption, NumberOfCores, NumberOfLogicalProcessors, DeviceID, Manufacturer, MaxClockSpeed, SocketDesignation
$cpu
then you get


Well I do not like that long NumberOfCores and NumberOfLogicalProcessors and I want that header to be replaced with something else. Here it is

$cpuinfo = gwmi -Class Win32_Processor
$cpu = $cpuinfo | Select-Object Caption, @{Name="Core";Expression={$_.NumberOfCores}}, @{Name="Total Threads";Expression={$_.NumberOfLogicalProcessors}}, DeviceID, Manufacturer, MaxClockSpeed, SocketDesignation
 

Well, If you want an html report out of it then you can just check out winOSreport at my github page.
 

Unable to add standalone host - Already exists

So here were few hosts whose IP addresses were messed up that what it was in the host file (or in your case it might be DNS) and i corrected them via vCLI. After that i tried to add them but it was always throwing this error saying the ip already exists even though i was trying to add it using the hostname.
Then i just checked the vCenter server database---->Table---->dbo.vpx.host.  ---Right click and select 1000 rows and there they were, the ip address, the hostname. These are not in the vcenter anymore but they are in the vcenter server database.
I wanted to delete these entries here and then try to re add but my colleague ravi suggested an alternative.
I cleaned off the hostfile for these 2 clusters where these hosts (in maintenance mode) were there and then remove the clusters in which these hosts were supposed to be there. Automagically the stale entries in the database were gone. Now I was able to peacefully add the hosts back to the vcenter and the clusters in which they reside.
you might have to remove the entries for these hosts in the DNS and then do the same to get around it.

Tuesday, July 28, 2015

Shutown EMC XIO with your vmware properly

So if you have an XIO app deployed in your VMware environment then i have a thought for you. Usually the proper way of shutting it down is how the man himself david ring informs here in this nice blog here
# stop-cluster-unorderly
now you wait and then

# shutdown-xms shutdown-type=machine
now the xms is shutdown.

# shutdown -h now
this will shut down. you may also use init 0.

However it is not always true because you might forget to do so and just power it off or your junior might do that.
The best way that i can think of is create an alias for shutdown commands in your XIO.
create the following aliases in the .bashrc
alias proper_init0='init o'
alias proper_shutdown='shutdown -h now'
alias proper_reboot='shutdown -r now'
you may also use the following to do the same which is even better
http://unix.stackexchange.com/questions/48973/execute-a-command-before-shutdown
This will make sure every time you shut it down you shut it down right.

Sunday, July 26, 2015

Cisco IMC (CIMC) reporting

If you have some cisco servers and wanted to generate a report every now and then i think this is going to help you a bit.
We want to generate an html report since i personally don't like excel since the final excel can be edited to modify the report that what it actually is but an html can't be.
Thanks to @thesurlyadm1n for the header.

#style, table and some background color
$a = "<style>"
$a = $a + "BODY{background-color:DarkGray;}"
$a = $a + "TABLE{border-width: 5px;border-style: solid;border-color: Purple;border-collapse: collapse;}"
$a = $a + "TH{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:LightSeaGreen}"
$a = $a + "TD{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:WhiteSmoke}"
$a = $a + "</style>"

After this we want to decide where we want to store the file
#define file path
$path = "C:\"

Let us start by connecting to CIMC

#connect to cimc
Connect-Imc

for our case here I just want to use only few options

#Network
$network = Get-ImcMgmtIf
$nw = $network | Select-Object DdnsDomain, DnsPreferred, DnsAlternate, DnsUsingDhcp, Mac, NicMode, NicRedundancy  | ConvertTo-HTML -Fragment -PreContent '<p4> <font face="Algerian" size="9" color="navy"><p align="center"><u><b>CISCO IMC[CIMC] AUDIT REPORT</b></u></font> </p4><p>      </p> <p3> <font color="#1A1B1C"><b>NETWORK<b></font> </p3>' | Out-String

So from the above lines you can make out that i am running the Get-ImcMgmtIf command and selecting only the following values DdnsDomain, DnsPreferred, DnsAlternate, DnsUsingDhcp, Mac, NicMode, NicRedundancy and then converting that to an html fragmet. After doing that I am putting 2 lines before (that is why the precontent command) this fragmet of the html by using the precontent command. Then some cosmetic stuff like font, color etc., Heading (title of the report) one says "CISCO IMC[CIMC] AUDIT REPORT" and the sub heading says NETWORK

Here afterwards I only need one heading per fragment of html like the following.

#syslog
$syslog = Get-ImcSyslogClient
$sys = $syslog | Select-Object AdminState, Hostname, Port | ConvertTo-HTML -Fragment -PreContent '<p>      </p></p> <p3> <font color="#1A1B1C"><b>SYSLOG<b></font> </p3>' | Out-String

Now don't we want to add all these fragments into an html file?
"Yes we do".
#merge all fragments into one html
ConvertTo-HTML -head $a -body "$nw $sys" | Out-File $path\cimc.html

Now you can also use a lot of other things too in this report. Just connect to cimc and run the following few commands and see which values of that command do you want in your report and then include them in your html fragment using the select-object command.
Get-ImcNtpServer, Get-ImcSnmp, Get-ImcSsh etc.,
Here is a sample screencapture.


You can find a sample CIMCaudit here on github.



Tuesday, July 21, 2015

Shutting down hosts in maintenance mode the Power(ful)cli way with reason

So, how often those of you in the field doing implementation have to reboot production hosts or hosts in maintenance mode ? well very often. It is also painful to each time
right click on the host and hit shutdown
or
select all hosts and shutdown
then enter the reason for each host's shutdown on each host
hit confirm (yes) for each host.
Imagine doing this for 100 hosts.
Trust me I wouldn't want to do that.
So here I came up with this tiny script called EsxiPower to get those hosts either poweroff or reboot. Hopefully it helps a lot of you.


Monday, July 20, 2015

Get that damn ipv6 disabled if you are not using it on ESXi

So if you are someone who build data centers and very often have to disable ipv6 as a security measure since you are not using them. Well the problem is after you do that you have to reboot these suckers, otherwise they won't be seen as ipv6 disabled in whatever report that you are using. If you are one of those lucky fellas using scripted auto install then just throw this line in the kickstart file and it will save you a lot of hassle, otherwise you have to
disable ipv6 on each host
exit maintenance mode
hit reboot
enter the reason for reboot
reboot
enter the host in maintenance mode.
Too much work if you ask me for a lazy sheep like me. So here you go. This is the magic line
esxcli system module parameters set -m tcpip4 -p ipv6=0
Thanks william lam. you are really something.

Let that vCenter password expire

So you all know it is good for your vcenter password to expire every now and then (a regular interval of course) but you want to make sure it does since keeping the same password forever is a security threat.
here is a tiny way to make sure of that.
Set the value to 30 days for the vcenter password to expire
Get-AdvancedSetting -Entity $vcenter -Name vCenterVirtualCenter.VimPasswordExpirationInDays |  Set-AdvancedSetting -Value "30"
now let us make sure it is done by doing
Get-AdvancedSetting -Entity $vcenter -Name vCenterVirtualCenter.VimPasswordExpirationInDays

Verify mob on your esxi hosts.

Here is few things you need to know about mob.
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1016039
In many environments disabling mob is one of the many security hardening that they do. A while ago i made a nifty powershell script which creates a shell script inside each esxi to disable mod and deletes that shell script. What is the need of doing something if you don't have a way of verifying the same ? I am attempting to create a script which can do the same and here is my 1st failed attempt. It will tell you whether the mob is disabled or  not but not the way i intended but for the time being this has to do. check out the mobdisabler script here. https://github.com/gajuambi/vmware

Wednesday, July 1, 2015

Your daily vmware datacenter needs in one script

Dont tell me syslog, snmp, ntp aren't your some daily or atleast weekly needs for a datacenter.
I myself have come across situations where i just had to apply ntp to all the hosts or just the syslog and not everything else. some times new VMs got deployed and i had to do security hardening for those VMs and didnt want to maintain a separate script for each task. If my logic here works then i am planning to add many more such tasks and use a menu to choose which task i wanna do instead of running an entire script for all the tasks to do just one taks because i am too lazy to cut out that one task as a script or maintain separate scripts for each task.
So here you go and feast on the VIsettings script (mind you it is still in testing phase)
get all my such silly stuff here at https://github.com/gajuambi/vmware

automating addition of many luns to many hosts of many clusters

We frequently had to add data luns to our vblocks per cluster and some times they use to be in 10s and even more. Imaging you doing this to 350 hosts of a vcenter with many clusters.
Won't it take a day? Nope it will take dayS.
So once again like lazy person i am i wanted the sweet powershell/powercli to do it for me. I have a concept script which i still need to test (but i think it will work thought) is here for your review. Lemme know if you can add value to it or suggest improvements.
I have tried to keep it as simple as a dimple.
Here you have it. AddLun[beta] at github.