vSphere virtual machine checks

Posted on February 14, 2013 by brian.wuchner

I’ve recently posted a series of vSphere checks based on PowerCLI. The following couple of checks apply to virtual machines.

The following check looks for virtual machines where the ‘toolsUpgradePolicy’ is set to manual. I like to change this value to ‘upgradeAtPowerCycle’ which causes virtual machines (which are already running tools) to check for an update tools automatically at reboot.


Get-View -ViewType VirtualMachine -Property Name, "Config.Tools.toolsUpgradePolicy","Guest.ToolsVersionStatus" -Filter @{"Config.Tools.toolsUpgradePolicy"="manual"} | 
Select Name, @{N="Tools Status";E={$_.Guest.ToolsVersionStatus}},@{N="Upgrade Policy";E={$_.Config.Tools.toolsUpgradePolicy}} |
Sort Name

The following check is one that has caused some discussion with my peers. I can’t find a specific KB article that references this issue, but rumor has it that a Windows virtual machine on a port group with 10GbE uplinks requires a minimum of 1GB of RAM to provide heap space for the network card driver in the guest. To keep this script simple, it simply checks for the fastest link speed uplink on a host, and if greater than 10,000 verifies that all of the virtual machines have at least 1GB of RAM. Since this is rumor I can’t prove that the issue exists — or only exists for Windows guests — all virtual machines on hosts that have 10Gbps uplinks appear on this report. If you have any proof on this issue, or just want to throw in your two cents, please feel free to leave a comment.


$vmLessThan1GB = @()
Get-View -ViewType HostSystem -Property Name, "Config.Network.Pnic" | %{
	$thisHost = $_
	$thisHostMaxSpeed = ($_.config.network.pnic | Select @{Name="SpeedMB"; Exp={ $_.LinkSpeed.SpeedMb } } | sort SpeedMB -Descending | Select -First 1).SpeedMB
	if ($thisHostMaxSpeed -ge 10000) {
		
		$vmLessThan1GB += Get-View -ViewType virtualmachine -Property Name, "Config.Hardware.MemoryMB", "Runtime.Host.Value" -Filter @{"Runtime.Host"="^$($thisHost.MoRef.Value)$"} | 
			?{$_.Config.Hardware.MemoryMB -lt 1024} | 
			Select Name, @{N="VM RAM (MB)";E={$_.Config.Hardware.MemoryMB}}, @{N="VM Host Name";E={$thisHost.Name}}, @{N="Max NIC Speed";E={$thisHostMaxSpeed}}
	}
}
$vmLessThan1GB | Sort Name
Posted in Scripting, Virtualization | Leave a comment

Quick vSphere Cluster BIOS check

Posted on February 13, 2013 by brian.wuchner

The following check will compare the BIOS versions of the ESX hosts in a cluster and verify they are all at a consistent level.

The check makes use of a $Clusters variable, which can be created using the following line of code:

$clusters = Get-Cluster

This check will look for inconsistent BIOS versions between hosts in a vSphere cluster. 


$misMatchBios = @()
$Clusters | select Name, ID | %{
	$thisClusterName = $_.Name
	$thisClusterBIOS = Get-View -ViewType HostSystem -SearchRoot $_.id -Property Name, "Hardware.BiosInfo" | Select Name,@{N="Cluster Name";E={$thisClusterName}},@{N="BIOS version";E={$_.Hardware.BiosInfo.BiosVersion}}, @{N="BIOS date";E={$_.Hardware.BiosInfo.releaseDate}}
	$thisClusterBiosGroup = $thisClusterBIOS | Group-Object -Property "BIOS Version"

	if ( ($thisClusterBiosGroup | Measure-Object).Count -gt 1 ) { $misMatchBios += ( $thisClusterBIOS | Sort Name )	}
}
$misMatchBios
Posted in Scripting, Virtualization | Leave a comment

Network related vSphere checks

Posted on February 12, 2013 by brian.wuchner

The following two sections of code can be ran independently or used in conjunction with Alan Renouf’s vCheck script. They return network specific issues that could happen in a vSphere environment.

The first check makes use of a $clusters variable, which can be created using the following line of code:

$Clusters = Get-Cluster

The following section will report on any port groups that do not exist on all hosts in a cluster. This is a fairly common issue with standard vSwitches, but is typically resolved by using Distributed vSwitches (for the Enterprise Plus users).


$networkListHT = @{}
Get-View -ViewType Network -Property Name | %{ $networkListHT.Add($_.MoRef.value,$_.Name) }

$portGroupCheck = @()
$Clusters | Select Name, ID | %{
	$thisClusterName = $_.Name
	$thisClusterHosts = Get-View -ViewType HostSystem -SearchRoot $_.id -Property Name, Network

	$thisClusterNetworks = @()
	$thisClusterHosts | %{
		$thisHost = $_.Name
		$_.Network | %{ $thisClusterNetworks += New-Object psobject -Property @{ "Port Group"=$networkListHT[$_.Value]; Host=$thisHost; Cluster=$thisClusterName} }
	}

	$portGroupCheck += ($thisClusterNetworks | Group-Object -Property "Port Group" | ?{$_.Count -lt $thisClusterHosts.count} | Select -ExpandProperty Group | Sort Host )
}

$portGroupCheck

The following one liner will show any port group that does not have virtual machines. This could be a new network that simply doesn’t have VMs yet, or an old network that is no longer required.


Get-View -ViewType Network -Property Name, VM, Host |?{@($_.VM).Count -eq 0} | Select Name, @{Name="Host Count"; Expression={@($_.Host).Count}} | Sort Name
Posted in Scripting, Virtualization | Leave a comment

General vSphere Cluster counts/averages

Posted on February 11, 2013 by brian.wuchner

A year or so ago, I had added some generic sections to Alan Renouf’s vCheck 5 script, which I was using to report on several environments that I managed. A few months ago, Alan released a new version of vCheck 6. I decided to re-write a couple of these checks into the new format. The new version of these checks are much more efficient than my previous versions, so I thought I would share them here.

Both checks make use of a $clusters variable, which can be created using the following line of code:

$clusters = Get-Cluster

This check will report on the average number of vCPUs per virtual machine and the average number of vCPUs per physical core.


$CpuClusterRatio = @()
$Clusters | select Name, ID | %{
	$thisClusterHost = Get-View -ViewType HostSystem -SearchRoot $_.id -property "Hardware.CpuInfo.NumCpuCores" | Select @{Name="NumCPU";Expression={$_.Hardware.CpuInfo.NumCpuCores}} |  Measure-Object -Property NumCPU -sum
	$thisClusterVM = Get-View -ViewType VirtualMachine -SearchRoot $_.id -property "Summary.Config" | Select @{Name="NumCPU";Expression={$_.Summary.Config.NumCPU}} |  Measure-Object -Property NumCPU -sum
	
	if ($thisClusterHost.Sum -gt 0) { $thisvCpuPerCore = ([math]::round(( $thisClusterVM.Sum / $thisClusterHost.Sum ), 2)) } else { $thisvCpuPerCore = 0 }
	if ($thisClusterVM.Count -gt 0) { $thisvCpuPerVM = ([math]::round(( $thisClusterVM.Sum / $thisClusterVM.Count ), 2)) } else { $thisvCpuPerVM = 0 }
	
	$CpuClusterRatio += New-Object psobject -Property @{
		Name = $_.Name
		NumHosts = $thisClusterHost.Count
		Cores = $thisClusterHost.Sum
		Guests = $thisClusterVM.Count
		"vCPU Count" = $thisClusterVM.Sum
		"vCPU per VM" = $thisvCpuPerVM
		"vCPU per Core" = $thisvCpuPerCore
	}
}

$CpuClusterRatio | select Name, NumHosts, Cores, Guests, "vCPU Count", "vCPU per VM", "vCPU per Core" | sort Name

This check will report on the average amount of RAM per virtual machine and the percentage of physical RAM allocated to all virtual machines.


$RamClusterRatio = @()
$Clusters | select Name, ID | %{
	$thisClusterHost = Get-View -ViewType HostSystem -SearchRoot $_.id -property "Hardware.MemorySize" | Select @{Name="RamSize";Expression={$_.Hardware.MemorySize/1GB}} |  Measure-Object -Property RamSize -sum
	$thisClusterVM = Get-View -ViewType VirtualMachine -SearchRoot $_.id -property "Summary.Config" | Select @{Name="RamSize";Expression={$_.Summary.Config.MemorySizeMB / 1024}} |  Measure-Object -Property RamSize -sum
	
	if ($thisClusterVM.count -gt 0) { $avgRamPerVM = ([math]::round(( $thisClusterVM.Sum / $thisClusterVM.Count ), 2)) } else { $avgRamPerVM = 0 }
	if ($thisClusterHost.sum -gt 0) { $allocatedRam = ([math]::round(( $thisClusterVM.Sum / $thisClusterHost.Sum ) * 100, 2)) } else { $allocatedRam = 0 }
	
	$RamClusterRatio += New-Object psobject -Property @{
		Name = $_.Name
		NumHosts = $thisClusterHost.Count
		"Cluster RAM (GB)" = [Math]::Round($thisClusterHost.Sum,0)
		Guests = $thisClusterVM.Count
		"Guest RAM (GB)" = [Math]::Round($thisClusterVM.Sum,2)
		"Avg RAM per VM" = $avgRamPerVM
		"Allocated RAM %" = $allocatedRam
	}
}

$RamClusterRatio | select Name, NumHosts, "Cluster RAM (GB)", Guests, "Guest RAM (GB)", "Avg RAM per VM", "Allocated RAM %" | sort Name

I hope someone can find a use for either of these scripts.

Posted in Scripting, Virtualization | Leave a comment

VMware Support Assistant SSL

Posted on January 27, 2013 by brian.wuchner

VMware recently released a new product call vCenter Support Assistant. This virtual appliance places an icon in the vCenter ‘Solutions and Applications’ area where you can contact support, open SRs and upload support bundles. You can view the entire product overview and access the download link from here: http://www.vmware.com/products/datacenter-virtualization/vcenter-support-assistant/overview.html.

This appliance provides a web server that serves up the ‘solution’ as well as the icon that appears in vCenter. Due to this, opening the vCenter client will load the initial icon and give you an SSL warning. The FAQ shows how this generic certificate can be installed on your workstation to prevent this popup, however I prefer to replace the SSL certificate with one signed by a trusted CA. Here are the steps to complete this procedure.

cd /support-assistant/keystore/

cp support_assistant support_assistant_BU

/usr/java/jre-vmware/bin/keytool -genkey -keyalg RSA -keysize 2048 -alias support_assistant -keystore support_assistant -storepass "SPH123oneAssist123@" -validity 3650 -dname "CN=support-assistant.bwuch.local,OU=My Department,O=My Company,L=City,ST=State,C=XX,emailAddress=vmware-admin@bwuch.local"

/usr/java/jre-vmware/bin/keytool -certreq -alias support_assistant -keystore support_assistant -file jetty.csr -storepass "SPH123oneAssist123@"

This will create a jetty.csr file. You’ll want to display the contents of that file (cat jetty.csr). Copy the contents of jetty.csr to the certificate request. Then download the base64 encoded chain file, open it in notepad. Back on the appliance use a text editor like vi to create a new jetty.crt file. Paste the contents of the P7B file to jetty.crt.

Run the following command to import the CA signed certificate into the keystore:

/usr/java/jre-vmware/bin/keytool -keystore support_assistant -import -alias support_assistant -file jetty.crt -trustcacerts -storepass "SPH123oneAssist123@"

Answer ‘yes’ if prompted to trust the certificate. You can either restart the service or reboot the server to read in the new certificate.

After the above process, open a web browser and access the management interface (the above example would be https://support-assistant.bwuch.local/). You should not receive any SSL warnings. Go ahead and register the vCenter Support Assistant into your vCenter. You may notice that when you open the vCenter client you’ll get an SSL warning. This is because the plugin has registered by IP address in your vCenter. You can fix this up with a few short lines of PowerCLI:


$exMgr = Get-View ExtensionManager
$sa = $exMgr.ExtensionList | ?{$_.key -eq 'com.vmware.supportassistant'}
$sa.Server[0].Url = "https://support-assistant.bwuch.local/plugin-config.xml"
$exMgr.UpdateExtension($sa)

Close out of the vCenter client and verify, but you shouldn’t get any more SSL warnings due to the Support Assistant.

Posted in Virtualization | 2 Comments