AUTOMATE VSHIELD APPLIANCE DEPLOYMENT

I have been working towards some automation and this is what I have got done for now.

This is a powershell script which uses powercli modules and also the vShield REST API to configure the appliance after its deployed.

The script also uses the latest PowerCli 5.8 Release 1 – the Get-ovfconfiguration is key to deploying your appliances and ensuring they come up ip’d.

The script comes with a config.xml where you input all the parameters and then execute the script. You can also extend this by programmatically generating the config.xml file and executing the script.

The read me for the file is here. You can get my script at my github repo!

Alternatively you have it below as well, but I highly recommend reading the entire info at my github.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
#******************************************************************
#******************************************************************
#**Special thanks to Alan for guidance and fixing the ovf config!**
#**Author: RJ Singh                                              **
#**Version: v1.0                                                 **
#**Date: 09/21/2014                                              **
#**Licensing: MIT License Zero Liability Open Source             **
#**Contact: [email protected]                                 **
#**Website: www.rjapproves.com                                   **
#******************************************************************
#******************************************************************
#Making sure snapin is in place
Add-PSSnapin Vmware.vimautomation.core
 
#Read the XML file and get the content
$xml = [XML](Get-Content config.xml)
 
#Populate the variables from the XML
 
$vsmovalocation = $xml.MasterConfig.config.vsmovalocation
$VMnetwork = $xml.Masterconfig.config.MgmtNetwork
$ClusterName = $xml.Masterconfig.config.ClusterName
$pmpassword = $xml.Masterconfig.config.pmpassword
$userpassword = $xml.Masterconfig.config.userpassword
$vAppName = $xml.Masterconfig.config.vAppName
$vsmip = $xml.Masterconfig.config.vsmip
$vsmnetmask = $xml.Masterconfig.config.vsmnetmask 
$vsmgateway = $xml.Masterconfig.config.vsmgateway
$vsmhostname = $xml.Masterconfig.config.vsmhostname
$vsmvCenteruser = $xml.Masterconfig.config.vsmvCenteruser
$vsmvCenterpass = $xml.Masterconfig.config.vsmvCenterpass
$primaryDns1 = $xml.Masterconfig.config.primarydns
$secondaryDns1 = $xml.Masterconfig.config.secondarydns
$timeserverinfo = $xml.Masterconfig.config.timeserverinfo
 
$vcenter = $xml.Masterconfig.vcenterconfig.vcenter
$vcenteruser = $xml.Masterconfig.vcenterconfig.vcusername
$vcenterpassword = $xml.Masterconfig.vcenterconfig.vcpassword
 
#Ignore selfsigned cert
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
 
#Connect to the vcenter where vShield Manager will be deployed
Write-host "Connecting to vcenter..."
connect-viserver -server $vcenter -protocol https -username $vcenteruser -password $vcenterpassword | Out-Null
 
#DNS Function to set dns in vshield
Function Set-vShieldDNS ($primaryDns, $secondaryDns) {
    $Body = @"
 
 
$($primaryDns)
$($secondaryDns)
 
 
"@
    Calling-rest -URL "https://${vsmip}/api/2.0/global/config" -Body $Body
}
 
#Function to Configure vShield Appliance
Function Set-vShieldConfiguration ($vCenter, $Username, $Password, $timeserver) {
    $Body = @"
 
 
https://${vCenter}:7444/lookupservice/sdk
${Username}
${Password}
 
 
${vCenter}
${Username}
${Password}
 
 
${timeserver}
 
 
"@
   Calling-rest -URL "https://${vsmip}/api/2.0/global/config" -Body $Body
}
 
#Function to call Restful API - leaving the default password as admin/default with the key being passed in headers
 
Function Calling-rest($URL,$Body) {
 
$headers = @{"Content-Type"="application/xml";"Authorization"="Basic YWRtaW46ZGVmYXVsdA=="}
try {Invoke-RestMethod -Headers $headers -Uri $URL -Body $Body -Method Post } 
            catch { $result = $_.Exception.Response.GetResponseStream()
                    $reader = New-Object System.IO.StreamReader($result)
                    $responseBody = $reader.ReadToEnd();
                    write-host $responseBody }
 } 
 
#Identify the right cluster and host to deploy vShield Manager vApp
$VMhost = Get-Cluster $ClusterName | Get-VMHost | Sort MemoryGB | Select -first 1
$datastore = $VMhost | Get-Datastore | Sort FreeSpaceGB -Descending | Select -first 1
$Network = Get-VirtualPortgroup -Name $VMnetwork -VMHost $VMhost
 
#Load the ovf specific configuration in the $ovfconfig file
$ovffile = $vsmovalocation  
$ovfconfig = Get-OvfConfiguration $ovffile  
 
#Populate the members properties of the ovf file.
$ovfconfig.common.vsm_cli_en_passwd_0.Value = $pmpassword
$ovfconfig.common.vsm_cli_passwd_0.Value = $userpassword
$ovfconfig.NetworkMapping.vsmgmt.Value = $VMnetwork
 
#Importing the vapp now and setting it to thin disk
Write-host "Importing vApp..."
Import-vapp -Source $ovffile -OVFConfiguration $ovfconfig -Name $vAppName -VMHost $VMhost -Datastore $datastore -Diskstorageformat thin
 
#Set the IP details for the vShield Manager vm -- Thank you Alan!
$key = "machine.id"  
$value = "ip_0={0}&gateway_0={1}&computerName={2}&netmask_0={3}&markerid=1&reconfigToken=1" -f $vsmip, $vsmgateway, $vsmhostname, $vsmnetmask  
 
#Adding the above key/value as an advanced setting to the vm
New-AdvancedSetting -Entity (Get-VM -Name $vAppName) -name $key -value $value -Confirm:$false
 
#Power on the vm
Write-Host "Powering on vShield vm..."
Start-vm $vAppName
Write-Host "Waiting for vmtools to be loaded..."
Sleep 300
 
#Set DNS configuration first
Write-Host "Configuring vShield DNS first..."
Set-vShieldDNS -primaryDns $primaryDns1 -secondaryDns $secondaryDns1
 
#Waiting for 30 seconds
sleep 30
Write-Host "Configuring vShield now.."
Set-vShieldConfiguration -vCenter $vcenter -Username $vsmvCenteruser -Password $vsmvCenterpass -timeserver $timeserverinfo

Leave a Reply

Your email address will not be published. Required fields are marked *

Post Navigation