The vGoodie-bag

Nested or Native

Should you buy dedicated hardware or a OP workstation for you next testing environment. If you are not sharing it with others, this might be useful for you.

History

For many years now VMware Workstation has been my secret weapon an daily tool for just about everything in regards to customer remote connections, test environments as so on.

Recently I needed to do some advanced testing with NSX-V and NSX-T. This required a lot more power than what I normally use so I needed to upgrade my testing platform.

The consideration is always with these things. How much are you going to invest, and what are the benefits. For a long time I have been considering buying 4 Intel NUC PC’s for doing these tests, but the problem is that to get a real setup that is flexible you need to invest a lot. Also it is not very flexible as you need to maintain them, and reinstall them everytime you need to play with a newer or older version.

PowerCLI: TPM Encryption Recovery Key Backup

From vSphere 7.0 Update 2 and onwards VMware encurage you to make a backup of your host encryptions keys, when you are using TPM. https://kb.vmware.com/s/article/81661

Here is a script that will make it easy for you if you cannot be bothered with logging in to each host using SSH.

The script will list all hosts and their keys for safe keeping.

Import-Module VMware.PowerCLI
Connect-VIServer <vCenter>

$VMHosts = get-vmhost | Sort-Object

foreach ($VMHost in $VMHosts) {
    $esxcli = Get-EsxCli -VMHost $VMHost
    try {
        $key = $esxcli.system.settings.encryption.recovery.list()
        Write-Host "$VMHost;$($key.RecoveryID);$($key.Key)"
    }

    catch {
        
    }
}

Python: Get Snapshot information

This is a cutout from some code I wrote. This is not tested in its current form, and only published as inspiration on how to get access to snapshot information using the vSphere API for python

PowerCLI: Migrate DRS VM Group Members

When ever you need to migrate to from one vCenter instance to another there are lots of things you need to migrate.

This PowerCLI script will help you migrate members from one DRS VM group to another. It can easily be modified to be part of a bigger context, or migrate all groups available.

Prerequisites

The prerequisites are that you have both the new and the old vCenter running, and that you have disconnected you hosts in the old vCenter and connected them to the new one. Do NOT remove them from you old vCenter. Leave them disconnected.

VMware HA Cluster: Set-Advanced HA Settings

Recently a adjustment was made to the vCenter Cluster HA Agent timeout Settings.

Ref: https://kb.vmware.com/s/article/2017778

Performing a Reconfigure for VMware HA operation on a primary node causes an unexpected virtual machine failover

This calles for at script, because there is no way we are going to do this by hand! Feel free to use or alter the script, just remember. It is all done at your own risk.

Control OpenSLP on ESXi hosts using PowerCLI

I light of recent security vulnerabilities found in the OpenSLP service on ESXi. A recommended workaround is to disable the OpenSLP service all together.

Vulnerability information: https://www.vmware.com/security/advisories/VMSA-2021-0002.html

Workaround KB: https://kb.vmware.com/s/article/82374

This powershell script will help you control the OpenSLP service.

Devices that are only supported in 6.7

Back in 2017 VMware changed their policy on VMKlinux Inbox Drivers. This has now come into effect from vSphere 7.0 and onwards.

Unfortunately this means that some otherwise supported hardware platforms, now are having support issue. And you might see the following error in vCenter Skyline Health:

Devices that are only supported in 6.7 or earlier by a VMKlinux inbox driver. This support has been removed in 7.0

This is the case for many Lenovo SR650 servers if they are booting from a SD card, as many will be configured with the Lewisburg SATA AHCI Controller.

PowerCli Script: Migrate host from missing dvSwitch to new dvSwitch with same Id’s

The purpose of this script is to migrate from one vCenter to another when using dvSwitches. The dvSwitch is bound to vCenter, so in order to migrate hosts from one vCenter to another you can map the networks using this script. All you need to do is disconnect the host from the original vCenter with the VMs still running, but not remove it. Then you connect it to the new vCenter.

PowerCLI Script: Check if you have VMs with USB contollers

I light of many serious vulnerabilities in vSphere ESXi revolve around the USB controller, here is a script that will list the virtual machines that have an USB controller attached.

Requirements:

You need to have the VMware.PowerCLI module installed. This can be done with the commands:

Migrate Tags from one vCenter to another

When upgrading to vSphere 7 or any other version, you might choose to create a brand new vCenter instead of migrating the old one. But what about folder structure, tags, distributed switches and so on.

Here I will demonstrate how you can easily migrate your tags from one vCenter to another using VMware PowerCLI.