Backup VDS PowerCLI Script

I started doing all my VDS (Virtual Distributed Switch) backups manually which isn’t too hard. But you can do better with a Backup VDS script.  Even if you don’t realize it now, you will want to automate as much as possible.  Here is how I automated VDS backups. Starting with a powercli script from VCDX56 I made sure that I understood how it worked and modified it to fit my environment. 

Backup VDS PowerCLI Script Modification

You can edit your Backup VDS PowerCLI script to fit your needs. My modification started with a few variables which are automatically incorporated into the naming of the backup files.  To keep several versions of the backup files I added the date into the file naming as well. This really helps keep the vds backup files organized by name and date.  You will need a vCenter connection in the script.  If you want to utilize mine called Get-vCenter (It is very handy in a multi-vCenter environment) please feel free.

Backup VDS Code

For complete automation create a static array for all your vCenters and loop them. Then you nest this script in another loop.  Utilize Task Scheduler on a Windows computer to call the script on a schedule.  Then you have automated backups of all your VDS switches.

Caution: Like all code you download from the internet, please understand and modify the code accordingly to prevent unforeseen production problems.  Also known as career-altering events. 

 For this script the main command is Export-VDSwitch. I like to familiarize myself with any PowerCLI commands I am running in my environment.  The quickest way to get help and examples is to run from a Powershell prompt the command ‘help verb-noun -showwindow’.  In this case it would be help Export-VDSwitch -showwindow.

vCenter Server 6.7.0a Resolved Issues

Resolved Issues vCenter 6.7.0a

It is a good time to start planning your next upgrade so here are the highlights of all the Resolved Issues in 6.7.0a

Resolved Installation and Upgrade Issues

  • Upgrade to vCenter Server 6.7 might fail with an error 
  • The GUI installer might display one and the same error message caused by firstboot failures during stage 2 of the vCenter Server Appliance upgrade
  • Installation or upgrade to vCenter Server 6.7 might fail with an error “Failed to register Auto Deploy” during firstboot

Resolved vSphere Web Client and vSphere Client Issues

  • The vSphere Web Client might stop responding when you try to log in
  • You might not be able to disable the deduplication or encryption features by using the Allow Reduced Redundancy option in the Configure vSAN wizard in the vSphere Client
  • In a deployment without Internet connection, the VMware vSAN health service might alert that the Hardware Compatibility List (HCL) database is out of date

For more information including patches and isos for 6.7.0a please click the source link or picture below.

Source: VMware vCenter Server 6.7.0a Release Notes

Planning

Cross SSO vMotion Between vCenters

This week I am sharing a very helpful PowerCLI script to vMotion a vm from one SSO domain to another SSO domain.  I shamelessly borrowed this script from Romain Decker’s site Cloud Maniac. The original script was very good and functioned well.  I just took it a step further and added some functions to customize it for our environment.  These functions are:  Get-SourcevCenter, Get-DestvCenter, Ask-VMNameForMigration, Ask-DCForMigration, Ask-ClusterForMigration, Choose-StorageForVMMigration.  The names of each function should explain their use.   Essentially you will need to edit the script to customize some of these functions for your environment. 

I have used it dozens of times and it works flawlessly with one exception.  If your EVC modes don’t quite match between vCenters there may be some vms that cannot be vMotioned while powered on.  Just arrange for a downtime and try again with the vm powered off.  It will work well.  This sure beats downloading a vm to your desktop and then uploading it to the new vCenter environment.  If you need any explanation or help with modifying this code to fit your environment please feel free to comment.

( If you like this please check out some of my other PowerCLI posts like PowerCLI Get-vCenter Function )

Caution: Like all code you download from the internet, please understand and modify the code accordingly to prevent unforeseen production problems.  Also known as career-altering events. 

Cross SSO vMotion PowerCLI Code: 

Photo by bruce mars from Pexels
Thinking equals coding

 

 

PowerCLI Get-vCenter Function

Since I work in a multiple vCenter environment, it is nice to have a function that allows for a connection choice when running a PowerCLI script.  The Get-vCenter function has an array of all the vCenters I potentially might connect with to run a PowerCLI script.  This array is presented in a numbered format that allows the script user to choose the vCenter they want to use for the rest of the script. You can make the array as large or small as you want.  It will dynamically create a numbered choice next to each vCenter.  It is simple but comes in very handy.

Caution: Like all code you download from the internet, please understand and modify the code accordingly to prevent unforeseen production problems.  Also known as career-altering events. 

PowerCLI Code:

Changing vCenter Default Domain

One of the less annoying things I encounter on a daily basis is the wrong default domain on my vCenter appliance. Changing the vCenter default domain is necessary in my environment because the empty-root domain is default. Our main domain where all of our user accounts reside is a sub-domain of the empty-root domain. That means that you can’t just login with your normal credentials without using the domain\username or username@domain.com formats. This isn’t a large problem but anything that speeds up my day is always appreciated.

It turns out that this is a known problem for users in a child domain where the vCenter has been upgraded from version 5.5.0 to 5.5.0b or later.  In my case the users can login still if they put the domain prefix as part of their login.  I just don’t want to have to worry about that especially for those in our enterprise that can’t figure out how to login by using a domain prefix.

Resolution

To change the behavior of the identity source, the default domain can be changed on the Single Sign-On (SSO) server from the domain that was created during the upgrade.

Windows-based Single Sign-On (SSO)

Connect to the machine that is running the SSO instance.
Create the defaultdomain.ldif file containing this information using a plain text editor:

dn: cn=vsphere.local,cn=Tenants,cn=IdentityManager,cn=Services,dc=vsphere,dc=local
changetype: modify
replace: vmwSTSDefaultIdentityProvider
vmwSTSDefaultIdentityProvider: example.com

Note: Replace example.com with the desired default domain from your environment. Contents of .ldif file should be terminated with “-” .

As an Administrator, click Start > Run, type cmd and then click OK.
Run C:\>ldifde command to confirm that the ldifde tool is available. This list returns a list of available commands.
If the tool is not present, install it by running this command:

C:\>ServerManagerCmd -i RSAT-ADDS-Tools

For Windows 2012 run this powershell command:

Install-WindowsFeature RSAT-ADDS

Run this command to update the default domain:

C:\>ldifde -i -f filepath\defaultdomain.ldif -s localhost -t 11711 -a “cn=Administrator,cn=Users,dc=vsphere,dc=local” *

 

When prompted, enter the Administrator@vsphere.local Single Sign-On (SSO) password.
The command should complete successfully.

VMware vCenter Server Appliance with local Single Sign-On (SSO)

Connect to the machine that is running the SSO instance.
Create the defaultdomain.ldif file containing this information using a plain text editor:

dn: cn=vsphere.local,cn=Tenants,cn=IdentityManager,cn=Services,dc=vsphere,dc=local
changetype: modify
replace: vmwSTSDefaultIdentityProvider
vmwSTSDefaultIdentityProvider: example.com

Note: Replace example.com with the desired default domain from your environment. Contents of .ldif file should be terminated with “-” .

Open a console to the vCenter Server Appliance.
Run this command to update the default domain:

/opt/likewise/bin/ldapmodify -f filepath/defaultdomain.ldif -h localhost -p 11711 -D “cn=Administrator,cn=Users,dc=vsphere,dc=local” -W

 

Enter the Administrator@vsphere.local SSO password.
The command should complete successfully.

 

Here is the link to kb2070433  if you would like to read the full article for yourself. It is a trivial change to fix a trivial problem but I am glad to say it works like a charm.

vCenter Server 6.5.0e Is Out

If you are experiencing the following issue your fix is available with the 6.5.0e release. Even if you are not experiencing this issue it is recommended to go ahead and apply this patch according to my VMware TAM.

vCenter Server 6.5 might fail with an error of the type ERROR: duplicate key value violates unique constraint “pk_vpx_guest_disk”
The vpxd service on vCenter Server 6.5 might intermittently fail with the following error stack in the log files:

YYYY-MM-DDT00:01:24.342Z error vpxd[7F8DD228C700] [Originator@6876 sub=Default opID=HB-host-476@72123-38e1cc31] [VdbStatement] >SQLError was thrown: “ODBC error: (23505) – ERROR: duplicate key value violates unique constraint “pk_vpx_guest_disk”;

–> Error while executing the query” is returned when executing SQL statement “INSERT INTO VPX_GUEST_DISK (VM_ID, PATH, CAPACITY, >FREE_SPACE) VALUES (?, ?, ?, ?)”

The VMware vCenter Server 6.5 vpxd log files are located in the %ALLUSERSPROFILE%\VMWare\vCenterServer\logs\vmware-vpx folder.

The VMware vCenter Server Appliance vpxd 6.5 log files are located in the /var/log/vmware/vmware-vpx folder.

The error occurs because of a database key violation for the GuestDisks updates, causing duplicate entries in the table.

This issue is fixed in this release.

 

Source: VMware vCenter Server 6.5.0e Release Notes