Generating a clean Host Profile using PowerCLI

First of all: I love Host Profiles! But they’re easy to mess up as well, leave something selected related to hardware and an update in ESXi, vib’s or even a firmware update might break it. For a customer where we are going to do the entire vSphere build from scratch I got the idea to generate an empty Host Profile and extend that one using scripting. At first I though this would be an easy thing but it definitely isn’t, a reply from PowerCLI guru Luc Dekens at the VMware{Code} forums set me on the right path to do so. Luc’s remark that editing Host Profiles might take some reverse engineering for the lack of documentation is a huge understatement. It has cost me many many hours to build the script below.

I strongly recommend having the reference host as clean as possible.

These are the steps the script takes

  1. connect to vCenter
  2. extract a new Host Profile
  3. Gets the new Host Profile
  4. Copies all members of the new Host Profile to an object that can be edited
  5. Sets everything that I could find in my environment to false
  6. Updates the Host Profile with the edited object

Required parameters

  • vCenter
    • Your vCenter host
  • Referencehost
    • the name of the host in vCenter
  • Hostprofilename
    • Name for the Host Profile

There are also a couple of optional parameters:

  • dnshost
    • It’s mandatory to have a DNS set in the defaulttcpipstack. With this parameter you can change this.
  • domainname
    • Like DNS it’s mandatory to have a domainname set in the defaulttcpipstack. With this parameter you can change this
  • Cleanup
    • This one defaults to false but can be set to true. It will remove all NFS Datastores, vmkernel ports, portgroups, device aliases and direct i/o profiles.
    • Use this one with care, if you apply it to a host it will most probably remove all networking details for that host making it unusable.

This is how a manual extracted Host Profile looks

This is how a Host Profile looks after using my script without the cleanup option, everything is deselected but the device aliases for example are kept.

.\create_clean_hostprofile.ps1 -vcenter vCenter -Hostprofilename demo_no_cleanup -referencehost hostname

And this is how it looks with the cleanup used.

.\create_clean_hostprofile.ps1 -vcenter vCenter -Hostprofilename demo_no_cleanup -referencehost hostname -cleanup $true

The script itself can be found on Github as well:

#-------------------------------------------------
# Generates a clean Host Profile
#
# Build using PowerCLI 11
#
# Version 1.0
# 17-08-2019
# Created by: Wouter Kursten
# Website: https://www.retouw.nl
#
#-------------------------------------------------

param(
[Parameter(Mandatory=$true)][String]$Hostprofilename,
[Parameter(Mandatory=$true)][String]$vcenter,
[Parameter(Mandatory=$true)][String]$referencehost,
[Parameter()][String]$dnshost,
[Parameter()][String]$domainname,
[Parameter()][bool]$Cleanup = $false
)

# I grabbed this function somewhere from an example by Luc Dekens
function Copy-Property ($From, $To, $PropertyName ="*"){
    foreach ($p in Get-Member -In $From -MemberType Property -Name $propertyName){
        trap {
            Add-Member -In $To -MemberType NoteProperty -Name $p.Name -Value $From.$($p.Name) -Force
            continue
        }
    $To.$($P.Name) = $From.$($P.Name)
    }
}

#connect to the vCenter
connect-viserver $vcenter

# This deletes any existing Host Profile with the same name as we're using in this script
get-vmhostprofile -name $Hostprofilename  -ErrorAction SilentlyContinue | Remove-VMHostProfile -Confirm:$false

# This creates a new Host Profile from the referencehost
new-vmhostprofile -name $Hostprofilename -referencehost $referencehost

# Retrieves the newly created Host Profile
$hp = Get-VMHostProfile -Name $Hostprofilename

# Creates the spec where the cleanup is done
$spec = New-Object VMware.Vim.HostProfileCompleteConfigSpec

# Copies all properties of the new Host Profile to the spec
Copy-Property -From $hp.ExtensionData.Config -To $spec

# This removes everything that could be specific to the referencehost
if ($cleanup -eq $true){
    $spec.ApplyProfile.Network.Vswitch=$null
    $spec.ApplyProfile.Network.VMportgroup=$null
    $spec.ApplyProfile.Network.HostPortGroup=$null
    $spec.ApplyProfile.Network.pnic=$null
    $spec.ApplyProfile.Storage.NasStorage=$null
    ($spec.ApplyProfile.Property | where-object {$_.PropertyName -like "*DeviceAlias*"}).profile=$null
    ($spec.ApplyProfile.Property | where-object {$_.PropertyName -like "*PCI*"}).profile.property.profile=$null
}

# From here it's just disabling of items except for:
# -items under storage> PSA Configuration (profiles are removed)
# -Properties of the fixed DNS config (set to the default values from this scripts parameters)
$spec.ApplyProfile.Datetime.Enabled=$False
$spec.ApplyProfile.Authentication.Enabled=$False
$spec.ApplyProfile.Authentication.ActiveDirectory.Enabled=$False

foreach ($o in $spec.applyprofile.Option){
    if ($o.Enabled){
        $o.Enabled=$False
    }
}

foreach ($p in $spec.ApplyProfile.Property.Profile){
    if ($p.Enabled){
        $p.Enabled=$False
    }
    foreach ($pa in $p.Property.Profile){
            if ($pa.Enabled){
                $pa.Enabled=$False
                }
        foreach ($paa in $pa.Property.Profile){
                if ($paa.Enabled){
                    $paa.Enabled=$False
                }
        }
    }
}

foreach ($s in $spec.ApplyProfile.Storage.Nasstorage){
    if ($s.Enabled){
        $s.Enabled=$False
    }
    foreach ($sa in $s){
        if ($sa.Enabled){
            $sa.Enabled=$False
        }
    }
}

foreach ($s in $spec.ApplyProfile.Storage.Property.Profile){
    if ($s.Enabled){
        $s.Enabled=$False
    }

    if ($s.ProfileTypeName -eq "psa_psaProfile_PluggableStorageArchitectureProfile" -AND $cleanup -eq $true){
        foreach ($sa in $s.property){
            if ($sa.propertyname -like "*psa_psaProfile_PsaDevice*"){
                [email protected]()
            }
        }
    }
    foreach ($sa in $s.Property.Profile){
        if ($sa.Enabled){
            $sa.Enabled=$False
            }
        foreach ($saa in $sa.Property.Profile){
            if ($saa.Enabled){
                $saa.Enabled=$False
            }
        }
    }
}

foreach ($f in $spec.ApplyProfile.Firewall.ruleset){
    if ($f.Enabled){
        $f.Enabled=$False
    }
}

foreach ($n in $spec.ApplyProfile.Network.vswitch){
    if ($n.Enabled){
        $n.Enabled=$False
    }
    foreach ($na in $n){
        if ($na.Enabled){
            $na.Enabled=$False
        }
        foreach ($naa in $na.link){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.NumPorts){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.NetworkPolicy){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
    }
}

foreach ($n in $spec.ApplyProfile.Network.pnic){
    if ($n.Enabled){
        $n.Enabled=$False
    }
    foreach ($na in $n){
        if ($na.Enabled){
            $na.Enabled=$False
        }
    }
}

foreach ($n in $spec.ApplyProfile.Network.VmPortGroup){
    if ($n.Enabled){
        $n.Enabled=$False
    }
    foreach ($na in $n){
        if ($na.Enabled){
            $na.Enabled=$False
        }
        foreach ($naa in $na.Vlan){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.Vswitch){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.NetworkPolicy){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
    }
}

foreach ($n in $spec.ApplyProfile.Network.HostPortGroup){
    if ($n.Enabled){
        $n.Enabled=$False
    }
    foreach ($na in $n){
        if ($na.Enabled){
            $na.Enabled=$False
        }
        foreach ($naa in $na.IpConfig){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.Vlan){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.Vswitch){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.NetworkPolicy){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
    }
}

foreach ($n in $spec.ApplyProfile.Network.Property.Profile){
    if ($n.Enabled){
        $n.Enabled=$False
    }
    foreach ($na in $n.Property.Profile){
        if ($na.Enabled){
            $na.Enabled=$False
            }
        foreach ($np in $na.policy.policyoption){
            if ($np.id -eq "FixedDnsConfig"){
                foreach ($npp in $np.parameter){
                    if ($dnshost){
                        if ($npp.key -eq "address") {
                            [string[]][email protected]($dnshost)
                            $npp.value=$dnsarray
                        }
                    }
                    if ($domainname){
                        if ($npp.key -eq "domainName"){
                            $npp.value=$domainname
                        }
                    }
                }
            }
        }
        foreach ($naa in $na.Property.Profile){
            if ($naa.Enabled){
                $naa.Enabled=$False
            }
            foreach ($naaa in $naa.Property.Profile){
                if ($naaa.Enabled){
                    $naaa.Enabled=$False
                }
            }
        }
    }
}


(Get-VMHostProfile $Hostprofilename).ExtensionData.Updatehostprofile($spec)
disconnect-viserver $vcenter -confirm:$False

And yes that’s a lot of foreach’s.

 

 

The VMware Labs flings monthly for July 2019

So I am in the middle of my summer holiday but stil it’s time for this monthly overview. I see two new flings with the Virtual Machine Compute Optimizer and Machine Learning on VMware Cloud Foundation tools. No less than six have received updates: vSphere Mobile Client, Desktop Watermark, HCIBench, Horizon Toolbox, Horizon Helpdesk Utility and Horizon Session recording. I already blogged about the updates to the Horizon Helpdesk Utility over here.

New Releases

Machine Learning on VMware Cloud Foundation

Want to do things with big data? This Fling might be able to help you with that on VCF, It could do with a proper logo though.

This Fling provides a platform for Data Scientists to quickly setup a virtualized cloud infrastructure to conduct data science experiments:

  • Virtualized environment based on VMware cloud and Kubernetes
  • Currently support CPU only (but will support GPU in future)
  • Based on Open Source Kubeflow, Horovod

Provides a set of example Notebooks and libraries for common data science tasks, including:

  • Data collection and cleaning (extract data from various sources, and describe the data semantics using metadata)
  • Data cleansing and transformation (clean up collected data and transform them from its raw form to a structured form more suitable for analytic processing)
  • Model training (develop predictive and optimization machine learning models)
  • Model serving (deploy model into a run time environment where online request will be served)

Virtual Machine Compute Optimizer

I personally wouldn’t call the Virtual Machine Computer Optimizer a fling since it’s a script but it’s here.

The Virtual Machine Computer Optimizer (VMCO) is a Powershell script that uses the PowerCLI module to capture information about the hosts and VMS running in your vSphere environment, and reports back on whether the VMs are configured optimally based on the Host CPU and memory. It will flag a VM as “YES” if it is optimized and “NO” if it is not. For non-optimized VMs, a recommendation is made that will keep the same number of vCPUs currently configured, with the optimal number of virtual cores and sockets.

Note that the VMCO will not analyze whether your VMs are configured with the correct number of vCPUs based on the VM’s workload. A more in-depth analysis tool such as VMware vRealize Operations Manager can make right-sizing determinations based on workload and actual performance.

Update flings

Horizon Session Recording

The Horizon Session Recording fling gives the Horizon admin a tool to record sessions for troubleshooting reasons for example.

Changelog

Version 1.2.2

  • Added support for horizon 7.8 and above
  • Added support for recording based on group memberships
  • Many bug fixes in agent
  • Bug fixes in server

Horizon Helpdesk Utility

Like I said I already blogged about the changes in the Horizon Helpdesk Utility but here’s the changelog, just to be complete.

Changelog

Version 1.4.0.1

  • No longer requires a helpdesk license! Yay!
  • Added the ability to interact with vCenter machines
  • Added the ability to open vCenter VM consoles
  • Added the ability to perform bulk machine actions
  • Added the ability to perform refresh / recompose tasks directly from helpdesk.
  • Fixed performance issues with multiple windows open (see single instance).
  • Fixed a crash when logon durations could not be accessed.
  • Added polling to allow logon durations to be received if notavailable when the session page is requested.
  • Fixed a crash in the ending of processes.
  • Fixed a metric ton of bugs with delegated administration.
  • Fixed a memory leak in the tray icon menu, of all places.
  • Removed the logon page graphic as it was to much of a pain to change it’s colour when changing themes
  • Fixed some layout issues when changing themes.
  • Removed empty sites from the viewon the change pod tray menu.
  • Added preliminary support for Horizon 7.9.

Horizon Toolbox

The Horizon Toolbox is another usefull utility for the Horizon admin that doesn’t have access to the enterprise add-ons.

Changelog

July 12, 2019, 7.8.1

  • Added support for Horizon View 7.5, 7.6, 7.7, 7.8
  • Fixed some issues

HCIBench

We have seen this one quite a lot already, if you need to benchmark your HCI than the HCIBench might be your tool. Good chance though that it’s better optimized for VSAN than others.

Changelog

Version 2.2.1

  • Fixed docker volume moving issue
  • MD5 checksum of HCIBench_2.2.1.ova: 1a39c9df7d1485bc06332ae0b9d92ca7

Version 2.2

  • Moved docker volume to sdb to avoid blowing up OS disk
  • Added Fio spreadsheet generator
  • Added DRS warning checkup
  • Enhanced Grafana to keep all the historical data
  • Added DNS exception handler
  • Fixed RAM and PCPU reporting issue
  • Fixed Vdbench spreadsheet not reporting issue
  • MD5 checksum of HCIBench_2.2.ova: bb2a77dcf2ecc23b1ec2c30aee9945ec

Desktop Watermark

I personally haven’t really used the Desktop Watermark fling yet but I guess it could be useful for others.

Changelog

v1.0 – Build 20190724-signed

  • Added a new attribute %DATETIME% to show hour and minute info on screen.

vSphere Mobile Client

The vSphere Mobile Client fling is still a work in progress but functionality keeps being added. Very useful for most VI admins.

Changelog

Version 1.2.0

New features:

  • Focused inventory (bookmark a VM and then enter focused mode by clicking the bullseye button in the header)
  • vCenter dashboard now has host and virtual machine aggregates
  • Swiping the VM card displays a screenshot, clicking on it displays an even larger image

Bug Fixes

  • Removed option to delete virtual machines
  • Improvements to the login page
  • Improvements to the events and alarms page

 

 

 

 

The VMware Labs flings monthly for June 2019

Wow there are already six months gone in 2019. Both my kids passed passed their schoolyears and this month there have been three new fling releases and four that have received updates. The new ones are: vSphere Mobile Client, Workspace ONE UEM SCIM Adapter and FlowGate. The ones that received updates are USB Network Native Driver for ESXi, HCIBench, IOBlazer and the Horizon DaaS Migration Tool.

New Releases

vSphere Mobile Client

I already posted a short blog about this fling over here.

vSphere Mobile Client enables administrators to monitor and manage vSphere infrastructure directly from any mobile device. Whether you want to check on the current or historical resource consumption; you want to get notifications on long running tasks; or you want to check the currently running tasks – the vSphere Mobile Client is there to help.

Features

  • VM overview: Review the status of your VMs including state (powered on/off), resource usage and configuration information
  • VM management: Change the power state of a VM or restart it. Locating the virtual machine to operate on can be done through search.
  • Task monitoring: Subscribe to any running task and receive a notification on your mobile device upon task completion, even when your device is in-active or you have another application running on the foreground.
  • Performance charts: Monitor the resource usage of a VM in real time or a day, week, month or year back. Counters include CPU, Memory, Storage and Network.

NOTE: vSphere Mobile Client is currently available for Android and iOS devices and vCenter 6.0+ deployments. Check the “Requirements” tab for more details. Access to vSphere infrastructure may require a secure access method such as VPN on a mobile device.

This is a technical preview release and as such it only has a limited subset of the intended functionality. The team would be releasing updates with new features regularly, but our main task is to gather feedback so please do not hesitate to reach out to us.

Workspace ONE UEM SCIM Adapter

Workspace ONE UEM SCIM Adapter provides SCIM user/group management capabilities to Workspace ONE UEM. The middleware translates the System for Cross-Domain Identity Management, SCIM, to a CRUD REST framework that Workspace ONE UEM can interpret. This capability allows Workspace ONE UEM to synchronize cloud-based identity resources (users/groups/entitlements) without the need for an LDAP endpoint (service to service model). Examples include Azure AD, Okta, and Sailpoint.

Flowgate

The Flowgate fling is all about linking IT & Facility systems with each other.

In enterprise data centers, IT infrastructure and facility are generally managed separately, which leads to information gaps. Collaboration between facility and IT infrastructure systems are limited or manual, and virtualization adds more complexity.

The goal of Flowgate is to make facility awareness in IT management system and make IT operations management and automation better on high availability, cost saving and improved sustainability, with more information on power, cooling, environment (e.g. humidity, temperature) and security.

Built-in adapter for multiple DCIM and CMDB system integration:

  • Nlyte
  • PowerIQ
  • Infoblox
  • Labsdb
  • IBIS(TODO)
  • Pulse IoT Center (TODO)
  • Open for other facility system integration

Built-in adapter for multiple IT stack systems:

  • vCenter Server
  • vRealise Operation Manager
  • Open for other IT stack integration. More systems will coming soon.

 

  • UI based Integration process: One click integration.
  • Role based access control: API level access control support.
  • RESTFul API support: Provide unified facility information querying services. APIs for all operations and data query make it easy to integrate with other systems.

Updated flings

USB Network Native Driver for ESXi

Are you building an awesome homelab but received some funky USB Network adapters? The USB Network Native Driver for ESXi might just have the correct drivers for you.

Changelog

June 17, 2019 – v1.1

  • Added support for 9 additional USB NIC devices including USB 2.0 RTL8152 & TPLINK (see Requirements page for complete list)
  • Added support for Jumbo Frames (up to 4K) for RTL8153 & AX88179
    ESXi670-VMKUSB-NIC-FLING-24524132-offline_bundle-13958648.zip
    ESXi650-VMKUSB-NIC-FLING-24599816-offline_bundle-13964320.zip

HCIBench

HCIBench is one of two benchmarking utilities that received an update.

Changelog

Version 2.1

  • Switched UI to dark theme
  • Redesigned VMDK preparation methodology, which can complete much faster using RANDOM on deduped storage
  • Added VMDK preparation process update
  • Added Graphite port check into prevalidation
  • Added vCenter/Host password obfuscation
  • Added “Delete Guest VM” button
  • Fixed Grafana display issue
  • Fixed FIO blank results issue
  • Bug fixes
    MD5 checksum of HCIBench_2.1.ova: d37e6f164ed962a6e7ccbe104ba9eaec

IOBLazer

It looks like the IOBlazer fling was first released in 2014(!!!!) as a tool to benchmark all kinds of storage systems. Since I haven’t posted about it here yet let me give you the overview:

IOBlazer is a multi-platform storage stack micro-benchmark. IOBlazer runs on Linux, Windows and OSX and it is capable of generating a highly customizable workload. Parameters like IO size and pattern, burstiness (number of outstanding IOs), burst interarrival time, read vs. write mix, buffered vs. direct IO, etc., can be configured independently. IOBlazer is also capable of playing back VSCSI traces captured using vscsiStats. The performance metrics reported are throughput (in terms of both IOPS and bytes/s) and IO latency.

IOBlazer evolved from a minimalist MS SQL Server emulator which focused solely on the IO component of said workload. The original tool had limited capabilities as it was able to generate a very specific workload based on the MS SQL Server IO model (Asynchronous, Un-buffered, Gather/Scatter). IOBlazer has now a far more generic IO model, but two limitations still remain:

  1. The alignment of memory accesses on 4 KB boundaries (i.e., a memory page)
  2. The alignment of disk accesses on 512 B boundaries (i.e., a disk sector).

Both limitations are required by the gather/scatter and un-buffered IO models.

A very useful new feature is the capability to playback VSCSI traces captured on VMware ESX through the vscsiStats utility. This allows IOBlazer to generate a synthetic workload absolutely identical to the disk activity of a Virtual Machine, ensuring 100% experiment repeatability.

Changelog

Updates in IOBlazer 1.01:

  • Added configurable IO alignment
  • Increased the robustness of the trace file parser in the face of spurious lines
  • Increased the robustness of the build process by automatically detecting target OS and arch within the Makefile
  • In the Windows version, changed the raw access mode from volume to physical drive to avoid unnecessary mount/unmount operations at every test run.

Horizon DaaS Migration Tool

The Horizon DaaS Migration Tool is for the Horizon DaaS providers to migrate their customers to the latest version of Horizon DaaS.

Changelog

Version 2.1.0

  • Fix for the bug on “Requested Capacity” at the pool/assignment summary page showing inappropriate values.
  • Intelligently handling import of new VMs skipping previously imported VMs.

New fling: mobile vSphere management

Every once in a while there’s a fling that looks too good to only be mentioned in my monthly updates. The vSphere mobile Client is one of those in my opinion. For years and years I have seen questions about apps to manage vSphere from your mobile device and there indeed have been a couple in the past. With the amount of available API’s some VMware engineers now have decided on creating a fling for it. Currently it’s only available for Android devices but it is an awesome step in the right direction.

vSphere Mobile Client enables administrators to monitor and manage vSphere infrastructure directly from any mobile device. Whether you want to check on the current or historical resource consumption; you want to get notifications on long running tasks; or you want to check the currently running tasks – the vSphere Mobile Client is there to help.

Features

  • VM overview: Review the status of your VMs including state (powered on/off), resource usage and configuration information
  • VM management: Change the power state of a VM or restart it. Locating the virtual machine to operate on can be done through search.
  • Task monitoring: Subscribe to any running task and receive a notification on your mobile device upon task completion, even when your device is in-active or you have another application running on the foreground.
  • Performance charts: Monitor the resource usage of a VM in real time or a day, week, month or year back. Counters include CPU, Memory, Storage and Network.

NOTE: vSphere Mobile Client is currently available for Android devices and vCenter 6.0+ deployments. Check the “Requirements” tab for more details. Access to vSphere infrastructure may require a secure access method such as VPN on a mobile device.

This is a technical preview release and as such it only has a limited subset of the intended functionality. The team would be releasing updates with new features regularly, but our main task is to gather feedback so please do not hesitate to reach out to us.

There are some screenshots on the fling site and the one below from my phone but once I am able to connect to my lab I will add some more.

The VMware Labs flings monthly for April 2019

It has been a quiet month for me on the blogging side of things. I am slowly rebuilding my lab so that costs a lot of time that I can’t spend on blogging. This month two new flings have been released and no less than six have received an update. the new flings are MyVMware CLI and App Volumes Entitlement Sync. The ones to receive an update are App Volumes Toolbox, Workspace One UEM Workload Migration Tool, Cross vCenter Workload Migration Utility, Identity Manager Migration/Backup Tool, vSphere HTML5 Web Client,  and HCIBench.

New Releases

MyVMware CLI

The MyVMware CLI fling is an early preview of api’s to download your entitled software from http://my.vmware.com.

MyVMware CLI is a command line client used to login and interact with my.vmware.com.
It provides an interface for programmatic query and download of VMware product binaries.

This Fling is in early preview and allows you to find and download:

  • Every product
  • Every version
  • Every file

Note: Any download attempts will be restricted to the entitlements afforded by your my.vmware.com account.

App Volumes Entitlement Sync

If you have multiple App Volumes installations than the App Volumes Entitlement Sync fling can be usefull to make sure everyone has the same rights everywhere.

The App Volumes Entitlement Sync Fling will read, compare and sync entitlements from one App Volumes instance to another. This helps customers managing multiple App Volumes instances across one or multiple geographic sites.

Updated flings

App Volumes Toolbox

The App Volumes Toolbox fling makes it easier to manage your App Volumes setups.

Changelog

Version 2.0

  • Optimized for App Volumes 2.x
  • Remove support for Enzo and App Volumes 3
  • Bug Fixes

Workspace One UEM Workload Migration Tool

The Workspace One UEM Workload Migration Tool fling allows you to easily migrate applications and configurations between various WS One setups.

Changelog

Version 1.0.1

  • Fixed issue with expired credentials.

Cross vCenter Workload Migration Utility

The Cross vCenter Workload Migration Utility allows you to vmotion or move vm’s between linked and unlinked vCenter servers. Since this version it also supports NSX-T Opaque networking.

Changelog

Version 2.6, April 15, 2019

  • Added support for NSX-T Opaque Network (enables migration to/from VMC and on-premises vSphere with NSX-T)

Identity Manager Migration/Backup Tool

With the Identity Manager Migration/Backup Tool you can automate the process of migrating and backing up from one idm to another.

Changelog

Version 1.6

  • Exports categories to new XML file appname_categories.xml
  • Exports entitlements to a new XML file called appname_entitlements.xml
  • Imports categories
  • Creates the category if it doesn’t exist on tenant where importing
  • Shows if a bundle has an associated entitlement or category xml file
  • Shows number of applications returned
  • Shows number of categories an application has assigned to it
  • Windows reserved characters are replaced with an underscore for export bundle

Version 1.5

  • Allows more than 20 applications to be returned – now up to 500 applications will be returned by the tool
  • Added number of applications returned into the group box title

vSphere HTML5 Web Client

Want the newest even with vCenter 6.7? Use the vSphere HTML5 Web Client fling!

Changelog

Fling 4.2.0 – Build 13172979
New Features

  • vSphere Perspective Management available under Administration > Customization > Perspectives This new feature enables administrators to take control of which parts of the UI other administrators see. This is done by defining a set of views and combining them together into a so called “perspective”.
    • [Perspective tab] As an administrator you can show or hide: tabs, portlets and primary views.
    • [Assignments tab] Perspectives can be assigned to both users and groups.
    • Demo is available at https://www.dropbox.com/s/06z15xspsvrciys/Perspectives-demo-fling.mp4
  • Code Capture can also capture calls for operations made when managing Content Libraries.
  • Code Capture can generate scripts in additional languages: Python and vRO (vRealize Orchestrator) Javascript.

Known Issues

We noticed an intermittent issue with stopping the vsphere-client. You can always kill the process manually by running these commands

ps -ax | grep java
kill -9
ps -ax | node
kill -9

HCIBench

Want to test your Hyperconverged Infrastructure? HCIBench Is one of the tools you can use for that.

Changelog

Version 2.0

  • Added fio as an alternative workload generator
  • Added Grafana for workload live monitoring
  • Switched UI to clarity
  • Allow user to select one to four cases while using easy-run

Bug fixes

  • MD5 checksum of HCIBench_2.0.ova: ba3c2b06b8c27fb41a1bb68baedb325f

The VMware Labs flings monthly for March 2019

We’re already into April that means it’s time for the flings update for March. There have been 3 updates and two new flings. I already have a blogpost about one of the updated flings: The Horizon Helpdesk Utility. The new flings are: Identity Manager Migration/Backup Tool and Physical Desktop as a Thin Client. The updated ones are: vSAN Hardware Compatibility List Checker, vSphere HTML5 Web Client and as said earlier the Horizon Helpdesk Utility.

New Releases

Physical Desktop as a Thin Client

Personally I don’t see the added value for this fling since there are already plenty of products that provide the functionality and you can even do it yourself with gpo’s. (and the logo is outdated as well)

A thin client is a stateless, fanless desktop terminal that has no hard drive. Thin clients provide businesses a cost-effective way to access virtual desktop infrastructures (VDI). To simplify the operation steps to access VDI, some features are embedded in thin clients.

For example:

  • Launch the RDP client default
  • Hide desktop/task bar
  • Disable system options to prevent user using other applications

And so on

This Fling will convert physical desktop as a thin client. It will restrict end-users’ behaviors when users log into physical desktops. After user logged in, Horizon view client will be launched automatically and other applications are forbidden to switch. Physical desktop will log off automatically once user exit Horizon view clients.

Identity Manager Migration/Backup Tool

The Identity Manager Migration/Backup Tool helps you in migrating vIDM settings between environments.

Identity Manager Migration/Backup Tool automates the process of exporting or importing applications and entitlements from one Identity Manager instance to another. If entitlements exists, they will also be backed up to an XML file. This Fling uses Identity Manager API’s for Export, Import, Delete and applying entitlements.

Updated flings

vSAN Hardware Compatibility List Checker

With the vSAN Hardware Compatibility List Checker you can check easily if you’re hardware is supported for VSAN.

Changelog

Version 2.1

  • Fixed the bug that firmware version of some controllers can’t be fetched

Version 2.0

  • Add 3 new checks
  • Controller is VMware certified for ESXi release
  • Controller driver is VMware certified
  • Controller firmware is VMware certified
  • Update HTML report format
  • Bug fixes

vSphere HTML5 Web Client

Nuf said about this one.

Changelog

Fling 4.1.0 – Build 12518617
New Features

  • Hiding VMs in Hosts and Clusters view – A very popular desktop client feature is brought into the vSphere HTML5 client where you can go to User’s menu, select My preferences and Inventory tab from where you can show/hide VMs in Hosts and Clusters view by selecting the checkbox.
  • User’s menu -> My preferences will have additional preference options like Language, Time Zone, Console and Inventory
  • Developer Center now has API Explorer tab listing all the REST APIs exposed by vSphere SDK.
  • New layout for the feedback tool and feedback tool can be invoked even when a dialog is open on the screen. This enables taking the screenshot of the client including the dialogs. Also, feedback tool now has the ability to add screenshots, this will help you compare the features between different clients and upload the screenshots.

Improvements

  • We added the support back to 6.0 vCenters to the fling. You can now point vSphere HTML5 client fling v4.1 to 6.0 or 6.5 or 6.7 version of vCenter servers.
  • License expiration notification now is increased from 60 to 90 days and includes all the licenses
  • Evaluation License is now shown in the licenses list
  • Sorting and Filtering by License Expiration date in the Licenses list

Known Issues

  • New layout of the feedback tool has issues in the Firefox browser, so you will see old feedback tool in that browser.
  • There are some areas where feedback tool might not capture the screenshot of the dialog, like VM edit settings.

Horizon Helpdesk Utility

For a more complete overview of the Horizon Helpdesk Utility fling so the link I posted in the intro to my previous blogpost.

Changelog

Version 1.3.3.1

  • Removed machine listings from session view (overkill)
  • Improved Environment view to include metrics on all connected infrastructure:
    • vSphere
    • Hosts
    • Datastores
    • Remote Pods
    • Events
    • Problem Machines
  • Added repeated queries for logon breakdown if missed on first instance
  • Added event query support for logon breakdown
  • Added events view for Farm and Desktop pools
  • Added inbuilt find / search to users / machines in pool views
  • Added support for multiselect in pool / farm views
  • Added graph / chart views of machines / sessions and problem machines on the environment overview
  • Added a pod switcher to the environment overview
  • Added a global search to the environment overview
  • Added support for Pod Jumping.
    • the ability to jump to a pod on demand
    • the ability to jump to a pod a session belongs to
  • Added support for an architecture view of Desktop Pools
  • Added support for an architecture view of Farms
    • Enhanced view of servers load evaluator value
  • Added bulk user tasks via pool or farm views:
    • Bulk messaging
    • Bulk log off
    • Bulk disconnect
    • Bulk reset
    • Bulk restart
  • Added support for a local pod view (AKA environment view):
    • Connection servers
    • Farms
    • Desktop pools
  • Added documentation (finally)
  • Added MSI installation support
  • Added a start time column to user sessions (this will persist as a preference)

The VMware Labs flings monthly for January 2019

One month down, eleven to go for 2019! I am very busy planning the first Nutanix User Group meet and hopefully I will be selected again as vExpert. You can also still apply for vExpert at http://vexpert.vmware.com/. Back to the flings, this month there has been one new release:  Policy Enforcer and four updates: ESXi Embedded Host Client,
vSphere HTML5 Web Client, vSAN Hardware Compatibility List Checker and vSphere PKS Plugin.

New Releases

Policy Enforcer

Policy Enforcer is used to check and remediate restriction policies on a Workspace ONE Managed Windows 10 machine. If a user were to try to override configured Policy CSP settings by attempting to edit the Windows Registry, Policy Enforcer will compare the current value with the MDM configured value and reset the registry if the values differ.

Policy Enforcer can be implemented by uploading the MSI installer to the WS1 UEM console and deploying as an internal app via Apps & Books.

Updated

vSAN Hardware Compatibility List Checker

With the vSAN Hardware Compatibility List Checker you are able to test your hardware against the vSAN Hardware Compatibility list.

The vSAN Hardware Compatibility List Checker is a tool that verifies all installed storage adapters against the vSAN supported storage controller list. The tool will verify if the model, driver and firmware version of the storage adapter are supported.

Using a supported storage controller and firmware is important in a vSAN deployment to ensure normal operations, optimal performance, and to reduce the chances of hardware/firmware issues. This tool can be useful to ensure that a storage device and its firmware went through certification testing supported by VMware and its partners.

Some scenarios where the tool can be useful:

  • Verify if new server and storage adapter are supported for a vSAN deployment
  • Verify if re-purposed server, storage adapter are supported for a vSAN deployment

For a full vSAN system check, please check vSAN health UI through vSphere web client after a vSAN deployment.

Changelog

Version 2.0

  • Add 3 new checks
  • Controller is VMware certified for ESXi release
  • Controller driver is VMware certified
  • Controller firmware is VMware certified
  • Update HTML report format
  • Bug fixes

vSphere PKS Plugin

The vSphere PKS plugin gives the administrator a graphical interface within the vSphere HTML5 console.

Changelog

Version 1.0.1 – Build 168317

  • A PKS instance can be added to the plugin by providing the Ops Manager credentials
  • Support an alternate IP address (such as an NSX floating IP) to be used as the registration server and plugin server IP. It is assumed that the IP will be mapped to the appliance’s NIC via other means
  • Minor bug fixes

ESXi Embedded Host Client

The latest and greatest version of the ESXi embedded host client as found in production since ESXi6.0

Changelog

Version 1.33.1 build 12086396 (Fling 23) – January 31, 2019
OVF issues 

  • Various fixes for ovf import issues
  • ISO files are now imported from OVAs

General 

  • Fixed an issue with special characters in datastore names in some versions of ESXi
  • Fix swapped labels for transmit and receive in network chart
  • Network adapters are added to the vm in the correct order
  • Fixed issue with firewall notifications displaying incorrect information
  • provide notifications for expiring licenses
  • Support for Swedish input locale in the vm console
  • Display Fibre channel wwn and wwp as 64bit addresses

 vSphere HTML5 Web Client

This is the newest release of the HTML5 Web Client for vSphere. The downloadable version is 4.0.1 while the changelog is 4.0 so we’ll have to assume that 4.0.1 is a small bug fix. Starting from this version the fling ONLY supports vSphere 6.5 and newer!

Changelog

Fling 4.0 – Build 11785236

  • New Features
    • Support for VC 6.7
    • ESX Agent Manager UI
    • MxN Convergence in System Configuration
    • Import Certificate and Generate CSR
    • Code Capture: the record button can be toggled between hidden and shown.
    • Ability to remove Script Bundles in Autodeploy for 6.7 VC
    • Ability to remove Discovered hosts in Autodeploy for 6.7 VC
    • Export licensing data in CSV for all licensing views
    • Add and Assign license with single operation
    • Authentication Proxy configuration for VC 6.5+ (VC > Configure  > Settings > Authentication Proxy)
  • Improvements
    • Improved performance for Files browser for VC 6.7
  • Bug Fixes
    • Fixed an issue where starting a Code Capture recording would lead to dialogs loading slowly or not at all.
  • Known Issues
    • To open the Fling UI, you need to use https://<Fling IP>/ui
    • The VMware vSphere Update Manager (VUM) plugin will not be loaded when the Fling 4.0 is connected to vSphere 65
  • Release Notes
    • The upgrade from Fling 3.x to Fling 4.0 will require to establish new connection to the vSphere by providing the vSphere credentials.
    • The Fling 4.0 is based on the vSphere 6.7 client and does not support vSphere versions prior to vSphere 6.5

#vCommunity is………teaching the next generation

Yesterday I had the honor of teaching 2 separate classes an introduction to VMware vSphere. This was a first time for me since until now I had always been on the receiving end of schoolclasses/courses. The journey started when I noticed a shared post on linkedin where Ellis Uytdehage of the Radius College in Breda (The Netherlands) was looking for guest lecturers. This is Dutch MBO level and could roughly be translated to Junior College / Vocational Education in other country’s. It’s post high school and they actually learn how to be a systems/network/application admin. The people whom I thought are all in their fourth and last year and doing internships or did BBL which consists of working four days and learning one day each week.

Since I didn’t want to bore the students by making them have to listen to me giving boring college for an hour we decided on me doing a 10 minute introduction and after that I gave them some basic tasks to to in the Virtualization 101 Hands On Lab. I could have gone with some boring specs and workings of vSphere but for me it was also about introducing them to the vCommunity. Supported by a couple of pictures I explained how important it is to share knowledge and that it will pay back in the end. That it isn’t all serious I showed them some of the examples of fun we had at VMworld.

I have to say that despite the HOL’s being slow with 40 persons starting the same lab at the same time that the classes where a success. While several students already used vSphere for a bit at their internships or even had already played with the Hands On Labs, they showed great interest in the tech and I am 100% sure that almost all of them learned something new. My side mission or message of showing them that sharing = caring also came across and if anyone of them wants any help in blogging/presenting/whatever they’re always welcome to contact me.

I would like to thank Ellis, Radius College and my employer AnylinQ for the opportunity and already look forward to next time!

 

 

The VMware Labs flings monthly for July 2018

It’s been a busy month in the world of flings all of the flings except for one on the first page are new or updated ones. This means there are five(!) new ones and six(!) have received an update. The new ones are: Policy BuilderSDDC Certificate ToolvAssist.ai NLP PlatformWorkspace ONE UEM Samsung E-FOTA Tool and the Horizon Helpdesk Utility that I wrote yesterday about. The ones that received an update are: Cross vCenter Workload Migration Utility,  Blockchain on KubernetesHCIBenchESXi Embedded Host ClientvSphere HTML5 Web Client and last but not least the VMware OS Optimization Tool.

The new releases

Policy Builder

The policy builder is an hosted fling that helps the user to create custom MDM policies for Workspace UEM (former Airwatch)

Official summary:

This cloud hosted Fling helps users with custom Mobile Device Management (MDM) policy generation that use MDM capabilities available through Microsoft’s Windows 10 MDM Configuration Service Providers (CSPs).

Note: On login with My VMmware credentials, the tool provides an easy to use form based UI that allows the Windows 10 admin to simply enter the required values for the policies and auto generates corresponding syncML that can be copied to publish through Workspace ONE Unified Endpoint Management.

This tool greatly reduces the effort of hand rolling syncML and the possibility of code and formatting errors when creating or managing custom settings profiles through Workspace ONE UEM.

SDDC Certificate Tool

The SDDC Certificate Tool is an automated process that replaces all certificates in a SDDC for you. This normally can be a lengthy process but should be a breeze with this fling.

Official summary:

Replacing SSL certificates across VMware products is a manual and time-consuming process. The SDDC Certificate Tool automates this workflow and makes it easy to keep certificates across your SDDC up to date. It will replace all certificates in the supported products and reestablish trust between the components.

Supported Products

  • VMware Platform Services Controller (PSC)
  • VMware vCenter Server (VC)
  • VMware NSX for vSphere (NSX)
  • vRealize Log Insight (vRLI)
  • vRealize Operations Manager (vROps)
  • vRealize Automation (vRA)
  • vRealize Business for Cloud (vRB)
    More about this Fling: New SDDC Certificate Replacement Fling by William Lam

vAssist.ai NLP Platform

Not my cup of tea but this fling is supposed to be an example where you can talk against vRealize Automation.

Official summary:

vAssist.ai, a Natural Language Processing (NLP) platform, enables bot developers to train machine learning models for intent classification and entity extraction. This platform is available as a SaaS model which exposes easy-to-use REST APIs to train and parse natural language inputs. It also provides a multi-tenant user interface dashboard which can be used to annotate and visualize training data expressions and train machine learning models in the cloud.

VMware customers who are serious about building conversational interfaces can benefit from this platform. With this Fling we trained a sample model for vRealize Automation. Users can chat with the test bot to query available catalog services and initiate a provisioning request in a natural, conversational way. Please note that we are using a sample internal environment for vRealize Automation.

Features

  • NLU Engine for Intent and entity extraction
  • Customizable NLU pipeline
  • Rule based and ML based Conversation Engine
  • Privacy of the data
  • Scalable and Fault Tolerant
  • REST APIs exposed for integration with multiple channels and platforms

Workspace ONE UEM Samsung E-FOTA Tool

The Workspace ONE UEM Samsung E-FOTA Tool is a fling for Workspace One UEM to add some extra functionality for Samsung devices.

Official summary:

The Workspace ONE UEM Samsung E-FOTA Tool is designed to add to the existing abilities of AirWatch’s Samsung E-FOTA implementation. These new abilities include scheduling a firmware/OS update in a targeted window. This feature is dependent on the existing abilities within AirWatch which enroll the MDM into Samsung E-FOTA and push profiles to enroll the device into Samsung E-FOTA. Users should use this tool along with the information gathered from the Workspace ONE UEM console. The information can then be used to make an API command to schedule the firmware/OS update to your Samsung devices.

Horizon Helpdesk Utility

Like I said yesterday the Horizon Helpdesk Utility is how the original Horizon View Helpdesk Tool should have been. Please read yesterdays;s post for more information and screenshots.

The Horizon Helpdesk Utility is designed to be a tool used by real help desk agents. The Horizon Helpdesk Utility takes all of the functionality of the current HTML5 based Helpdesk in VMware Horizon and adds true desktop integration features, including:

  • Greater speed in queries
  • Reduced steps to find a session
  • Multiple monitoring windows
  • Keystrokes for fast access
  • Native remote control functionality
  • Real-time updates
  • Built-in session experience score based on session performance and variables

Updated flings

VMware OS Optimization Tool

Changelog

July 30, 2018, b1100

  • Issue fix: With group selection operation, unselected optimization items are applied.
  • Issue fix: can not export analysis report

July 20, 2018, b1099

  • Template update: Windows 10 & Windows Server 2016
  • Prevent the usage of OneDrive for file storage
  • Registry changes:
reg add "HKLM\DEFAULT\Software\Classes\CLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /v System.IsPinnedToNameSpaceTree /t REG_DWORD /d 0 /f
* reg add "HKLM\DEFAULT\Software\Classes\Wow6432Node\CLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /v System.IsPinnedToNameSpaceTree /t REG_DWORD /d 0 /f reg add "HKLM\DEFAULT\System\GameConfigStore" /v GameDVR_Enabled /t REG_DWORD /d 0 /f reg add "HKLM\DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\People" /v PeopleBand /t REG_DWORD /d 0 /f reg add "HKLM\DEFAULT\Software\Microsoft\Windows\CurrentVersion\GameDVR" /v AppCaptureEnabled /t REG_DWORD /d 0 /f reg add "HKLM\DEFAULT\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.SecurityAndMaintenance" /v Enabled /t REG_DWORD /d 0 /f reg add "HKLM\DEFAULT\Software\Microsoft\Windows\CurrentVersion\PenWorkspace" /v PenWorkspaceButtonDesiredVisibility /t REG_DWORD /d 0 /f reg delete "HKLM\DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run" /v OneDrive /F reg delete "HKLM\DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run" /v OneDriveSetup /F

Cross vCenter Workload Migration Utility

Changelog

Version 2.2, July 16, 2018

  • Support for vSphere Resource Pool and VM folder for placement under advanced options
  • Support for VMware Cloud on AWS (VMC) by specifying resource pool and folder options

Blockchain on Kubernetes

Changelog

July 16 2018, BoK 2.1

  • Support deployment of Hyperledger Fabric 1.1.0.
  • Allow users to customize the Fabric organizations and peers in bok.yaml.
  • Add ingress controller for serving traffic to Fabric peers nodes and explorer node.
  • Make improvement on stability and usability.
  • Verified against Kubernetes 1.10.3 and Pivotal Container Service (PKS) 1.1.0.
  • Updated the PCF Fabric Tile which supports creating Kubernetes cluster via PKS Tile and deploy Hyperledger Fabric in the Kubernetes cluster.

HCIBench

Changelog

Version 1.6.7.1

  • Fixed vSAN Performance Diagnostic API call
  • Fixed network validation message not clear issue
  • Fixed setting re-use VMs as default bug in 1.6.7

Version 1.6.7

  • Enabled https instead of http
  • Added storage policy field, user can specify storage policy for the data disks. For this version, storage policy can’t be assigned to existing client VMs
  • Enhanced deployment methodology
  • Enhanced vSAN Observer to avoid blow up the memory
  • Enhanced vSAN Performance Diagnostic API call with HCIBench workload configuration included
  • Added timestamp to the testing status
  • Bug fixes

ESXi Embedded Host Client

Changelog

Version 1.31.0 build 9277095 (Fling 21) – July 20, 2018

  • General
    • Resolve several issues related to dropdown selection
    • Update NTP UX
    • Update AngularJS to 1.6.10
    • Other minor bug fixes

vSphere HTML5 Web Client

Changelog

Fling 3.40 – Build 9292689
New Features

  • Host profiles
    • Check compliance
    • Pre-check and remediate host (known issue exists – see known issues)
    • Extract, edit host profile
    • Host profile favorites management (vCenter 6.5)
    • Copy settings between profiles (vCenter 6.5)

Adding vCenter server to Horizon View using the api’s

Yesterday Sean Massey (https://thevirtualhorizon.com/) asked me if it was possible to add a vCenter server + some other things to Horizon View using the api’s. With a quick look at the api explorer I confirmed this should be possible. The other things he asked I will put in a separate blogpost.

It looks like a simple matter of building the spec and I should be good. In the end it turned out to be a bit more work then expected. Some items are not required according to the api explorer but should at least be called in the spec (set them to something empty) while others can safely be left away. The automatic generated ssl certs in my lab also turned out to be a pita. First I copied them from a current spec and later I downloaded the certificate on the Connection server itself and read that cert. Andrew Morgan (http://andrewmorgan.ie/)from VMware helped me out with this by showing their internal script that they use. It turned out that except for the SSL certs I was on the right path. As usual I will add this functionality to the vmware.hv.helper but since that might take a while I decided to create a useful script

$hvServer = $global:DefaultHVServers[0]
$services=  $hvServer.ExtensionData

# Create required objects

$spec=new-object VMware.Hv.VirtualCenterSpec
$spec.serverspec=new-object vmware.hv.serverspec
$spec.viewComposerData=new-object VMware.Hv.virtualcenterViewComposerData

$spec.Certificateoverride=new-object vmware.hv.CertificateThumbprint
$spec.limits=new-object VMware.Hv.VirtualCenterConcurrentOperationLimits
$spec.storageAcceleratorData=new-object VMware.Hv.virtualcenterStorageAcceleratorData

# vCenter Server specs

$spec.ServerSpec.servername="pod2vcr1.magneet.lab"        # Required, fqdn for the vCenter server
$spec.ServerSpec.port=443                                 # Required
$spec.ServerSpec.usessl=$true                             # Required
$spec.ServerSpec.username="[email protected]"   # Required [email protected]
$vcpassword=read-host "vCenter User password?" -assecurestring
$temppw = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($vcPassword)
$PlainvcPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($temppw)
$vcencPassword = New-Object VMware.Hv.SecureString
$enc = [system.Text.Encoding]::UTF8
$vcencPassword.Utf8String = $enc.GetBytes($PlainvcPassword)
$spec.ServerSpec.password=$vcencPassword
$spec.ServerSpec.servertype="VIRTUAL_CENTER"

# Description & Displayname, neither is required to be set

#$spec.description="description"              # Not Required
#$spec.displayname="virtualcenterdisplayname" # Not Required

$spec.CertificateOverride=($services.Certificate.Certificate_Validate($spec.serverspec)).thumbprint


# Limits
# Only change when you want to change the default values. It is required to set these in the spec

$spec.limits.vcProvisioningLimit=20
$spec.Limits.VcPowerOperationsLimit=50
$spec.limits.ViewComposerProvisioningLimit=12
$spec.Limits.ViewComposerMaintenanceLimit=20
$spec.Limits.InstantCloneEngineProvisioningLimit=20

# Storage Accelerator data

$spec.StorageAcceleratorData.enabled=$false
#$spec.StorageAcceleratorData.DefaultCacheSizeMB=1024   # Not Required

# Cmposer
# most can be left empty but they need to be set otherwise you'll get a xml error

$spec.ViewComposerData.viewcomposertype="DISABLED"  # DISABLED for none, LOCAL_TO_VC for installed with the vcenter and STANDALONE for s standalone composer


if ($spec.ViewComposerData.viewcomposertype -ne "DISABLED"){
  $spec.ViewComposerData.ServerSpec=new-object vmware.hv.serverspec
$spec.ViewComposerData.CertificateOverride=new-object VMware.Hv.CertificateThumbprint
  $cmppassword=read-host "Composer user password?" -assecurestring
  $temppw = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($cmpPassword)
  $PlaincmpPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($temppw)
  $cmpencPassword = New-Object VMware.Hv.SecureString
  $enc = [system.Text.Encoding]::UTF8
  $cmpencPassword.Utf8String = $enc.GetBytes($PlainvcPassword)
  $spec.ViewComposerData.ServerSpec.password=$cmpencPassword
  $spec.ViewComposerData.ServerSpec.servername="pod2cmp1.magneet.lab"
  $spec.ViewComposerData.ServerSpec.port=18443
  $spec.ViewComposerData.ServerSpec.usessl=$true
  $spec.ViewComposerData.ServerSpec.username="[email protected]"
  $spec.ViewComposerData.ServerSpec.servertype="VIEW_COMPOSER"
  
  $spec.ViewComposerData.CertificateOverride=($services.Certificate.Certificate_Validate($spec.ViewComposerData.ServerSpec)).thumbprint    
  
}


# Disk reclamation, this is required to be set to either $false or $true
$spec.SeSparseReclamationEnabled=$false 

# This will create the connection
$services.VirtualCenter.VirtualCenter_Create($spec)

Looking at the output it will only ask for the vCenter user’s password and if a Composer server is set for that user’s password.