Setting maintenance mode for Linked Clones using API’s

If you have used the VMware.hv.helper the title of this blog post might sound strange since the set-hvmachine already has a way to set maintenance mode. When Ryan Butler asked me the question this week though I didn’t think of that and dived into the api’s immediately. The machines.Machine_EnterMaintenanceMode method looked good to me and than I though of the vmware.hv.helper and noticed that with

it was also possible so set maintenance mode. The usage though made me think immediately that this was not actually using a proper api call but the update function. A quick look at the function itself confirmed this. It sets that status of the virtual machine by directly setting the status.

(this is just a snippet of the complete function)

If you are below version 7.5 of Horizon view it’s probably of no use to continue with the rest of this blog post. The api explorer only mentions the relevant functions since 7.5! They have been tried against 7.0.3 and 6.2 and there they don’t work.

So back to the drawing board it was and I needed to look at the API explorer, there are 4 relevant methods for maintenance mode.

As usual there are methods for multiple machines that use an array of id’s (with machines in the name) and methods for single machines id’s (without the machines in the name).

Since I usually use instant clones these days I created a small pool with three linked clones. With get-hvmachine I can show you their names and state.

Since I know that get-hvmachine will already give you the id of a machine it’s easy to do a one liner to set one system in maintenance mode.

and exit maintenance mode.

And the entire pool?

And exit maintenance mode for the entire pool.

Okay so we now know how this works but I don’t want to use to vmware.hv.helper module for this at all because I want to be able to use a list of machines or based on part of the name. That can be done using a query. The query entitytype to use is MachineSummaryView and if you use queryfiltercontains it’s also possible to use only a part of the name for a kind of wildcard selection. Combine several of these in with queryfilteror and it gives the opportunity to select them from a list.

Now I replaced the names in the txt file with only p2lc00

And back into maintenance mode

So this is a nice way to manage the machines and their maintenance state. Please remember that these scripts only work against horizon 7.5 and higher.

The VMware Labs flings monthly for November 2018

The year’s almost over but for me it feels like it just got started, how does it feel for you? Time certainly flies! This month there was one new fling: vSphere PKS Plugin and five have received updates: Workspace ONE UEM Profile Migration UtilityHCIBenchESXi Embedded Host ClientCross vCenter Workload Migration Utility and Workspace ONE Configuration Tool for Provisioning.

New

vSphere PKS Plugin

The vSphere PKS Plugin provides a user interface for managing and monitoring Kubernetes cluster deployments for the PKS platform. Using the vSphere PKS Plugin you can view details about your Kubernetes clusters, including master and worker nodes as well as networking configuration.

Features

The vSphere PKS Plugin:

  • Provides a graphical interface to visualize the Kubernetes clusters deployed and managed by PKS
  • Provides visibility into underlying infrastructure such as VMs, network objects and storage objects that are created when a Kubernetes cluster is deployed in a vSphere environment
  • Provides a centralized launch point for viewing components deployed with the Kubernetes cluster, including nodes and network objects such as routers, logical switches, load balancers
  • Provides a simple user interface to get easy access to the cluster using the kubectl interface and the cluster Dashboard

Updated

Workspace ONE UEM Profile Migration Utility

The Workspace ONE UEM Profile Migration Utility helps  in moving profiles between various WS One UEM Consoles.

Changelog

Version 1.6

  • Added a log file for more advanced troubleshooting and auditing. A new file in the folder called: WS1UEM-Profile-Migration-Utility-log.txt
  • Added logic to ensure the user has to hit Review button before Create
  • Fixed a bug where the Status wouldn’t clear if selecting a new Profile therefore the user was unable to tell if the new Create Profile was successful

HCIBench

The HCIBench is a Hyperconverged Infrastructure Benchmark build around VDbench.

Changelog

Version 1.6.8.1

  • Fixed regression when datastore is in the datastore folder
  • Avoid checking connection to host directly and use tvm deployment instead
  • Added Vdbench version check in summary script

Version 1.6.8

  • Added resource pool and VM folder fields for VMC environment
  • Fixed easy-run disk size issue
  • Enhanced pre-validation error message handling
  • Changed the names of network interface from “Public Network” to “Management Network”, and “Private Network” to “VM Network”

ESXi Embedded Host Client

While the ESXi embedded host client has been officially released for 5.5, 6, 6.5 and 6.7 the fling gets all the latest updates.

Changelog

Version 1.32.0 build 10692217 (Fling 22) – November 2, 2018

  • Import / Export
    • Iso files and nvram files can now be exported and imported (if suppored by the esx version)
    • Files can be individually selected when exporting
    • All advanced vm config options are exported by default
    • Several bug fixes related to the export wizard
  • General
    • Permissions previews now display correctly
    • Support Bundles are now generated on the fly
    • Domain user functionality has been restored
    • Fibre Channel WWNs are displayed in hex

Cross vCenter Workload Migration Utility

If you want to use a gui to move vm’s between different vCenter servers than the Cross vCenter Workload Migration Utility is the tool to use.

Changelog

Version 2.5, November 5, 2018

  • Remember registered site information (without password)
  • Easily retry a previously attempted task in case of failures
  • Search box for keyword filtering of migration task history
  • Option to clear task history by removing completed tasks
  • Added documentation and other links under the help menu
  • Partial fix for an issue related to duplicate network names

Workspace ONE Configuration Tool for Provisioning

The Workspace ONE Configuration Tool for Provisioning assists in building unattend.xml configuration files that can be used by Dell (or others when more provide the service) when delivering systems from the factory to set them up for your environment.

Changelog

Release Update – Version 2.0.0

Improvements

  • The version number is shown in the window title
  • The version number is shown as a comment in the generated XML
  • The product key is now validated to conform with the 11111-11111-11111-11111-11111 pattern
  • Split the locale settings into ‘Operating System Language’, and ‘Region and Keyboard Settings’.
  • ‘Operating System Language’ maps to the language of the operating system installation media, and ‘Region and Keyboard Settings’ maps to the locale settings available to the user during OOBE
  • ‘Operating System Language’ is now a required field as it is needed for certain customizations, such as adding a user to the administrators group
  • Removed the ability to set a custom computer name. The computer name now defaults to ‘*’, which causes the Windows OS to generate a random name, taking up to seven characters from the ‘Registered Organization’ field plus eight random characters. This change makes sure every computer has a unique name on the network.
  • The ‘Auto Admin Logon’ feature is no longer selectable. Instead, it will be activated when it is required by the deployment scenario.
  • All deployment scenarios now allow for the creation of a local user.
  • Moved the node from the ‘oobeSystem’ pass to the ‘specialize’ pass
    to be consistent with the node

Bug Fixes

  • Auto Admin Logon would only work with an unattend XML generated for an en-US installation image
  • Enabled the ASSIGNEDTOLOGGEDINUSER=Y flag to enable the WS1 agent to correctly enroll the user in the ‘Workgroup’ deployment scenario
  • Fixed an issue where the ‘Show Privacy Settings’ option would have no effect

Sending messages to users with the Horizon API’s

I got the question today from Fabian Lenz if it is possible to send messages to end users using the Horizon API. I knew I had seen it somewhere already and here’s a quick explanation.

There are two method’s to do this, one for a single session and the other for a group of sessions. Both fall under the session service.

You can see both the methods called session_sendmessage and session_sendmessages if we look at what’s required for both we see that the difference is a single sessionid or an array of session id’s.

Let’s see what the API explorer says what’s needed.

So the msgtype is a string that can have three values and the message is just a string, let’s test this.

I am lazy and will use get-hvlocalsession for the sessionid.

I do the -first 1 so it isn’t an array but a single session.

Now let’s send a message.

And the result:

Now let’s do the same for multiple sessions.

And to show that this also works for global sessions (both where connected to pod2cbr1)

If you want to filter the sessions on user or machine name you can filter the $globalsessions on $globalsessions.namesdata.basenames

With the localsessions it’s located in $sessions.namesdata

It’s also possible to filter this with the query service, take a look on my previous post on how to handle queries.

So now you know how to send messages to users. Not that they always read these messages but at least you can try warning them a bit faster now!

Horizon View Api’s: back to basics part 2: Queries

So this is the second post in this series about the Horizon View API basics. While functions logically would be part 2 I have decided on doing queries first since you might need the result for a query before you can use some of the functions. Some if it will seem double from my recent post about pulling event information but not everyone might be looking into that. This post will not have as much gifs as the first post but that’s because only the end results count for this one.

Looking at the API Explorer these are the services that we can actually query:

There are some examples in the API explorer but will show you some different examples with the aduserorgroupsummaryview since that one has a lot of documented filters and I can easily add some extra accounts to show different queries.

The first thing that we always need to do with queries is to declare the queryservice object

If you do a get-method on this object it will show several possible methods to use.

The next thing to do is to create a definition object in which we will declare the things the query looks for.

When getting this object and its get-method it shows the definitions we can set, as you can see all method’s are already visible from just viewing the object so we don’t need to use the get-method anymore.

Now we need to set a QueryEntityType these can be found in the API explorer under the Queryable Entity Types. They have to be used between quotation marks.

Now we’re already set to create some results by putting the query into an object.

As you can see below this will create an object where the results property contains all the data. This Results property has 2 other properties of it’s own that actually contain all the data.

And if we expand the base property it gives us one of the build-in Active Directory groups.

Since this can go several layers deep it is smarter to use the round brackets to get this information. (Select -expandproperty following select – expandproperty is just ugly and takes too long)

This way it’s also easy to count the amount of returned objects. This is very useful if you have a bigger environment and want to take counts of sessions with their status (i.e. Connected, disconnected, error etc)

Next up is adding a filter, so we only get user accounts but we need to do some maintenance first. If you do too many queries it is possible that you will get some errors about too many filters or something (of course I am not getting them while writing this post) so, it might be needed to remove the old stored queries is possible with the queryservice_deleteall method.

This does not give any feedback on the results so let’s continue with the old query and put a filter on it. First you need to know what kind of filter you need and the options are listed in the API explorer.

The first one I will use is queryfilterequals since I use that the most. I start by defining a filter object consisting of a property with a value.


Then I will add it to the querydefinition

Now I will show you the results + the fact that you don’t necessarily need to define an object for the results. I have selected the first result to show you that it contains the domain administrator account

It is also possible to combine several filters into one query, while the ad service might not be the most useful for this it can still be used as an example. The thing to do is to first create a couple of filters.

Please be aware that these membernames are case sensitive!

These need to be combined into one array

To filter on multiple things we need to have a filterand object

And then we can add the $filterarray to this object

and finally we put this object into the querydefinition object

Now let’s run the query

That’s it for the basics of doing queries using the Horizon View API’s. There are some more things that we can do with these like sorting them, but I think you can find that on your own in the API explorer examples.

[Update 15-10] VMware PowerCLI 11.0.0 release with new Horizon (7.6!) API calls

UPDATE 12-10: The new API explorer page also has been published, it just needs to be added to the main page. Check this link: https://code.vmware.com/apis/445

Update 15-10: I have received an overview from VMware about the other changes:

New API Endpoints:
ConnectionServer_GetTags
GlobalSettings_GetEnvironmentSettings
QueryService_DeleteByIds
Datastore_GetDatastoreRequirements
Datastore_ListDatastoresByDesktopOrFarm
RemoteApplication_EndApplication

There also have been some changes to some objects (MachineBase,AccessGroup etc) to include more properties

Original Article:

Today the latest version of PowerCLI was released with version 11.0.0. When you look at the release notes it’s obvious that some extra things have been added for the Horizon VIew API’s.

PowerCLI has been moving at quite the rapid pace over the last 2 years. In 2018, we’ve been releasing roughly every other month to make sure we get the latest features, performance improvements, and updates available as quickly as possible. Well, it’s been two months and we’re not going to break this trend. Today, we are releasing PowerCLI 11.0.0!

PowerCLI 11.0.0 comes with the following updates:

  • Added a new Security module
  • Added new cmdlets for Host Profiles
  • Added a new cmdlet to interact with NSX-T in VMware Cloud on AWS
  • Support for vSphere 6.7 Update 1
  • Support for NSX-T 2.3
  • Support for Horizon View 7.6
  • Support for vCloud Director 9.5
  • Multiplatform support for the Cloud module
  • Updated the Get-ErrorReport cmdlet
  • Removed the PCloud module
  • Removed the HA module

Even though Jake Robinson already gave me a heads up that this version was coming it’s always the question what has been added for Horizon View. According to the API explorer page no new querydefinitions have been added. Like last time I decided to compare the services against the old list and there are two new additions:

  • CategoryFolder
  • ResourceSettings

I have tried both against a Horizon 7.5 setup and they failed so these are only exposed from Horizon View 7.6 and up.

The first one called Categoryfolder is linked to the possibility to put rdsh applications into folders.

It currently has only one function:

I have also investigated if there was a way to change things using the helper function but sadly it has no .update api call so that’s a no-go. I currently have no rdsh on my lab so I can do the list but it doesn’t show anything.

The other new service is the .ResourceSettings just like categoryfolder it also only has one function:

For this one I can actually show what it’s used for:

It shows the general settings for forced logoffs.

Sadly this service also doesn’t show a way to change things.

Sadly I have no found no way yet to see what queryservice entity’s have been added so hopefully we will have a new API explorer soon (maybe with release notes this time, pretty please VMware?) that shows us all the new goods.

VMworld US 2018 report day 0 – T-Rex with a beer

So before things really start on Monday there’s always day 0 for VMworld. The VM village opens up and, in the evening,, there is the welcome reception at the Solution Exchange. For me things started after a rough night without a lot of sleep by registering and getting the badge. Things really looked like they were messed up and there where awful queues with people waiting for their badges. Luckily something went wrong with mine and I was helped by the staff at the assisted check-in pretty fast.

https://twitter.com/AngeloLuciani/status/1033751920005931013

After spending some time in the VM village with some awesome people it was time to head out for my first real thing: an expert led workshop on pulse & IOT. This was really interesting, and I even managed to put in some feedback that was appreciated.

In the afternoon I visited the EUC Inside track event at Top Golf (please stop me from walking that way again) before heading out to the Solution Exchange for a small vExpert gift scavenger hunt. I closed out the evening at the VCDX Wolfpack part at the Cosmopolitan.

Day 0 ended with just over 26000 steps registered.

What’s (in) my backpack for @VMworld US 2018

I did a similar post for Nutanix .Next in Nice last year and there won’t be a lot of differences with that one. There will be some differences though since I need some world plugs for my european equipment plus I changed employers so I have a new laptop with new stickers (please help me to stay away from paper stickers, those are hell to remove). With less then two weeks to go for the event I don’t think a lot will change after this post. There’s a good chance that I will take a pass on the official VMworld backpack since I have enough of them now + there’s now the option to choose a charity over it.

First my bag, while I normally sport the 2016 Cohesity vExpert Timbuk2 backpack or a more recently received Nutanix Wenger backpack for daily use I decided to go with the XD Design Bobby backpack that I received the day that I started with my current employer AnylinQ. These have a great surface for customizing them with stickers as you can see below.

For the tech in it some things have changed, the laptop has been replaced by a newer generation so now I have the HP Probook 440 G5 + a Microsoft designer mouse has been added to replace the Xiaomi mouse. For the rest it’s still the Sony MDR-ZX770BN headset, an older Xiaomi 10k battery pack, Roundcube Rewirable  USB Travel adapter and the good old (hey, it’s over a year old now!) Samsung A5 2017 phone. All loose stuff will again by packed into the same Bubm DIS-L case.

 

 

New View API query services in PowerCLI 10.1.1: pulling event information without the sql password.

A while back I already posted about new services that where available for the View API’s in PowerCLI 10.1.1. Recently the api explorer for this version was published and can be found here. Two things that I didn’t find back then was the addition of two services for the query service. The first is GlobalApplicationEntitlementInfo this one can be compared to the previously already available GlobalEntitlementSummaryView and will return information about global entitlements.

The second added services is extremely useful: you can now query the event database. This means you don’t need the actual sql password anymore to query the events. According to the api explorer at least Horizon 7.3 is required and only events from the Event and Event_Data database tables. A simple query will show all events.

As you can see the data is divided in data and namesdata properties, these contain the same data as what is returned with get-hvevent. I added some selections to show only one event.

and

Offcourse it;s better to use filtering from the query directly. The full lust for that is available from the api explorer but I will give a couple of examples. (be aware that membername and the value are case sensitive)

Or by severity

As said it can be filtered on other properties as well but that might require some more logic to get the userid or desktopid for example. This is a very useful addition in my opinion to the Horizon View api’s.

My Experience with the NSX 6.2 ICM On-Demand traning and the VCP-NV exam

For the people who are only interested in the result: today I passed the VCP-NV exam with 367 points. This after I followed the NSX Install, Configure, Manage (hence the ICM) On-Demand course in May. This training was provided through the Partner training funds that my employer TenICT/AnylinQ have been assigned by VMware.

About the NSX ICM On-Demand training.

For the people not familiar with the on-demand training possibilities from VMware: with these courses one has a month the time to follow a set of computer narrated lectures covering all the same subjects as the official classroom training provides. Besides this you have access to a digital book belonging to the training. You also have access to a lab environment during this month where you have to complete all the lab tasks during the training.

Personally, I prefer classroom training since this allows the trainer to deviate from the official training when possible or required. Think about explaining things in a bit different matter or diving deeper into some of the material. Also, the computer-generated voice gets boring pretty fast and the sound quality also went sub par during some of the chapters. Combine this with a price that is only a fraction lower than the official price and I wouldn’t really recommend it unless you have someone sponsoring it for you.

What the training did was provide a good base for the exam. After this it’s a question of reading blog posts, playing with it in the lab (or Hands on Labs) and maybe you might need to read a book.

About the exam

So I did the exam as almost usual at @TheAcademy in Eindhoven, The Netherlands. They have a new room setup since over a year that I hadn’t been into yet (doing SME jobs has its perks) equipped with what I believe to be 21″ full HD screens. While these don’t provide for a better experience for vcp exams they do for vcap’s so that’s good to know. There are 77 multiple choice questions and I had two hours to spend on these. This time I didn’t need, and I left the building after 45 minutes. I can read English just as fast or sometimes faster than my native Dutch. The questions where a bit easier than I expected so maybe that score of 367 should have been a bit higher.

What you need to know

  • What permission level is needed to know what (Enterprise admin, NSX Admin, Auditor, Security Admin)
  • Order of installing things or setting them up
  • Be able to read drawings to follow the packets
  • Be able to create those drawings in your head and follow the packets
  • Some basic command line stuff for example for the controller cluster (only that what can be found in the courseware!)
  • Know your Distributed switches and what they can do
  • VPN Types
  • Best practices
  • What vm/function related to NSX does what
  • Networking basics
  • Numbers & maximums i.e. how many of what can do what, what’s needed to do that, what numbers needs this to be, What’s the default number for this.

Study Materials Used

  • NSX ICM On-Demand training
  • the links in vmiss’s blog post here
  • The Official Cert guide. Be aware that the exam is for 6.2 and not the 6.1 of the book but most still applies.

Do I know NSX inside out now?

No, and do you want to know why? This exam only hits the top of the iceberg in NSX possibilities, for example it hardly touches any real configuration nor does it have a lot of load balancing or nerd knob settings. For those things you really need to have a lot more experience and do the vcap exam. I am not sure if I will be following that path but this training and exam at least gives me enough knowledge to break things in NSX.

And a Queen video for those still reading

The VMware Labs flings monthly for June 2018

It’s less than two months before VMworld US is on us, are you looking forward to it? I know I am! In June there have been six updates to VMware flings:

ESXi Compatibility Checker

This was a new fling last month and now the ESXi Compatibility checker has been expanded with several functions like offline and multiple vCenter support. With this tool it is possible to check if your ESXi hosts will work with the latest and greatest that VMware has to offer.

Changelog

Build 8951845

Offline case support

  • The current script requires to be executed with access to both public internet and target hosts. The new version can separately validate compatibility from collecting hardware information. Hence, user can collect hardware information on a system without public internet access and save the information in a json file. And he can validate compatibility of collected hardware from a saved json file on a system with public internet access.

Example

  • The ‘-g’ option will collect hardware information and generate a json file. (no need to have internet access)

  • The ‘-f’ option will validate compatibility from a json file (no need to access target hosts)

Multiple virtual centers support

  • The host parameter with the ‘-s’ option now accepts comma separated multiple hostnames. This feature will be useful to create a single compatibility report for multiple VCs

example

More information in the compatibility report

  • “Installed Release”, “Checked Release”, and hardware information have been added in the report.

The “-p” option to set a proxy server

  • The https proxy server can be specified with the “-p” option

Cross vCenter Workload Migration Utility

The Cross vCenter Workload Migration Utility provides a GUI to migrate vm’s between vCenters.

Changelog

Version 2.1, June 21, 2018

  • Increased simultaneous migration limit to 100 from 10
  • Added check to ignore unknown fields for inventory info
  • Fixed source/target site names in task status view
  • Updated status API to include version number

 

DRS Lens

As VMware vSphere DRS has become more widely adopted now, more and more users are interested in knowing how it works. They need more insights into DRS activity and actions. They want to know the value that DRS provides to their clusters. DRS Lens is an attempt to provide a UI-based solution to help understand DRS better. (yes this is a lame copy/paste, it’s too hot to come up with original stuf)

Changelog

Version 1.3

  • Upgraded apache tomcat to version 8.5.31 for security compliance.

vSphere HTML5 Web Client

What would this monthly overview be without the vSphere HTML5 Web client?

Changelog

Fling 3.39 – Build 8835608

New Features

  • All the features of Auto Deploy (when compared with the vSphere Web Client)
    • Software Depots
    • Deploy Rules
    • Deployed Hosts
    • Discovered Hosts
    • Configure (Auto-Deploy configuration)
  • Script Bundles support for Auto-Deploy (Available only in the vSphere Client)
    • Script Bundles view where all bundles are listed
    • Ability to Upload a script bundle
    • Ability to Add/Edit deploy rules with script bundles
  • New virtual switches view on a host which includes topology diagrams for standard and host proxy switches

Improvements

  • vApp properties create, edit, delete and set value functionality
  • VM vApp option properties create, edit, delete and set value functionality
  • vCenter Extensions
  • VM SDRS create, edit and delete

VMware OS Optimization Tool

Being an EUC guy this is simply my favorite fling, nothing new this time, it’s just a bug fix release.

Changelog

June 14, 2018

  • Issue fix: Crash in non-English locale (e.g. French)

Horizon Migration Tool

The Horizon Migration Tool helps you to migrate from Xendesktop/App to Horizon View. This is mainly a maintenance version for a tool they missed in the last release.

Changelog

Version 3.0.1

  • Fixed issue: add missed XenAppDumper.exe for XenApp 5.0