Generating a clean Host Profile using PowerCLI

First of all: I love Host Profiles! But they’re easy to mess up as well, leave something selected related to hardware and an update in ESXi, vib’s or even a firmware update might break it. For a customer where we are going to do the entire vSphere build from scratch I got the idea to generate an empty Host Profile and extend that one using scripting. At first I though this would be an easy thing but it definitely isn’t, a reply from PowerCLI guru Luc Dekens at the VMware{Code} forums set me on the right path to do so. Luc’s remark that editing Host Profiles might take some reverse engineering for the lack of documentation is a huge understatement. It has cost me many many hours to build the script below.

I strongly recommend having the reference host as clean as possible.

These are the steps the script takes

  1. connect to vCenter
  2. extract a new Host Profile
  3. Gets the new Host Profile
  4. Copies all members of the new Host Profile to an object that can be edited
  5. Sets everything that I could find in my environment to false
  6. Updates the Host Profile with the edited object

Required parameters

  • vCenter
    • Your vCenter host
  • Referencehost
    • the name of the host in vCenter
  • Hostprofilename
    • Name for the Host Profile

There are also a couple of optional parameters:

  • dnshost
    • It’s mandatory to have a DNS set in the defaulttcpipstack. With this parameter you can change this.
  • domainname
    • Like DNS it’s mandatory to have a domainname set in the defaulttcpipstack. With this parameter you can change this
  • Cleanup
    • This one defaults to false but can be set to true. It will remove all NFS Datastores, vmkernel ports, portgroups, device aliases and direct i/o profiles.
    • Use this one with care, if you apply it to a host it will most probably remove all networking details for that host making it unusable.

This is how a manual extracted Host Profile looks

This is how a Host Profile looks after using my script without the cleanup option, everything is deselected but the device aliases for example are kept.

.\create_clean_hostprofile.ps1 -vcenter vCenter -Hostprofilename demo_no_cleanup -referencehost hostname

And this is how it looks with the cleanup used.

.\create_clean_hostprofile.ps1 -vcenter vCenter -Hostprofilename demo_no_cleanup -referencehost hostname -cleanup $true

The script itself can be found on Github as well:

#-------------------------------------------------
# Generates a clean Host Profile
#
# Build using PowerCLI 11
#
# Version 1.0
# 17-08-2019
# Created by: Wouter Kursten
# Website: https://www.retouw.nl
#
#-------------------------------------------------

param(
[Parameter(Mandatory=$true)][String]$Hostprofilename,
[Parameter(Mandatory=$true)][String]$vcenter,
[Parameter(Mandatory=$true)][String]$referencehost,
[Parameter()][String]$dnshost,
[Parameter()][String]$domainname,
[Parameter()][bool]$Cleanup = $false
)

# I grabbed this function somewhere from an example by Luc Dekens
function Copy-Property ($From, $To, $PropertyName ="*"){
    foreach ($p in Get-Member -In $From -MemberType Property -Name $propertyName){
        trap {
            Add-Member -In $To -MemberType NoteProperty -Name $p.Name -Value $From.$($p.Name) -Force
            continue
        }
    $To.$($P.Name) = $From.$($P.Name)
    }
}

#connect to the vCenter
connect-viserver $vcenter

# This deletes any existing Host Profile with the same name as we're using in this script
get-vmhostprofile -name $Hostprofilename  -ErrorAction SilentlyContinue | Remove-VMHostProfile -Confirm:$false

# This creates a new Host Profile from the referencehost
new-vmhostprofile -name $Hostprofilename -referencehost $referencehost

# Retrieves the newly created Host Profile
$hp = Get-VMHostProfile -Name $Hostprofilename

# Creates the spec where the cleanup is done
$spec = New-Object VMware.Vim.HostProfileCompleteConfigSpec

# Copies all properties of the new Host Profile to the spec
Copy-Property -From $hp.ExtensionData.Config -To $spec

# This removes everything that could be specific to the referencehost
if ($cleanup -eq $true){
    $spec.ApplyProfile.Network.Vswitch=$null
    $spec.ApplyProfile.Network.VMportgroup=$null
    $spec.ApplyProfile.Network.HostPortGroup=$null
    $spec.ApplyProfile.Network.pnic=$null
    $spec.ApplyProfile.Storage.NasStorage=$null
    ($spec.ApplyProfile.Property | where-object {$_.PropertyName -like "*DeviceAlias*"}).profile=$null
    ($spec.ApplyProfile.Property | where-object {$_.PropertyName -like "*PCI*"}).profile.property.profile=$null
}

# From here it's just disabling of items except for:
# -items under storage> PSA Configuration (profiles are removed)
# -Properties of the fixed DNS config (set to the default values from this scripts parameters)
$spec.ApplyProfile.Datetime.Enabled=$False
$spec.ApplyProfile.Authentication.Enabled=$False
$spec.ApplyProfile.Authentication.ActiveDirectory.Enabled=$False

foreach ($o in $spec.applyprofile.Option){
    if ($o.Enabled){
        $o.Enabled=$False
    }
}

foreach ($p in $spec.ApplyProfile.Property.Profile){
    if ($p.Enabled){
        $p.Enabled=$False
    }
    foreach ($pa in $p.Property.Profile){
            if ($pa.Enabled){
                $pa.Enabled=$False
                }
        foreach ($paa in $pa.Property.Profile){
                if ($paa.Enabled){
                    $paa.Enabled=$False
                }
        }
    }
}

foreach ($s in $spec.ApplyProfile.Storage.Nasstorage){
    if ($s.Enabled){
        $s.Enabled=$False
    }
    foreach ($sa in $s){
        if ($sa.Enabled){
            $sa.Enabled=$False
        }
    }
}

foreach ($s in $spec.ApplyProfile.Storage.Property.Profile){
    if ($s.Enabled){
        $s.Enabled=$False
    }

    if ($s.ProfileTypeName -eq "psa_psaProfile_PluggableStorageArchitectureProfile" -AND $cleanup -eq $true){
        foreach ($sa in $s.property){
            if ($sa.propertyname -like "*psa_psaProfile_PsaDevice*"){
                [email protected]()
            }
        }
    }
    foreach ($sa in $s.Property.Profile){
        if ($sa.Enabled){
            $sa.Enabled=$False
            }
        foreach ($saa in $sa.Property.Profile){
            if ($saa.Enabled){
                $saa.Enabled=$False
            }
        }
    }
}

foreach ($f in $spec.ApplyProfile.Firewall.ruleset){
    if ($f.Enabled){
        $f.Enabled=$False
    }
}

foreach ($n in $spec.ApplyProfile.Network.vswitch){
    if ($n.Enabled){
        $n.Enabled=$False
    }
    foreach ($na in $n){
        if ($na.Enabled){
            $na.Enabled=$False
        }
        foreach ($naa in $na.link){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.NumPorts){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.NetworkPolicy){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
    }
}

foreach ($n in $spec.ApplyProfile.Network.pnic){
    if ($n.Enabled){
        $n.Enabled=$False
    }
    foreach ($na in $n){
        if ($na.Enabled){
            $na.Enabled=$False
        }
    }
}

foreach ($n in $spec.ApplyProfile.Network.VmPortGroup){
    if ($n.Enabled){
        $n.Enabled=$False
    }
    foreach ($na in $n){
        if ($na.Enabled){
            $na.Enabled=$False
        }
        foreach ($naa in $na.Vlan){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.Vswitch){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.NetworkPolicy){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
    }
}

foreach ($n in $spec.ApplyProfile.Network.HostPortGroup){
    if ($n.Enabled){
        $n.Enabled=$False
    }
    foreach ($na in $n){
        if ($na.Enabled){
            $na.Enabled=$False
        }
        foreach ($naa in $na.IpConfig){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.Vlan){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.Vswitch){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
        foreach ($naa in $na.NetworkPolicy){
            if ($naa.enabled -eq $True){
                $naa.Enabled=$False
            }
        }
    }
}

foreach ($n in $spec.ApplyProfile.Network.Property.Profile){
    if ($n.Enabled){
        $n.Enabled=$False
    }
    foreach ($na in $n.Property.Profile){
        if ($na.Enabled){
            $na.Enabled=$False
            }
        foreach ($np in $na.policy.policyoption){
            if ($np.id -eq "FixedDnsConfig"){
                foreach ($npp in $np.parameter){
                    if ($dnshost){
                        if ($npp.key -eq "address") {
                            [string[]][email protected]($dnshost)
                            $npp.value=$dnsarray
                        }
                    }
                    if ($domainname){
                        if ($npp.key -eq "domainName"){
                            $npp.value=$domainname
                        }
                    }
                }
            }
        }
        foreach ($naa in $na.Property.Profile){
            if ($naa.Enabled){
                $naa.Enabled=$False
            }
            foreach ($naaa in $naa.Property.Profile){
                if ($naaa.Enabled){
                    $naaa.Enabled=$False
                }
            }
        }
    }
}


(Get-VMHostProfile $Hostprofilename).ExtensionData.Updatehostprofile($spec)
disconnect-viserver $vcenter -confirm:$False

And yes that’s a lot of foreach’s.

 

 

I have been named EUC Champion for 2019!

A couple of weeks ago I was informed that I would be awarded the EUC Champion for the second time.  The EUC Champions program grew from 35 to 42 and you can find all of us over here: https://www.vmware.com/euc-champions/current-champions.html As you can see in that list my very good friend and vmug stage buddy Hans Kraaijeveld was also awarded the EUC Champion title as well into this EUC elite group of people.

So what are the EUC Champions?

What is the EUC Champions program?
EUC Champions is an experts-only program that provides a forum for the EUC community and VMware EUC product teams to share industry trends, new product information and ideas through in-person meetings, networking events, industry conferences and webinars.

This is the official statement but there is more. We also have access to dedicated EUC Champions Slack channels at the VMware slack with direct contact to some of the EUC product teams. Also the knowledge sharing between each other has been awesome in my opinion. Plus we get to test some flings that Andrew Morgan created that might or might not be released at https://labs.vmware.com/flings

Do you also think you have it to become an EUC Champion? You can find more info at https://www.vmware.com/euc-champions.html

What did I do to become an EUC Champion? Well it’s my blogging over here but certainly also presenting at vmug’s about EUC related things.

 

[API]How to successfully logoff users in Horizon

One of the things that annoy me about the Horizon admin interface is the fact that if you give a session the logoff command that this only works if the user is active aka when the desktop is not locked. With the api’s though (and Andrew implemented this in the helpdesk fling) it is possible to force a logoff. Let’s look at the available method’s first.

So we have a logoff and logoffForced. But there are also the logoffsessions and LofoffSessionsForced, I guess those let you logoff multiple sessions. this is what the extensiondata says about them.

So for the singular method’s we need a single id and for the sessions we need an array of ids. At first I will use get-hvglobalsession (yes, this works against sessions in other pod’s in a cloud pod architecture as well!) to get the id’s to show how it works. I have 5 sessions running from my desktop

$services1.Session.Session_Logoff((get-hvglobalsession | select -first 1).id)

Damn locked, let’s force this bastard from his desktop.

$services1.Session.Session_LogoffForced((get-hvglobalsession | select -first 1).id)

Aaaand it’s gone

And to show that it works I had to make sure the first session wasn’t locked.

And now the big bang fuck all of you!

$services1.Session.Session_LogoffSessionsForced((Get-HVGlobalSession).id)

As you can see one of my users was a but slow in logging off (nested esxi with only a couple vcpu’s for that one) I have also created a script that asks for the user whom you want to logoff and which session you want to logoff in case they have multiple. It’s not the cleanest code that I have written but it works 🙂

$hvserver1=connect-hvserver servername -user user -domain domain -password passwords
$Services1= $hvServer1.ExtensionData

$username= Read-Host "Which user do you want to logoff? (no wildcards needed, part of the name is enough)"

$queryService = New-Object VMware.Hv.QueryServiceService
$userdefn = New-Object VMware.Hv.QueryDefinition
$userdefn.queryEntityType = 'ADUserOrGroupSummaryView'
$userfilter1= New-Object VMware.Hv.QueryFilterContains
$userfilter1.membername='base.name'
$userfilter1.value=$username
$userfilter2= New-Object VMware.Hv.QueryFilterEquals
$userfilter2.membername='base.group'
$userfilter2.value=$False
$userfilter=new-object vmware.hv.QueryFilterAnd
[email protected]($userfilter1, $userfilter2)
$userdefn.filter=$userfilter
$users=($queryService.QueryService_Create($Services1, $userdefn)).results

$menu = @{}
for ($i=1;$i -le $users.count; $i++){ 
    Write-Host "$i. $($users[$i-1].base.name)" 
    $menu.Add($i,($users[$i-1].id))
}
[int]$ans = read-host "Please select the correct user"
$user=$menu.Item($ans)

$GlobalSessionQueryService = new-object VMware.Hv.GlobalSessionQueryServiceService
$sessionfilterspec=new-object vmware.hv.GlobalSessionQueryServiceQuerySpec
$sessionfilterspec.user=$user
$sessions=($GlobalSessionQueryService.GlobalSessionQueryService_QueryWithSpec($services1, $sessionfilterspec)).results

$menu = @{}
for ($i=1;$i -le $sessions.count; $i++){ 
    Write-Host "$i. $($sessions[$i-1].namesdata.basenames.MachineOrRDSServerName)" 
    $menu.Add($i,($sessions[$i-1].id))
}
[int]$ans = read-host "Please select the correct VDI Desktop"
$session=$menu.Item($ans)

$Services1.Session.Session_Logoffforced($session)
$queryService.QueryService_DeleteAll($services1)

This script forces the logoff for the sessions since I haven’t been able yet to find where the desktop status (locked or not) is visible.

Updates to the VMware Horizon Helpdesk fling

Today a new version has been released of the VMware Horizon Helpdesk fling by Andrew Morgan. One big change is that the Helpdesk license isn’t required anymore so at least a part of the functionality is available to owners of advanced or standard Horizon licenses.

the entire changelog:

Version 1.4.0.1

  • No longer requires a helpdesk license! Yay!
  • Added the ability to interact with vCenter machines
  • Added the ability to open vCenter VM consoles
  • Added the ability to perform bulk machine actions
  • Added the ability to perform refresh / recompose tasks directly from helpdesk.
  • Fixed performance issues with multiple windows open (see single instance).
  • Fixed a crash when logon durations could not be accessed.
  • Added polling to allow logon durations to be received if notavailable when the session page is requested.
  • Fixed a crash in the ending of processes.
  • Fixed a metric ton of bugs with delegated administration.
  • Fixed a memory leak in the tray icon menu, of all places.
  • Removed the logon page graphic as it was to much of a pain to change it’s colour when changing themes
  • Fixed some layout issues when changing themes.
  • Removed empty sites from the viewon the change pod tray menu.
  • Added preliminary support for Horizon 7.9.

 

Let’s look into some of the new options (will do the options without the helpdesk license last)

Added the ability to interact with vCenter machines 

From the pool view you’ll see an extra button for vCenter actions

And that will give these options

These all speak for themselves in functionality.

Added the ability to open vCenter VM consoles 

Open VM console will give an popup that asks for vCenter credentials.

Hit logon and a vrmc client should start if it’s installed

Added the ability to perform bulk machine actions 

The vCenter actions above can be done against multiple vm’s but also the various actions from View itself

Added the ability to perform refresh / recompose tasks directly from helpdesk. 

No longer requires a helpdesk license! Yay! 

when you use the std license the biggest difference is that you can’t view any specifics inside sessions since that’s all limited to the helpdesk license.

The VMware Labs flings monthly for June 2019

Wow there are already six months gone in 2019. Both my kids passed passed their schoolyears and this month there have been three new fling releases and four that have received updates. The new ones are: vSphere Mobile Client, Workspace ONE UEM SCIM Adapter and FlowGate. The ones that received updates are USB Network Native Driver for ESXi, HCIBench, IOBlazer and the Horizon DaaS Migration Tool.

New Releases

vSphere Mobile Client

I already posted a short blog about this fling over here.

vSphere Mobile Client enables administrators to monitor and manage vSphere infrastructure directly from any mobile device. Whether you want to check on the current or historical resource consumption; you want to get notifications on long running tasks; or you want to check the currently running tasks – the vSphere Mobile Client is there to help.

Features

  • VM overview: Review the status of your VMs including state (powered on/off), resource usage and configuration information
  • VM management: Change the power state of a VM or restart it. Locating the virtual machine to operate on can be done through search.
  • Task monitoring: Subscribe to any running task and receive a notification on your mobile device upon task completion, even when your device is in-active or you have another application running on the foreground.
  • Performance charts: Monitor the resource usage of a VM in real time or a day, week, month or year back. Counters include CPU, Memory, Storage and Network.

NOTE: vSphere Mobile Client is currently available for Android and iOS devices and vCenter 6.0+ deployments. Check the “Requirements” tab for more details. Access to vSphere infrastructure may require a secure access method such as VPN on a mobile device.

This is a technical preview release and as such it only has a limited subset of the intended functionality. The team would be releasing updates with new features regularly, but our main task is to gather feedback so please do not hesitate to reach out to us.

Workspace ONE UEM SCIM Adapter

Workspace ONE UEM SCIM Adapter provides SCIM user/group management capabilities to Workspace ONE UEM. The middleware translates the System for Cross-Domain Identity Management, SCIM, to a CRUD REST framework that Workspace ONE UEM can interpret. This capability allows Workspace ONE UEM to synchronize cloud-based identity resources (users/groups/entitlements) without the need for an LDAP endpoint (service to service model). Examples include Azure AD, Okta, and Sailpoint.

Flowgate

The Flowgate fling is all about linking IT & Facility systems with each other.

In enterprise data centers, IT infrastructure and facility are generally managed separately, which leads to information gaps. Collaboration between facility and IT infrastructure systems are limited or manual, and virtualization adds more complexity.

The goal of Flowgate is to make facility awareness in IT management system and make IT operations management and automation better on high availability, cost saving and improved sustainability, with more information on power, cooling, environment (e.g. humidity, temperature) and security.

Built-in adapter for multiple DCIM and CMDB system integration:

  • Nlyte
  • PowerIQ
  • Infoblox
  • Labsdb
  • IBIS(TODO)
  • Pulse IoT Center (TODO)
  • Open for other facility system integration

Built-in adapter for multiple IT stack systems:

  • vCenter Server
  • vRealise Operation Manager
  • Open for other IT stack integration. More systems will coming soon.

 

  • UI based Integration process: One click integration.
  • Role based access control: API level access control support.
  • RESTFul API support: Provide unified facility information querying services. APIs for all operations and data query make it easy to integrate with other systems.

Updated flings

USB Network Native Driver for ESXi

Are you building an awesome homelab but received some funky USB Network adapters? The USB Network Native Driver for ESXi might just have the correct drivers for you.

Changelog

June 17, 2019 – v1.1

  • Added support for 9 additional USB NIC devices including USB 2.0 RTL8152 & TPLINK (see Requirements page for complete list)
  • Added support for Jumbo Frames (up to 4K) for RTL8153 & AX88179
    ESXi670-VMKUSB-NIC-FLING-24524132-offline_bundle-13958648.zip
    ESXi650-VMKUSB-NIC-FLING-24599816-offline_bundle-13964320.zip

HCIBench

HCIBench is one of two benchmarking utilities that received an update.

Changelog

Version 2.1

  • Switched UI to dark theme
  • Redesigned VMDK preparation methodology, which can complete much faster using RANDOM on deduped storage
  • Added VMDK preparation process update
  • Added Graphite port check into prevalidation
  • Added vCenter/Host password obfuscation
  • Added “Delete Guest VM” button
  • Fixed Grafana display issue
  • Fixed FIO blank results issue
  • Bug fixes
    MD5 checksum of HCIBench_2.1.ova: d37e6f164ed962a6e7ccbe104ba9eaec

IOBLazer

It looks like the IOBlazer fling was first released in 2014(!!!!) as a tool to benchmark all kinds of storage systems. Since I haven’t posted about it here yet let me give you the overview:

IOBlazer is a multi-platform storage stack micro-benchmark. IOBlazer runs on Linux, Windows and OSX and it is capable of generating a highly customizable workload. Parameters like IO size and pattern, burstiness (number of outstanding IOs), burst interarrival time, read vs. write mix, buffered vs. direct IO, etc., can be configured independently. IOBlazer is also capable of playing back VSCSI traces captured using vscsiStats. The performance metrics reported are throughput (in terms of both IOPS and bytes/s) and IO latency.

IOBlazer evolved from a minimalist MS SQL Server emulator which focused solely on the IO component of said workload. The original tool had limited capabilities as it was able to generate a very specific workload based on the MS SQL Server IO model (Asynchronous, Un-buffered, Gather/Scatter). IOBlazer has now a far more generic IO model, but two limitations still remain:

  1. The alignment of memory accesses on 4 KB boundaries (i.e., a memory page)
  2. The alignment of disk accesses on 512 B boundaries (i.e., a disk sector).

Both limitations are required by the gather/scatter and un-buffered IO models.

A very useful new feature is the capability to playback VSCSI traces captured on VMware ESX through the vscsiStats utility. This allows IOBlazer to generate a synthetic workload absolutely identical to the disk activity of a Virtual Machine, ensuring 100% experiment repeatability.

Changelog

Updates in IOBlazer 1.01:

  • Added configurable IO alignment
  • Increased the robustness of the trace file parser in the face of spurious lines
  • Increased the robustness of the build process by automatically detecting target OS and arch within the Makefile
  • In the Windows version, changed the raw access mode from volume to physical drive to avoid unnecessary mount/unmount operations at every test run.

Horizon DaaS Migration Tool

The Horizon DaaS Migration Tool is for the Horizon DaaS providers to migrate their customers to the latest version of Horizon DaaS.

Changelog

Version 2.1.0

  • Fix for the bug on “Requested Capacity” at the pool/assignment summary page showing inappropriate values.
  • Intelligently handling import of new VMs skipping previously imported VMs.

Small recap of the Belgian VMUG meet on 14-06-2019

Last Friday it was time for my annual trip tot he Belgian vmug meeting. I consider this my home vmug away from home and have been visiting for years. This was the first time I could give back in Belgium since Hans & mine session was accepted in the call for papers.

Our session

Right after the keynote (from which we sadly had to miss a couple of minutes to get setup) we did our presentation in front of about 22-23 people in the attick of the building. Just like at the Dutch vmug we did it about flings & tools for Vmware Horizon. Luckily we could do some of our demo’s locally because the wifi & 4G weren’t delivering a good speed to connect to our labs.One thing is for sure we did the session in the brightest manner ever.

If you are interested in the slidedeck we partially used you can find it here.

Other sessions

Firts of all the keynote by Joe Baguley was great as always. His vision on how things works or should be done has been evolving over the years but always seems to around the same lines. The 2nd keynote bij Johan van Amersfoor about VDI by day,compute by night wasn’t the first time I have seen this session but it’s so good that I don’t mind watching it several times.

The session about Kubernetes by Eric de Witte contained some usefull information since I haven’t done a whole lot with kubernetes yet. The last two sessions for me where Luc Dekens talking PowerCLI (what else?) and Valentin Bondzio about the computational cost of security. Luc’s session was about his style of coding and steps he takes to write codes plus a bit about working with instant clones.

Conclusion

During the day Hans and I had great fun with the people from EG Innovations and 10Zig in the exhibition area. As usual at the BE vmug the day ended with a great BBQ, those belgians do know their food! While not as big as the Dutch vmug UserCon the Belgian vmug meets are always high quality so I will beep going if my schedule allows me too and yes if needed I will take a PTO day for it.

5 things I will be looking forward to at VMworld

This year will mark my 4th (yes only 4) trip to VMworld. With San Francisco replacing Vegas I will return to Barcelona for what should be my ‘home’ VMworld since I live in the Netherlands. This post might look a bit like last year’s 5 vCommunity tips but hey, I love the community!

  1. vFootball

    Last year I took part in the first vSoccer at VMworld US and it looks like we might be organizing a vFootball in Barcelona as well, football being the correct name for the sport obviously. On Tuesday night after the vExpert party we went to an indoor sports center where we had 2 fields that we could use for approximately two hours. We had loads of fun in there despite one injured player (he headbutted a wall and had a nasty cut in his eyebrow) my fitness level was definitely not on par but I have started preparations for this year back in January.

  2. Presenting at the vBrownbag stage.

    Just like previous years I submitted a session for vBrownbag stage it will be about a couple of VMware flings for Horizon View. I thought I also submitted for a [Code] sessions but it seems like that was official sessions so I have no idea yet about the status of that. If you think you can fill a 10-12 minute (a bit less is acceptable as well) with something even a bit related I advise you to sign up over here).

  3. Hackathon

    I have no idea yet if I will be forming my own team. If I don’t I will definitely be joining another one in having a night of great fun. It doesn’t matter if you have coding experience, just join a team when signups are opened and I can guarantee that you will learn something new.

  4. Meeting up with old and making new friends.

    One of the best things about the vCommunity is having contact with each other over the interwebz. It even gets better when you can meet in real life for the first or the gazillionth time. I don’t care if it’s in a session, while waking up with a coffee or at a party with beer in hand I always have fun talking to people. The subject doesn’t really matter, it’s all about connecting with people.

  5. learning new things

    While I take it easy with my session schedule I always look to learn new things. This could be either in the Hands-on Labs, Instructor led labs, Solutions Exchange, vBrownbag, {Code}, regular session or someone from point 4. Knowledge gaining for me doesn’t need to be tech per se. Learning how people engage customers or projects is very interesting to me.

New fling: mobile vSphere management

Every once in a while there’s a fling that looks too good to only be mentioned in my monthly updates. The vSphere mobile Client is one of those in my opinion. For years and years I have seen questions about apps to manage vSphere from your mobile device and there indeed have been a couple in the past. With the amount of available API’s some VMware engineers now have decided on creating a fling for it. Currently it’s only available for Android devices but it is an awesome step in the right direction.

vSphere Mobile Client enables administrators to monitor and manage vSphere infrastructure directly from any mobile device. Whether you want to check on the current or historical resource consumption; you want to get notifications on long running tasks; or you want to check the currently running tasks – the vSphere Mobile Client is there to help.

Features

  • VM overview: Review the status of your VMs including state (powered on/off), resource usage and configuration information
  • VM management: Change the power state of a VM or restart it. Locating the virtual machine to operate on can be done through search.
  • Task monitoring: Subscribe to any running task and receive a notification on your mobile device upon task completion, even when your device is in-active or you have another application running on the foreground.
  • Performance charts: Monitor the resource usage of a VM in real time or a day, week, month or year back. Counters include CPU, Memory, Storage and Network.

NOTE: vSphere Mobile Client is currently available for Android devices and vCenter 6.0+ deployments. Check the “Requirements” tab for more details. Access to vSphere infrastructure may require a secure access method such as VPN on a mobile device.

This is a technical preview release and as such it only has a limited subset of the intended functionality. The team would be releasing updates with new features regularly, but our main task is to gather feedback so please do not hesitate to reach out to us.

There are some screenshots on the fling site and the one below from my phone but once I am able to connect to my lab I will add some more.

The VMware Labs flings monthly for May 2019

Originally I created this post with only 2 updated and one new fling. Some engineers though added two more new flings so 3 new ones and 2 have received an update. The new ones are the Distributed Trust Incident Reporting fling, vRealize Build Tools and Cloud Automation Services SDK for Python. while the Horizon Toolbox and Horizon Migration Tool have received updates.

New Releases

vRealize Build Tools

vRealize Build Tools provides tools to development and release teams implementing solutions based on vRealize Automation (vRA) and vRealize Orchestrator (vRO). The solution targets Virtual Infrastructure Administrators and Solution Developers working in parallel on multiple vRealize-based projects who want to use standard DevOps practices.

This Fling is focused on code quality, code reusability, unit testing, dependency management and parallel releases of vRealize projects. In practice, it is a set of Maven extensions, packaged in a Maven repository format, that support the use of IDE (via Maven) and CLI to develop, test and deliver vRA and vRO-based solutions. It includes a vRO plug-in that exposes autocomplete information for standard and third-party scripting objects and actions and CLI that can deploy packages to vRO and vRA via the standard APIs.

Cloud Automation Services SDK for Python

The Cloud Automation Services SDK for Python is a set of Python classes to simplify automation against several aspects of the Cloud Assembly, Service Broker, and Code Stream API when using Python.

Note: The github repo will be public soon!

 

Distributed Trust Incident Reporting

The Distributed Trust Incident Reporting fling is an  open source security incident tracker.

Security incidents are important to track so that all parties know the status of a breach and can respond in concert and with appropriate speed. Current methods to track incidents are generally paper-based manual processes. More recent systems are based on a centralized database with some web interface to interact with the record and response tracking.

We propose that this does not work well enough in the scenarios where:

  • security incidents may affect more than a single entity
  • where more than one entity must respond to an incident
  • some or all entities have no trust in the others
  • no party can or will be responsible for hosting the full system

For example, a security breach in the supply chain for a food manufacturer could result in several retail businesses with products on shelf that contain a pathogen. Current methods of notifying the proper authorities require a phone tree to call all the correct parties which then react as individuals or local committees. In addition the incident must either be initially submitted to each entity separately or one entity must take responsibility to notify the others.

This Fling:

  • allows all parties (e.g. retail, governmental, public) to see the incident via a single report transaction
  • allows all parties to respond in concert as required
  • allows automated systems to report incidents
  • allows transparency across all organizations

Updated flings

Horizon Toolbox

The Horizon toolbox is an extension to the Horizon Admin Console giving all kinds of user and session information. It is no replacement for the Horizon Helpdesk (or the fling).

Changelog

May 28, 2019, 7.8.0

  • Fix some incompatible issues
  • Only support Horizon View 7.7 & 7.8

Horizon Migration Tool

The Horizon Migration Tool helps you migrating from Citrix to an On-Prem Horizon Environment.

Changelog

Version 3.0.2

  • Updated the binary package and the document accordingly

[API]Resetting Desktops

This is the first post in a series of shorts that I will be posting about various methods that you can use with the VMware Horizon API’s. This time it will be about resetting desktops. When looking at the API Explorer you’ll see that there are two ways do do this from the machine service.

So the first is for a single VDI desktop and the latter for multiple.

First we need to get a list of vm’s I will be using the machines in pod1pool02 as victims for this post.

$queryservice=new-object VMware.Hv.QueryServiceService
$defn=New-Object VMware.Hv.QueryDefinition
$defn.QueryEntityType="MachineNamesView"
$filter=new-object VMware.Hv.QueryFilterContains
$filter.MemberName='base.name'
$filter.Value="Pod1Pool2"
$defn.filter=$filter
$results=($queryservice.QueryService_Query($services1, $defn)).results

with this result:

From this we’ll make a variable with all of them and one with a single one

$singlevm=$results | select-object -first 1
$multiplevms=$results

Before I will reset the single VM I will show the state of all the vm’s.

($queryservice.QueryService_Query($services1, $defn)).results.base.basicstate

And now let’s reset the vm.

$services1.machine.machine_reset($singlevm.id)

Since this is an instant clone you’ll see provisioned and not reset. Now let’s reset the rest as well.

$services1.Machine.Machine_ResetMachines($multiplevms.id)

And this method will work for all managed vdi desktops full, linked or instant clones.