In our organization we are preparing for the full rollout of a large and extremely distributed virtual infrastructure. We will have twelve plus vCenters to manage this widely distributed infrastructure. Having to configure this many vCenters along with the large number of clusters and all of the security that needs to be implemented I decided to script much of the configuration of these vCenters. One of the nice things is that we are able to keep the majority of the configuration settings standard across the clusters and folder structure we have designed. One of the driving forces to ensure this standardization is the ease of management for the O&M office. This way when managing or troubleshooting a site/cluster it will not be like walking into a new jungle that has not yet been explored by the team. PowerCLI was our choice to accomplish this.
The script that I have posted below is an example of what a virtual administrator can use to rapidly stage a vCenter. It is by no means an exhausted example of what can be done but I hope that it may help others or provide some ideas of what can be done. There very well may be, and probably is, a cleaner way of doing this. But, here is what I have come up with. Of course with the help from my colleagues and VMTN.
The first portion of the script gathers information from the administrator . Most are obvious but the reason for asking for the Domain name is that the top-level folder in the VM and Template view in VC has been configured with the name of the folder.
##Gathering data for use in the script
$vc=read-host "Enter the FQDN of the VirtualCenter you want to Connect to"
$datacenter=read-host "Enter the name of the datacenter on this VC where you want to add the Cluster"
$domain=read-host "Enter the Domain that this VC Manages"
$vcCred=get-credential
So now that the requisite data has been gathered the script will now connect to the vCenter and begin the configuration. One thing to note is that we are currently using a text file that contains the names of the sites that will be used for the cluster names as well as folder names.
##Connect to the vCenter Server
Connect-viserver $vc -Credential $vcCred
foreach ($item in get-content c:\sites.txt) {
$sitename=$item
$cluster="$sitename Cluster"
#Create a folder for the new site
New-Folder -Name $Sitename -Location $datacenter -Confirm:$false
#Create a cluster for the new site
New-Cluster -Name $cluster -Location $sitename -HAEnabled:$true -DrsEnabled:$true -DrsAutomationLevel fullyautomated -confirm:$false
#Set HA Advanced Configuration option to extend Failure detection time to 60 seconds
$optionValue = New-Object Vmware.Vim.OptionValue$optionValue.Key = "das.failuredetectiontime"$optionValue.Value = "=60000"
$getcluster = get-cluster -Name $cluster # Get the cluster
$clusterview = get-view $getcluster.Id
# Get the SDK object from the PowerCli object MO
$spec = New-Object Vmware.Vim.ClusterConfigSpecEx
$spec.dasConfig = New-Object Vmware.Vim.ClusterDasConfigInfo # New VMware HA config
$spec.dasConfig.option = $optionValue # Add the array of optionValues
$clusterview.ReconfigureComputeResource($spec, $true) # Modify the configuration. When configuring clusters, can be a ClusterConfigSpecEx object
#Set the DRS Migration threshhold 1 is most aggressive and 5 is the most conservative
$rate = 2
$clusSpec = New-Object VMware.Vim.ClusterConfigSpecEx
$clusSpec.drsConfig = New-Object VMware.Vim.ClusterDrsConfigInfo
$clusSPec.drsConfig.vmotionRate = $rate
$clusterview.ReconfigureComputeResource_Task($clusSpec, $true)
}
Now we are going to configure the Folders in the VM and Template view. We use these folders to organize the VMs but also to allow for the access control that we need to implement for the vCenter. For now due to the limited amount of concurrent connections to vCenter we have the different support and business units access vCenter through the web interface. It is unfortunate for us that the web access is no longer going to be developed after vCenter 4.1. This is stated in the release notes for vSphere 4.1.
foreach ($item in get-content c:\sites.txt) {
$sitename=$item
new-folder -Name $Sitename -Location (get-folder $Domain)
new-folder -Name "Domain Controlers" -Location (get-folder $sitename |where {$_.ID -like "Folder-group-v*"})
new-folder -Name "Exchange" -Location (get-folder $sitename |where {$_.ID -like "Folder-group-v*"})
new-folder -Name "SMS" -Location (get-folder $sitename |where {$_.ID -like "Folder-group-v*"})
}
Please feel free to use what you like from this script and post any constructive comments. And as usual any use of this script in part or whole is done at the users own risk and no guarantees are given. Good luck and I hope that this will help someone.
In a future post I may show how we automate the access controls for these folders. If anyone is interested in hearing about that let me know.
-SNA