Getting Zippy with PowerShell v5

*Warning. This article was written using the September 2014 PowerShell v5 Preview*

PowerShellZip01

 

(OK, I was really looking for an excuse to use the below picture in a blog post)

Zippy

 

One of the most popular and long standing requests for PowerShell is native support for working with Zip files. With PowerShell v5 we get two new cmdlets Compress-Archive  and and Expand-Archive. Here’s a couple of examples of how they work.

Compress-Archive

1) Create a Zip file

C:\Test contains a number of text files. We want to zip them up into one convenient file.

PowerShellZip02

 


Compress-Archive -Path C:\Test\* -DestinationPath C:\Zip\Test.zip -CompressionLevel Optimal

and now we have the zip file:

Note: as of this release there are three Compression Levels, the default of which is Optimal.

 

PowerShellZip04

PowerShellZip05

2) Update a Zip file

Now we add an extra file to C:\Test and want to update the zip file with this new file

 

PowerShellZip06


Compress-Archive -Path C:\Test\* -DestinationPath C:\Zip\Test.zip -Update

Here’s the new file, now contained in the zip file:

PowerShellZip07

Expand-Archive

3) Expand a Zip file

Now we want to expand a zip file. Let’s use the one we just created and expand it to a different folder C:\Expand.


Expand-Archive -Path C:\Zip\Test.zip -DestinationPath C:\Expand

Here are the files:

PowerShellZip08

All pretty straightforward, but it’s great to have this simple functionality finally native :-)

 

Use Headers in a vCO REST Operation

vCenter Orchestrator has a built -in plugin for working with systems that support REST API queries. I’ve used this fairly extensively recently while working with vCNS

Out of the box the plugin will do the majority of the hard work for you, however one thing that isn’t available via the Add a REST operation dialogue is the ability to configure a custom header for the REST query. In the following example I need to add an if-match header to update the App firewall rules for a portgroup, but for a POST method I only have the option to specify the Content type:

RESTAdditionalHeader01

Per the vCNS API document I need to be able to send  something like the following

POST https://<vsm-ip>/api/2.0/app/firewall/dvportgroup-28/config –header ‘Content-Type:text/xml’ –header ‘if-match:”1347501121780″‘

So we need to dig a bit deeper. After creating a workflow from the REST Operation we have something like the following:

RESTAdditionalHeader01a

and in the Scripting task, the following code:

RESTAdditionalHeader02

Luckily, (and something I hadn’t noticed before) an example for how to set a header has been added as a standard comment:


//Customize the request here
//request.setHeader("headerName", "headerValue");

So in this example we need to add the following:


request.setHeader("If-Match", generationNumber);

First of all though, we will need to add an input for the generationNumber (you can obtain the generationNumber by first of all querying the current ruleset and looking for the Etag header):

RESTAdditionalHeader03

Now we can update the Scripting task:

RESTAdditionalHeader04

and we can successfully add extra App Firewall Rules when using this workflow now:

RESTAdditionalHeader05

 

vCenter Orchestrator Server Service Won’t Start

This has happened to me twice now with vCO 5.5.1 running on Windows using the embedded database – once in a dev install in a lab and now also in my home lab. So figured it was time to write up the steps to sort it out.

vCONotStart02

Issue:

The vCO Orchestrator Server service won’t start. In the vCO log you find something similar  to:

[vcoInitializerScheduler-1] ERROR {} [ServerChecker] Server integrity problem: interface com.vmware.o11n.licensing.LicenseAttributes is not visible from class loader

and / or

[vcoInitializerScheduler-1] ERROR {} [ServerChecker] **************************************************************************************[vcoInitializerScheduler-1] ERROR {} [ServerChecker] **  An essential server component is missing or invalid, the server will be shutdown

[vcoInitializerScheduler-1] ERROR {} [ServerChecker] **************************************************************************************

The only information I can find about it is this communities post, which suggests moving the vCO database and the rest of the data folder to a fresh vCO instance.

Workaround:

Deploy a new vCO instance. Here’s the standard vCO library in the fresh instance, but none of my own content is of course available there yet.

vCONotStart03

As per the communites post, we now need to copy over the C:\Program Files\VMware\Orchestrator\app-server\data folder from the old server to the new instance. Make sure to stop the vCenter Orchestrator Server Service on the new instance first.

vCONotStart04

Now startup the vCenter Orchestrator Server Service and if you are in luck it will start this time.

vCONotStart05

When I log into the client, my own content is back – yay! I just need to re-install and configure any vCO plugins now.

vCONotStart06

This all of course points to the fact that I should probably move the database to an external database server and back it up properly, even in my home lab :-)

 

Setting Static Routes with PowerShell when connecting to a PPTP VPN

Sometimes as a consultant I have a need to connect to customer or client networks to carry out some of the work. This typically involves a myriad of different remote connection and VPN style systems. Some are better than others and while it’s possible to use different VMs to connect to them, that’s not always practical. Typically I only want traffic destined for the remote system(s) to go down the VPN, not all of my Internet traffic.

Many reasons for this, but one of the top ones is that it sends my Lync client used for internal communication into a frenzy of disconnecting / re-connecting to conversations if the VPN connection drops any time during the day. This leads to timed out messages and half the time wondering if the message got through, whether to send it again and generally a pretty frustrating experience.

One of the VPN connections I need to use is pretty basic and uses a PPTP connection created via the built-in wizard in Windows.

VPN01

I hadn’t used one of these for a long time and thankfully a colleague pointed out to me the other day that by changing it’s configuration it was possible not to send all of your Internet traffic down it.

Clearing the below setting Use default gateway on remote network will stop all Internet destined traffic heading down that connection.

VPN02

 

Then we simply need to set a static route for the subnet we want to connect to via the VPN and send it down that route. So it will be something like:

route add 172.15.36.0 mask 255.255.0.0 172.100.25.37 metric 1

However, the IP I’m allocated from the VPN server (172.100.25.37 above) may change every time I connect to the VPN.

VPN03

So I put together the below function which will grab the IP that has been allocated and use it in the route add command. Since I wanted to support downlevel OSs for people like me using Windows 7 I went with ipconfig to get this info rather than than the newer networking cmdlets like Get-NetIPAddress . Consequently, I used this really handy tip on filtering ipconfig output.

Then all I need to do is run the following (note: make sure your PowerShell session has elevated privileges):


Set-VPNRoute -VPNNetwork 172.100.25 -RouteNetwork 172.15.36.0 -RouteMask 255.255.0.0


function Set-VPNRoute {
<#
 .SYNOPSIS
 Set a route for VPN traffic

 .DESCRIPTION
 Set a route for VPN traffic

 .PARAMETER VPNNetwork
 VPN Connected Network

 .PARAMETER RouteNetwork
 Target Route

 .PARAMETER RouteMask
 Target Mask

.INPUTS
 System.String.

 .OUTPUTS
 None.

.EXAMPLE
 PS> Set-VPNRoute -VPNNetwork 192.168.200 -RouteNetwork 192.168.60.0 -RouteMask 255.255.255.0

#>
[CmdletBinding()]

Param
 (

[parameter(Mandatory=$true)]
 [ValidateNotNullOrEmpty()]
 [String]$VPNNetwork,

 [parameter(Mandatory=$true)]
 [ValidateNotNullOrEmpty()]
 [String]$RouteNetwork, 

 [parameter(Mandatory=$true)]
 [String]$RouteMask
 )

try {

 $VPNIP = @(ipconfig) -like "*$VPNNetwork*"
 $VPNIP = $VPNIP[0].substring($VPNIP[0].length - 14, 14)
 route add $RouteNetwork mask $RouteMask $VPNIP metric 1 | Out-Null
 }
 catch [Exception]{

 throw "Unable to set VPN Route"
 }
}

Attending VMworld Europe?

barcelona1

I’m fortunate enough to be able to attend VMworld Europe again this year, so thought I would suggest a few tips based on my previous experience on how to get the most out of the conference.

Some years ago now the first large scale IT conference I attended was Microsoft Teched in Barcelona. Prior to attending I had no real idea what to expect, but fortunately stumbled across these two posts (1 and 2) from Jonathan Noble which were a great help. As it turned out we had a shared interest in PowerShell and he was kind enough to meet up the day before the conference , give me a few more insights and introduce me to some folks since I didn’t know many people in the wider IT community back then.

So hopefully this post might help you in a similar way if you are attending for the first time or maybe even if you are a conference veteran. Since I am funding this trip myself a lot of the advice is around working to a budget.

1) Registration

First up, register as early as possible you may get an early bird discount. Also watch out for discounts if you have the VCP certification and maybe consider the VMUG Advantage package which will give you an additional discount amongst its other benefits..

2) Get there before Monday

The conference is officially advertised as being from Tuesday 14th – Thursday 16th October with a partner day on Monday 13th. So if you work for a partner there are events for you on the Monday, but if not have a look at the Agenda and see what else you might be able to do that day. My personal tip is to make that day the time you spend in the Hands-On-Labs area. Typically it is a lot quieter than the rest of the week so less queuing and also you most likely won’t be thinking I should be in a session / discussion group / the community hang-space now. So get there on the Saturday or Sunday, take a look around Barcelona and there are usually community events starting from Sunday evening to go to.

3) Flights

Book early – that is all. The cost goes up and availability decreases quite significantly from about now, so hurry up :-)

4) Accommodation

In previous year’s I’ve stayed in various hotels with mixed results. Last year’s experience wasn’t a great one after booking a hotel with a short metro commute to the conference centre I got bumped to one of their sister hotels with a long metro commute because of an issue with ‘a serious water leak in the hotel’ – in other words because I had booked the hotel independently rather than through the VMworld registration (since it was cheaper) I got bumped because it was now overbooked.

Thanks to a tip off from Simon Gallagher this time  I am going to try renting an apartment instead via AirBnB. Since I will hardly spend any time at the hotel apart from sleeping, there is not much point paying for the additional facilities they may offer. Last year I paid ~£320 for 4 nights at the hotel and got substandard service anyway. A quick scan over what’s on offer at AirBnB suggests I can get something suitable for ~£200 for the 4 nights. So we’ll see how that pans out this time.

5) Food

On a similar note there’s no point paying for breakfast at a hotel since you can get breakfast at the conference as part of your pass. Last year on Partner Day there was no food provided if you were not a partner, so if you’re taking advantage of that day in the labs like I suggested above you might want to bear that in mind. Most evening events will have some kind of finger food on offer, if you prefer to eat properly then you may want to sample some of the many restaurants Barcelona has to offer.

6) General

One of the best things about the conference is the chance to network with peers who have similar interests to yourself. As I mentioned at the start of this post I made a good friend at the first IT conference I went to and also met a bunch of people who it would prove very useful to know in the years since. In addition to the official conference events, get along to some of the community arranged events since you will inevitably meet some great people there. Also head over to the community hang space, a great place to meet and chat with many of the people who produce great blog content that you probably read on a daily basis.

Hope to see you there :-)

 

FBL-ESP-LIGA-BARCELONA-REAL MADRID

 

Automating vCAC Tenant Creation with vCO: Part 7 Creating a vCAC Catalog Item

In this series we will see how to automate the creation of a tenant in vCAC using vCO. There are multiple tasks to provision a tenant in vCAC, so even though it is an automation product itself, there’s no reason why you shouldn’t look at automating parts of it too.

In part 7 we look at publishing our Create-Tenant vCO workflow back into vCAC as a catalog item to make for easy consumption of it. (At some point I will get round to automating this part too)

We’ll be publishing this catalog item to the default tenant (vsphere.local if you look at the list of tenants), so it’s worthwhile making sure that you have other user accounts which can access it other than the default [email protected]

So we need to create an Identity Store for the default tenant and add some Administrator groups:

vCACCatalogItem01

 

vCACCatalogItem02

Ensure that the Administrator group has the Service Architect role which will grant the use of Advanced Services. We then need to logout of the webpage and back in to enable the Advanced Services tab to appear.

vCACCatalogItem03

 

At this point if you are using a vCO server external to vCAC (as I am in my lab) you will want to ensure that you have enabled AD authentication to it and provided an admins group.

vCACCatalogItem03b

This makes it straightforward to now configure vCAC to use an external vCO server using an AD account.

vCACCatalogItem03c

We also need to make sure the Default Tenant has a Business Group so that we will be able to publish Catalog Items.

vCACCatalogItem09a

 

Navigate to Advanced Services and Service Blueprints, then add a new one:

vCACCatalogItem04

 

We can now see the vCO directory structure presented to us to drill down through and find the workflow to publish, Create-vCACTenant.

vCACCatalogItem05

Navigate through the wizard to complete the addition. Firstly, accept the default name.

vCACCatalogItem06

On the Blueprint Form tab we have some options to amend the presentation of the form. Mostly this is picked up from the vCO workflow presentation, but it can be configured further here.

vCACCatalogItem07

Accept the default on Provisioned Resource and finish the Wizard.

vCACCatalogItem08

Make sure to Publish the Blueprint.

vCACCatalogItem09

We need to create a Service for Catalog Item consumption.

vCACCatalogItem09b

Now configure a Catalog Item for Create-vCACTenant and add it to the above Service.

vCACCatalogItem09c

 

Add an Entitlement so that users are able to access the Catalog Item.

vCACCatalogItem10

Add the Create-vCACTenant Catalog Item to the Entitlement.

vCACCatalogItem11

 

Login to vCAC as one of the users with the Entitlement and we will see the Create-vCACTenant  item in our Catalog.

vCACCatalogItem12

Let’s run the item to make sure it works.

vCACCatalogItem13

vCACCatalogItem14

vCACCatalogItem15

We can look in our Requests to observe the status.

vCACCatalogItem16

We can also observe that TenantC has been created in vCAC :-)

vCACCatalogItem17

 

Automating vCAC Tenant Creation with vCO: Part 1 AD SSL
Automating vCAC Tenant Creation with vCO: Part 2 AD Users, Groups and OUs
Automating vCAC Tenant Creation with vCO: Part 3 Install the vCAC plugin for vCO
Automating vCAC Tenant Creation with vCO: Part 4 Creating a Tenant
Automating vCAC Tenant Creation with vCO: Part 5 Creating an Identity Store
Automating vCAC Tenant Creation with vCO: Part 6 Adding Administrators
Automating vCAC Tenant Creation with vCO: Part 7 Creating a vCAC Catalog Item

Automating vCAC Tenant Creation with vCO: Part 6 Adding Administrators

In this series we will see how to automate the creation of a tenant in vCAC using vCO. There are multiple tasks to provision a tenant in vCAC, so even though it is an automation product itself, there’s no reason why you shouldn’t look at automating parts of it too.

In part 6 we look at adding Administrators to a Tenant in vCAC.

1) Add the ‘Add administrators’ workflow

Drag the Add administrators workflow from the vCloud Automation Center section of the workflow library

vCOvCACPlugin18

vCOvCACPlugin48

Add the inputs. (This is why we created Array based outputs for the administrator groups earlier in the series – we could add multiple groups here)

vCOvCACPlugin49

There are no outputs to add for this workflow.

Now run the workflow to test all functionality.

vCOvCACPlugin43

vCOvCACPlugin50

 

vCOvCACPlugin51

You can download exports of these workflows below:

Create-ADRequirements.workflow

Create-vCACTenant.workflow

 

 

Automating vCAC Tenant Creation with vCO: Part 1 AD SSL
Automating vCAC Tenant Creation with vCO: Part 2 AD Users, Groups and OUs
Automating vCAC Tenant Creation with vCO: Part 3 Install the vCAC plugin for vCO
Automating vCAC Tenant Creation with vCO: Part 4 Creating a Tenant
Automating vCAC Tenant Creation with vCO: Part 5 Creating an Identity Store
Automating vCAC Tenant Creation with vCO: Part 6 Adding Administrators
Automating vCAC Tenant Creation with vCO: Part 7 Creating a vCAC Catalog Item

Automating vCAC Tenant Creation with vCO: Part 5 Creating an Identity Store

In this series we will see how to automate the creation of a tenant in vCAC using vCO. There are multiple tasks to provision a tenant in vCAC, so even though it is an automation product itself, there’s no reason why you shouldn’t look at automating parts of it too.

In part 5 we look at adding an Identity Store to a Tenant in vCAC.

1) Generate the variables for adding an Identity Store

Add a scriptable task so we can generate the parameters we need for an Identity Store

vCOvCACPlugin28b

Add the AD domain as an Attribute of the workflow

vCOvCACPlugin30

Add an additional property to that Configuration Element for the netbiosDomain

vCOvCACPlugin31

and add it as an attribute of the workflow

vCOvCACPlugin32

Create a new Configuration Element for the Identity Store and add Type and URL properties.

vCOvCACPlugin33

vCOvCACPlugin34

 

Then add them as workflow attributes:

vCOvCACPlugin35vCOvCACPlugin36

Add inputs

vCOvCACPlugin37

Add outputs

vCOvCACPlugin38

And the following scripting


identityStoreName = tenantName + "-AD";
identityStoreUserDN = vcoServiceUser.distinguishedName;
identityStoreGroupsSearchDN = tenantGroupsOU.distinguishedName;
identityStoreUsersSearchDN = tenantUsersOU.distinguishedName;

tenantAdministratorsName = tenantAdminsGroup.getAttribute('Name');
infrastructureAdministratorsName = infrastructureAdminsGroup.getAttribute('Name');

tenantAdministratorsUpnName = tenantAdministratorsName + "@" + identityStoreDomain;
infrastructureAdministratorsUpnName = infrastructureAdministratorsName + "@" + identityStoreDomain;

tenantAdministrators = [tenantAdministratorsUpnName];
infrastructureAdministrators = [infrastructureAdministratorsUpnName];

vCOvCACPlugin39

 

 

2) Add the ‘Add an identity store to a tenant’ workflow

Drag the Add an identity store to a tenant’ workflow from the vCloud Automation Center section of the workflow library

vCOvCACPlugin18

Add the In parameters

vCOvCACPlugin41

And the Out parametervCOvCACPlugin42

3) Now run the workflow to test it works

vCOvCACPlugin43

vCOvCACPlugin44

 

vCOvCACPlugin45

vCOvCACPlugin47

In part 6 we will complete the  Administrators configuration

 

Automating vCAC Tenant Creation with vCO: Part 1 AD SSL
Automating vCAC Tenant Creation with vCO: Part 2 AD Users, Groups and OUs
Automating vCAC Tenant Creation with vCO: Part 3 Install the vCAC plugin for vCO
Automating vCAC Tenant Creation with vCO: Part 4 Creating a Tenant
Automating vCAC Tenant Creation with vCO: Part 5 Creating an Identity Store
Automating vCAC Tenant Creation with vCO: Part 6 Adding Administrators
Automating vCAC Tenant Creation with vCO: Part 7 Creating a vCAC Catalog Item

Automating vCAC Tenant Creation with vCO: Part 4 Creating a Tenant

In this series we will see how to automate the creation of a tenant in vCAC using vCO. There are multiple tasks to provision a tenant in vCAC, so even though it is an automation product itself, there’s no reason why you shouldn’t look at automating parts of it too.

In part 4 we look at the first part of creating a Tenant in vCAC.

1) Create the parent workflow

After creating a workflow for the AD requirements in parts 1 and 2, the rest of the work is done via built-in workflows of the vCAC plugin. So we will create a parent workflow to organise the rest into.

vCOvCACPlugin14

First of all drop in the AD workflow and add an input parameter

vCOvCACPlugin15

vCOvCACPlugin16

 

2) Add the ‘Create a tenant’ workflow

Drag the Create a tenant workflow from the vCloud Automation Center section of the workflow library

vCOvCACPlugin18

vCOvCACPlugin19

Set the In parameters

vCOvCACPlugin20

We can set the Value here since we are only working with one vCAC server

vCOvCACPlugin21

vCOvCACPlugin22vCOvCACPlugin23

Output the Tenant object from this workflow, since we will need it in parts 5 and 6.

vCOvCACPlugin24

 

3) Test the workflow

As a test, we can run what we have so far which will create the AD requirements and an empty tenant in vCAC.

vCOvCACPlugin25

Looking good so far

vCOvCACPlugin26a

vCOvCACPlugin26

vCOvCACPlugin27

vCOvCACPlugin28

In parts 5 and 6 we will complete the Identity Stores and Administrators configuration

 

Automating vCAC Tenant Creation with vCO: Part 1 AD SSL
Automating vCAC Tenant Creation with vCO: Part 2 AD Users, Groups and OUs
Automating vCAC Tenant Creation with vCO: Part 3 Install the vCAC plugin for vCO
Automating vCAC Tenant Creation with vCO: Part 4 Creating a Tenant
Automating vCAC Tenant Creation with vCO: Part 5 Creating an Identity Store
Automating vCAC Tenant Creation with vCO: Part 6 Adding Administrators
Automating vCAC Tenant Creation with vCO: Part 7 Creating a vCAC Catalog Item

Automating vCAC Tenant Creation with vCO: Part 3 Install the vCAC plugin for vCO

In this series we will see how to automate the creation of a tenant in vCAC using vCO. There are multiple tasks to provision a tenant in vCAC, so even though it is an automation product itself, there’s no reason why you shouldn’t look at automating parts of it too. In part 3 we look at installing the vCAC plugin for vCO

1) Download the vCAC plugin   o11nplugin-vcac-6.0.1.vmoapp vCOADPlugin40

2) Install the plugin I’m installing this on a Windows based vCO box. Ensure that the vCO Configuration service is started since it is usually on manual startup. vCOADPlugin41

Navigate to the Configuration webpage, in my case https://localhost:8283/

vCOvCACPlugin01

and then Plugins

vCOvCACPlugin02

Enter credentials of a member of the vCO admins group. (If you haven’t set this up you might want to add an AD connection on the Authentication page)

vCOvCACPlugin03

and select the downloaded plugin, then Upload and install

vCOvCACPlugin04

Accept the License Agreement

vCOvCACPlugin05

Hopefully you get a nice green success

vCOvCACPlugin06

If so, you’ll get a note further down that you need to restart the vCO Server service

vCOvCACPlugin07


Get-Service VMwareOrchestrator | Restart-Service

After the restart, all is now OK

vCOvCACPlugin08

The built-in vCAC workflows are now available in the vCO client

vCOvCACPlugin09

3) Configure the plugin Navigate to Configuration and run the Add a vCAC host workflow

vCOvCACPlugin10

Fill out the details of the default vCAC tenant

vCOvCACPlugin11 vCOvCACPlugin12

…and now we have a vCAC server to work with

vCOvCACPlugin13

 

Automating vCAC Tenant Creation with vCO: Part 1 AD SSL
Automating vCAC Tenant Creation with vCO: Part 2 AD Users, Groups and OUs
Automating vCAC Tenant Creation with vCO: Part 3 Install the vCAC plugin for vCO
Automating vCAC Tenant Creation with vCO: Part 4 Creating a Tenant
Automating vCAC Tenant Creation with vCO: Part 5 Creating an Identity Store
Automating vCAC Tenant Creation with vCO: Part 6 Adding Administrators
Automating vCAC Tenant Creation with vCO: Part 7 Creating a vCAC Catalog Item