Automating the Configuration of Log Insight

Now that you know how to automate the deployment of Log Insight, you are probably wondering how to automate the configuration of Log Insight. Automating the configuration of Log Insight is a little harder because Log Insight does not have a configuration API today and because by default SSH is disabled until the root password is set. In addition, the root password cannot be set through OVF properties today.

So how do you automate the configuration of Log Insight?

Continue reading

Automating the Deployment of Log Insight

Log Insight ships as a virtual appliance. Given its single packaging model, automated deployment is easy thanks to the freely available OVF Tool. OVF Tool is a command line utility available for Windows, Linux and Mac that allows you to deploy OVA/OVF files. For the list of options available with OVF Tool run ovftool –help or see check the documentation. I would like to walk you through how to automate the deployment of Log Insight via ovftool.


Continue reading

Automating VCSA Configuration

If you have deployed the VCSA a couple of dozen times like me then you quickly realize that it is necessary to script the initial configuration of the device. I would highly recommend taking a look at William Lam’s blog for some great setup scripts including:

Something that I noticed was missing from William’s scripts was the ability to configure application layer services such as NTP and Syslog. As such, I put together a couple quick scripts shared below.

Continue reading

Bug in PowerCLI 4.1.1: Set-VIRole

I was trying to set up some permissions on vCenter Server using PowerCLI. Here is an example of a command I was running:

PowerCLI returned the following:

WARNING: There were one or more problems with the server certificate:
* The X509 chain could not be built up to the root certificate.
* The certificate’s CN name does not match the passed value.

Name IsSystem
—- ——–
newTestRole False
newTestRole False
newTestRole False

This looks like it worked, however upon looking at the permissions on vCenter Server, the checkboxes for these three options were not selected. If you attempt the command with any other permissions it works as expected (i.e. the checkboxes are selected).

Why was this not working?

Continue reading

Permanently enabling SSH on ESXi via PowerShell

As you all know by now, ESXi comes with SSH, which VMware now refers to as Tech Support Mode, disabled. The reasons behind this include security and the removal of the service console. While the service console has been removed, a shell called BusyBox remains. According to VMware best practice, SSH should not be enabled as it should not be needed. Of course, customers require this kind of access to install agents and to troubleshoot problems. VMware’s response was to enable remote access to the systems via vCenter Server, vMA, or an API and to recommend reinstalling ESXi should troubleshooting become necessary. If you want to read more about this, I would recommend seeing Duncan’s post over at yellow-bricks:

Recently, I ran into an issue where several potential ESXi bugs were discovered, which required SSH access to the ESXi host as the logs were lacking information (one of the reported bugs) and the commands that needed to be executed could not be done remotely (e.g. df -h). As such, I was asked to enable SSH on 64 ESXi hosts. Performing this task manually was not an option so I turned to PowerCLI to automate the task.

This raises the question, how do you enable SSH on ESXi via PowerCLI?

Continue reading