#---------------------------------------------------------------------------------------------------------------------------------------------------- $creds = Get-Credential #Connect VC1 Connect-VIServer 'itdvmvc1.nd.gov' -Credential $creds #Connect VC2 Connect-VIServer 'itdvmvc2.nd.gov' -Credential $creds #Connect VCT1 Connect-VIServer 'itdvmvct1.nd.gov' -Credential $creds #Connect VCT2 Connect-VIServer 'itdvmvct2.nd.gov' -Credential $creds #Connect OneView Connect-HPOVMgmt -Hostname 'itdoneviewp1.nd.gov' -Credential $creds -LoginAcknowledge #---------------------------------------------------------------------------------------------------------------------------------------------------- #VMHosts to Patch $VMHostNames = @" itdvmmdnav04.nd.gov itdvmmdnav05.nd.gov "@ $VMHostNames = ConvertTo-Array -MultiLineString $VMHostNames #---------------------------------------------------------------------------------------------------------------------------------------------------- #Disable Alarms and Disconnect CDROM foreach ($VMHostName in $VMHostNames) { $GetVMHost = Get-VMHost $VMHostName #$VMHostParent = $GetVMHost.Parent $HostCluster = Get-Cluster -VMHost $VMHostName <#$NewSpec = New-Object VMware.Vim.ClusterConfigSpec $NewSpec.DasConfig = New-Object VMware.Vim.ClusterDasConfigInfo $NewSpec.DasConfig.AdmissionControlPolicy = New-Object VMware.Vim.ClusterFailoverResourcesAdmissionControlPolicy $NewSpec.DasConfig.AdmissionControlPolicy.AutoComputePercentages = $true $HostCluster.ExtensionData.ReconfigureCluster($NewSpec, $true) #> $VIServer = $GetVMHost.Uid.Split('@')[1].Split(':')[0] $alarmMgr = Get-View AlarmManager -Server $VIServer $alarmEnabled = $GetVMHost.ExtensionData.AlarmActionsEnabled if ($alarmEnabled -eq $true) { $alarmMgr.EnableAlarmActions($GetVMHost.ExtensionData.MoRef, $false) } $VMs = $GetVMHost | Get-VM #Disconnect CDROM and/or VMtools ISO foreach ($VM in $VMs) { $GetVM = Get-VM $VM $CDDrive = $GetVM | Get-CDDrive if ($CDDrive | Where-Object { $_.IsoPath -Like "*vmware/isoimages*" }) { $GetVM | Dismount-Tools #$CDDrive | Set-CDDrive -NoMedia -Confirm:$false } elseif ($CDDrive.HostDevice -Like "*drive*") { $CDDrive | Set-CDDrive -NoMedia -Confirm:$false } } $GetVMHost = $null } #Move Powered Off VMs foreach ($VMHostName in $VMHostNames) { $VMHostDetails = Get-VMHost -Name $VMHostName $VMHostParent = $VMHostDetails.Parent.Name $VMHostMigrate = Get-Cluster $VMHostParent | Get-VMHost | Where-Object Name -NE $VMHostName | Select-Object -First 1 $VMsPoweredOff = Get-VMHost $VMHostName | Get-VM | Where-Object PowerState -EQ "PoweredOff" If ($VMsPoweredOff) { Move-VM -VM $VMsPoweredOff -Destination $VMHostMigrate } } #Enter Maintenance Mode Set-VMHost -VMHost $VMHostNames -State "Maintenance" -RunAsync Start-Sleep -Seconds 10 #Monitor Get-VMHost -Name $VMHostNames | Select-Object Name, ConnectionState, @{Name = "VM.count"; E = { @($_ | Get-VM | Where-Object { $_.ExtensionData.Summary.Config.ManagedBy.Type -NE "placeholderVm" }).Count } } # Move to HostUpgradesInProgress Folder Get-VMHost -Name $VMHostNames | Move-VMHost -Destination "HostUpgradesInProgress" #---------------------------------------------------------------------------------------------------------------------------------------------------- #Shutdown Host Stop-VMHost -VMHost $VMHostNames -Confirm:$false #Monitor Get-VMHost $VMHostNames | Select-Object -Property Name, ConnectionState, CpuUsageMhz #---------------------------------------------------------------------------------------------------------------------------------------------------- #Verify OneView Server Profile Power State -EQ Off <#foreach ($VMHostName in $VMHostNames){ $HPOVServerProfile = Get-HPOVServerProfile -Name $VMHostName $HPOVServer = $HPOVServerProfile | Get-HPOVServer if ($HPOVServer.powerState -EQ "On"){ $HPOVServer | Update-HPOVServer -Async } }#> # ensure server power is off foreach ($VMHostName in $VMHostNames) { $HPOVServerProfile = Get-OVServerProfile -Name $VMHostName $HPOVServer = $HPOVServerProfile | Get-OVServer if ($HPOVServer.powerState -EQ "On") { $HPOVServer | Update-OVServer -Async } } #Monitor foreach ($VMHostName in $VMHostNames) { Get-OVServer -ServerName $VMHostName | Select-Object serverName, powerState } #---------------------------------------------------------------------------------------------------------------------------------------------------- #Join OneView Template to Host $HPOVtemplates = Get-OVServerProfileTemplate foreach ($VMHostName in $VMHostNames) { $VMHostDetails = Get-VMHost -Name $VMHostName $VMHostVIserver = $VMHostDetails.Uid.Split('@')[1].Split(':')[0] switch ($VMHostVIserver) { itdvmvc1.nd.gov { $HPOVtemplDataCenter = "BIS" } Default { $HPOVtemplDataCenter = "MDN" } } $VMHostParent = $VMHostDetails.Parent.Name <#switch ($VMHostParent.substring(0, $VMHostParent.Length - 1)) { Avaya { $HPOVtemplType = "Avaya" } TEL { $HPOVtemplType = "Avaya" } DCN { $HPOVtemplType = "DCN" } DES { $HPOVtemplType = "DES" } Oracle { $HPOVtemplType = "Oracle" } SQL { $HPOVtemplType = "SQL" } SQL2-D { $HPOVtemplType = "SQL" } TEST { $HPOVtemplType = "Test" } Default { $HPOVtemplType = "General" } }#> If($VMHostName -like "*sql*" -or $VMHostName -like "*ora*"){ $HPOVtemplType = "SQL" } Else{ $HPOVtemplType = "General" } $HPOVtemplModel = $VMHostDetails.Model.Split()[2] $NewHPOVtempl = $HPOVtemplates | Where-Object { $_.Name -Like "*$HPOVtemplDataCenter*" -and $_.Name -Like "*$HPOVtemplType*" -and $_.Name -Like "*$HPOVtemplModel*" } | Sort-Object Name | Select-Object -Last 1 Join-OVServerProfileToTemplate -Template $NewHPOVtempl -ServerProfile $VMHostName } #Monitor foreach ($VMHostName in $VMHostNames) { Get-OVServerProfile -Name $VMHostName } #---------------------------------------------------------------------------------------------------------------------------------------------------- #Check iLO Health Status <# foreach ($VMHostName in $VMHostNames){ $iLOHostName = ($VMHostName.split(".")[0])+"lo.nd.gov" $iLoConnection = Connect-HPEiLO $iLOHostName -Credential $creds Get-HPEiLOHealthSummary -Connection $iLoConnection | Select-Object Hostname,Status Disconnect-HPEiLO -Connection $iLoConnection }#> #---------------------------------------------------------------------------------------------------------------------------------------------------- #Update OneView Server Template foreach ($VMHostName in $VMHostNames) { Get-OVServerProfile -Name $VMHostName | Update-OVServerProfile -Confirm:$false -Async Start-Sleep -Seconds 30 } #powershell finished in 20m, but continued to run for 36min #Monitor foreach ($VMHostName in $VMHostNames) { Get-OVServerProfile -Name $VMHostName | Select-Object Name, State } #---------------------------------------------------------------------------------------------------------------------------------------------------- #Start OneView Server Profile foreach ($VMHostName in $VMHostNames) { $wait = $true While ($wait -EQ $true) { $HPOVServerProfile = Get-OVServerProfile -Name $VMHostName if ($HPOVServerProfile.Status -NE "OK") { $wait = $true Start-Sleep -Seconds 60 } else { $wait = $false $HPOVServerProfile | Start-OVServer -Async } } } #Monitor foreach ($VMHostName in $VMHostNames) { Get-OVServerProfile -Name $VMHostName } #---------------------------------------------------------------------------------------------------------------------------------------------------- # manual full install of v7.0u3 now <# ISO connected from workstation via iLO - boot @ 9:43 initial install screen @ 10:00 ISO connect from vmutil boot @ 10:01 initial install screen @ 10:10 #> # remove old from vcenter inventory ForEach ($VMHostName in $VMHostNames) { Get-VMHost -Name $VMHostName | Remove-VMHost -Confirm:$false start-sleep -Seconds 3 } # add to vcenter $VmDefaultCred = Get-Secret VMDefault ForEach ($VMHostName in $VMHostNames) { Add-VMHost -Name $VMHostName -Credential $VmDefaultCred -Location "HostUpgradesInProgress" -Force -Server $ViServer Start-Sleep -Seconds 3 } # license host Get-VMHost -Name $VMHostNames | Set-VMHost -LicenseKey '2M63H-8T391-P8YG4-00MR4-ARNP0' # set maintenance and disable alarms Get-VMHost -Name $VMHostNames | Set-VMHost -State "Maintenance" -RunAsync ForEach ($VMHostName in $VMHostNames) { $GetVMHost = Get-VMHost -Name $VMHostname $VIServer = $GetVMHost.Uid.Split('@')[1].Split(':')[0] $alarmMgr = Get-View AlarmManager -Server $VIServer $alarmEnabled = $GetVMHost.ExtensionData.AlarmActionsEnabled if ($alarmEnabled -eq $true) { $alarmMgr.EnableAlarmActions($GetVMHost.ExtensionData.MoRef, $false) } } # Set root password ForEach ($VMHostName in $VMHostNames) { $VMHostCred = Get-ITDPassword -Title $VMHostName -UserName root -Credential $PrvCred Connect-VIServer -Server $VMHostName -Credential $VmDefaultCred Set-VMHostAccount -Server $VMHostName -UserAccount root -Password $VMHostCred.GetNetworkCredential().Password Disconnect-VIServer -Server $VMHostname -Confirm:$false <#$EsxCli = Get-EsxCli -VMHost $VMHostName /vmfs/volumes/5a737d2f-b45bb27d-7f74-e0071befea78/Scratch/itdbisvm-dcn01 $args = $EsxCli.system.account.set.CreateArgs() $args.id = "root" $args.password = $VMHostCred.GetNetworkCredential().Password $args.passwordconfirmation = $VMHostCred.GetNetworkCredential().Password $output = $EsxCli.system.account.set.invoke(@{ id = $VMHostCred.UserName; password = $VMHostCred.GetNetworkCredential().Password; passwordconfirmation = $VMHostCred.GetNetworkCredential().Password; })#> } #Patch via Update Manager #Monitor ConnectionState foreach ($VMHostName in $VMHostNames) { $VMHost = Get-VMHost $VMHostName $VMHost | Select-Object -Property Name, ConnectionState } foreach ($VMHostName in $VMHostNames) { $VMHost = Get-VMHost $VMHostName $VMHostVIserver = $VMHost.Uid.Split('@')[1].Split(':')[0] #$VMHostBaseline = Get-Baseline -Server $VMHostVIserver | Where-Object Name -Like "*ESXi 6.5.0*" $VMHostBaselineUpgrade = Get-Baseline -Server $VMHostVIserver | Where-Object { $_.Name -EQ "vSphere 7.0U3-ProLiant" } $VMHostBaselinePatch = Get-Baseline -Server $VMHostVIserver | Where-Object { $_.Name -EQ "vSphere 7.0U3 Patch" } $VMHostBaselineAll = Get-Baseline -Server $VMHostVIserver | Where-Object { $_.Name -EQ "vSphere 7.0U3-ProLiant" -or $_.Name -EQ "7.0U3 Patch"} Attach-Baseline -Baseline $VMHostBaselineUpgrade -Entity $VMHost Attach-Baseline -Baseline $VMHostBaselinePatch -Entity $VMHost } #Remediate Baseline --- Do this in the GUI with all hosts in the same folder <# ForEach($VMHostName in $VMHostNames){ $VMHost = Get-VMHost $VMHostName Scan-Inventory -Entity $VMHost } ForEach($VMHostName in $VMHostNames){ $VMHost = Get-VMHost $VMHostName Stage-Patch -Entity $VMHost -Baseline $VMhostBaselineUpgrade Stage-Patch -Entity $VMHost -Baseline $VMhostBaselinePatch -RunASync } ForEach($VMHostName in $VMHostNames){ $VMHost = Get-VMHost $VMHostName Remediate-Inventory -Entity $VMHost -Baseline $VMHostBaselineAll -RunAsync -Confirm:$false }#> #Monitor Get-Task | Where-Object Name -Like "*Remediate*" #---------------------------------------------------------------------------------------------------------------------------------------------------- #Attach Host Profile and Test Compliance foreach ($VMHostName in $VMHostNames) { $CurrentHostProfiles = Get-VMHostProfile $VMHostDetails = Get-VMHost -Name $VMHostName $VMHostVIserver = $VMHostDetails.Uid.Split('@')[1].Split(':')[0] switch ($VMHostVIserver) { itdvmvc1.nd.gov { $VMHostVIserver = "BIS" } Default { $VMHostVIServer = "MDN" } } $VMHostParent = $VMHostDetails.Parent.Name switch ($VMHostParent.substring(0, $VMHostParent.Length - 1)) { Avaya { $VMHostProfile = "Avaya" } TEL { $VMHostProfile = "TEL" } Default { $VMHostProfile = "General" } } #$VMHostBuild = $VMHostDetails.Build #$VMHostVersion = $VMHostDetails.Version #$VMHostProfileName = $CurrentHostProfiles | Where-Object {$_.Name -Like "*$VMHostVIserver*" -and $_.Name -Like "*$VMHostVersion*" -and $_.Name -Like "*$VMHostBuild*" -and $_.Name -Like "*$VMHostProfile*"} | Sort-Object Name | Select-Object -First 1 $VMHostProfileName = $CurrentHostProfiles | Where-Object { $_.Name -like "*$VMHostVIserver*" -and $_.Name -Like "*7.0.3*" -and $_.Name -like "*$VMHostProfile*" -and $_.Name -like "*BL460c*" } Invoke-VMHostProfile -Entity $VMHostDetails -Profile $VMHostProfileName -AssociateOnly -Confirm:$false } # import host customization csv foreach ($VMHostName in $VMHostNames) { Get-VMHost -Name $VMHostName | Test-VMHostProfileCompliance } #Remediate Host Profile foreach ($VMHostName in $VMHostNames) { $VMHostDetails = Get-VMHost -Name $VMHostName $VMHostProfileCompliance = $VMhostDetails | Test-VMHostProfileCompliance #### ??????? if ($VMHostProfileCompliance.ExtensionData.ComplianceStatus -Like "*non*") { Invoke-VMHostProfile -Entity $VMhostDetails -Confirm:$false } $VMhostDetails | Test-VMHostProfileCompliance } # reboot hosts 0_Offline, Before Upgrade v7.0U3h Get-VMHost -Name $VMHostNames | Restart-VMHost -Confirm:$false #Test Host Profile Compliance foreach ($VMHostName in $VMHostNames) { Get-VMHost $VMHostName | Test-VMHostProfileCompliance } # maybe reboot again sometimes maybe Get-VMHost -Name $VMHostNames | Restart-VMHost -Confirm:$false #Exit Maintenance Mode and Enable Alarms Set-VMHost -VMHost $VMHostNames -State "Connected" -RunAsync Start-Sleep -Seconds 30 foreach ($VMHostName in $VMHostNames) { $GetVMHost = Get-VMHost $VMHostName $VIServer = $GetVMHost.Uid.Split('@')[1].Split(':')[0] $alarmMgr = Get-View AlarmManager -Server $VIServer $alarmEnabled = $GetVMHost.ExtensionData.AlarmActionsEnabled if ($alarmEnabled -eq $false) { $alarmMgr.EnableAlarmActions($GetVMHost.ExtensionData.MoRef, $true) } $GetVMHost = $null } #---------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------- #$VMCluster = Get-Cluster $VMHostParent #| Set-Cluster -HAAdmissionControlEnabled:$false -Confirm:$false #$HAFailoverHost = Get-VMHost | Where-Object {$_.Id -Match ((Get-Cluster $VMHostParent).extensiondata.configuration.dasconfig.admissioncontrolpolicy.failoverhosts.value)} #get-vmhost | where-object {$_.id -eq ($vmcluster.extensiondata.configuration.dasconfig.admissioncontrolpolicy.failoverhosts.value)} <# foreach ($VMHostProfile in $VMHostProfiles){ Export-VMHostProfile -FilePath $FilePath$Profile".xml" -Profile $VMHostProfile } Import-VMHostProfile -FilePath $FilePath"TestHostProfile.xml" -Name "Test Scripting" #>