This script builds on the excellent work done by lberc and others in the forums and at VMware

We are deploying VC+ESX to a somewhat interesting environment:

• engineering is not directly involved in provisioning so it needs to be as automated as possible within a cost-effective constraint
• security is important
• We're using ESX not ESXi

The scripts I found stopped too soon for my O-C taste, so this one goes a bit further than others I found including:

• Configure the license server
• Upload signed SSL key and certificate files to the ESX server
• Rename all local datastores to try to reduce the accidental deployment to local stores
• Configure the firewall for NTP and updateManager
• Targeted for ESX although there is also a nod to ESXi provisioning
• Configure the environment for our special case where the VCS-ESX communications are on an isolated network

and a separate isolated VMotion network

• Rescan the HBAs

It does the "usual" stuff borrowed from lberc and others:

• reset the root password
• configure networks
• joining to VCS servers
• configuring NTP, DNS, domain, name, IP's etc.

Some interesting concepts explored here, although hints of topics on these throughout the forums

• Upload files to an https server with a self-signed SSL certificate
• Finding the local datastores on an ESX server
• Accessing and modifying the firewall configuration
• Dealing with Passwords entered with the Read-Host -asSecureString

Some caveats

• This is my first significant Powershell, .Net and VI project. I am sure many of you will cringe when you look at the arcane methods I found.
• We do a manual install of ESX rather than using kickstart. I expect we'll head towards ESXi and this work wouldn't have paid back. This script is run immediately after the reboot following the installation.
• It works pretty well in our target environment, but there is no guarantee or warranty it will work in yours.
• The upload stuff works here works for fairly small files. (file size=memory consumed) Carter Shanklin and I are

working to improve the upload process. Watch Carter's (c_shanklin) blog and his VI Toolkit Extensions at http://www.codeplex.com/vitoolkitextensions

A few features for the next version of this script - perhaps in another life:

• It should really attach the server to an Update Manager baseline and remediate.
• Replace all the anachronisms with the best-practice methods
• Configure a VMKernel network and gateway on the Management VLAN
• A way cool Windows.Forms with drop-down lists to capture the information
• Automatically download backup ESXi configuration file to the local disk

Oct 16 2008

I meant to mention how to generate a log file but forgot.

As you may have noticed all the messages in this script are simply dumped to the console, rather than explicitly output with Write-Host. You can redirect this to a log file and still see the console messages by invoking the script as follows:

.\configureESX.ps1 | Tee-Object .\configureESX-server.log