useVIFastpassOnvMAToRunPerlScriptWithoutClearTextPassword.pl

Version 2

    This script makes use of the vi-fastpass library that is included in VMware vMA and allows you to execute a vSphere SDK for Perl or vCLI script without having to pass in credentials to each host upon execution. This script also does not require you to specify a .viperl configuration file containing the username/password nor relies on issuing of vifpinit on a target which has a huge security flaw in which the username/password is stored in plain text using environmental variables!!! I've been told this has been finally recognized as a bug/security issue and will be fixed in the near future.

     

    This script does require that the targets are being managed by vMA that you would like to perform the operations on. Please refer to vMA documentation on how to setup targets to be managed by vMA.

     

    Requirements:

    VIMA 1.0 or vMA 4.0

    ESX(i) 3.5/4.0 or vCenter 2.5/4.0

    vSphere SDK for Perl/vCLI script

     

    Sample Execution:

     

    Let's say I would like to list all NFS datastores on a set of ESX(i) hosts, you would generally do something of the following using vCLI command esxcfg-nas:

     

    [vi-admin@scofield ~]$ esxcfg-nas -l --server esxi40-1.primp-industries.com --username root
    Enter password:
    dlgCore-NFS-bigboi.VM-Backups is /exports/vm-backups from A.B.C.D mounted
    

     

     

    and you would continue doing this for however many hosts you had, typing the password each time....

     

    Now, let's see this script in action which only requires one argument which is a file containing the hosts that you want to perform the operation.

     

    Note: Please make sure the name of the hosts is exactly the name in which it was added to vMA management system

     

    My hostlist file:

    [vi-admin@scofield ~]$ cat hostlist
    esx40-1.primp-industries.com
    esx40-2.primp-industries.com
    esxi40-1.primp-industries.com
    

     

    You'll need to edit the script to substitute the command you would like to run, look at line #44:

    $command_to_execute = `esxcfg-nas -l --server $server --username $username --password $password`
    

    Ensure when you're editing the script to preserve $server,$username and $password arguments along with the other params to the script

     

     

    Now let's run the script on the 3 hosts:

    [vi-admin@scofield ~]$ ./useVIFastpassOnvMAToRunPerlScriptWithoutClearTextPassword.pl --esxlist hostlist
    Executing script on "esx40-1.primp-industries.com" ...
    dlgCore-NFS-bigboi.VM-Backups is /exports/vm-backups from A.B.C.D mounted
    
    Executing script on "esx40-2.primp-industries.com" ...
    dlgCore-NFS-bigboi.VM-Backups is /exports/vm-backups from A.B.C.D mounted
    
    Executing script on "esxi40-1.primp-industries.com" ...
    dlgCore-NFS-bigboi.VM-Backups is /exports/vm-backups from A.B.C.D mounted