VMware Cloud Community
perisetlachandr
Contributor
Contributor
‎07-11-2020 12:33 PM

SPOF Risk Analysis for ESXi 6.7

Dear Team,

AS a part of Single point of failure risk analysis, I need to verify any port group is configured with single uplink. it for both standard and DV Switch.

In the similar way need to verify any ESXi host is configured with Single HBA to access the storage. Can some one help in resolving this with PowerCLi script.

I have 250+ servers in environment.it might lead to human error if it carried out manually.

0 Kudos
6 Replies
LucD
Leadership
Leadership
‎07-11-2020 12:55 PM

For the portgroups you have to be a bit more specific on what you define as a SPOF.

Since pNIC are assigned to switches and portgroups can use any combination of those (event none) as the ActiveNics, what exactly are you looking for?

In general how does NIC Teaming feature in this?

For the HBA, do you only look at datastores?

Or also at the local disk(s)?

On a side note, what do you already have?

This might give us a better idea of what you are trying to achieve.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

0 Kudos
perisetlachandr
Contributor
Contributor
‎07-11-2020 01:36 PM

Hi LucD .....

Thank you so much for your response ...
Am attaching my existing network configuration which is Critical SPOF for vSAN.

For Storage below are the Conditions:

ESXi hosts running with local storage - SPOF-1

ESXi Host Having Single Active HBA Card - SPOF-2

Thanks in advance

Chandru

Preview file
18 KB
0 Kudos
LucD
Leadership
Leadership
‎07-11-2020 02:02 PM

What code do you already have?


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

0 Kudos
perisetlachandr
Contributor
Contributor
‎07-11-2020 02:37 PM

Hi LucD

With the following command am able to list down the virtual switches and its physical NICs. but unable to get the link Status.

If vSwitch is having 1 active NIC as shown below that one has to be highlighted as risk.

If vSwitch is having 2 uplinks and it is not matching with the Link status count, then need to highlight as a risk. because uplink count=2, the link status count !=2.

Am not sure that i can derive the uplink status from portgroup level.

PS C:\> Get-VMHost -Name xxxxxxxxxx.xxxxxxxxx.com | Get-VirtualSwitch | select VMhost, Name, Nic

VMHost                                    Name               Nic

-----------                                   ---------             -------

xxxxxxxxxx.xxxxxxxxx.com      vSwitch0      {vmnic3, vmnic1, vmnic0}

xxxxxxxxxx.xxxxxxxxx.com      vSwitch1      {vmnic2}

Thanks in Advance

Chandru

0 Kudos
LucD
Leadership
Leadership
‎07-12-2020 12:16 AM

So you have nothing?


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

0 Kudos
perisetlachandr
Contributor
Contributor
‎07-12-2020 10:46 AM

Yes LucD ...
I have nothing. but trying at my level ...

0 Kudos