pamiller21
Enthusiast
Enthusiast

Report For Tagless VMs with NSX-T

I am trying to find a way to get a report to show all VMs without NSX-T Tags.  Any help with this because the commandlets in NSX-T are confusing.

0 Kudos
8 Replies
Zsoldier
Expert
Expert

Not perfect by any means, but hopefully this gets you going in right direction.  Basically, VM's without tags will not have a 'tags' property when querying realized state.  This works in Powershell Core (aka Powershell 7). Will not work as written in classic Powershell.

NSX-T: Finding Tagless NSX-T VMs with Powershell Core (zsoldier.com)

$Credential = Get-Credential
$skipcertcheck = $true
$AuthMethod = “Basic”
$NSXMgr=”NSXTManagerIPorDNSName”
$policyapi = "/policy/api/v1"
$base_url = ("https://" + $NSXMgr + $policyapi)

$endpoint = "/infra/realized-state/virtual-machines"
$Data = Invoke-restmethod -Uri ($base_url + $EndPoint) -Method GET -Credential $Credential -SkipCertificateCheck:$skipcertcheck -Authentication:$AuthMethod

#VMs without tags
$data.results | where {$_.tags -eq $null}

#VMs with tags
$data.results | where {$_.tags -ne $null}
Chris Nakagaki (中垣浩一)
Blog: https://tech.zsoldier.com
Twitter: @zsoldier
0 Kudos
pamiller21
Enthusiast
Enthusiast

This is great and I what I usually do is put it into a HTML report to publish, but I am missing something when I am just trying to pull the name of the tagless, can you tell me where I went south?

 

#############################
# Variables #
#############################
$date=Get-Date -format "yyyy-MMM-d"
$datetime=Get-Date
$filelocation="\var\www\Tagless\NSX\NSX-$date.htm"

#############################
# Content #
#############################
#VMs without tags
#$report.results | where { $_.tags -eq $null }
$report.results = Get-VM | where { $_.tags -eq $null } | select name

#############################
# Add Text to the HTML file #
#############################
$report | ConvertTo-Html –title "VMware NSX-Tagless Check" –body "<H1>VMware NSX-Tagless Check</H1>" -head "<link rel='stylesheet' href='style.css' type='text/css' />" | Out-File $filelocation
ConvertTo-Html –title "VMware NSX-Tagless Check" –body "<H4>Date and time</H4>",$datetime -head "<link rel='stylesheet' href='style.css' type='text/css' />" | Out-File -Append $filelocation
ConvertTo-Html –title "VMware NSX-Tagless Check" –body "<H4>VM Count</H4>",$report.Count -head "<link rel='stylesheet' href='style.css' type='text/css' />" | Out-File -Append $filelocation

0 Kudos
Zsoldier
Expert
Expert

$report = $report.results | where { $_.tags -eq $null }

#Get-VM is working against vCenter, not NSX-T.

Chris Nakagaki (中垣浩一)
Blog: https://tech.zsoldier.com
Twitter: @zsoldier
0 Kudos
pamiller21
Enthusiast
Enthusiast

I did connect to a vcenter to try and use that cmdlet only because that is what I know.  But yup I see the '$report =' is a big missing piece.  The report published, but it shows A LOT lol and I am just hunting for the name of the VM.  How can I filter it to just that?

0 Kudos
Zsoldier
Expert
Expert

Ah, no worries

Do the following:

#Assuming you are capturing the $data output in my example above into $report instead.

$Report.results | Get-Member

#Above will return to you the 'properties' you have available for selection.

#If you want to look at example of what might fill those properties, you can just grab one like below:

$Report.results[0]

#To get select only the properties you want:

$Report.Results | Select display_name 
#Display_Name is likely what you are looking for, but you can append w/ commas or just leave it at that.
Chris Nakagaki (中垣浩一)
Blog: https://tech.zsoldier.com
Twitter: @zsoldier
0 Kudos
Zsoldier
Expert
Expert

To clarify w/ filter:

$Report.Results | where-object {$_.tags -eq $null} | Select-Object display_name 
# Display_Name is likely what you are looking for, but you can append w/ commas or just leave it at that.
Chris Nakagaki (中垣浩一)
Blog: https://tech.zsoldier.com
Twitter: @zsoldier
0 Kudos
pamiller21
Enthusiast
Enthusiast

That did it!

Is there a place to learn these cmdlets better? I am a novice at powerCLI and now that I am diving into NSX-T seems I need to relearn what little I know.   I have few more scripts I will need to rebuild, some where I tag VMs automatically.  

Last question, is there anyway to make a tag not auto delete itself if its not assigned to a VM? I created a tag in NSX-V that would lock the VM down to unable to communicate with it's network when first created, so that tag sits around idol until I have a new VM.

Again thank you so much for the help so far!

0 Kudos
Zsoldier
Expert
Expert

Looking at the API makes me believe that this is not possible as it seems a tag must be associated w/ a Virtual Machine.  As a workaround, might I suggest creating a dummy VM and tagging that.  It can literally be a VM w/ no disk, no network card assigned.  As long as it's in vCenter inventory, you can tag it, assuming you have NSX-T sync'd w/ vCenter Inventory.

 

As far as learning Powershell, I learned organically w/ superb help from @LucD's many community post examples.  As far as material, I've heard great things about Don Jones 30 days of lunches series.   Learn PowerShell in a Month of Lunches: Covers Windows, Linux, and macOS: Plunk, Travis, Petty, Jame...

This forum in general is also a good place to find many examples too.

Chris Nakagaki (中垣浩一)
Blog: https://tech.zsoldier.com
Twitter: @zsoldier
0 Kudos