I wish to harden all my vm's on an esxi host. However I don't know how to remove all pci devices. Any help ?
Looks like the issue (see Remove Passthrough Device ) with PCI devices is still there.
Can you try with the API method?
$vm = Get-VM -Name $vmName
$pci = $vm.ExtensionData.Config.Hardware.Device | where {$_ -is [VMware.Vim.VirtualPCIPassthrough]}
if ($pci) {
$spec = New-Object VMware.Vim.VirtualMachineConfigSpec
$dev = New-Object VMware.Vim.VirtualDeviceConfigSpec
$dev.operation = "remove"
$dev.Device = $pci
$spec.DeviceChange += $dev
$vm.ExtensionData.ReconfigVM($spec)
}
else {
Write-Host "No CPI device found on VM"
}
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Are you targeting the PCI Passthrough devices or all PCI devices (including controllers)?
If only the passthrough devices, you could do
Get-PassthroughDevice |
Remove-PassthroughDevice -Confirm:$false
Depending on the guest OS running in the VM, you might have to take action inside the guest OS as well (before removing the device)
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
When I connect to my esxi host and run your script I get the error message below:
Unable to cast object of type 'VMware.Vim.VirtualPCIPassthroughVmiopBackingInfo' to type
'VMware.Vim.VirtualPCIPassthroughDeviceBackingInfo'.
What kind of passthrough devices do you have?
Can you run
Get-PassthroughDevice |
Select @{N = 'VM'; E = {$_.VM.Name}},Name,VendorName
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Can you also check which PowerCLI version you are using?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I am just in a lab environment. I don't have the option to add a pci device, so I went to vcenter and added a shared pci device. I wanted a command to remove ' PCI device 1' shown in the pic ? If my very limited understanding is right (possibly not) your command should remove 'PCI device 1 ' show in the picture ?
That is the idea, yes.
Is that PCI device used as a passthrough device in a VM?
Can you remove the PCI device via the Web Client?
What PowerCLI version are you using?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Yes the pci device pictured is the settings of a vm. I can remove with the web client .
PowerCLI Version
----------------
VMware PowerCLI 11.2.0 build 12483598
Looks like the issue (see Remove Passthrough Device ) with PCI devices is still there.
Can you try with the API method?
$vm = Get-VM -Name $vmName
$pci = $vm.ExtensionData.Config.Hardware.Device | where {$_ -is [VMware.Vim.VirtualPCIPassthrough]}
if ($pci) {
$spec = New-Object VMware.Vim.VirtualMachineConfigSpec
$dev = New-Object VMware.Vim.VirtualDeviceConfigSpec
$dev.operation = "remove"
$dev.Device = $pci
$spec.DeviceChange += $dev
$vm.ExtensionData.ReconfigVM($spec)
}
else {
Write-Host "No CPI device found on VM"
}
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
$vmName = 'vm4'
$vm = Get-VM -Name $vmName
$pci = $vm.ExtensionData.Config.Hardware.Device | where {$_ -is [VMware.Vim.VirtualPCIPassthrough]}
if ($pci) {
$spec = New-Object VMware.Vim.VirtualMachineConfigSpec
$dev = New-Object VMware.Vim.VirtualDeviceConfigSpec
$dev.operation = "remove"
$dev.Device = $pci
$spec.DeviceChange += $dev
$vm.ExtensionData.ReconfigVM($spec)
}
else {
Write-Host "No CPI device found on VM"}
Name Port User
---- ---- ----
192.1xxxxx 443 VSPHERE.LOCAL\Administrator
Exception setting "Device": "Cannot convert the "System.Object[]" value of type "System.Object[]" to type "VMware.Vim.VirtualDevice"."
At line:10 char:4
+ $dev.Device = $pci
+ ~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], SetValueInvocationException
+ FullyQualifiedErrorId : ExceptionWhenSetting
Exception calling "ReconfigVM" with "1" argument(s): "
Required property device is missing from data object of type VirtualDeviceConfigSpec
while parsing serialized DataObject of type vim.vm.device.VirtualDeviceSpec
at line 1, column 250
while parsing property "deviceChange" of static type ArrayOfVirtualDeviceConfigSpec
while parsing serialized DataObject of type vim.vm.ConfigSpec
at line 1, column 244
while parsing call information for method ReconfigVM_Task
at line 1, column 171
while parsing SOAP body
at line 1, column 64
while parsing SOAP envelope
at line 1, column 0
while parsing HTTP request for method reconfigure
on object of type vim.VirtualMachine
at line 1, column 0"
At line:13 char:4
+ $vm.ExtensionData.ReconfigVM($spec)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : VimException
Looks like you have more than 1 PCI device on that VM.
In that case, try like this.
$vm = Get-VM -Name $vmName
$pci = $vm.ExtensionData.Config.Hardware.Device | where {$_ -is [VMware.Vim.VirtualPCIPassthrough]}
if ($pci) {
$spec = New-Object VMware.Vim.VirtualMachineConfigSpec
$pci | ForEach-Object -Process {
$dev = New-Object VMware.Vim.VirtualDeviceConfigSpec
$dev.operation = "remove"
$dev.Device = $_
$spec.DeviceChange += $dev
}
$vm.ExtensionData.ReconfigVM($spec)
}
else {
Write-Host "No CPI device found on VM"
}
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
$vmName = 'vm4'
$vm = Get-VM -Name $vmName
$pci = $vm.ExtensionData.Config.Hardware.Device | where {$_ -is [VMware.Vim.VirtualPCIPassthrough]}
if ($pci) {
$spec = New-Object VMware.Vim.VirtualMachineConfigSpec
$pci | ForEach-Object -Process {
$dev = New-Object VMware.Vim.VirtualDeviceConfigSpec
$dev.operation = "remove"
$dev.Device = $_
$spec.DeviceChange += $dev
}
$vm.ExtensionData.ReconfigVM($spec)
}
else {
Write-Host "No CPI device found on VM"
}
Name Port User
---- ---- ----
192.168.217.8 443 VSPHERE.LOCAL\Administrator
Exception calling "ReconfigVM" with "1" argument(s): "Invalid configuration for device '1'."
At line:15 char:4
+ $vm.ExtensionData.ReconfigVM($spec)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : VimException
What does this show?
Get-PassthroughDevice |
Select @{N = 'VM'; E = {$_.VM.Name}},Name,VendorName
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Get-VM -Name vm4 |
Get-PassthroughDevice |
Select @{N = 'VM'; E = {$_.VM.Name}},Name,VendorName
Name Port User
---- ---- ----
192.168.217.8 443 VSPHERE.LOCAL\Administrator
Get-PassthroughDevice : 04/03/2019 16:10:01 Get-PassthroughDevice Unable to cast object of type 'VMware.Vim.VirtualPCIPassthroughVmiopBackingInfo' to type
'VMware.Vim.VirtualPCIPassthroughDeviceBackingInfo'.
At line:3 char:1
+ Get-PassthroughDevice |
+ ~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-PassthroughDevice], VimException
+ FullyQualifiedErrorId : Core_BaseCmdlet_UnknownError,VMware.VimAutomation.ViCore.Cmdlets.Commands.VirtualDevice.GetPassthroughDevice
Get-PassthroughDevice : 04/03/2019 16:10:01 Get-PassthroughDevice Unable to cast object of type 'VMware.Vim.VirtualPCIPassthroughVmiopBackingInfo' to type
'VMware.Vim.VirtualPCIPassthroughDeviceBackingInfo'.
At line:3 char:1
+ Get-PassthroughDevice |
+ ~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-PassthroughDevice], VimException
+ FullyQualifiedErrorId : Core_BaseCmdlet_UnknownError,VMware.VimAutomation.ViCore.Cmdlets.Commands.VirtualDevice.GetPassthroughDevice
Seems that there are issues with all the cmdlets.
Can you perhaps show a screenshot of the vritual hardware where you opened the PCI device?
And what does this show?
$vm.ExtensionData.Config.Hardware.Device |
where{$_ -is [VMware.Vim.VirtualPCIPassthrough]} |
Select @{N='Label';E={$_.DeviceInfo.Label}},
@{N='Summary';E={$_.DeviceInfo.Summary}},
@{N='vGPU';E={$_.Backing.VGpu}}
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
PS C:\WINDOWS\system32> Connect-VIServer -Server 192.168.217.8 -Protocol https -User administrator@vsphere.local -Password Password1$
$vm = Get-VM -Name vm4
$vm.ExtensionData.Config.Hardware.Device |
where{$_ -is [VMware.Vim.VirtualPCIPassthrough]} |
Select @{N='Label';E={$_.DeviceInfo.Label}},
@{N='Summary';E={$_.DeviceInfo.Summary}},
@{N='vGPU';E={$_.Backing.VGpu}}
Name Port User
---- ---- ----
192.168.217.8 443 VSPHERE.LOCAL\Administrator
Label : PCI device 0
Summary : NVIDIA GRID vGPU NVIDA
vGPU : NVIDA
Label : PCI device 0
Summary : NVIDIA GRID vGPU NVIDA
vGPU : NVIDA
Strange, you have "PCI device 0" twice on that VM?
I wanted to see what is shown for the PCI device 0 when you click that arrow left of the name.
It should show some of the properties of the device
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Can you run
$vm.ExtensionData.Config.Hardware.Device |
where{$_ -is [VMware.Vim.VirtualPCIPassthrough]} |
Select @{N='Label';E={$_.DeviceInfo.Label}},
@{N='Key';E={$_.Key}},
@{N='ControllerKey';E={$_.ControllerKey}},
@{N='Unit';E={$_.UnitNumber}},
@{N='Summary';E={$_.DeviceInfo.Summary}},
@{N='vGPU';E={$_.Backing.VGpu}}
And also check what $global:defaultviservers contains?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
PS C:\WINDOWS\system32> Connect-VIServer -Server 19xxxxxxxxx -Protocol https -User administrator@vsphere.local -Password xxxxxxxxx
$vm = Get-VM -Name vm4
$vm.ExtensionData.Config.Hardware.Device |
where{$_ -is [VMware.Vim.VirtualPCIPassthrough]} |
Select @{N='Label';E={$_.DeviceInfo.Label}},
@{N='Key';E={$_.Key}},
@{N='ControllerKey';E={$_.ControllerKey}},
@{N='Unit';E={$_.UnitNumber}},
@{N='Summary';E={$_.DeviceInfo.Summary}},
@{N='vGPU';E={$_.Backing.VGpu}}
Name Port User
---- ---- ----
192.168.217.8 443 VSPHERE.LOCAL\Administrator
Label : PCI device 0
Key : 13000
ControllerKey : 100
Unit : 18
Summary : NVIDIA GRID vGPU NVIDA
vGPU : NVIDA
Label : PCI device 0
Key : 13000
ControllerKey : 100
Unit : 18
Summary : NVIDIA GRID vGPU NVIDA
vGPU : NVIDA
Where/ how do I view $global:defaultviservers