I am a developer for a storage provider, we have a vcenter plugin, and I want to interrogate ESX health, using vmkping and a few other utilities to check some ESX config parameters.
Another forum suggested powerCLI as a possible solution, my questions are:
- can it run on both VCSA and windows version? (We support 6.5 and later VC).
- how can it authenticate to the ESX's? Escrowing ESX passwords is likely a non-starter.
Thanks.
Please don't, it's a very bad idea.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
So, discovered how to install powershell and powerCLI on vCenter VCSA 6.5 and 6.7 (photon 1 OS)!!!
For the record, switching to a remote plugin architecture (supported on vSphere 6.7 U1 and later) is the best way forward for plugin developers, since the remote OS can use powershell without impacting your VCSA VM, but if you absolutely must have powercli on your VCSA, here is how to do it on all VCSA's 6.5, 6.7, and 7.0, and more generally, how to do it on photon 1):
For vCenter 7.0 - based on photon 3, which supports powershell and powercli natively (thanks VMware for fixing this):
tdnf install powershell - yes it really is that easy. And network install of powershell also works:
From powershell:
Find-Module -Name VMware.PowerCLI
Install-Module -Name VMware.PowerCLI -Scope CurrentUser
Instructions for installing powershell on 6.5 and 6.7 VCSA (Photon 1 OS).
This is a manual install because Photon 1 (VCSA's OS) does not support automated install of powershell:
The short version (3 basic steps + ENV):
- download powershell, untar into VCSA
- edit the json config file
- download PowerCLI on another powershell capable VM, and transfer it to VCSA Modules directory.
- set environment variable $ENV:DOTNET_SYSTEM_NET_HTTP_USESOCKETSHTTPHANDLER = 0 so vcenter can connect.
Detailed instructions:
Step 1:
Download powershell-7.0.0-linux-x64.tar.gz - this is the one I tested.
https://github.com/PowerShell/PowerShell/releases/download/v7.0.0/powershell-7.0.0-linux-x64.tar.gz
untar into /usr/lib/powershell.
ln -s /usr/lib/powershell/pwsh /usr/bin
Step 2:
Edit pwsh.runtimeconfig.json
https://docs.microsoft.com/en-us/dotnet/core/run-time-config/globalization
Add to end of inside configProperties json element, don't forget to add comma at end of previous line:
"System.Globalization.Invariant": true
Test by running pwsh and see that it comes up without errors, 'exit' to exit powershell.
Step 3:
Download PowerCLI on another fresh powershell capable box (windows server 2016 for example, I also successfully tried VCSA 7.0):
Find-Module -Name VMware.PowerCLI
Install-Module -Name VMware.PowerCLI -Scope CurrentUser
It will download PowerCLI into the user's directory, so a directory with just PowerCLi is conveniently created, and will be one of the directories listed here:
$ENV:PSModulePath - this shows powershell's module search path, use the one specifiec to the logged in user.
Tar up the contents of the directory (need windows tar, I use cygwin, but there are many others, alternatively use a linux VM like VCSA 7.0 that supports powershell).
Extract the PowerCLI modules into /usr/lib/powershell/Modules on VCSA.
When connecting to VCenter
Test it as follows:
pwsh
Import-Module -Name VMware.PowerCLI - it will complain about HorizonView or licensing not supported on powershell core, this is OK, unless you care about those features.
Get-VI-Command - lists PowerCLI commands.
Here is a sample connect to vcenter sequence (after the above import is done):
Set-PowerCLIConfiguration -Scope AllUsers -ParticipateInCeip $false -InvalidCertificateAction Ignore -Confirm:$false
# this iuses a legacy method of creating an SSL connection, no longer recommended by .net, it solves the problem by using different libraries that exist on photon 1.
# SocketsHttpHandler Class (System.Net.Http) | Microsoft Docs
$ENV:DOTNET_SYSTEM_NET_HTTP_USESOCKETSHTTPHANDLER = 0
Connect-VIServer -Server MY_SERVER_IP_OR_DNS -Protocol https -Username 'administrator@vsphere.local' -Password 'password'
I can only repeat my earlier warning: PLEASE DO NOT DO THAT!
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I've spent some more time testing various powershell releases, and have run into some minor compatibility problems.
The best behaving one seems to be the one that photon 3 (VCSA 7.0) installs with tdnf.
It claims to be powershell 6.3.2, a bit on the old side, but it works fine with powerCLI, which is the main goal here.
So your best option is to simply tar up that version and transfer it to photon 1. All the above instructions still apply.
Presumably the actions here would leave customers with an unsupported VCSA?
I thought as much.
Let’s hope the storage provider find a method for their tool which can avoid this scenario!
If a Storage Provider ever came to me with such a solution, where I lose VCSA support, that would be a deal-breaker
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Scripts on vCenter cannot be good 3rd party vendor practice. Think of it as potentially malicious code.
The demand of pipelines’ artefact connected product builds grows. As example, the Skyline Health Diagnostic (SHD) 2.0 is delivered as an ISO. The basic setup requires VMware Photon OS 3.0Rev2. From a CI/CD perspective Photon OS and SHD remain fully maintainable independant to each other.
Photon OS is used for interpreted, general-purpose programming languages Python and Powershell as well. Hence, dotnet core on Photon OS fits the need for cross-platform programming, too.