VMware Cloud Community
eaphilipp
Contributor
Contributor

If Statement

Hello,

I am building a post vSphere script and in my environment we have two datacenters and with that my ESX hosts will write to different SYSLOG servers. I am trying to automate a bit of that. I have this, looking for some input to whether or not if this is right? This is just a piece of the script. I know the rest works nicely, this is a new piece.

# Connection to the ESX Host to be configured #

$a = Read-Host "Please enter ESX hostname :"

Connect-VIServer -Server "$a" -Credential(Get-Credential)

# Set the SYSLOG server address and open firewall ports dependant on DataCenter location#

$f = Read-Host "Which DataCenter is this host in (Type dc1 or dc2): "

if ($f -eq "dc1") {Get-AdvancedSetting -Entity $a -Name Syslog.global.logHost | Set-AdvancedSetting -Value '1.1.1.2:514' -Confirm:$false

get-vmhost $a | Get-VMHostFirewallException |?{$_.Name -eq 'syslog'} | Set-VMHostFirewallException -Enabled:$true }

if ($f -eq "dc2") {Get-AdvancedSetting -Entity $a -Name Syslog.global.logHost | Set-AdvancedSetting -Value '1.2.3.4:514' -Confirm:$false

get-vmhost $a | Get-VMHostFirewallException |?{$_.Name -eq 'syslog'} | Set-VMHostFirewallException -Enabled:$true }

# Disconnects vSphere Host #

Disconnect-VIServer $a -Confirm:$false

Thanks!

Reply
0 Kudos
3 Replies
Craig_Baltzer
Expert
Expert

If it does what you want then its "right" Smiley Happy. A couple of "optimization" things and a little error checking incase the ESXi host name is typed incorrectly:

  • If you're already connected to vCenter you don't need to connect to the individual host, the existing vCenter connection can do that for you
  • Assuming you don't have hosts with the same name in multiple datacenters you can find the datacenter without prompting the user for it

$VMH = Get-VMHost (Read-Host "Please enter ESX host name")

$DC = ($VMH | Get-Datacenter).Name

  • The only thing that appears to be changing between DC1 and DC2 is the syslog server. A hash table is an easy way to create a lookup you can use and avoids having to repeat the same code block for each datacenter. You use it by doing a "variable.key" to get the value (i.e. $SyslogEntries.DC1 has a value of "udp://1.1.1.2:514"). The log server entry should also include the protocol according to VMware KB: Configuring syslog on ESXi 5.x and 6.0

$SyslogEntries = @{"DC1" = "udp://1.1.1.2:514"; "DC2" = "udp://1.2.3.4:514"}

  • Get-VMHostFirewallException takes a -Name parameter so you can directly find the syslog entry rather than having to retrieve all the exceptions then "where-object" through them to find the syslog one

So another way of writing it would be

# Hash table of "Datacenter Name = IP Address and port" pairs
$SyslogEntries = @{"HQ" = "udp://1.1.1.2:514"; "DC2" = "udp://1.2.3.4:514"}
# Get the name of the host, then find the actual host
$VMH = Get-VMHost (Read-Host "Please enter ESX host name")
# Make sure we actually found the host
If ($VMH -ne $Null) {
    # Find the datacenter
    $DC = ($VMH | Get-Datacenter).Name
    # Set the syslog entry based on the datacenter
    $VMH | Get-AdvancedSetting -Name 'Syslog.global.loghost' | Set-AdvancedSetting -Value $SyslogEntries.$DC -Confirm:$False
    # Set the firewall exception
    $VMH | Get-VMHostFirewallException -Name 'syslog' | Set-VMhostFirewallException -Enabled:$True
}
Else {
    Write-Warning "Entered host was not found, no actions performed"
}
Reply
0 Kudos
eaphilipp
Contributor
Contributor

This is great and thank you for the reply, my question is will this change effect the rest of my script? Basically what I am doing here is this:

I build a hosts, ip it add it to vcenter and then run what I call a post install script on the host. the script does the following.

Connects to the host.

Removes the default VM Network Portgroup

Adds vmnic1 to vSwitch)

creates the vmotion network by prompting for the vMotion IP

adds a scratch log directory

adds NTP information and enables it

and finally the SYSLOG information. The only reason that I am asking about this script is we are making a change to the SYSLOG setup, depending on which datacenter the host is in it is going to write to a different syslog and I haven't done a lot with IF statements and I just wanted to make sure that what I had would work.

Thoughts?

Reply
0 Kudos
Craig_Baltzer
Expert
Expert

The "if" structure you have would work fine, the suggested changes were only for optimization.

There is a problem with the -Entity parameter on Get-AdvancedSettings as this wants an object not a string. So you'd need to replace

Get-AdvancedSetting -Entity $a -Name Syslog.global.logHost

With

Get-AdvancedSetting -Entity (get-vmhost $a) -Name Syslog.global.logHost

The remainder looks like it should work fine...

Reply
0 Kudos