9 Replies Latest reply on Nov 13, 2019 9:20 AM by LucD

    Schedule VCSA 6.5 Backup via vRealize Orchestrator or PowerCLI Script

    sc2317 Novice

      Hi,

       

      I want to configure & schedule VCSA 6.5 backup via vRealize Orchestrator or PowerCLI script. In VCSA 6.7, VMware has added functionality to schedule backup of vCenter servers, however in VCSA 6.5 this is missing.

       

      http://www.vmwarebits.com/vcenterbackup

       

      In above link "RobBastiaansen" has provided way to configure via vRealize orchestrator. However, I am not sure if someone has tested or validated this.

       

      Please assist me in configuring automated backup of VCSA that can be copied over network via SCP.

        • 1. Re: Schedule VCSA 6.5 Backup via vRealize Orchestrator or PowerCLI Script
          sc2317 Novice

          Hi,

           

          I have checked below links to run backups via script. However, I am not sure how to change for SCP instead of FTP. I tried replacing FTP with SCP but its throwing errors.

           

          http://vcdx56.com/2017/11/backup-vcenter-server-appliance-vcsa-6-5-using-powershell/?unapproved=179524&moderation-hash=f3ef57aa0032cac89673e5e38d2661b7#comment-179524

           

          https://code.vmware.com/forums/2530/vsphere-powercli#571923?start=0&tstart=0

           

          https://www.brianjgraf.com/2016/11/18/vsphere-6-5-automate-vcsa-backup/

           

          Errors while running the script in 1st link

           

          Backup-VCSAToFile : A server error occurred: 'com.vmware.vapi.std.errors.error': Access to the remote server is denied. Check your credentials and permissions. (Server error id:

          'com.vmware.applmgmt.err_access_denied'). Check $Error[0].Exception.ServerError for more details.

          At C:\Users\admin372720\Desktop\test.ps1:114 char:2

          +     Backup-VCSAToFile -BackupPassword $BackupPassword -LocationType $ ...

          +     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

              + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException

              + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Backup-VCSAToFile

           

          A server error occurred: 'com.vmware.vapi.std.errors.error': Status for '' does not exist. (Server error id: 'com.vmware.applmgmt.err_status_does_not_exist'). Check $Error[0].Exception.ServerError for

          more details.

          At C:\Users\admin372720\Desktop\test.ps1:89 char:35

          +                 $BackupAPI.get("$($BackupJob.ID)") | select id, progr ...

          +                                   ~~~~~~~~~~~~~

              + CategoryInfo          : OperationStopped: (:) [], CisServerException

              + FullyQualifiedErrorId : VMware.VimAutomation.Cis.Core.Types.V1.CisServerException

          • 2. Re: Schedule VCSA 6.5 Backup via vRealize Orchestrator or PowerCLI Script
            sc2317 Novice

            LucD

             

            Apologies, I have just received email with below message. I cannot see this message in this discussion, so copying it here so that its visible to everyone in case someone else is also facing this similar issue.

             

             

            Hi,
            I have no experience with vRO I'm afraid.
            But the error you are getting seems to say that you can't access the backup functionality on the VCSA with the account you are using.
            Are you using an SSO account or a local account on the VCSA?
            Did you do the Connect-CisServer?
            Have a look at Brian's script, see VSPHERE 6.5 – AUTOMATE VCSA BACKUP (vSphere 6.5 - Automate VCSA Backup | BRIAN GRAF ).
            It allows selecting the protocol (SCP.FTP...)

             

            Just follow this link to see Schedule VCSA 6.5 Backup via vRealize Orchestrator or PowerCLI Script

            Yes, I am using administrator@vsphere.local and have connected using connect-CisServer. If I just use connect-CisServer, then it gets connected properly without any issues. However, when I execute script I get the error. I have used Automating File-Based Backups of vCenter Server Appliance - VMware PowerCLI Blog - VMware Blogs this link to run the script, I am not bothered about scheduling this because I can get this scheduled via vRealize orchestrator by calling the script, however before that I want to test if script runs manually without any issues.

            • 3. Re: Schedule VCSA 6.5 Backup via vRealize Orchestrator or PowerCLI Script
              sc2317 Novice

              Hi,

               

              I have been able to run the script successfully after identifying that SCP server that I was using to copy the backup was wrong and after modifying the name script ran successfully.

               

              Now, can someone please help me in how to provide input (Specially passwords) via vRealize orchestrator to the below script, so that I can schedule the same.

               

              Below is the script that I used and is explained in https://blogs.vmware.com/PowerCLI/2018/07/automate-file-based-backup-of-vcsa.html

               

               

              4

               

              5

              6

              7

              8

              9

              10

              11

              12

              13

              14

              15

              16

              17

              18

              19

               

              # Login to the CIS Service of the desired VCSA

               

              Connect-CisServer -Server vcsa01.corp.local -User administrator@vsphere.local -Password *****

               

              # Store the Backup Job Service into a variable

              $backupJobSvc = Get-CisService -Name com.vmware.appliance.recovery.backup.job

               

              # Create a specification based on the Help response

              $backupSpec = $backupJobSvc.Help.create.piece.CreateExample()

               

              # Fill in each input parameter, as needed

              $backupSpec.parts = @("common")

              $backupSpec.location_type = "FTP"

              $backupSpec.location = "ftp01.corp.local"

              $backupSpec.location_user = "backup"

              [VMware.VimAutomation.Cis.Core.Types.V1.Secret]$backupSpec.location_password = "VMware1!"

              $backupSpec.comment = "PowerCLI Backup Job"

               

              # Create the backup job

              $backupJobSvc.create($backupSpec)

              • 4. Re: Schedule VCSA 6.5 Backup via vRealize Orchestrator or PowerCLI Script
                sc2317 Novice

                I have managed to run the script by saving password using ConvertTo-SecureString. However, I am getting below error and if its resolved then It would get my work done

                 

                Cannot convert the "System.Security.SecureString" value of type "System.Security.SecureString" to type "VMware.VimAutomation.Cis.Core.Types.V1.Secret".

                 

                Below is the content of the script that us causing this error

                 

                $pass1 = Get-Content "C:\back\Password1.txt" | ConvertTo-SecureString

                [VMware.VimAutomation.Cis.Core.Types.V1.Secret]$backupSpec.location_password =$pass1

                 

                Can someone please assist.

                • 5. Re: Schedule VCSA 6.5 Backup via vRealize Orchestrator or PowerCLI Script
                  LucD Guru
                  User ModeratorsCommunity WarriorsvExpert

                  You don't need the ConvertTo-SecureString.
                  Try like this

                   

                  $pass1 = Get-Content "C:\back\Password1.txt"

                  [VMware.VimAutomation.Cis.Core.Types.V1.Secret]$backupSpec.location_password = $pass1

                  Blog: http://lucd.info | Twitter: @LucD22 | PowerCLI Reference co-author: http://tinyurl.com/hkn4glz
                  • 6. Re: Schedule VCSA 6.5 Backup via vRealize Orchestrator or PowerCLI Script
                    sc2317 Novice

                    Hi LucD,

                    Thanks, unfortunately doing that threw error. However, by doing below I was able to run the backup on my test VCSA 6.5 with embedded PSC successfully.

                     

                    $data1 = Get-Content "C:\data1.txt" | ConvertTo-SecureString

                    $data2=[System.Net.NetworkCredential]::new("", $data1).Password

                    [VMware.VimAutomation.Cis.Core.Types.V1.Secret]$backupSpec.location_password = $data2

                     

                    However, now running the same script on Production 6.5 host with external PSC is throwing below error.

                     

                    A server error occurred: 'com.vmware.vapi.std.errors.unauthenticated': Unable to authenticate user (Server error id:

                    'vapi.security.authentication.invalid'). Check $Error[0].Exception.ServerError for more details.

                     

                    I tried restarting applmgmt and vmware-vapi-endpoint, but no luck. Please suggest.

                    • 7. Re: Schedule VCSA 6.5 Backup via vRealize Orchestrator or PowerCLI Script
                      LucD Guru
                      vExpertCommunity WarriorsUser Moderators

                      That sounds more as if the credentials might not be correct.

                      Blog: http://lucd.info | Twitter: @LucD22 | PowerCLI Reference co-author: http://tinyurl.com/hkn4glz
                      • 8. Re: Schedule VCSA 6.5 Backup via vRealize Orchestrator or PowerCLI Script
                        sc2317 Novice

                        I am using same credentials as of my test vcenter server no change in the passwords. Also, it connects to cisservice, however after few seconds I get this error.

                        • 9. Re: Schedule VCSA 6.5 Backup via vRealize Orchestrator or PowerCLI Script
                          LucD Guru
                          Community WarriorsUser ModeratorsvExpert

                          I'm afraid I don't have much experience with an external PSC.

                           

                          You could check some of the PSC logs to check if there any further clues in there.

                          But I would definitely advise creating an SR for this.

                          Blog: http://lucd.info | Twitter: @LucD22 | PowerCLI Reference co-author: http://tinyurl.com/hkn4glz