Hello
I'm using the below script to get VDS Port Group it's working fine but I'm getting the warring message:
WARNING: The output of the command produced distributed virtual portgroup objects. This behavior is obsolete and may change in the future. To retrieve distributed portgroups, use Get-VDPortgroup cmdlet in the VDS component. To retrieve standard portgroups, use -Standard.
I would like to understand why I'm getting this warrning and how I car relidiate using the similar way used in my script?
Get-VMHost -PipelineVariable ESX | Get-VirtualPortGroup | Select-Object @{N='VMHost';E={$esx.Name}},VirtualSwitch,Name,VlanId | Out-String | ForEach-Object { $_.Trim() } > ".\VDSportGroup.txt"
#Verify if VlanID is set to 0 or 1, if so, then Check Get-VirtualPortGroup-Config.txt
$CheckVlanID = (Get-Content .\VDSportGroup.txt | Format-Table VlanId | findstr /v " _$Null VlanId ----- _$Null") | where-object {$_ -like '*0*' -like '*1*'} | ForEach-Object{$_.split(".")[0]}
function VDSPort{
if ($Null -eq $CheckVlanID) {
Write-Log -StartTab 1 -LinesBefore 1 -Level Success -Message "All Hosts have VlanID configured with value between 2 and 4094 " -FilePath $LogFile
}
else {
Write-Host -f red "Hosts with wrong VlanID detected"
Write-Log -StartTab 1 -LinesBefore 1 -Level Success -Message "Check Get-VirtualPortGroup-Config file for host(s) $CheckVlanID" -FilePath $LogFile
}
}
VDSPort
This is just a warning, and one that has been there for quite some time.
Replace the Get-VirtualPort with Get-VDPortGroup, just like the message says.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thanks LucD
I replaced the Get-VirtualPort with Get-VDPortGroup and I got the below message
Get-VDPortgroup : The input object cannot be bound to any parameters for the command either because the command does not take pipeline input or the input and its properties do not match any of the parameters that take pipeline input.
You can't get VDS portgroups that way.
A VDS is connected to multiple ESXi nodes.
Also, since multiple VLAN configs are possible, you have to get the VLANIds differently.
For example like this
ForEach-Object -Process {
Get-VDPortgroup -VDSwitch $dvSw |
Select @{N='VMHost';E={(Get-View -Id $_.ExtensionData.Host -Property Name).Name -join '|'}},
@{N="dvSw";E={$dvSw.Name}},Name,
@{N="VLanId";E={
if($_.ExtensionData.Config.DefaultPortConfig.Vlan -is [VMware.Vim.VmwareDistributedVirtualSwitchPvlanSpec]){
$_.ExtensionData.Config.DefaultPortConfig.Vlan.PvLanId
}
elseif($_.ExtensionData.Config.DefaultPortConfig.Vlan.VLanId -is [VMware.Vim.NumericRange[]]){
[string]::Join(',',($_.ExtensionData.Config.DefaultPortConfig.Vlan.VLanId | %{
[string]$_.Start + "-" + [string]$_.End
}))
}
else{
$_.ExtensionData.Config.DefaultPortConfig.Vlan.VLanId
}
}}
}
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thanks LucD, the idea is to ensure that the port group is not configured to use whatever value is set for the native VLAN.
for that Ineed first to check and List all VDS and their Security Settings & VLANIds
Now that you have the VLANid info, the 2nd part of your script (the check) should be nearly the same.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thanks LucD it's working, just one things,
I would like to compare the data using a variable which should be different to 0 and 1 because:
Reserved VLAN IDs:
Not able to do it :smileyblush:
should be something like this
if($vlan -eq '0' or -eq'1') do something
What VLANids do you get back?
Are there ranges in there?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
As per vmware we shouldn't assign VLANids 0 or 1 except for network configuration for isolation and segmentation of virtual machine network traffic
I'm getting VLanId like this
0
0-4094
and other with unique number like 100 512 912....
Basically I need to follow this recommendation from vSphere in order to be compliant
Three types of VLAN tagging exist in vSphere:
so in that case I should compare to 0 and 1 I'm right?
When the portgroup has a single VLANid, you can test for 0 or 1.
When the portgroup has a range, you will have to test with the start and the end of the range.
You could do something along these lines
$lower, $upper = $VLANid.Split('-')
if($lower -lt 2){
$newLower = 2
}
else{
$newLower = $lower
}
if($upper -ge 4095){
$newUpper = 4094
}
else{
$newUpper = $upper
}
$newVLANid = "$(newLower)-$($newUpper)"
}
else{
if($VLANid -eq 0 -or $VLANId -eq 1){
$newVLANID = ?
}
else{
$newVLANID = $VLANid
}
$newVLANID
}
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference