Using Independent Disks in vCloud

Yesterday I wrote about the PowerShell module I’ve written (CIDisk.psm1) to allow manipulation of independent disks in a vCloud environment. This post shows some usage options and details some of the caveats to be aware of when using disks in this manner.

My test environment has two VMs (named imaginatively ‘vm01’ and ‘vm02’), and the VDC they are in has access to four different storage profiles (‘Platinum’, ‘Gold’, ‘Silver’ and ‘Bronze’ storage). The default storage policy for the VDC is ‘Bronze’, but what if we want to create independent disks on other profiles? The -StorageProfileHref parameter to New-CIDisk lets us do this. Once connected to our cloud (Connect-CIServer) we can find the Hrefs of the available storage profiles we can use:

Let’s create 2 independent disks, a 10G disk on ‘Platinum’ storage and a 100G disk on ‘Silver’ storage:

We can see in the vCloud interface that these disks now exist in our VDC (Note: you may have to completely refresh your vCloud session using your browser’s refresh before the ‘Independent Disks’ tab appears):

There are no context actions for these disks though and we can’t attach/detach them to VMs in the vCloud interface.

Our VM01 virtual machine currently has a 40GB base disk attached and no other storage:

 

We can mount both our new independent disks to this VM using the following:

Looking at the VM01 Hardware tab following this shows both disks mounted:

Note again that no manipulation options are available in the vCloud UI, but at least it’s obvious that independent disks have been attached to VM01.

After rescanning storage in the guest, we can see the new storage devices on VM01:

And once these are brought online, initialized, storage volumes created and drive letters assigned, we can use the disks inside the guest (the volume names don’t get automatically mapped – I’ve just named the volumes the same as the independent disk objects for consistency):

At this point everything appears to be working fine, but there can be a catch here – if you restart the virtual machine you may find that the server attempts to boot from one of the newly mounted independent disks. Luckily vCloud Director 8.10 allows us to get into the VM BIOS and change the boot order settings:

Once restarted into BIOS we can select the correct boot order:

With the server restarted, we can create some test content in ‘disk01-plat’ to prove that the data moves when we reattach this disk to VM02:

And to dismount ‘disk01-plat’ from VM01 and mount it to VM02 we can:

Looking at the available storage in VM02 after a disk rescan shows our disk has transfered across:

Finally, checking the contents of the ‘E:\’ drive shows our test folder & file have made it across:

And Get-CIDisk can be used to verify the disk attachments after moving disk01 to VM02:

Hopefully this gives a better idea of how CIDisk can be used to manage independent disks in a vCloud environment, it would be nice if VMware included the management functions in the UI, but for now at least you can use PowerShell to easily achieve the same results without having to write against the API directly.

As always, any comments / feedback greatly appreciated.

Jon

Independent Disks in vCloud via PowerCLI

Another day, another customer requirement which I figured ‘this will be easy’ and turned out not to be quite so easy…

The customer in question is a tenant on our cloud platform and has built a VM to be their offline root Certificate Authority (CA). In line with their security practice, this VM has no network connectivity and is usually powered-off in their environment unless specifically required to issue or renew certificates.

They asked if there was an easy way to transfer certificate files issued by this VM to other servers in their infrastructure. In their (old) vSphere environment they would simply attach a new temporary virtual disk to the VM, copy the certificate files over and then attach the disk to the destination VM. Surely there had to be some similar functionality in vCloud Director?

Well, there’s a bit of good and bad news on that…

By default disks in vCloud Director are assigned (permanently) to a VM, they can’t be moved to different VMs. (That’s the bad news). The good news is that vCD supports ‘independent disks’ which can be moved between VMs. The bad news is that this is an API-only operation (nothing in the web UI allows creation or manipulation of Independent disks, although you can see them if they exist). The worst news is that VMware PowerCLI even in the latest 6.5R1 version doesn’t have any cmdlets to manipulate independent disks attached to vCloud VMs either.

So while I could have hacked something together to run directly against the vCloud Director REST API for this customer, I figured it would be better to have some reusable PowerShell cmdlets for this. So I set about writing some and I’m pleased to announce the first release of ‘CIDisk’, a collection of PowerShell cmdlets to manipulate independent disks in vCloud Director environments.

The module code, documentation and examples are now available on my github at https://github.com/jondwaite/cidisk

I’ll do a followup post detailing some more advanced options and scenarios in the next day or two.

Edit – Followup post is now available here.

As always I appreciate any/all feedback and hope someone else finds these useful.

Jon

Live import VMs to vCloud Director

Tom Fojta wrote a great blog post about the new capability in vCloud Director 8.10 to import running VMs into vCloud Director. This is a huge asset in migration scenarios where customers can’t afford outages when being migrated into the vCD environment. Unfortunately the API syntax to actually initiate the import is a little convoluted and not the easiest process to manage.

I set about writing a PowerShell script to significantly simplify the process of initiating a live-import operation. The script itself is available from github at the following link: https://github.com/jondwaite/vcdliveimport.

The liveimport.ps1 script contained in this repository does the following:

  • Prompts for a credential to be used to connect to both vCloud Director (System context) and vCenter – if you have different usernames/passwords for each you’ll need to adjust this.
  • Enumerates the available vCenter instances registered as Provider Virtual Datacenters (PVDCs) in vCloud Director and allows one to be selected as the source vCenter for the migration.
  • Lists the available VMs in the selected vCenter instance, filters this list based on selectable criteria (e.g. don’t offer to import ‘Guest Introspection’ VMs) and allows the source VM to be selected.
  • Lists available destination Virtual Datacenters (VDCs) in the vCloud Director environment and allows the destination VDC to be selected.
  • Displays the appropriate POST request information to be submitted to vCloud Director to initiate the live-import of this VM.
  • Optionally – Submits the REST API request directly to the vCloud Director environment to actually initiate the import process.

An example transcript of this process is show below. Hopefully this helps someone else out and helps to make it easier for you to live-import running VMs into vCloud Director.

Jon.

Example Session Transcript:

 

Working with the vCloud API and PHP SDK – Part 1

Introduction

While I love using the PowerCLI tools for manipulating vCloud Director, sometimes you need to perform actions that require hitting the API directly. Tools such as the RESTClient plugin for Firefox, cURL and HTTPie from the command line are good for interactive manipulation of the API, but what if you want to automate these API interactions?

Fortunately, rather than having to reinvent the wheel, VMware publish a variety of SDK’s (currently for PHP, Java and Microsoft .NET) which make this (relatively) straightforward, although sadly the documentation for these are lacking in basic configuration information which makes actually using them more problematic than it should be. They are still a better alternative than writing code directly against the HTTP API where you have to deal with decoding and re-encoding the XML objects used by the vCloud API itself directly.

In this series I’ll concentrate on the VMware PHP SDK for vCloud Director (PHP SDK). This first post will cover how to install and configure it. Once we have a working environment configured the following articles in this series will detail some (hopefully) useful scripts which use the PHP SDK to perform automation tasks against the vCloud API.

Quick note on VMware PHP SDK versions

The link to download the PHP SDK for vCloud is on VMware’s site here, however if you work for a VMware Service Provider and have access to the vCloud Director for Service Providers code you’ll find a more recent version as follows:

Log in to your ‘My VMware‘ account and select the ‘View & Download Products’ section. From the list select the ‘Download’ link against the ‘vCloud Director for Service Providers’ product.

Next select the ‘Drivers & Tools’ tab and expand the ‘Automation Tools and SDK(s)’ section, then select the Download link against the ‘VMware vCloud SDKs for Service Providers’ item. This will take you to a page where you can download a later (v8.0.0 build 3010704 currently) version of the PHP SDK. (The direct link for this is here, but I believe will only work if you have a valid Service Provider login for My VMware).

Download the .zip or .tar.gz version of the PHP SDK that suits your development environment, as far as I can tell the contents is identical between both versions so ease of unarchiving is the only difference. For the purposes of this series of posts it shouldn’t matter which version of the SDK (5.5 or 8.0) you use.

None of this makes sense to me – I know the vCloud Director product past version 5.5 is a service provider only offering, but since clients of vCloud Powered service providers are just as entitled to use the API as service providers then surely VMware should make the latest SDK available to everyone?

Configuring your devlopment environment

There are 5 components involved in setting up a functioning development environment with the vCloud PHP SDK:

  • A working PHP installation (No web server required).
  • The PEAR modules ‘HTTP2_Request’ and ‘Log’.
  • The PHP extensions ‘openssl’ and ‘mbstring’ added and enabled.
  • The VMware downloaded PHP SDK files.
  • A Configuration.ini file to control SDK logging.

Unfortunately only the first 2 of these are (partially) covered in the VMware documentation. The following sections detail how to configure a working development environment for all of these.

The documentation included on VMware’s site for the PHP SDK download mentions that the ‘Pear HTTP_Request2’ package is required to use the PHP SDK, unfortunately it doesn’t mention that 2 additional extensions are also required (PEAR Log and the PHP mbstring). Without these additional packages you will either not be able to use the SDK at all, or receive strange error messages.

PHP installation on Linux

If you are using a Linux platform with a package manager you will usually find a packaged PHP distribution available. On most CentOS systems this can be installed with:

$ sudo yum install php

On other Linux distributions the commands will vary so check the documentation for your particular environment, the PHP Documentation has good installation instructions for a variety of platforms. You will also require Pear (PHP Extension and Application Repository framework) in order to be able to install the support packages required by the SDK. Again on CentOS this can be installed with:

$ sudo yum install php-pear

Adding the required PHP extensions on Linux

Your Linux distribution should have an available package to install the mbstring (Multibyte Character support) extension for PHP, e.g. for CentOS Linux:

$ sudo yum install php-mbstring

To install the PEAR modules required for the vCloud PHP SDK:

$sudo pear install HTTP_Request2 Log

PHP Installation on Windows

On Windows systems I would strongly advise using 64-bit Windows and the PHP version 7 releases from http://windows.php.net/download as this will support native PHP 64-bit integers on 64-bit platforms. This can be useful dealing with disk capacities (usually expressed in bytes) within the SDK which could overflow a 32-bit integer. (Note that even the 64-bit versions of PHP v5.x do not support 64-bit integers). For v7 on Windows you will also need to install the Visual C++ Redistributable for Visual Studio 2015 from Microsoft if you don’t already have it installed – make sure you install the version appropriate to your PHP environment (32-bit/64-bit).

Extract the downloaded PHP .zip file into a new folder (e.g. C:\PHP) and install the Visual C++ Redistributable appropriate to your version if needed.

Copy the ‘php.ini-development’ file included in the download in this folder to ‘php.ini’ – this will serve as the configuration point for your installation and will be used to enable extensions.

To install the PHP Pear extension on Windows, go to https://pear.php.net/manual/en/installation.getting.php and download the ‘go-pear.phar’ into the same folder you extracted PHP into. Install it from a command prompt opened into the same folder you extracted PHP into using:

php go-pear.phar

Note: if you are not using an ‘administrator’ command prompt you will need to change the default path for ‘pear.ini’ to something other than C:\Windows – I just placed it in the PHP directory (C:\PHP\pear.ini).

You will need to double-click the ‘PEAR_ENV.reg’ file to add appropriate environment variables for PEAR to your user account to the Windows registry. You should also add the directory you extracted PHP into to your Windows PATH – this is under Windows ‘Advanced System Settings’. Note that you will need to re-open a command prompt for PATH changes to take effect.

Adding required PHP extensions on Windows

To install the ‘HTTP_Request2’ and ‘Log’ modules from a Windows Command prompt type:

pear install HTTP_Request2 Log

The mbstring (multibyte) extension is usually present (in the ‘ext’ subdirectory of your PHP installation) as ‘php_mbstring.dll’ on Windows, but not enabled by default. The same is true for the openssl extension. To enable these extensions edit your php.ini file and find the lines:

;extension=php_mbstring.dll
:::
;extension=php_openssl.dll

And remove the leading semi-colons (;) then save the file. You can test whether the modules are loaded correctly by typing ‘php -m’ and checking that ‘mbstring’ and ‘openssl’ are listed in the output in the [PHP Modules] section.

VMware PHP SDK Files

The PHP SDK itself can be extracted to any convenient folder – on Linux I’d suggest under your home directory and on Windows pick somewhere easy to locate (e.g. C:\PHPSDK). Ensure that the folder structure remains intact – you should have 3 subdirectories in the extracted SDK named ‘docs’, ‘library’ and ‘samples’. The essential one (and only one required to actually use the SDK) is the ‘library’ folder.

Configuration.ini (pear/Log configuration file)

The Vmware documentation makes no mention of it, but the ‘ServiceAbstract.php’ file included in the library file (/library/VMware/VCloud/ServiceAbstract.php) relies on both the Pear Log module (which we installed) and a text file ‘Configuration.ini’ which is read at various points in the file to determine logging options for API interactions.

This is very useful (once you know about it), but the file itself is not supplied with the PHP SDK download and must be manually created. To do this, create a new text file in the folder where you will be working with the SDK (e.g. C:\PHPSDK) named ‘Configuration.ini’ and specify the contents as:

[log_section]
log_handler_name=file
log_file_location=phpsdk.log
log_level=PEAR_LOG_DEBUG

This will log all API interactions to a text file (phpsdk.log) in the current directory and is incredibly useful for troubleshooting – you can control the verbosity of the logging by changing the log_level parameter (as well as the log filename and type using the other options). For full documentation on available options and values see the Pear Log documentation.

config.ini (VMware PHP SDK configuration file)

The last piece of configuration required is to copy the file ‘config.ini’ from the PHP SDK ‘samples’ folder into the location where you will be developing your PHP code. You should edit the copied file and ensure that the section that reads:

set_include_path(implode(PATH_SEPARATOR, array('.','../library',get_include_path(),)));

Is updated to refer to the location where your PHP SDK ‘library’ folder exists. For example, on Windows if the PHP SDK is extracted to C:\PHPSDK then this line should be updated to read:

set_include_path(implode(PATH_SEPARATOR, array('.','C:\PHPSDK\library',get_include_path(),)));

To check whether everything is working, try creating a file ‘test.php’ in the root of your working directory (where you’ve edited config.php and saved Configuration.ini)

<?php
  include './config.php';
?>

If you’ve configured everything correctly then running this from a command prompt php test.php should return with no output or errors.

Note: If you are using PHP 7 on Windows you may get a warning from the Log.php file included by the SDK which looks similar to:

PHP Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; Log has a deprecated constructor in C:\PHP\pear\Log.php on line 38

This is harmless and safe to ignore, but if it annoys you and you want to prevent it being displayed you can add a new line to the Log.php file specified in the warning message as below just prior to the ‘public static function factory($handler, $name = ”, $ident = ”,…) line:

public function __construct(){}

You will proabbly also need to add this line after the ‘class’ definition in the pear/Log/file.php file.

In the next parts of this series I’ll be using this environment to show you how to achieve some useful interactions with a vCloud platform using the Perl SDK, I’ll update this post with links once these are posted. As always, please leave any feedback in the comments, I try to answer as much as I can.

Jon.

Create an empty vApp in vCloud Director

Sometimes you just need to create a new vApp with no contents at all – maybe for testing, or maybe you want to populate it with VMs built ‘from scratch’ rather than cloned from templates. This is easy to do in the vCloud Director web UI – you just skip the addition of any VM templates or new VMs and can easily create empty vApps, but how about programatically?

The VMware documentation is remarkably slim in this regard – all the documented methods I could find for vApp creation require either cloning from existing vApp templates, from existing VMs or from uploaded OVF files.

So how do we create a brand-new empty vApp? Turns out it’s pretty simple – once you discover the ‘composeVApp’ method on an Organization VDC supports creation of empty vApps.

If using the REST API we can simply create an XML body document of type ‘composeVAppParams’ and submit it against the OrgVDC’s /action/composeVapp link.

An example XML document body could be:

<?xml version=”1.0″ encoding=”UTF-8″?>
<ComposeVAppParams
name=”MyEmptyVapp”
xmlns=”http://www.vmware.com/vcloud/v1.5″
xmlns:ovf=”http://schemas.dmtf.org/ovf/envelope/1″>
<Description>My vApp Description</Description>
<AllEULAsAccepted>true</AllEULAsAccepted>
</ComposeVAppParams>

We then ‘POST’ this document body to the link: ‘https://<Cloud Server DNS name or IP address>>/api/vdc/<ID of our VDC>/action/composeVApp’ not forgetting to add a header of ‘Content-Type: application/vnd.vmware.vcloud.composeVAppParams+xml’ to the POST request.

If we want to accomplish the same thing using PowerShell / PowerCLI it’s easy too (once connected to our cloud using Connect-CIServer):

$vapp = New-Object VMware.VimAutomation.Cloud.Views.ComposeVAppParams
$vapp.Name = “MyEmptyVapp”
$vapp.Description = “My vApp Description”
$myorgvdc = Get-OrgVdc -Name ‘My OrgVDC Name’
$myorgvdc.ExtensionData.ComposeVApp($vapp)

No idea if this is ‘officially’ supported or not – so use at your own risk and be aware that the implementation could change in a future release and break this (although I’d be surprised as this is almost certainly the action that the vCD web UI is submitting ‘behind the scenes’ when you manually create an empty vApp).

Jon.

Working with vCloud Metadata in PowerCLI – Part 1

Way back in 2012 Alan Renouf created a PowerCLI module to deal with manipulation of metadata entries for vCloud Director objects – this can be incredibly useful to track related information for these objects. The vCD metadata functionality was enhanced in v5.1 (and then later in 5.5, 5.6 and 8.0) – in particular typed values were added with functionality to use date/time, boolean and numeric values (as well as free-form string text). Also added were security levels so that metadata could be made read-only or hidden (from a tenant perspective) but still accessible/visible to system owners. I’ve taken the PowerShell module that Alan published here and updated it to cope with these enhancements. I’ve also updated the returned fields/views to include the extra attributes (where present) such as security levels of metadata entries.

Note that I am definitely not a professional developer (and most of my PowerShell knowledge comes from Google) so there’s probably significant room for improvement in the code – comment back if you have suggestions for improvement and I’ll update this post.

Use of the module requires a valid connection to a vCloud instance (using Connect-CIServer). This won’t work for versions prior to v5.1 (most of my testing has been with PowerCLI 6 against a v8 vCD deployment) so please use at your own risk and make sure you thoroughly test your own scenarios. I’ll write a follow-up post detailing some example code and usage scenarios which people may find useful in the next few days.

I’d suggest copy/pasting the code (below) into a PowerShell module (.psm1) file and including the module in your scripts as needed.