Main Menu

Search

Print | Email
website about Regular Expressions

param(
 $server="<hostIP>",
 $password="pwd",
 $file="VLANS.csv"
)

# preparing values
# BROKER & MGMT are 
# always the same so can be specified explicitly
$portgrpexmatch = "BROKER","MGMT"

# match to be on the start and end of the string as array values 
# and string match in the middle
# separated by comma
$portgrpsematch = @("START","_OP_END")

# match on the beginning to the Port Group name i.e. partial match
$portgrpptmatch = "START-P2P-"

$errorActionPreference = "SilentlyContinue"

<# old way loading Snapin
if ((Get-PSSnapin | Where {$_.Name -eq "VMware.VimAutomation.Core"}) -eq $null)
{ Write-Output "Importing VMware.VimAutomation.Core Snapin"
 Add-PSSnapin VMware.VimAutomation.Core}
#>

if ((Get-Module | Where {$_.Name -eq "VMware.VimAutomation.Core"}) -eq $null)
{ Write-Output "Importing VMware.VimAutomation.Core Module ..."
 Import-Module VMware.VimAutomation.Core}

$scriptPath = Split-Path $SCRIPT:MyInvocation.MyCommand.Path -Parent

# import csv file
$fname = $scriptPath + [char]92 + $file
$vlanFile = Import-CSV $fname

# connect to ESXi host
Write-Output "Connecting to host $server"
$svr = Connect-VIServer -Server $server -User root -Password $password
$vmHost = Get-VMHost -Server $svr

# Create Portgroups with default security settings from CSV file
Write-Output "Creating PortGroups with default security settings ..."
$vlanfile | % { Get-VirtualSwitch -VMHost $vmHost -Name $_.vSwitch | New-VirtualPortGroup -Name $_.vlanName -VLanId $_.vlanID }
 # Write-Output "PortGroup $($_.vlanname) with VLAN ID $($_.vlanID) has been created on Virtual Switch $($_.vSwitch)" }
Write-Output "PortGroups were successfully created"
Write-Output ""

Write-Output "Updating SecurityPolicy on selected Port Groups ..."
#updating SecurityPolicy - explicit match
$portgrpexmatch | % {
Write-Output "Updating SecurityPolicy on $_ Port Group ..."
Get-VirtualPortGroup -Name $_ | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuous $true -MacChanges $true -ForgedTransmits $true }

#updating SecurityPolicy - match on the start and end of the string
$portgrpset = $vlanFile | where {($_.vlanname -match ('^'+$portgrpsematch[0]+'[A-B]'+$portgrpsematch[1]+'$'))}
$portgrpset | % { 
Write-Output "Updating VLAN SecurityPolicy on $($_.vlanname) Port Group ..."
Get-VirtualPortGroup -Name $_.vlanname | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuous $true -MacChanges $true -ForgedTransmits $true }

#updating SecurityPolicy - partial match from the begining of string
$portgrpset = $vlanFile | where {($_.vlanname -match '^'+$portgrpptmatch )} #+ '$')}
$portgrpset | % { 
Write-Output "Updating P2P VLAN SecurityPolicy on $($_.vlanname) Port Group ..."
Get-VirtualPortGroup -Name $_.vlanname | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuous $true -MacChanges $true -ForgedTransmits $true }

Write-Output "Updating default portgroups ..."
Write-Output "Removing VM Network portgroup ..."
Get-VirtualPortGroup -Name "VM Network" | Remove-VirtualPortGroup
Write-Output "Renaming Management Network portgroup to Management Kernel ..."
Get-VirtualPortGroup -Name "Management Network" | set-VirtualPortGroup -Name "Management Kernel"

# close connection to ESXi host
Write-Output "Disconnecting from host $server ..."
Disconnect-VIServer -Server $server -Force -Confirm:$false


VLAN.csv file
vswitch,vlanname,vlanid
vswitch0,MGMT,2
vswitch0,BROKER,10
.

Link1 | Link2 | Link3

Copyright © 2012. All Rights Reserved.