PowerCLI is the preferred automation strategy for vSphere administrators. More organizations are moving to an event-driven datacenter, and want to utilize the investment they’ve made in PowerCLI to orchestrate datacenter operations. This usually requires a remote execution host to be setup for orchestrator tools such as vRO or vRA. In the past, setting up a remote execution host required customers to deploy a Windows VM and set up was complicated with additional security and remote execution settings.
Today, we are capable of running PowerCLI on the Linux platforms. This also opens up the ability to run PowerCLI within a Kubernetes container.
We are pleased to introduce the VMware Open-Sourced project, Script Runtime Service (SRS) for vSphere. SRS is a Kubernetes based application that allows you to manage PowerCLI instances and invoke PowerCLI cmdlets or scripts via REST APIs.
Additionally, some customers ask us to provide a capability to execute PowerCLI scripts within the vSphere web client. SRS is undoubtedly laying the necessary foundation for us to deliver that functionality.
Highlights
- Lightweight application – SRS is built upon Kubernetes and runs as a Kubernetes application
- Developer-friendly APIs – Leverage REST APIs to invoke PowerCLI cmdlets and Scripts
- Scalable – Create and manage multiple PowerCLI instances at the same time
Technical Overview
Let’s take a look at the high-level overview of SRS. SRS deployment creates a dedicated namespace in a Kubernetes cluster, allowing PowerCLI to run as a Kubernetes pod. The PowerCLI pod spins up with a container image. The container image has all the PowerCLI modules and required SRS management components that transform inputs and outputs for a script and manages the execution of the requested script.
The initial SRS setup runs a Kubernetes job that registers the SRS with vSphere SSO. vSphere SSO is the identity and authentication provider for SRS. SRS API clients authenticate once, and then SRS takes care to connect PowerCLI to federated vCenter Servers automatically.
Note: As of today SRS is not available on vSphere with Tanzu. Please do not confuse SRS service with the vSphere with Tanzu Supervisor Cluster services. We are at a very initial stage of the development and evaluating the option to integrate SRS with vSphere with Tanzu.
How to deploy SRS?
There are currently two ways to deploy SRS.
Install the service on a machine of your choice. Please check out the detailed installation instructions here.
Suppose you are new to Kubernetes constructs and do not have any Kubernetes environment up and running. In that case, we provide a Photon OS virtual machine with a prepared Kubernetes cluster to run Script Runtime Service for vSphere (SRS). The Script Runtime Service for vSphere 1.0.0 helm chart and binaries are embedded in the virtual machine.
Please check out the detailed installation instructions here.
Getting Started with SRS APIs
Once the SRS is deployed and registered with the vCenter server, you can browse the SRS APIs at https://{SRS-IP}/swagger/index.html
SRS uses vCenter Server SSO for Identity and Authentication. Any vSphere user that can authenticate with vSphere SSO can access the SRS feature by establishing PowerCLI connections to vCenter Servers on behalf of the authenticated user.
Please refer to the Getting Started with SRS API to explore the APIs and their functionalities.
SRS support channels
SRS works with vSphere 6.7 and above and below are the ways you can submit your queries
- You can submit your issues at https://github.com/vmware/script-runtime-service-for-vsphere/issues
- Join Slack
- Join VMware Code
- Join the following channel script-runtime-service-assist
Conclusion
By providing a REST front end to manage scripts, execute jobs, and track results, we can provide a universal integration point for our products to execute PowerCLI script (jobs) with the simple REST APIs. Start testing the SRS APIs, and do let us know how you feel about it.