Advanced Reporting vCenter

Use-Case: Execute PowerCLI Scripts as vSphere Alarm Actions using Script Runtime Service

Throughout the years, our customers have continuously asked how to execute PowerCLI scripts as vSphere alarm actions. Out of the box, the vCenter Server Appliance (VCSA) supports executing bash, python scripts, but not PowerShell ones. Even if it’s possible to install PowerShell Core on the VCSA and execute scripts directly there this is not recommended because running a complex script that consumes more resources could have an impact on the performance of the vCenter Server. There are also other options using remote execution through WMI or other VMware products like vRO, which both require some complex setup, but now there is also a pretty straightforward way to achieve the same result using the recently released Script Runtime Service (SRS).

SRS is a Kubernetes-based application that allows you to manage PowerCLI instances and invoke PowerCLI cmdlets or scripts via REST APIs. It is an open-source project that you can find here and you can read more about it in this blog post. If you’re a Kubernetes expert you can install SRS on a pre-deployed Kubernetes cluster, but I used the easier way that is provided here – with a host VM that is provided as an OVF.

After you have installed SRS successfully comes the next task – to create a script on the VCSA that calls the REST API that SRS provides and execute the PowerCLI script that you want and attach it to an alarm action. Let’s understand this with a use-case, I have several VMs on the host and some of them are business-critical and others are not. I want to set up an alarm on the vCenter such that when the host memory utilization becomes too high the non-essential VMs are powered off. I have created two tags – “essential” and “non-essential” and have tagged the VMs accordingly.

To make the script more universal I have separated it into three parts – the configuration part, the script itself, and the PowerCLI script that is stored in a separate .ps1 file. Here are what the three files look like:

config.sh – this is the file where you define the SRS endpoint address, the vCenter username, and password

ExecutePowerCLIScript.sh – this is the BASH script that makes the actual REST API calls to the SRS to initiate the script execution. Disclaimer: I’m not a big expert in writing BASH scripts so this might not be the most optimal script. Feel free to improve it and suggest improvements in the comments. My purpose was to provide a script that does not require any additional software to be installed on the VCSA and only uses what’s there by default.

You can download the two bash files from the SRS GitHub repository here: https://github.com/vmware/script-runtime-service-for-vsphere/tree/master/clients/vcva

TurnOffNonEssentialVMs.ps1 – this is the PowerCLI script that you want to execute and it is copied under /root

Note that when using the SRS to execute a script you don’t need the Connect-VIServer part. SRS does the server connection for you with the vCenter that it’s registered with.

The next step is to save these three files in the /root folder on the VCSA and then create the alarm that executes them. Before that you need to set the script to an executable by running the following command:

Here is what my created alarm rule looks like:

When host memory utilization grows above 80%, the bash script will get executed. This will trigger the execution of the PowerCLI script in SRS and will lead to the non-essential VMs being powered off.

SUMMARY

Script Runtime Service is a new open-source Kubernetes-based application that provides a REST API interface for executing PowerCLI scripts. In this blog post, I demonstrate one of its possible usages that makes it easy to run a PowerCLI script as an action of a vCenter alarm. If you have such a use case try it out and let us know what you think.

Comments

5 comments have been added so far

  1. How is this better / worse, more or less recommended to the VEBA event driven solution. From experimenting with VEBA there are no changes or scripts needed on the VCSA appliance and therefore woul immediately appear to be less impactful during upgrades.

    1. I would say that in this specific case it’s a matter of preference which solution you prefer. VEBA uses a general purpose FaaS solution to execute the script, while SRS is VMware built engine to execute PowerCLI scripts and it can be used in many other use-cases, it’s not specifically designed for running scripts on vCenter alarms.

  2. A very awesome blog post. We are really grateful for your blog post. combat, law enforcement You will find a lot of approaches after visiting your post. I was exactly searching for. Thanks for such post and please keep it up. Great work.
    고스톱

Leave a Reply

Your email address will not be published. Required fields are marked *