mercoledì 30 aprile 2014

VMware: PowerCLI for vCloud Tenants 101

PowerCLI for Tenants is a great way to offer scripting capabilities to your cloud users. It works identically to the "classic" PowerCLI but it offers a limited set of cmdlets specifically designed to provide tenants control over their cloud organizations.

This is an introductory post regarding PowerCLI for tenants in which I will explore some of the many useful cmdlets that allow users to control a cloud organization through PowerCLI.

First step is to install PowerCLI for Tenants. At this time version 5.1 release 2 is the latest available and can be downloaded here. If you already have the "classic" vSphere PowerCLI installed on your machine you need to remove it first in order to install the tenants version.

As usual, when dealing with PowerCLI, official documentation comes in handy.

In PowerCLI for tenants every user (tenant) connects to a vCloud Director server in order to run cmdlets against an organization the user is entitled to interact with. This means, for example, that different tenants can be connected at the same time to the same vCloud Director server interacting with different organizations.

Connection to an organization is performed using the following command:

Connect-CIServer -Server -User User1 -Password MyPassword0! -Org HostileCoding

 Name              User              Org  
 ----              ----              ---         User1             HostileCoding  

where -Server is the vCloud Director server IP or FQDN and -Org is the organization name to connect to.

To retrieve an organization's details Get-Org cmdlet is used.

 Enabled     : True  
 CanPublish   : False  
 DeployedVMQuota : 8  
 StoredVMQuota  : 10  
 VdcCount    : 1  
 CatalogCount  : 1  
 VAppCount    : 1  
 Href      :  
 FullName    : HostileCoding  
 ExtensionData  : VMware.VimAutomation.Cloud.Views.AdminOrg  
 Description   : Organization Cloud  
 Id       : urn:vcloud:org:a3314e21-f6b8-4c53-9690-b44e96141b56  
 Name      : HostileCoding  

DeployedVMQuota and StoredVMQuota respectively count the maximum number of virtual machines that can be deployed and stored simultaneously by a member of this organization.

While Get-OrgVdc retrieves details about an organization:

 Href          :  
 AllocationModel     : ReservationPool  
 Enabled         : True  
 CpuUsedGhz       : 0  
 CpuLimitGhz       : 3  
 CpuAllocationGhz    : 3  
 CpuOverheadGhz     : 0  
 MemoryUsedGB      : 0.119140625  
 MemoryLimitGB      : 2  
 MemoryAllocationGB   : 2  
 MemoryOverheadGB    : 0  
 StorageUsedGB      : 10.25  
 StorageLimitGB     : 19.193359375  
 StorageAllocationGB   : -1  
 StorageOverheadGB    : -1  
 VAppCount        : 1  
 Status         : Ready  
 NetworkMaxCount     : 2  
 VMMaxCount       :  
 NicMaxCount       :  
 MemoryGuaranteedPercent :  
 CpuGuaranteedPercent  :  
 VMCpuCoreMHz      :  
 ThinProvisioned     :  
 UseFastProvisioning   :  
 ExtensionData      : VMware.VimAutomation.Cloud.Views.Vdc  
 Description       : Customer1 Virtual DataCenter  
 Id           : urn:vcloud:vdc:9fa21642-32a8-46b3-91ac-aedfc42a2937  
 Name          : VDC-Customer1  

Quite important are the resources limitation exposed by the previous command: StorageLimitGB, MemoryLimitGB, CpuLimitGhz, NetworkMaxCount, VMMaxCount indicate how many resources an organization is entitled to use from the cloud provider.

Get-OrgVdc retrieves a great amount of details regarding organizational's datacenter like: adopted allocation model, reservations, limits and resources used.

To retrieve organization's catalog(s) Get-Catalog cmdlet is used.

 Published     : False  
 Shared      : False  
 Created      : 4/28/2014 2:38:05 PM  
 Org        : HostileCoding  
 Owner       : system  
 VAppTemplateCount : 1  
 MediaCount    : 0  
 ExtensionData   : VMware.VimAutomation.Cloud.Views.AdminCatalog  
 Href       :  
 Description    :  
 Id        : urn:vcloud:catalog:873e5007-896d-418b-ae0f-67e9131a1eb6  
 Name       : Catalog1  

In vCloud Director user roles are extremely important because they grant certain capabilities to specific tenants. As you know vCD has five predefined user roles (excluding sysadmin role which is the global role of the user installing/managing the global vCD environment):

  • Organization Administrator 
  • Catalog Author
  • vApp Author 
  • vApp User 
  • Console Access Only.

By being in one of these groups a tenant can or cannot perform several tasks. To retrieve to which role, with corresponding permissions, each user has been assigned to the Get-CIRole cmdlet is used:

Get-CIRole -User User1

 Name              ReadOnly Rights  
 ----              -------- ------  
 Organization Administrator   False  {Organization: Edit Properties, Orga...  

Then to retrieve detailed infos about a specific user:

Get-CIUser -Name User1

 Href      :  
 StoredVMQuota  : 0  
 StoredVMCount  : 0  
 IM       :  
 DeployedVMQuota : 0  
 DeployedVMCount : 0  
 Phone      :  
 Org       : HostileCoding  
 LdapName    : User1  
 Locked     : False  
 IsLDapUser   : False  
 HasGroupRole  : False  
 External    : False  
 Enabled     : True  
 FullName    : User One  
 Email      :  
 ExtensionData  : VMware.VimAutomation.Cloud.Views.User  
 Name      : user1  
 Id       : urn:vcloud:user:056c48fd-1b7f-4d48-8da6-81cb53ff0af3  
 Description   :  

This informs us regarding the organization the user belongs, if it is enabled or not, as well as how many VMs has deployed or stored.

To retrieve vApps a user is entitled to access/manage the Get-CIVApp cmdlet is used.

 Href        :  
 ExtensionData   : VMware.VimAutomation.Cloud.Views.VApp  
 Enabled      : True  
 Status       : PoweredOn  
 SizeGB       : 5  
 CpuCount      : 1  
 MemoryAllocationMB : 256  
 MemoryAllocationGB : 0.25  
 InMaintenanceMode : False  
 Owner       : system  
 Org        : HostileCoding  
 Shared       : False  
 StorageLease    : 30.00:00:00  
 RuntimeLease    : 7.00:00:00  
 Description    :  
 Id         : urn:vcloud:vapp:7591186a-1d3d-4a0c-b392-b2bd7d373210  
 Name        : myFirstCloudvApp  

A vApp is, identically to the ones seen in vSphere, a container for one or more VMs. Here the concept is a little broader since a vApp in vCloud can also contain one or more networks to which the VMs in the vApp are connected to. If you have a look at the previous output several other infos are retrieved like the number of vCPUs, the amount of RAM memory, the power status and both the Storage and Runtime lease expressed in days.

To retrieve all VMs belonging to a specified vApp we use the Get-CIVM cmdlet. In this example only one VM is contained inside myFirstCloudvApp (yes I know, I selected wrong OS during initial VM creation)!

Get-CIVM -vApp myFirstCloudvApp

 ExtensionData  : VMware.VimAutomation.Cloud.Views.Vm  
 Status     : PoweredOn  
 Deleted     : False  
 GuestOsFullName : Red Hat Enterprise Linux 6 (64-bit)  
 CpuCount    : 1  
 MemoryMB    : 256  
 MemoryGB    : 0.25  
 OrgVdc     : VDC-Customer1  
 VApp      : myFirstCloudvApp  
 Description   : This is a simple configuration for Ubuntu Server  
 Href      :  
 Id       : urn:vcloud:vm:e11d8857-6fa5-4fa1-ab52-b93c91a23c18  
 Name      : Ubuntu Minimal  

In the following posts I will provide some scripts to offer some useful capabilities to vCloud tenants.

That's all!!

Nessun commento:

Posta un commento