之前“vSAN Data Protection Part 1:安裝部署。”這篇文章介紹瞭如何透過手動匯入 OVA 模板並部署 VMware Snapshot Service Appliance 裝置,還補充了安裝過程中對於配置應該注意的一些事項。其實,我們也可以透過指令碼自動化部署這一過程,這裡使用了 VMware 工程師 William Lam 的 PowerCLI 指令碼檔案 deploy_vsan_data_protection_ova.ps1 ,下面是指令碼的全部內容。
# vSAN DP OVA Path
$vsanDPOVA = "/Volumes/software/VMware OVA/snapservice_appliance-8.0.3.0-24057802_OVF10.ova"
# Deployment Configuration
$vsanDPVMName = "snap.primp-industries.local"
$vsanDPCluster = "Supermicro-Cluster"
$vsanDPDatastore = "sm-vsanDatastore"
$vsanDPVMNetwork = "Management"
# OVF Property Values
$vsanDPRootPassword = "VMware1!VMware1!"
$vsanDPHostname = "snap.primp-industries.local"
$vsanDPIPAddress = "192.168.30.96"
$vsanDPPrefix = "24"
$vsanDPGateway = "192.168.30.1"
$vsanDPDNS = "192.168.30.2"
$vsanDPDNSDomain = "primp-industries.local"
$vsanDPDNSSearch = "primp-industries.local"
$vsanDPvCenterServer = "vcsa.primp-industries.local"
$vsanDPvCenterServerUsername = "administrator@vsphere.local"
$vsanDPvCenterServerPassword = "VMware1!"
$vsanDPvCenterServerSSODomain = "vsphere.local"
#### DO NOT EDIT BEYOND HERE
# https://gist.github.com/jstangroome/5945820
Function Get-VCCertificate {
[CmdletBinding()]
param (
[Parameter(Mandatory=$true)]
[string]
$ComputerName,
[int]
$Port = 443
)
$Certificate = $null
$TcpClient = New-Object -TypeName System.Net.Sockets.TcpClient
try {
$TcpClient.Connect($ComputerName, $Port)
$TcpStream = $TcpClient.GetStream()
$Callback = { param($sender, $cert, $chain, $errors) return $true }
$SslStream = New-Object -TypeName System.Net.Security.SslStream -ArgumentList @($TcpStream, $true, $Callback)
try {
$SslStream.AuthenticateAsClient('')
$Certificate = $SslStream.RemoteCertificate
} finally {
$SslStream.Dispose()
}
} finally {
$TcpClient.Dispose()
}
if ($Certificate) {
if ($Certificate -isnot [System.Security.Cryptography.X509Certificates.X509Certificate2]) {
$Certificate = New-Object -TypeName System.Security.Cryptography.X509Certificates.X509Certificate2 -ArgumentList $Certificate
}
return $Certificate
}
}
# Get vCenter Server TLS Certificate
$cert = Get-VCCertificate -ComputerName $vsanDPvCenterServer
$vccert = "-----BEGIN CERTIFICATE-----" + $([System.Convert]::ToBase64String($cert.GetRawCertData()))+ "-----END CERTIFICATE-----"
$ovfconfig = Get-OvfConfiguration $vsanDPOVA
$ovfconfig.Common.vami.hostname.Value = $vsanDPHostname
$ovfconfig.Common.varoot_password.Value = $vsanDPRootPassword
$ovfconfig.NetworkMapping.Network_1.Value = $vsanDPVMNetwork
$ovfconfig.vami.VMware_SnapshotService_Appliance.addrfamily.Value = "ipv4"
$ovfconfig.vami.VMware_SnapshotService_Appliance.ip0.Value = $vsanDPIPAddress
$ovfconfig.vami.VMware_SnapshotService_Appliance.prefix0.Value = $vsanDPPrefix
$ovfconfig.vami.VMware_SnapshotService_Appliance.gateway.Value = $vsanDPGateway
$ovfconfig.vami.VMware_SnapshotService_Appliance.dns.Value = $vsanDPDNS
$ovfconfig.vami.VMware_SnapshotService_Appliance.domain.Value = $vsanDPDNSDomain
$ovfconfig.vami.VMware_SnapshotService_Appliance.searchpath.Value = $vsanDPDNSSearch
$ovfconfig.vcenter.VMware_SnapshotService_Appliance.hostname.Value = $vsanDPvCenterServer
$ovfconfig.vcenter.VMware_SnapshotService_Appliance.vcusername.Value = $vsanDPvCenterServerUsername
$ovfconfig.vcenter.VMware_SnapshotService_Appliance.vcuserpassword.Value = $vsanDPvCenterServerPassword
$ovfconfig.vcenter.VMware_SnapshotService_Appliance.vcdomain.Value = $vsanDPvCenterServerSSODomain
$ovfconfig.vcenter.VMware_SnapshotService_Appliance.vccert.Value = $vccert
$VMHost = Get-Cluster $vsanDPCluster| Get-VMHost | Select -first 1
Write-Host -ForegroundColor Green "Deploying vSAN Data Protection VM ..."
$vm = Import-VApp -Source $vsanDPOVA -OvfConfiguration $ovfconfig -Name $vsanDPVMName -Location $vsanDPCluster -VMHost $VMHost -Datastore $vsanDPDatastore -DiskStorageFormat thin -Force
Write-Host -ForegroundColor Green "Powering on vSAN Data Protection $vsanDPVMName ..."
$vm | Start-VM -Confirm:$false | Out-Null
指令碼中以下內容需要修改為自己當前環境中的實際資訊,與手動部署 OVA 模板時相關配置的一樣,需要提前在指令碼里預定義這些資訊。
- 配置虛擬機器部署的 OVA 模板檔案所在的位置。
# vSAN DP OVA Path
$vsanDPOVA = "D:\System\VMware\VMware vSAN\snapservice_appliance-8.0.3.0-24057802_OVF10.ova"
- 配置虛擬機器名稱、所部署的叢集、所使用的儲存和網路。
# Deployment Configuration
$vsanDPVMName = "snap.mulab.local"
$vsanDPCluster = "vsan8-hci-esa"
$vsanDPDatastore = "vsanDatastore"
$vsanDPVMNetwork = "VM Network"
- 配置虛擬機器 Root 密碼、主機名以及網路相關資訊,連線 vCenter Server 的地址、使用者名稱和密碼等。注意,無需配置證書資訊。
# OVF Property Values
$vsanDPRootPassword = "vSphere8@password"
$vsanDPHostname = "snap.mulab.local"
$vsanDPIPAddress = "192.168.32.13"
$vsanDPPrefix = "24"
$vsanDPGateway = "192.168.32.254"
$vsanDPDNS = "192.168.32.3"
$vsanDPDNSDomain = "mulab.local"
$vsanDPDNSSearch = "mulab.local"
$vsanDPvCenterServer = "vcsa8-01.mulab.local"
$vsanDPvCenterServerUsername = "administrator@vsphere.local"
$vsanDPvCenterServerPassword = "vSphere8@password"
$vsanDPvCenterServerSSODomain = "vsphere.local"
準備好自動化部署指令碼以後,現在您可以在你的環境中執行它。注意,請確保你已經安裝了 PowerCLI 環境,這是執行指令碼的前提條件。
1.開啟 PowerShell 並進入指令碼所在資料夾。
cd "C:\Users\JUNIOR_MU\Desktop\snap"
2.使用 PowerCLI 命令連線到 vCenter Server。
Connect-VIServer vcsa8-02.mulab.local -user administrator@vsphere.local -password vSphere8@password
3.執行自動化部署指令碼。
.\deploy_vsan_data_protection_ova.ps1
指令碼執行後,如果一切順利,登入 vSphere Client 可以看到已部署完成的虛擬機器。
等待片刻後,登入到 vcsa8-01.mulab.local,如果所有配置都正確,您應該會在 vSphere Client 中看到一個通知橫幅並顯示“已成功部署外掛......”。只需透過重新整理瀏覽器即可訪問新的 vSAN Data Protection 檢視,請導航到已啟用 vSAN ESA 的叢集->配置->vSAN->資料保護。可以導航到vSphere Client->系統管理->解決方案->客戶端外掛,點選“VMware vSAN Snapshot manager UI Plugin”檢視已註冊的外掛。