A couple of months ago we had to create hundreds of portgroups on a dvSwitch on one of our environments. Doing this manually is pretty tedious, even if you only have to create the portgroup and add a VLAN tag.
In this particular case I also had to set the uplink policy and add two vCenter permissions to each portgroup. This would take ages doing it manually but not with the script I created which is shown below.
#Start of script.
##########################################
# Author = Bryan van Eeden #
# Version = 1.0 #
# Date = 17/08/2018 #
##########################################
$VLANPREFIX = "portgroup"
$vlanid=3300..3310
$vlanid | foreach {
Get-VDSwitch -Name "dvSwitch-Front" | New-VDPortgroup -Name $VLANPREFIX$_ -VlanId $_ -RunAsync:$true
Get-VDSwitch -Name "dvSwitch-Front" | Get-VDPortgroup -Name $VLANPREFIX$_ | Get-VDUplinkTeamingPolicy | Set-VDUplinkTeamingPolicy -ActiveUplinkPort "Fabric-A" -StandbyUplinkPort "Fabric-B"
Get-VDPortgroup -Name $VLANPREFIX$_ | New-VIPermission -Principal 'ad_group_customer1' -Role "Noaccess"
Get-VDPortgroup -Name $VLANPREFIX$_ | New-VIPermission -Principal 'ad_group_customer2' -Role "Noaccess"
}
#End of script.
It’s an easy script, I could make it fancier and add an input-based variable for the vlan range, distributed vSwitch, usergroups and roles but since it’s pretty static for the environment it’s used for, I kept it simple. If you want to use this script just edit those and you are good to go! Maybe I will update this blogpost in the future with the input-based variant.
As you can see, PowerCLI is very powerful in automating simple but tedious everyday tasks on a VI environment. If you want to know more tips and tricks using PowerCLI visit some other blog posts by clicking on the PowerCLI tag above the post or by clicking the button below!
1 Comment
TechMassey · February 19, 2019 at 9:38 pm
Only post I saw on feeding distributed portgroups to the VIPermission cmdlet. Shame VMware wont let the -entity parameter be used for ALL VIObjects.