Graphical bar of company

VM-Automation(VMWare)

Reading Time: 4 minutes

VM AUTOMATION TOOL

OVERVIEW

VM Automation is the process of the creation and configuring of the virtual machine on VMWare vSphere center using an easy custom SharePoint portal.

It’s majorly developed to facilitate IT Admins to provide them an easy portal from where they can create & configure the VMs without going to the VCenter portal and in less time.

This is not just a VM automation tool its a complete process of (creation, configuration, IP set, domain join, apply security policies, etc).

By reading this article you will find more interesting this.. so let’s move on.

GOALS

The main goal of developing the VM Automation tool is to make life easier for the admins.
Here are the following goals:

  1. Create and configure Virtual machines with automated processes using a simple GUI portal.
  2. Server hardening to set several server policies at one click.
  3. Enhanced portal security and easy access for company users.
  4. Generate a complete report of VMs, it’s helpful to keep as documentation and future purpose.

TECHNOLOGY USED

SharePoint(In our case) – it can be any custom portal

Windows Powershell ISE

VMware Vcenter

WINRM Service

LETS START WITH THE REAL STEPS…..
STEP- 1 WRITE YOUR BACK-END CODE IN POWERSHELL

In this step, we will only show few functions which can helps you to develop the whole script.

Well explained document with 4 step
STEP-2 HOST THIS POWERSHELL SCRIPT USING WINDOWS HTTPS LISTENER SERVICE TO CALL IT FROM EXTERNALLY LIKE AN API.

Prepare the HTTPS Listener service- Buy the SSL certificate and install it at the certificate store.

To install or view certificate for the local computer:

Click on Start and then Run (or using keyboard combination press Windows-key+R)

  1. Type MMC and then press Enter.
  2. Select File from menu options and then click on Add or Remove Snap-ins
  3. Select Certificates and click Add.
  4. Go through the wizard selecting Computer account.  

Install or view the certificates under:

 Certificates (Local computer)–>  Personal–> Certificates

console1 window

Once the certificate is installed, we will configure WINRM to listen on HTTPS:

Configure WinRM for HTTPS 

Configuring for HTTPS involves following steps.

  • Check whether the WinRM service is running
    WinRM is installed by default in all supported Windows machines. Ensure that service is in running state in services.
windows remote Management

Create HTTPS listener
By default when you run winrm quickconfig command WinRM is only configured for HTTP (port 5985). You can check already registered listeners by running the following command
WinRM e
winrm/config/listenerYou will see output like below.

Administrator window

Copy the thumbprint of the imported certificate to clipboard and run the following command. This command will register the HTTPS listener in WinRM

winrm create window

winrm create winrm/config/Listener?Address=*+Transport=HTTPS ‘@{Hostname=”VMwareautomation.contoso.com”; CertificateThumbprint=”‎bb 9d a3 ee 72 96 9c 10 7b 71 fb fb 44 30 e7 18 73 3f 86 13}’Validate HTTPS listenerYou can verify listener you added by running the same command you used above – WinRM e winrm/config/listener.
This will show the new HTTP listener now along with HTTPS service.

Administrator : Windows PowerShell

Now, add below HttpListener code to your powershell back-end script.

A well explained document

Example- After adding whole script will look like this-

  • Add firewall exception – Allow port from the firewall
  • Verify you can connect to the machine via HTTPS

Step-3 Create a Custom portal- In our case we are using the SharePoint.

There are five steps(Pages) you have to develop in your portal.

1. Connect to VCenter

Connect to vcenter window

2. Build VM
Every function or field on the page connected through the individual’s APIs which get the data from the VMWare and perform the actions.

Build VM Window

3. VM Customization

This page is generally used to customize the VM after creating on the Vmware.

Customization Like – Setting up VmName/ComputerName, Set local administrator password, Setting up IP Address, Add VM to “contoso.com” domain, etc.

This whole process using the Vmware profiles which are already created with a basic setup like- domain name, run Sysprep, Use Computer name same as Vmname, Timezone, Static IP mode.

4. Server Hardening

Server hardening: The server hardening is the another most important feature implemented in this portal from where you can set the multiple security policies of a server at one place without going into the manually.

To set the policies user must have to select properties of the hardening using this page and click on the start hardening button. 

Server Hardening

5. Reports

VM information window

Thank you