Hello Guys,
Recently, We've observed ESXi 6.0U2 Build 4600944 host are continuously getting disconnected from vCenter. We've noticed follows error in hostd.log file and same checked with VMware vendor and they said that it's known issue in 6.0 and 6.5 versions. To work around this issue VMware has suggested us to execute below command on each ESXi6.0 host. Hence, Need assistance in creating PowerCLi script to execute below command on multiple ESXi6.0 (i.e. 50+server) hosts. Any help would be highly appreciated.
Thank you in Advance!!!
Cmd:
=====
cp /var/spool/cron/crontabs/root /var/spool/cron/crontabs/root.bak && sed -e '/device\ purge/s/^/#/g' -i /var/spool/cron/crontabs/root
Refer KB:
========
Hostd.log:
=========
2017-03-08T06:17:30.051Z error hostd[24440B70] [Originator@6876 sub=Hostsvc] Failed to fetch LUN data from VmkCtl: Error interacting with configuration file /etc/vmware/lunTimestamps.log: Timout while wa
iting for lock, /etc/vmware/lunTimestamps.log.LOCK, to be released. Another process has kept this file locked for more than 30 seconds. The process currently holding the lock is localcli(8984147). This
is likely a temporary condition. Please try your operation again.
Hi LucD,
To workaround this error I've used separate variables. Now, it has executed without any error.
$root = "root"
$Passwd = "XXXX"
$esxlist = "XXXX"
$cmd = @'
"cp /var/spool/cron/crontabs/root /var/spool/cron/crontabs/root.bak "
'@
$cmd1= @'
"sed -e '/device\ purge/s/^/#/g' -i /var/spool/cron/crontabs/root"
'@
$plink = "E:\Plink\plink.exe" #Provide the path of plink
$PlinkOptions = " -v -batch -pw $Passwd"
$remoteCommand = '"' + $cmd + '"'
$remoteCommand1 = '"' + $cmd1 + '"'
foreach ($esx in $esxlist) {
Connect-VIServer $esx -User $root -Password $Passwd
Write-Host -Object "starting ssh services on $esx"
$sshstatus= Get-VMHostService -VMHost $esx| where {$psitem.key -eq "tsm-ssh"}
if ($sshstatus.Running -eq $False) {
Get-VMHostService | where {$psitem.key -eq "tsm-ssh"} | Start-VMHostService }
Write-Host -Object "Executing Command on $esx"
$output = $plink + " " + $plinkoptions + " " + $root + "@" + $esx + " " + $remoteCommand
$output1 = $plink + " " + $plinkoptions + " " + $root + "@" + $esx + " " + $remoteCommand1
}
$message = Invoke-Expression -command $output
$message1 = Invoke-Expression -command $output1
$message
$message1
Output:
========
PowerCLI E:\Plink> .\configchange.ps1
Name Port User
---- ---- ----
10.50.56.55 443 root
starting ssh services on 10.50.56.55
Executing Command on 10.50.56.55
Connecting to 10.50.56.55 port 22
We claim version: SSH-2.0-PuTTY_Release_0.68
Server version: SSH-2.0-OpenSSH_7.1
Using SSH protocol version 2
Doing ECDH key exchange with curve Curve25519 and hash SHA-256
Host key fingerprint is:
ssh-rsa 2048 ab:8b:fe:7b:3f:67:fd:1d:4d:41:d8:72:86:12:77:dd
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Using username "root".
Attempting keyboard-interactive authentication
Access granted
Opening session as main channel
Opened main channel
Started a shell/command
Server sent command exit status 0
Disconnected: All channels closed
Connecting to 10.50.56.55 port 22
We claim version: SSH-2.0-PuTTY_Release_0.68
Server version: SSH-2.0-OpenSSH_7.1
Using SSH protocol version 2
Doing ECDH key exchange with curve Curve25519 and hash SHA-256
Host key fingerprint is:
ssh-rsa 2048 ab:8b:fe:7b:3f:67:fd:1d:4d:41:d8:72:86:12:77:dd
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Using username "root".
Attempting keyboard-interactive authentication
Access granted
Opening session as main channel
Opened main channel
Started a shell/command
Server sent command exit status 0
Disconnected: All channels closed
Is SSH enabled, or can it be enabled, on those ESXi nodes?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Yeah, It can be enabled. Script should be validated before executing it.
What do you mean by "validated"?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Hi LucD,
I mean script should check the SSH status before executing it. While executing below script was throwing an error. Could you please help me out to complete this task.
Thank you in Advance!!
$root = "root"
$Passwd = "supersecret"
$esxlist = "xx.xx.xx.xx"
$cmd = @'
"cp /var/spool/cron/crontabs/root /var/spool/cron/crontabs/root.bak && sed -e '/device\ purge/s/^/#/g' -i /var/spool/cron/crontabs/root"
'@
$plink = "<path to >\plink.exe" #Provide the path of plink
$PlinkOptions = " -v -batch -pw $Passwd"
$remoteCommand = '"' + $cmd + '"'
foreach ($esx in $esxlist) {
Connect-VIServer $esx -User $root -Password $Passwd
Write-Host -Object "starting ssh services on $esx"
$sshstatus= Get-VMHostService -VMHost $esx| where {$psitem.key -eq "tsm-ssh"}
if ($sshstatus.Running -eq $False) {
Get-VMHostService | where {$psitem.key -eq "tsm-ssh"} | Start-VMHostService }
Write-Host -Object "Executing Command on $esx"
$output = $plink + " " + $plinkoptions + " " + $root + "@" + $esx + " " + $remoteCommand
}
$message = Invoke-Expression -command $output
$message
Error:
=======
Invoke-Expression : At line:1 char:133
+ ... spool/cron/crontabs/root /var/spool/cron/crontabs/root.bak && sed -e ...
+ ~~
The token '&&' is not a valid statement separator in this version.
At E:\Plink\configchange.ps1:19 char:12
+ $message = Invoke-Expression -command $output
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ParserError: (:) [Invoke-Expression], ParseExcep
tion
+ FullyQualifiedErrorId : InvalidEndOfLine,Microsoft.PowerShell.Commands.I
nvokeExpressionCommand
Hi LucD,
To workaround this error I've used separate variables. Now, it has executed without any error.
$root = "root"
$Passwd = "XXXX"
$esxlist = "XXXX"
$cmd = @'
"cp /var/spool/cron/crontabs/root /var/spool/cron/crontabs/root.bak "
'@
$cmd1= @'
"sed -e '/device\ purge/s/^/#/g' -i /var/spool/cron/crontabs/root"
'@
$plink = "E:\Plink\plink.exe" #Provide the path of plink
$PlinkOptions = " -v -batch -pw $Passwd"
$remoteCommand = '"' + $cmd + '"'
$remoteCommand1 = '"' + $cmd1 + '"'
foreach ($esx in $esxlist) {
Connect-VIServer $esx -User $root -Password $Passwd
Write-Host -Object "starting ssh services on $esx"
$sshstatus= Get-VMHostService -VMHost $esx| where {$psitem.key -eq "tsm-ssh"}
if ($sshstatus.Running -eq $False) {
Get-VMHostService | where {$psitem.key -eq "tsm-ssh"} | Start-VMHostService }
Write-Host -Object "Executing Command on $esx"
$output = $plink + " " + $plinkoptions + " " + $root + "@" + $esx + " " + $remoteCommand
$output1 = $plink + " " + $plinkoptions + " " + $root + "@" + $esx + " " + $remoteCommand1
}
$message = Invoke-Expression -command $output
$message1 = Invoke-Expression -command $output1
$message
$message1
Output:
========
PowerCLI E:\Plink> .\configchange.ps1
Name Port User
---- ---- ----
10.50.56.55 443 root
starting ssh services on 10.50.56.55
Executing Command on 10.50.56.55
Connecting to 10.50.56.55 port 22
We claim version: SSH-2.0-PuTTY_Release_0.68
Server version: SSH-2.0-OpenSSH_7.1
Using SSH protocol version 2
Doing ECDH key exchange with curve Curve25519 and hash SHA-256
Host key fingerprint is:
ssh-rsa 2048 ab:8b:fe:7b:3f:67:fd:1d:4d:41:d8:72:86:12:77:dd
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Using username "root".
Attempting keyboard-interactive authentication
Access granted
Opening session as main channel
Opened main channel
Started a shell/command
Server sent command exit status 0
Disconnected: All channels closed
Connecting to 10.50.56.55 port 22
We claim version: SSH-2.0-PuTTY_Release_0.68
Server version: SSH-2.0-OpenSSH_7.1
Using SSH protocol version 2
Doing ECDH key exchange with curve Curve25519 and hash SHA-256
Host key fingerprint is:
ssh-rsa 2048 ab:8b:fe:7b:3f:67:fd:1d:4d:41:d8:72:86:12:77:dd
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Using username "root".
Attempting keyboard-interactive authentication
Access granted
Opening session as main channel
Opened main channel
Started a shell/command
Server sent command exit status 0
Disconnected: All channels closed
I was able to take this script and adapt it to upload and patch vsan hosts. I'll try to put it up to github repo soon.
This is my version with some additional tweaks.