One of my pet projects I am working on is a fully auto VCSA certificate checking script. I want to check the machine, root and STS certificates. I still have some problems to over come but I think I have solved my most pressing problem. That problem was how do I SSH to the VCSA and issue a string of commands. Normally I use the invoke-sshcommand command but that is disjointed as sometimes the commands execute in there own little “session” . A good example is NetApp.
I want to run a command in advanced user mode. So I would normally issue the commands
priv set advanced
y
Command-that-uses-advanced-priv
Using invoke-sshcommand the Command-that-uses-advanced-priv will not run with advanced privileges.
In my googling for an answer I found the Posh-SSH new-SSHShellStream command but no info that I could understand and use. Eventually I found something that allowed me to work it out. LucD had some code that I could understand here
So before I forget, here is my using SSHShellStream for normals guide
We must create an SSH session as normal but we then create the SSHShellStream. once we have that we can use the objects methods (Writeline and Read) to to get data in and out of the session.
Below is a section of code from my auto VCSA cert checker script. I will then explain what (I think) is going on.
# connect to vcsa with SSH and open the SSh stream
$session = New-SSHSession -ComputerName $vcsa -Credential $cred –AcceptKey
$stream = New-SSHShellStream -SSHSession $session -TerminalName tty
# send the commands and get the results in to $CertList and $STSCertList
# drop to the BASH shell
$stream.WriteLine('shell')
sleep 3
# send a BASH one liner to list the crets and there info
$stream.WriteLine('for i in $(/usr/lib/vmware-vmafd/bin/vecs-cli store list); do echo STORE $i; sudo /usr/lib/vmware-vmafd/bin/vecs-cli entry list --store $i --text | egrep "Alias|Not After"; done')
sleep 3
# read the result of that in to the variable $CertList
$CertList = $stream.Read()
sleep 3
$stream.WriteLine('cd /tmp')
sleep 3
$DontCare = $stream.Read()
sleep 3
# run the checksys python script in /tmp (if that is where you have deployed it to)
$stream.WriteLine('python checksts.py')
sleep 3
# get the output of that script in to the $STSCertList variable
$STSCertList = $stream.Read()
# close the SSH session and stream
$stream.Close()
Remove-SSHSession -SSHSession $session | Out-Null
Line 2, I am connecting to my VCSA with root credentials with the session object saved imaginably named $session.
Line 2, I new create a SSHShellStream using my $Session object and save that as an object called $Stream
Line 7, I send the stream the string “shell” using the WriteLine method to enable the Bash shell on the VCSA.
Line 8, add a pause in case the command takes a while to execute.
Line 9, I “input” a line of script using the WriteLine method.
Line 10, another pause in case it takes a while to run.
Line 13, I use the read method to read everything “outputted” from the Bash script, saving it to the variable $CertList
I then do some more stuff
Line 26, I close the stream
Line 27, And I close the SSH session.
is there a way to iterate session and stream variable across multiple vcenters using foreach loop
Hi CC
Yes you can do that.
Id create an array of the vcenter urls and foreach loop through them.
so create an array called $VCSAs
something like
$VCSAs = “VCSA-URL01″,”VCSA-URL02″,”VCSA-URL03”
then loop through them, so
foreach ($VCSA in $VCSAs)
{
all the code in the page above
}
this assumes the $creds are the same for each vCenter