I'm running a set of powerCLI scripts from Ubuntu to connect to VCenter do a bunch of configuration changes. Every script is invoked via SSH, so it is connecting and disconnecting to the VCenter everytime. This is rather time consuming, is it possible to setup powerCLI/powershell environment to connect to a VCenter automatically? Or, maintain a session of a powerCLI/powershell so remote connections can re-use it? One possibility is to use "screen" command to share the session, but i'm hoping someone has a more elegant idea.
You can use PowerCLI6.5.1 to do most of what you are asking. Install
from the PowerShell gallery.
Find the Module
Find-Module -Name VMware.PowerCLI
Install
Install-Module -Name VMware.PowerCLI –Scope CurrentUser
if you run into an error during installation I fixed it with AllowClobber "-AllowClobber" command
Import-Module VMware.PowerCLI
A couple of examples
Connect-VIServer "Server" -SessionId $sessionId
Connect to a server and save the session ID - $serverObject.SessionId You will be able to restore a existing server connection.
Connect-VIServer "Server" -User user -Password pass -SaveCredentials
Will save the credentials to the credential store. That way you can reuse them and they are encrypted.
See here for more info
https://blogs.vmware.com/PowerCLI/2017/04/powercli-install-process-powershell-gallery.html
Related
I am learning to use Jenkins to deploy a .Net 5.0 application on an AWS EC2 server. This is the first time I am using Linux server and Jenkins for .Net (I'm am a life long Windows guy), and I am facing an error while trying to publish my artifacts over SSH to Web Server.
My setup:
Jenkins server is an AWS EC2 Linux AMI server.
Web Server is also an AWS EC2 LInux AMI server.
My Jenkins is correctly installed and working. I am able to build and run unit test cases without any issues.
For Deploy, I am using 'Publish Over SSH' plugin, and I have followed all steps to configure this plugin as mentioned here https://plugins.jenkins.io/publish-over-ssh/.
However, when try to 'Test Configuration', I get the below error,
Failed to connect or change directory
jenkins.plugins.publish_over.BapPublisherException: Failed to connect and initialize SSH connection. Message: [Failed to connect session for config [WebServer]. Message [Auth fail]]
I did a ping test from Jenkins server to Web Server, and it is a success.
I'm using the .pem key in the 'Key' section of 'Publish over SSH'. This key is the same key I use to SSH into the web server.
The below link suggests many different solutions, but none is working in my case.
Jenkins Publish over ssh authentification failed with private key
I was looking at the below link which describes the same problem,
Jenkins publish over SSH failed to change to remote directory
However in my case I have kept 'Remote Directory' as empty. I don't know if I have to specify any directory here. Anyways, I tried creating a new directory under the home directory of user ec2-user as '/home/ec2-user/publish' and then used this path as Remote Directory, but it still didn't work.
Screenshot of my settings in Jenkins:
I would appreciate if anyone can point me to the right direction or highlight any mistake I'm doing with my configuration.
In my case following steps solved the problem.
Solution is based on Ubuntu 22.04
add two line in /etc/ssh/sshd_config
PubkeyAuthentication yes
PubkeyAcceptedKeyTypes +ssh-rsa
restart sshd service
sudo service sshd restart
you might consider the following:
a. From the screenshot you’ve provided, it seems that you have checked the Use password authentication, or use different key option which will require you to add your key and password (inputs from these fields will be used in connecting to your server via SSH connection). If you use the same SSH key and passphrase/password on all of your servers, you can uncheck/untick that box and just use the config you have specified above.
b. You might also check if port 22 of your web server allows inbound traffic from the security group where your Jenkins server/EC2 instance is running. See reference here.
c. Also, make sure that the remote directory you have specified is existing otherwise the connection may fail.
Here's the sample config
I want to run some commands from a Linux server to remotely execute PowerShell module like DNSserver on a Windows machine to retrieve DNS information. I am using OpenSSH to SSH from Linux to Windows.
I have PowerShell 6.2.3 on both Windows server and Linux server. I started from Linux:
>pwsh
PS /home/user1> Enter-PSSession -HostName WinServer-IP -UserName user2
If I don't setup the key authentication on the Windows site (add public key in the C:\ProgramData\ssh\administrators_authorized_keys file, and set the correct permissions on the file), PowerShell will ask me for user2 password. After I enter the password, I am on the Windows server, and I can run my PowerShell scripts and they all working fine.
But if I setup the key auth - add public key in the C:\ProgramData\ssh\administrators_authorized_keys file, and set the correct permissions on the file. PowerShell will not ask for user2 password and I get the same prompt as above,
I can do something like Get-Module etc. but when I run my script that does:
Get-DnsServerResourceRecord -ComputerName 'DNSServer-IP' -ZoneName 'example.net' -RRType A
I got the error:
Get-DnsServerResourceRecord : Failed to get the zone information for
example.net. on server DNSServer-IP.
At C:\Users\user2\scripts\retrieve_ips.ps1:1 char:1
+ Get-DnsServerResourceRecord -ComputerName 'DNSServer-IP' -ZoneName 'ex ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (example.net.:root/Microsoft/Wind\u2026erverResourceRecord) [Get-DnsServerResourceRecord], CimException
+ FullyQualifiedErrorId : WIN32 5,Get-DnsServerResourceRecord
It seems like the SSH public key authentication does not really get me in as "users", but I can not find out what it is.
user2 is a local user on the Windows server, but I have to add it to the Active Directory as AD needs to know this user before it will allow user2 to run DNSserver module...
What did I do wrong, or missed?
Without the SSH public key authentication, the same script works and I could get the A records our of the DNS server.
I tried deploying a HDInsight cluster with an edge node.
I used https://github.com/Azure/azure-quickstart-templates/blob/master/101-hdinsight-linux-with-edge-node/azuredeploy.json for deployment.
After deployment is complete I tried ssh using following command:
ssh sshuser#new-edgenode.myclustertest-ssh.azurehdinsight.net:22
[myclustertest is the name of the cluster].
It gives following error:
ssh: Could not resolve hostname new-edgenode.myclustertest-ssh.azurehdinsight.net:22: Name or service not known
Do I need to add something to the azuredeploy.json to enable ssh access?
Looking at the https://learn.microsoft.com/en-us/azure/hdinsight/hdinsight-hadoop-linux-use-ssh-unix I thought that
<edgenodename>.<clustername>-ssh.azurehdinsight.net
is enabled by default for external access.
Problem was in the ssh command.
I used the ssh command supplied from azure portal hoping that it would work seamlessly. I had to remove :22 from the command to make it work.
Modified command looks like this:
ssh sshuser#new-edgenode.myclustertest-ssh.azurehdinsight.net
I need to launch an openconnect VPN on a linux router from a powershell script on Windows.
I have a working script on the linux router:
echo PASSWORD | sudo openconnect -b --no-dtls --interface=sslvpn host.isp.com --authgroup=SharedVPN --user=username --passwd-on-stdin
When I run the script locally on the router, the vpn launches perfectly.
Here is my powershell script from the windows machine:
Import-Module SSH-Sessions
New-SshSession -ComputerName "10.1.43.11" -Username "ubuntu" -KeyFile "C:\keys.pem"
Invoke-SshCommand -ComputerName "10.1.43.11" -Command '/usr/local/sbin/InitializeVPN'
Remove-SshSession -computername "10.1.43.11"
When I run the powershell script, it does launch the VPN, but freezes there, waiting for the VPN to end. I can kill the process on the router and then the powershell script finishes. I need the VPN to run in the background. So I modified the script on the router like this:
echo PASSWORD | sudo openconnect -b --no-dtls --interface=sslvpn host.isp.com --authgroup=SharedVPN --user=username --passwd-on-stdin &
Now when I run the powershell script, it does seem to send it into the background, but the VPN doesn't stay up and I only get partial output to the screen:
Key file specified. Will override password. Trying to read key file...
Successfully connected to 10.1.43.11
10.1.43.11: POST https://host.isp.com/
Connected to ip_addr:443
SSL negotiation with host.isp.com
Connected to HTTPS on host.isp.com
XML POST enabled
POST https://host.isp.com/
Connected to ip_addr:443
SSL negotiation with host.isp.com
Connected to HTTPS on host.isp.com
XML POST enabled
10.1.43.11 should now be disconnected and disposed.
When I run it directly on the router, there is more after the last "XML POST enabled":
Please enter your username and password.
POST https://host.isp.com/
Got CONNECT response: HTTP/1.1 200 OK
CSTP connected. DPD 30, Keepalive 20
Connected as 10.251.0.29, using SSL
Continuing in background; pid 11049
Connect Banner:
| Access to this system is restricted to authorized users. Unauthorized use is strictly prohibited. Information on this system may be intercepted, recorded, read, copied, and disclosed by and to authorized personnel for official purposes, including criminal investigations. Access or use of this system whether authorized or unauthorized, constitutes your awareness and consent to these terms. DISCONNECT IMMEDIATELY if you do not agree to the conditions stated in this warning.
|
How do I get the VPN to launch in the background?
I'm using ubuntu 16.04, openconnect 7.08, powershell 5.1, windows server 2016,
downloaded SSH-Sessions from http://www.powershelladmin.com/wiki/SSH_from_PowerShell_using_the_SSH.NET_library#Downloads
Well, I got it working using plink:
C:\bin\plink.exe -i C:\key.ppk ubuntu#10.1.43.11 "nohup /usr/local/sbin/InitializeVPN >/home/ubuntu/VPN.out 2>/home/ubuntu/VPN.err </dev/null &"
stdin, stdout, and stderr had to be redirected and use nohup.
I found it here: Getting ssh to execute a command in the background on target machine
Don't know if I'll take the time to get it working with PowerShell and SSH-Sessions now. Maybe if I need something more complex in the future.
I have been tasked with backing up certain files the exist on a Linux VM in azure to an azure backup vault.
I'm following the follwing documentation :-
http://azure.microsoft.com/en-gb/documentation/articles/backup-configure-vault/
However i can't see a backp agent for a linux box?
Am i missing something?
T
I don't believe there's a backup agent for Linux. You would use your standard backup/restore strategy here, for example rsync if it's just files or Bacula for something else. However, if the files absolutely need to be in the vault (say, because there are Windows Server VMs that need to use them) then I would suggest you use Azure Files to get the files out of Linux, then back them up from the Windows VMs. You can of course scp them, or use other methods. HTH.
This is what I had to do in a CentOS VM (credit goes to this serverfault answer).
Install the agent in the VM via SSH terminal:
wget https://raw.githubusercontent.com/Azure/WALinuxAgent/WALinuxAgent-2.0.12/waagent
chmod +x waagent
sudo cp waagent /usr/sbin
sudo /usr/sbin/waagent -install -verbose
sudo service waagent restart
Then I had to run the following cmdlets in an Azure PowerShell window, in order to flag the agent as installed:
$vm = Get-AzureVM -ServiceName 'myAzureServiceName' -Name 'myAzureVMName'
$vm.GetInstance().ProvisionGuestAgent = $true
Update-AzureVM -ServiceName 'myAzureServiceName' –Name 'myAzureVMName' -VM $vm.VM