I have been having some issue with admins creating VMs in vCenter and not adding certain things in the build process. Some of these are notes that say what the purpose of the VM server is? How important is the server’s uptime (does someone need to be woke up in the middle of the night if it has an issue or can it wait until morning)? Who are the admins that requested it to be built? Does it require a backup and if so how often? I could go on, but you get the point, there is a lot that needs to be added at the end to help everyone when it goes bump in the night.
Now the logs for vCenter don’t last long and unless you have a syslog server grabbing them for safe keeping you won’t have any record of the vCenter user that created the VM after a few days to ask all these question to. So how can we find the creator of the VM to ask all of these questions? We can use an alarm and a python script!
First I already have an alarm set for when an admin creates a VM I get an email. This was originally created so that I could track new servers to make sure they get backed up. But with the fore mentioned issues this has been problematic. Even so, I will go through every step, including alarm creation, to set you off on the right foot.
Alarm and a python script!
First let me state I don’t know python at the writing of this post. The script I found on a couple of sites all written by the same person, Bryan McClellan who, unfortunately for me, left out a few detail on the setup to get these things to play nice. After troubleshooting the issue (for days) I was able to get everything working. Here I will tell you what you need to know, conveniently leaving out where I when wrong and only showing you the correct way. Also, with a very large thank you to Bryan!
Remember where you extracted the file and navigate to it. The file is named vm.alarm-attr.py
We will now view its contents with notepad by right clicking it and choose “open with” and selecting Notepad. This way you can familiarize yourself with what it looks like and know that the file has nothing harmful in it. Once we get the warm and fuzzes about our file, we need to change one line in the script to give the script a vCenter account permission to add the attributes to the new VM. This is line 36 shown here:
si = SmartConnect(host="vcenter", user="user", pwd="password", sslContext=s)
Here you need to change everything inside the quotes to be the name of your vCenter, an account that has the power to change attributes on a VM and that account’s password. Similar to this:
si = SmartConnect(host="MyTestvCenter.local", user="firstname.lastname@example.org", pwd="MyPassword!", sslContext=s)
Just be sure not to change any of the leading spacing of any line in the script as this could break the script.
The only other thing that you could change is the name of the attribute themselves. I will be leaving them as default, but the last two lines in the script have the words vm.owner and vm.provisioned. This is the name of the attribute we will be creating later in this tutorial. If you change these names then that exact spelling has to be duplicated later with the naming of the attributes. I will bring this up later when we get to that point, but for now, after you have made your edits, save the file and we are on to the next step.
With the file in our possession we can now add it to our vCenter. We will need to use WinSCP to transfer the file to the vCenter root directory. If you haven’t used WinSCP before here are the steps once opened.
- Select the “New Session” tab.
- In the new box select “New Site”
- Add the name of the fully qualified domain name or FQDN to the “Host Name” field.
- The “user name” is root
- Click on the “Login” button
At the next box put in the root password for vCenter.
If you get an error when accessing the vCenter you might not have ssh and/or Bash enabled. Check out my tutorial on How to enable SSH access into VMWare vCenter
If you get an error after putting in the correct password, check out this tutorial on How to fix error: Received Too Large SFTP Packet – While Accessing VMWare vCenter
As long as you put in the correct information you should see a almost completely empty screen on your right hand side and on the left it should have default to your computers Downloads folder. You will note that the right side is sitting in the root directory of the vCenter.
Here we will drag and drop the vm.alarm-attr.py from the downloads to the root directory.
Once the file is at the root directory on the right side, you will no longer need WinSCP.
Here you will need to access vCenter with a terminal emulator like Putty. You can use the same information you put in with WinSCP to access the vCenter SSH session. Here again, if you get an error when accessing the console you might not have ssh and/or Bash enabled. Check out my tutorial on How to enable SSH access into VMWare vCenter
Now that you had accessed the ssh session type: shell
Then type ls (that is a lowercase LS) to list all files. You will see the file you transferred over using WinSCP is listed.
To make the file executable we will put in the command: chmod +x vm.alarm-attr.py
Once we have finished and our results look the same as in the image above we will be finished with the ssh session. You can type exit twice to leave the terminal session.
We now need to create our attributes that the script will point to and insert the values into. This values being the user account name that created the VM and the timestamp of the creation. Let open our vCenter and click “Menu” and then at the very bottom “Tags & Custom Attributes”.
Then click on “Custom Attributes” and then “New”.
Here is where I said I would remind you about this part. The default attribute name that the script requires to run is “vm.owner” and vm.provisioned” (without the quotes). You may have edited this line earlier, so if you did, you need to have the new attributes we are creating to have the exact same spelling as the script. Here is the part of the script with this attribute information.
I had left mine as default so I will add those names as my attributes and also leave the default type as “Global”.
We can now see our newly created attributes in the list.
Creating an Alarm
Now we are at the final stage, the creation of the alarm. We can go to “Menu” and then select “Hosts and Clusters”
Then select you name of your vCenter at the very top on the list on the left side, then “Configure” and under “More” select “Alarm Definitions”. Finally we will click on the “ADD” button to create our alarm.
The “Alarm Name” can be anything you want it to be named, as long as it makes since to you and whoever else is administrating this vCenter. “Target type” needs to be set to “Virtual Machines” and click “NEXT”.
Under the IF choose “Deploying VM” from the drop down menu. “Trigger the alarm and” you can set how you like with regards to the severity of this action, I set mine to “Show as Warning”. I chose to “Send email notifications” and in the “Email to” I put my email address. We select to “Run script” and in the “Run this script” section we type:
As the script was placed in the root directory when we used WinSCP and the file name we placed in that directory was named vm.alarm-attr.py and we click “NEXT”.
I do not set a “Reset Rule 1” as I do not want this to clear until I manually acknowledge the alarm. Click “NEXT”.
This is a review page that will enable the alarm. Click “SAVE”.
Testing and wrap up
Now we can test that everything is working by creating a VM and checking its attributes. I will not go through the VM creation, but the results will look like this:
As you can see, I created a VM called zTest_Alarm and you can see that the “VM_Creation” alarm ran and is waiting on an admin to acknowledge it. Most importantly is that when we scroll down to the “Custom Attributes” section of the VM you will see our to newly created attributes and that the script put values into the attributes so the username and the timestamp of when the VM was created. If you look under “Monitor” and “Events” you will see that the script ran and attribute values were placed in our custom attributes we created.
That’s it! If you have any questions please comment below and I will get back to you as soon as I can.
After configuring the above settings on multiple vCenters 6.7, I found that some would run the script with no errors, but would not populate the values of the created attributes. I found two things that needed to happen, 1. is that SSH needed to stay enabled on vCenter, whereas BASH can be disabled, and 2. a reboot of vCenter cleared up the issue and the attribute then began populating the values.
Now if I disabled and then re-enabled SSH it would again stop populating the values.