Script to Make Distributed Switch Port Groups

One of my customers is running many vCenter servers at many different sites.  Each site has its own distributed vSwitch, which we want to be based on an enterprise standard configuration.  That said, each site has specific needs and so needs to be able to vary from that enterprise standard.  What's that?  A repetitive task where many distinct objects need to have precise configurations applied to them?  Let's write a script!

I'm going to experiment with posting this script to GitHub rather than trying to put the thing in here as text.  It'll hopefully make it easier for people to use and will give me some version control and generally make it easier to access these things.  Before you use the script, make sure that the Distributed vSwitch exists and that your PowerCLI session is connected to vCenter.  So, how's this script work?

Well, you call it like this: make-vdspg.ps1 -vdswitch site-vSwitch

But it actually has more options than that (I've just added defaults to some of the options so that I don't have to type them in all the time).  It has a -configFile option; this option specifies the path to the CSV config file that describes all of the PortGroups that should exist on the distributed vSwitch.  It also has a -fixErrors switch; if this switch is turned on, the script will modify existing Port Groups that do not conform to the specifications in the config file.  Be careful with that one!  The last option is -vdswitch.  This is the name of the distributed vSwitch that you intend to manipulate,

So, what's the config file look like?  Well, it should simply be a CSV with the following columns: Name, VLAN, PortBinding, DVS.  The Name column specifies the name of the Port Group.  The VLAN column specifies the VLAN tag to assign to the port (use 0 for untagged ports).  The PortBinding column is used to make the PortGroup Ephemeral or Static.  The DVS column specifies the name of the DVS on which the PortGroup should be defined.

This is built to accommodate a single configuration file that can be used to control many vSwitches.  These switches have a site prefix and then a suffix that describes the nature of the vSwitch.  My config file has lines that are for specific vSwitches, which contain both the site prefix and the suffix, but most of the lines are generic and only contain the suffix.  When you specify the vSwitch name through the -dvswitch option, it is designed to read in any line for that specific vSwitch or any generic line that only specifies the suffix that belongs to the specified vSwitch.  So, if you're working on the SAC-Production vswitch, it will load all lines that specify "SAC-Production" in the DVS column, as well as all lines that specify "Production" in that column.

Please be careful when running scripts that you find on the internet.  This worked for me in this particular situation, but that's no guarantee that it'll work for you in yours.  Test thoroughly and make sure that you understand the script before executing it!  If you're interested in checking out the script, you can download it at my Github script repository.


I put together a simple sample of the input CSV below.  This file defines 3 Port Groups.  The first one is named "VL1-NetMgmt" and is on VLAN 1 and goes on the SAC-Production vSwitch.  The second one is named "VL2-Servers" and it is on VLAN 2 and goes on all Production vSwitches.  The third one is named "VL3-VDI" and is on VLAN 3 and goes on the SF-Production vSwitch.

Comments

  1. Hi Jason,

    This looks really useful. Is there any chance we could get some examples on how to run the script and what the csv should look like please?

    Thanks,
    Gerg

    ReplyDelete
    Replies
    1. I went ahead and posted an example CSV. Do you have any specific questions about how to use the script, as I tried to explain its use in the body of the post?

      Delete
  2. Jason,

    How are you setting the number of ports on each vlan?

    ReplyDelete
    Replies
    1. I haven't been, as the customer for whom I wrote this only uses Ephemeral Port Groups. It should be easy to add a column to the CSV and then read that in. Alternately, if you have a standardized size, you could just hard code it with the -NumPorts arguement on the set-dvportgroup cmdlet.

      Delete
    2. Ahh I see. Yeah, I'm going to add a column in the .csv named NumPorts and then try adding -NumPorts $_.NumPorts after the new-vdportgroup -name $thisPortGroup.name

      Delete
  3. Hi Jason!

    Just wanted to say thank you for your script that helped me a lot during a migration from a Nexus 1000V to a virtual distributed switch from VMware.
    Based on your script, I have written a script for creating Virtual Port Group on Virtual Standard Switch.

    I have to say that your code is very clean from dev point of view and well indent.

    Thanks a lot!

    Best regards,

    ReplyDelete
    Replies
    1. I'm glad that you found it helpful!

      Delete
    2. In vSphere 6.x when you create an new Distributed Port group it defaults to 8 ports right, however claims to increase decrease as needed right? When I run this vice create my own it sets to 128?

      Delete
    3. Additionally would you know how to resolve this?

      My one liner to get a current vDS Port group listing (that I would later use this script with is:
      Get-VDSwitch -Name "01 DMZ dvSwitch" | Get-VDPortGroup |Select Name, @{N="VLANId";E={$_.Extensiondata.Config.DefaultPortCOnfig.Vlan.VlanId}}, PortBinding, VDSwitch |Export-CSV C:\temp\Scripts\ScriptInput\DVS.csv -NoTypeInformation -Force

      If we have IP block info in the name, example---
      MyFavPortGroup (172.31.139.0/24)
      The one-liner cant handle the / and puts a %2f and renames the output to MyFavPortGroup (172.31.139.0%2f24)
      Any idea how to defeat other than NOT put special char in PortGroup name. :-)

      Delete
    4. Edward - the first thing that I'd look at is the output from the get-vdportgroup command, to make sure that it's coming through correctly. I just did a quick test for export-csv and it looks like it has no problems with the forward slash, so I would expect that it's an issue with get-vdportgroup.

      It's ugly, but you could fix it with string replacement after the fact, by doing something like this in your Select:

      @{N="Name";E={$_.name.replace('%2f','/')}}

      Delete

Post a Comment

Sorry guys, I've been getting a lot of spam recently, so I've had to turn on comment moderation. I'll do my best to moderate them swiftly after they're submitted,

Popular posts from this blog

Clone a Standard vSwitch from one ESXi Host to Another

PowerShell Sorting by Multiple Columns

Deleting Orphaned (AKA Zombie) VMDK Files