WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
  • VKS
  • Homelab
    • Hardware Options
    • Hardware Reviews
    • Lab Deployment Scripts
    • Nested Virtualization
    • Homelab Podcasts
  • VMware Nostalgia
  • Apple

Enhancements to VMware Cloud Foundation (VCF) & vSphere Automated Lab Deployment Scripts

03.03.2025 by William Lam // 2 Comments

Simplicity is something I try to strive for when creating automation, whether that is for myself or for our customers. When I develop a script, I try to keep everything within a single file, so that it is easy to share and consume. As a script increases in functionality, it may be useful to break out some of its functions, typically libraries or modules.

I was recently debugging an issue with my popular automated lab deployment script for VMware Cloud Foundation (VCF) and while looking through the script that the user had been using, I found numerous variables that were commented out and replaced with their own values, which looked like they had different configuration and environments where they were using this single script.

It then hit me, why have I not considered externalizing all the variables that the script relied on, such that a user could easily supply different configuration options without needing to edit the primary deployment script!? 😅

[Read more...]

Categories // Automation, VMware Cloud Foundation, VMware vSphere Foundation, VSAN Tags // VMware Cloud Foundation, VSAN, vSphere

Quick Tip - Audit vCenter Server Role & Permission Usage

02.26.2025 by William Lam // 2 Comments

vCenter Server ships out of the box a number of system and custom roles, which can be used or users can create their own custom roles containing the required privileges. If you wanted to understand which roles are actively being used, the following PowerCLI snippet can help provide insights to roles that have been assigned. Furthermore, the script will also output to a file, that contains all he privileges defined for the vCenter Roles that are in active use.

$roles = Get-VIRole
$permissions = Get-VIPermission

$results = @{}
foreach ($permission in $permissions) {
    $role = $permission.Role
    if($results.ContainsKey($role)) {
        $results[$role]+=1
    } else {
        $results[$role]=1
    }
}

Write-Host "`nTotal Roles: $($roles.count)"
Write-Host "Total Roles Used: $($results.count)"
Write-Host "Role Usage:"

$results.GetEnumerator() | Sort-Object -Property Value -Descending

$outfile = "used-roles.txt"
foreach ($key in $results.keys) {
    $role = Get-VIRole $key
    if(!$role.IsSystem) {
        $key | Out-File -Append -LiteralPath $outfile
        "=========================================================" | Out-File -Append -FilePath $outfile
        $role.ExtensionData.Privilege | Out-File -Append -LiteralPath $outfile
        "" | Out-File -Append -LiteralPath $outfile
    }
}

Here is an example output of running the script:


Here is an example output from used-roles.txt file that is generated, which contains the list of privileges for each role that is in use:

Categories // Automation, PowerCLI, vSphere Tags // permission, vCenter Server

Quick Tip - Auditing ESXi boot firmware type

02.10.2025 by William Lam // Leave a Comment

I had a customer that recently reached out asking how they could easily audit their entire ESXi infrastructure to determine which hosts was still booting using the legacy BIOS firmware, which has been deprecated and will be removed in a future vSphere release, in favor of the industry standard UEFI firmware type.

In vSphere 8.0 Update 2, a new vSphere API property called firmwareType was introduced and added to the ESXi Hardware BIOS info object that makes it very simple to retrieve with the following PowerCLI 1-Liner:

(Get-VMHost).ExtensionData.Hardware.BiosInfo

Here is an example output for an ESXi host booting with UEFI firmware:


Here is an example output for an ESXi host booting with BIOS firmware:


Since this vSphere API property was recently introduced in vSphere 8.0 Update 2, if you attempt to use this on an ESXi host that is not running 8.0 Update 2, then you will see the field being blank if you are using a newer release of PowerCLI that understands this new property or it will simply not show if you are using an older version of PowerCLI.


Alternatively, if you still need to retrieve this information, you can go directly to ESXi host via SSH, not ideal but you can use the following VSISH command to retrieve this exact information:

vsish -e get /hardware/firmwareType

Categories // Automation, ESXi, PowerCLI Tags // bios, ESXi, firmware, UEFI

  • « Previous Page
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • …
  • 224
  • Next Page »

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Mastodon
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • Ultimate Lab Resource for VCF 9.0 06/25/2025
  • VMware Cloud Foundation (VCF) on ASUS NUC 15 Pro (Cyber Canyon) 06/25/2025
  • VMware Cloud Foundation (VCF) on Minisforum MS-A2 06/25/2025
  • VCF 9.0 Offline Depot using Synology 06/25/2025
  • Deploying VCF 9.0 on a single ESXi host? 06/24/2025

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2025

 

Loading Comments...