WilliamLam.com

How to enable remote REST API access for VMware Fusion 10

by // 4 Comments

In case you did not hear the good news, VMware Fusion 10 along with its older brother VMware Workstation 14 just GA'ed a few days ago and there are a TON of cool new features (like new Network Simulator) for both product lines. I am personally excited about the Automation capabilities that have been introduced in Fusion which includes a brand new REST API which I wrote about here during the Tech Preview release.

There was a lot of great feedback both from the community as well as myself on the REST API in particular. It looks like Fusion team took the feedback very seriously and have made a number of improvements to the GA release.

The first enhancement is that users will now be required to setup credentials before the REST API endpoint can start. During the Tech Preview, there was no way to setup passwords and anyone could login remotely to the API which was not a good thing from a security standpoint. Below is a screenshot if you try to run the vmrest binary without configuring your credentials.


Secondly, there are a number of configurable options that the vmrest utility now supports such as binding to a specific IP Address or changing the default port. These were not configurable during the Tech Preview and I am glad the Fusion team has added more flexibility to where the REST API endpoint could run.

Usage of ./vmrest:
  -c, --cert-path <cert-path>
    	REST API Server certificate path
  -C, --config
    	Configure credential
  -d, --debug
    	Enable debug logging
  -h, --help
    	Print usage
  -i, --ip <ip>
    	REST API Server IP binding (default 127.0.0.1)
  -k, --key-path <key-path>
    	REST API Server private key path
  -p, --port <port>
    	REST API Server port (default 8697)
  -v, --version
    	Print version information

Lastly, the REST API now also supports both HTTP and HTTPS where-as before, only HTTP was supported. In addition, if you wish to expose the REST API remotely (e.g. not-running on the loop back address), you will also be required to have the API endpoint running over HTTPS. Overall, these are fantastic changes and thank you to the Fusion team for being security conscious with their first release of the Fusion REST APIs.

[Read more...]

Automating VM keystrokes using the vSphere API & PowerCLI

by // 41 Comments

I am constantly amazed at the number of new use cases that can now be enabled with some of the new and updated capabilities of our vSphere Platform. I recently discovered a new vSphere API that was introduced in vSphere 6.5 called PutUsbScanCodes() which may sound a little strange but it enables some really slick Automation capabilities. This feature allows customers to send keyboard character keystrokes directly to a VM regardless of the underlying OS. In fact, the OS does not even have to be booted up for this to work which means there is no reliance on VMware Tools as this is happening at the Virtual Hardware layer.

You might ask, why would this be interesting? Lets take a look at a scenario that I had ran into years ago when I was a customer and why this feature would have really helped. At the time, there were several Virtual Appliance solutions that I needed to deploy, although I could automate the deployment, I could not automate the initial setup process. The reason for this is that before the OS is fully booted up, it required the user to interactively provide password on boot which can only be done using the VM Console. This meant solutions like the Guest Operations API was out of the question since VMware Tools is not running during this time. I suspect many of you have probably came across a similiar situation, where you are prompted for a password or some other manual input was required and the only solution is to be in front of the VM Console. Some other interesting use cases that this feature could help with are OS installations where automated deployments may not be possible due to the type of OS, automated filesystem check (fsck) or verification where manual intervention was the only option. The possibilities for this API is truly endless and I am sure there are many many more use cases where this feature could be used.

OK, so now that are you sold on the feature, lets take a look at how it works! I have built a PowerCLI script called VMKeystrokes.ps1 which demonstrates the use of this vSphere API.

The API takes in an array of scan code events or what is referred to as USB Human Interface Device (HID) Codes which is part of the USB specification for human interactions with a computer system. There was not any details on what exactly this even looked like, so it took me awhile to figure out the input and what the API was expecting. I found this online reference here which provided a mapping of keyboard keys to their respective scan codes which I have implemented a subset of the scan codes within my script. However, upon further inspection, these scan codes could not be used as-is and required a conversion to the appropriate HID format which can be seen in my code. There also a modifier type within the API that can be associated with a given scan code. One use for this is to send an upper-case character rather than a lower case.

Lets now go through a demonstration to see how the Set-VMKeystrokes function works. In my environment, I have a PhotonOS VM running and I want to automate the login via the console which means I want to pass in the username (root), hit return, pass in the password (VMware1!) and hit return.

[Read more...]

VMworld Hackathon vSphere Client Login UI Theme

by // 7 Comments

For those of you who attended this years VMworld Hackathon (US/Europe), you may have noticed something different when logging into the vSphere Web/H5 Client? In case you missed it or could not attend, here is a GIF demonstrating what you would have saw:

via GIPHY

No, the VMworld Hackathon environment was not hacked 😉 but instead I had built a very special VMworld Hackathon vSphere Client Login UI Theme for the event. I was also getting tired of looking at our boring blue login screen. Customizing the vSphere Client Login UI has been possible (though not officially supported by VMware) since vSphere 6.0 which I have written about here, here and most recently here (due to vSphere 6.5 Update 1 changes). Having received a large number of requests from folks who attended the Hackathon as well as folks who had heard or saw the customization who wish to replicate this in their own environment, I have posted the instructions below.

This slick customization would not have been possible without the help from Timo Sugliani (thanks dude!) who was the one that made me aware of the two of the creatives that then gave me the idea to combine them into a vSphere Client Login UI Theme. The first is V for Vendetta image which can be found here and the second is super slick interactive Bootstrap animation which can be found here. Lastly, I added my own touch by using a Mr. Robot font from this site here which goes really well with the overall theme.

[Read more...]