-
Notifications
You must be signed in to change notification settings - Fork 1
Home
LT edited this page Sep 15, 2025
·
5 revisions
Professional VMware vSphere automation, management tools, and learning resources for enterprise environments.
- PowerCLI Scripts: Automated vSphere management
- Configuration Templates: Best practice implementations
- Monitoring Tools: Performance and health checks
- Security Hardening: CIS benchmarks and STIG compliance
- Learning Materials: Hands-on labs and documentation
# Install PowerCLI
Install-Module -Name VMware.PowerCLI -Force -AllowClobber
# Set execution policy
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser
# Import modules
Import-Module VMware.PowerCLI# Clone repository
git clone https://github.com/uldyssian-sh/vmware-cis-vm.git
cd vmware-cis-vm
# Connect to vCenter
Connect-VIServer -Server vcenter.domain.com -User administrator@vsphere.local
# Verify connection
Get-VMHost | Select Name, ConnectionState, PowerState- VM Lifecycle Management: Creation, configuration, deletion
- Resource Pool Management: CPU, memory, storage allocation
- Network Configuration: vSwitches, port groups, VLANs
- Storage Management: Datastores, VMFS, NFS configuration
- Backup & Recovery: Snapshot management, replication
- CIS Benchmarks: vSphere security hardening
- STIG Compliance: DoD security requirements
- Audit Scripts: Configuration validation
- Vulnerability Assessment: Security posture evaluation
# CPU utilization monitoring
Get-Stat -Entity (Get-VMHost) -Stat "cpu.usage.average" -Start (Get-Date).AddDays(-7)
# Memory usage analysis
Get-VM | Get-Stat -Stat "mem.usage.average" | Sort-Object Value -Descending
# Storage performance
Get-Datastore | Get-Stat -Stat "datastore.totalReadLatency.average"# Create new VM from template
$vmParams = @{
Name = "WebServer-01"
Template = "Windows2019-Template"
VMHost = "esxi-host-01.domain.com"
Datastore = "DataStore-SSD-01"
ResourcePool = "Production"
}
New-VM @vmParams
# Configure VM resources
Set-VM -VM "WebServer-01" -MemoryGB 8 -NumCpu 4 -Confirm:$false# Create distributed port group
$vds = Get-VDSwitch -Name "Production-VDS"
New-VDPortgroup -VDSwitch $vds -Name "Web-Tier" -VlanId 100
# Configure VM network
Get-VM "WebServer-01" | Get-NetworkAdapter | Set-NetworkAdapter -Portgroup "Web-Tier" -Confirm:$false# Create VMFS datastore
$vmhost = Get-VMHost "esxi-host-01.domain.com"
$lun = Get-ScsiLun -VMHost $vmhost -LunType disk | Where {/tmp/vmware-cis-vm-wiki.CanonicalName -like "*naa.600*"}
New-Datastore -VMHost $vmhost -Name "DataStore-Production" -Path $lun.CanonicalName -VMFS- vSphere Architecture: ESXi, vCenter, vSAN components
- Installation & Configuration: ESXi deployment, vCenter setup
- Virtual Machine Management: Creation, configuration, templates
- Basic Networking: Standard switches, port groups
- Advanced Networking: Distributed switches, VLANs, load balancing
- Storage Technologies: VMFS, NFS, vSAN, Storage Policies
- Resource Management: DRS, HA, vMotion, Storage vMotion
- Backup & Recovery: Snapshots, replication, disaster recovery
- Automation: PowerCLI scripting, REST APIs, vRealize Orchestrator
- Security Hardening: CIS benchmarks, STIG compliance
- Performance Optimization: Monitoring, troubleshooting, tuning
- Integration: NSX, vRealize Suite, third-party tools
# Create custom role
New-VIRole -Name "VM-Operator" -Privilege @("VirtualMachine.Interact.PowerOn", "VirtualMachine.Interact.PowerOff")
# Assign permissions
New-VIPermission -Entity (Get-Folder "Production") -Principal "DOMAIN\VMOperators" -Role "VM-Operator"- Disable unnecessary services
- Configure NTP synchronization
- Enable lockdown mode
- Set password policies
- Configure syslog forwarding
- Enable certificate validation
# Generate performance report
$report = @()
Get-VMHost | ForEach-Object {
$hostStats = Get-Stat -Entity $_ -Stat @("cpu.usage.average", "mem.usage.average") -Start (Get-Date).AddHours(-24)
$report += [PSCustomObject]@{
Host = $_.Name
CPU_Avg = ($hostStats | Where {/tmp/vmware-cis-vm-wiki.MetricId -eq "cpu.usage.average"} | Measure-Object Value -Average).Average
Memory_Avg = ($hostStats | Where {/tmp/vmware-cis-vm-wiki.MetricId -eq "mem.usage.average"} | Measure-Object Value -Average).Average
}
}
$report | Export-Csv "VMHost-Performance-Report.csv" -NoTypeInformation# Automated health check
function Test-vSphereHealth {
$results = @()
# Check host connectivity
Get-VMHost | ForEach-Object {
$results += [PSCustomObject]@{
Type = "Host"
Name = $_.Name
Status = $_.ConnectionState
Issue = if ($_.ConnectionState -ne "Connected") { "Host disconnected" } else { "OK" }
}
}
# Check VM status
Get-VM | Where {/tmp/vmware-cis-vm-wiki.PowerState -ne "PoweredOn"} | ForEach-Object {
$results += [PSCustomObject]@{
Type = "VM"
Name = $_.Name
Status = $_.PowerState
Issue = "VM not powered on"
}
}
return $results
}- vSphere 8.0 Documentation Center
- ESXi Installation and Setup
- vCenter Server Installation
- vSphere Virtual Machine Administration
- vSphere Security Configuration Guide
- CIS VMware vSphere Benchmark
- DISA STIG for VMware
- VMware Security Advisories
- Fork the repository
- Create feature branch (
git checkout -b feature/enhancement) - Follow PowerShell best practices
- Test in lab environment
- Update documentation
- Submit pull request
- Use approved PowerShell verbs
- Include comment-based help
- Implement error handling
- Follow naming conventions
- Add parameter validation
Educational and professional use - see LICENSE file for details.