Last Week I had to analyze a huge VMware vSphere environment regarding configuration issues and risks. One of the challenges was to Compare installed VMware ESXi VIBs, to make sure not only the kernel but all packages are identical on the Hosts within the Cluster. Different packages on the VMware ESXi hosts are not necessarily a problem but a huge risk. An unused (not loaded) driver VIB for example is no risk, but different NIC driver versions on the Hosts in a VMware NSX enabled Cluster are a huge problem.
The Function – Compare installed VMware ESXi VIBs
The comparison of the installed VIBs is based on the PowerShell Cmdlet Compare-Object:
The
Compare-Object
cmdlet compares two sets of objects. One set of objects is the “reference set,” and the other set is the “difference set.”
The data (Array of VIB IDs) for the comparison is simply gathered via the VMware PowerCLI Cmdlet Get-ESXCLI -V2.
My function only accepts a single vSphere Cluster object as input. If you need to verify multiple clusters against the reference host, the cluster input can also be piped: Get-Cluster | Validate-ESXiPackages -RefernceHost $(Get-VMHost “<Hostname>”)
In all of the above examples, the VibDiffSideIndicator property is missing. This additional property should indicate if the package is missing on the reference host or the verified host. Explanation from the Compare-Object documentation:
The result of the comparison indicates whether a property value appeared only in the object from the reference set (indicated by the <= symbol), only in the object from the difference set (indicated by the
=>
symbol) or, …
In my example is the NSX-V VIB not installed on the reference host but on the verified host:
function Validate-ESXiPackages { <# .DESCRIPTION Compares all ESXi Host VIBs within a vSphere with a reference Hosts. .NOTES File Name : Validate-ESXiPackages.ps1 Author : Markus Kraus Version : 1.0 State : Ready .LINK https://mycloudrevolution.com/ .EXAMPLE Validate-ESXiPackages -Cluster (Get-Cluster | Select-Object -First 1) -RefernceHost (Get-VMHost | Select-Object -First 1) .PARAMETER Cluster vSphere Cluster to verify .PARAMETER RefernceHost The VIB Reference ESXi Host #> [CmdletBinding()] param( [Parameter(Mandatory=$True, ValueFromPipeline=$True, HelpMessage="vSphere Cluster to verify")] [ValidateNotNullorEmpty()] [VMware.VimAutomation.ViCore.Impl.V1.Inventory.ComputeResourceImpl] $Cluster, [Parameter(Mandatory=$True, ValueFromPipeline=$false, HelpMessage="The VIB Reference ESXi Host")] [ValidateNotNullorEmpty()] [VMware.VimAutomation.ViCore.Impl.V1.Inventory.InventoryItemImpl] $RefernceHost ) Process { #region: Get reference VIBs $EsxCli2 = Get-ESXCLI -VMHost $RefernceHost -V2 $RefernceVibList = $esxcli2.software.vib.list.invoke() #endregion #region: Compare reference VIBs $MyView = @() foreach ($VmHost in ($Cluster | Get-VMHost)) { $EsxCli2 = Get-ESXCLI -VMHost $VmHost -V2 $VibList = $esxcli2.software.vib.list.invoke() [Array]$VibDiff = Compare-Object -ReferenceObject $RefernceVibList.ID -DifferenceObject $VibList.ID if($VibDiff.Count -gt 0) { $VibDiffSideIndicator = @() foreach ($Item in $VibDiff) { $VibDiffSideIndicator += $($Item.SideIndicator + " " + $Item.InputObject) } } else { $VibDiffSideIndicator = $null } $Report = [PSCustomObject] @{ Host = $VmHost.Name Version = $VmHost.Version Build = $VmHost.Build VibDiffCount = $VibDiff.Count VibDiff = $VibDiff.InputObject VibDiffSideIndicator = $VibDiffSideIndicator } $MyView += $Report } #endregion $MyView } }
Get the Function
The Function is part of my vSphere-Modules GitHub Repository. Direct Link to the Function: Validate-ESXiPackages.psm1
If my pull request will be accepted, the Function is also available in the VMware PowerCLI-Example-Scripts GitHub Repository.