Troubleshooting esxi issues using vmkernel and other logs is daily task of vsphere administrator. for this SSH service should be running on esxi server so esxi server can be connected through putty, and in the end of the day if you have company policy in place where they says SSH service should be disable after work is done (I have seen in ICINGA or Nagios monitoring tools if SSH services is enabled it throws alert). It is time consuming when you want to check and stop ssh service on esxi server.
Here this script is handy check the status of SSH service and get report.
Check Status of service
Get-VMHost | Get-VMHostService | Where-Object {$_.Key -eq 'TSM-SSH'} | Select-Object -Property VMHost, Key, Label, Policy, Running
Check Status of SSH firewall rule it also shows status of service running or not
Get-VMHost | Get-VMHostFirewallException | Where-Object {$_.Name -eq "SSH Server"} | Select-Object VMHost, Name, Enabled, IncomingPorts, OutgoingPorts, TCP, ServiceRunning
Where running column shows what is the current state of service whether it is running false or true. Another state is policy, there are 3 options to this on, off, automatic.
Policy - on: (Start and stop with host): Starts and stops the SSH service when the host powers on or shuts down.
Policy - off: (Start and stop manually): Enables manual starting and stopping of the SSH service.
Policy - Automatic: (Start and stop with port usage): Starts or stops the SSH service when the SSH client port is enabled or disabled for access in the security profile of the host.
How to start (enable) SSH service on esxi hosts
before running this script you will need to connect to vcenter or esxi host through powercli before running this script, and once this script executed, you can simply run below cmdlet in the last to start services (you can use this function in your script)
Get-VMHost | Start-SSHService
How to Stop (disable) SSH service on esxi host
Stopping service is similar to starting service. run below commands in the last once below given script or function loaded into memory.
Get-VmHost | Stop-SSHService
While writing this script I faced some issues and it is mentioned in this KB Article
Schedule PowerShell (.PS1 file) script in Windows Task Scheduler - Part3
Here this script is handy check the status of SSH service and get report.
Check Status of service
Get-VMHost | Get-VMHostService | Where-Object {$_.Key -eq 'TSM-SSH'} | Select-Object -Property VMHost, Key, Label, Policy, Running
Check Status of SSH firewall rule it also shows status of service running or not
Get-VMHost | Get-VMHostFirewallException | Where-Object {$_.Name -eq "SSH Server"} | Select-Object VMHost, Name, Enabled, IncomingPorts, OutgoingPorts, TCP, ServiceRunning
Where running column shows what is the current state of service whether it is running false or true. Another state is policy, there are 3 options to this on, off, automatic.
Policy - on: (Start and stop with host): Starts and stops the SSH service when the host powers on or shuts down.
Policy - off: (Start and stop manually): Enables manual starting and stopping of the SSH service.
Policy - Automatic: (Start and stop with port usage): Starts or stops the SSH service when the SSH client port is enabled or disabled for access in the security profile of the host.
How to start (enable) SSH service on esxi hosts
before running this script you will need to connect to vcenter or esxi host through powercli before running this script, and once this script executed, you can simply run below cmdlet in the last to start services (you can use this function in your script)
Get-VMHost | Start-SSHService
function Start-SSHService {
[CmdletBinding()]
#####################################
## http://kunaludapi.blogspot.com
## Version: 1
## Tested this script on successfully
## 1) Powershell v3
## 2) Windows 7
## 3) vSphere 5.5 (vcenter, esxi, powercli)
#####################################
Param (
[Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true, Position=0)]
[ValidateNotNullOrEmpty()]
[Alias("Name")]
[string]$VMHost
)
begin {}
Process {
$AllServices = Get-VMHostService -VMHost $VMHost
$SShService = $AllServices | Where-Object {$_.Key -eq 'TSM-SSH'}
if ($SShService.running -eq $false) {
$SShService | Start-VMHostService -confirm:$false
}
else {
Write-Host -BackgroundColor DarkGreen -Object "SSH service on $VMHost is already running"
}
}
end {}
}
#Get-VMHost | Start-SSHService
How to Stop (disable) SSH service on esxi host
Stopping service is similar to starting service. run below commands in the last once below given script or function loaded into memory.
Get-VmHost | Stop-SSHService
function Stop-SSHService {
#####################################
## http://kunaludapi.blogspot.com
## Version: 1
## Tested this script on successfully
## 1) Powershell v3
## 2) Windows 7
## 3) vSphere 5.5 (vcenter, esxi, powercli)
#####################################
[CmdletBinding()]
Param (
[Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true, Position=0)]
[ValidateNotNullOrEmpty()]
[Alias("Name")]
[string]$VMHost
)
begin {}
Process {
$AllServices = Get-VMHostService -vmhost $VMHost
$SShService = $AllServices | Where-Object {$_.Key -eq 'TSM-SSH'}
if ($SShService.running -eq $true) {
$SShService | Stop-VMHostService -confirm:$false
}
else {
Write-Host -BackgroundColor darkGreen -Object "SSH service on $VMHost is already stopped"
}
}
end {}
}
While writing this script I faced some issues and it is mentioned in this KB Article
Schedule PowerShell (.PS1 file) script in Windows Task Scheduler - Part3
No comments:
Post a Comment