Recently I worked in the environment where we needed to modify multiple UCS Service Profiles, adding and removing VLANs to/from vNICs.
If you are using vNIC templates – it is just a few clicks and you are done. But what if you don’t? What if you have 20 Service Profiles and each has 10 vNics and you have to add one VLAN and remove the other? And what if you have more???
Yes, you can do all this in UCSM but you will probably die get bored/make mistakes after all those clicks :)
Here is how you do this via CLI/SSH:
fi6120-A# scope service-profile server 3/7 <-- we need to go to our service profile fi6120-A /org/service-profile # show vnic <-- we can check our vnic names vNIC: Name Fabric ID Dynamic MAC Addr Virtualization Preference ------------------ --------- ------------------ ------------------------- eth0 A 00:25:B5:A0:00:27 NONE eth1 B 00:25:B5:B0:00:27 NONE fi6120-A /org/service-profile # scope vnic eth0 <-- we need to go to particular vnic fi6120-A /org/service-profile/vnic # create eth-if vblock_esx_vmotion <-- and create vlan fi6120-A /org/service-profile/vnic/eth-if* # commit-buffer <-- and commit changes fi6120-A /org/service-profile/vnic/eth-if # exit <-- now if we want to remove it we need to go up 1 level fi6120-A /org/service-profile/vnic # delete eth-if vblock_esx_vmotion <-- and we can remove it here fi6120-A /org/service-profile/vnic* # commit-buffer <-- remember to commit changes fi6120-A /org/service-profile/vnic # exit <-- one level up fi6120-A /org/service-profile # scope vnic eth1 <-- and we can go to another vnic and repeat everything fi6120-A /org/service-profile/vnic #
but this still requires to touch all objects and we are lazy need to be more efficient, right? ;)
Powershell to the rescue!
You can download Cisco UCS PowerTool and the documentation from Cisco web site:
https://communities.cisco.com/docs/DOC-37154
Get-Module -ListAvailable {Skipped} Directory: C:Program Files (x86)CiscoCisco UCS PowerToolModules ModuleType Version Name ExportedCommands ---------- ------- ---- ---------------- Binary 1.1.2.0 CiscoUcsPS {Export-UcsXml, Export-UcsMoXml, Compare-UcsManagedObject, Start-UcsKvmSession...} Import-Module -Name CiscoUcsPS
We will be working with multiple VLANs so let’s create a small vlan.csv file with the following content:
vlan_name
vlan100
vlan101
vlan102
vlan103
and save it to, for example, C:Scripts
.
To add VLAN you can execute this simple script:
Connect-Ucs UCS_Manager_IPaddress -Credential (Get-Credential) $csv = Import-Csv C:Scriptsvlan.csv foreach ($row in $csv) { Get-UcsServiceProfile -Filter 'Name -ilike dc2esx*' | Get-UcsVnic | Add-UcsVnicInterface -Name $row.vlan_name } Disconnect-Ucs
After few second all these VLANs will be added to all Service Profiles where service profile name is like “dc2esx”.
OK, let’s remove some as well:
Connect-Ucs UCS_Manager_IPaddress -Credential (Get-Credential) $csv = Import-Csv C:Scriptvlan.csv foreach ($row in $csv) { Get-UcsServiceProfile -Filter 'Name -ilike dc2esx*' | Get-UcsVnic | Get-UcsVnicInterface -Name $row.vlan_name | Remove-UcsVnicInterface -Force | Out-File C:Scriptsvlan.log } Disconnect-Ucs
This time we removed all VLANs and in addition we have a log from this operation – we love logs right?
Using '-Force'
option will remove a prompt “Are sure to remove object…”
Easy? Remember, Powershell is extremely powerful! Think twice before you execute any script!
And do backup! You can use Powershell for it as well:
Backup-Ucs -Type full-state -PathPattern 'C:Backups${ucs}-${yyyy}${MM}${dd}-${HH}${mm}-full-state.tar.gz'
Do you know of a way to add a VLAN to a VLAN Group, or check if it the VLAN is member of any VLAN Group?
Never mind :) Found it: Get-UcsFabricPooledVlan
Hi LittleNickey,
Great question.
You can do it from cli:
http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/cli/config/guide/2-2/b_UCSM_CLI_Configuration_Guide_2_2/b_UCSM_CLI_Configuration_Guide_2_2_chapter_010000.html#concept_B2E1ECE33E65492CB430B027C561D7DC
but I don’t see cmdlet (but I can be blind today…)
Can this be ran against profiles with live VM’s running on it, or will it cause them to loose communication?
I’ve done it on live service profiles without any problems. I’ve never tried removing any this way, but as long as the vlan isn’t actively being used, I don’t see why there would be a problem.
Dwoosley: I’ve been able to add vlans with live service profiles with no impact. Haven’t tried removing any yet, but as long as the vlan isn’t in active use, I don’t think there would be a problem.
Is there a way of importing vNic Templates from csv?
Is there anyway to see if a VLAN name is in use? I have multiple VLANS with the same ID. I want to remove all ones that are using the old naming convention. I can only see he new vlans names in the active vNIC temples.