Baseline groups with powercli

Ok, i have no idea how EXACTLY that works, nobody could explain this to me, including my vmware TAM. But this it what i came up with. It’s only useful i suppose when you are dealing with a lot of update managers/baselines groups.

$JSESSION is something that comes up in your cookie after you have logged in to your webclient. You can install an addon into your chrome/firefox/etc… that shows you your cookies . I could not figure out how to obtain JSESSION variable automatically.  I used HTML5 webclient + fiddler in order to check how the calls were made and tried to reproduce them. Everything works as expected .

code:

 


function get-VUMnodeid($VC,$JSESSION){
$AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
[System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
$JSESSION= $JSESSION -replace ";"
$uri = 'https://'+$VC+'/ui/vum-ui/rest/vcenters'
$cookie = New-Object System.Net.Cookie
$cookie.Name='JSESSIONID'
$cookie.Value=$JSESSION
$cookie.Domain = 'cookie.domain.something.com'
$session = New-object Microsoft.PowerShell.Commands.WebRequestSession
$session.Cookies.Add($Cookie)
#Invoke-WebRequest -uri $uri -WebSession:$session
$request = ((Invoke-WebRequest -uri $uri -WebSession:$session).Content |convertfrom-Json).GetEnumerator() | ?{$_.name -eq $VC}
return $request.nodeid
}
function get-baselinegroup($VC,$JSESSION){
$AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
[System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
$JSESSION= $JSESSION -replace ";"
$vumid = get-VUMnodeid -vc $VC
$uri = 'https://'+$VC+'/ui/vum-ui/rest/nodes/'+$vumid+'/baselineGroups/'
$session = New-object Microsoft.PowerShell.Commands.WebRequestSession
#$cookiestr = 'Cookie: JSESSIONID=C164315B4958845216338B7C3F568090;'
#$cookiestr = 'Cookie: JSESSIONID=AE57E580958B38E21D2B892840BC8A6D; JSESSIONID=60F391E14417C6D581A34BBF01E03DF0; VSPHERE-UI-XSRF-TOKEN=7fff48d9-54fc-4244-98ba-4a7513858476; VSPHERE-USERNAME=gregk%40management.is; VSPHERE-CLIENT-SESSION-INDEX=_ea276e26b355abc989243d26ecbd4958; _pk_id.1.da8d=65733ab98c5fe089.1548769895.4.1549275686.1549271755..a6c285c80359fd81a3dbc83835bbca941eae248ec84b999da3d8fe12190ebb39'
#$cookiestrarray = $cookiestr.split()|?{$_ -match 'JSESSION'} |% {$_ -replace ";"}|%{$_.split('=')[1]}
$cookie = New-Object System.Net.Cookie
$cookie.Name='JSESSIONID'
$cookie.Value=$JSESSION
$cookie.Domain = $VC
$session.Cookies.Add($Cookie)

$session.headers.Add('Accept-Language',' en-US,en')
$session.headers.Add('Accept-Encoding','application/json')
#Invoke-WebRequest -uri $uri -WebSession:$session
write-host $uri
$request = ((Invoke-WebRequest -uri $uri -WebSession:$session).Content |convertfrom-Json).GetEnumerator()
return $request
}

 
function Get-BaselinegroupBaselines($VC,$BGid,$JSESSION){
$AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
[System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
#cookiestr the JSESSIONID has to be the right one
$vumid = get-VUMnodeid -vc $VC
$uri = 'https://'+$VC+'/ui/vum-ui/rest/nodes/'+$vumid+'/baselineGroups/'+$BGid
$session = New-object Microsoft.PowerShell.Commands.WebRequestSession
#$cookiestr = 'JSESSIONID=C164315B4958845216338B7C3F568090;'

$JSESSION= $JSESSION -replace ";"
$cookie = New-Object System.Net.Cookie
$cookie.Name='JSESSIONID'
$cookie.Value=$JSESSION
$cookie.Domain = $VC
$session.Cookies.Add($Cookie)

$session.headers.Add('Accept-Language',' en-US,en')
$session.headers.Add('Accept-Encoding','application/json')

$parentBG = (Get-Baselinegroup -jsession $JSESSION -vc $vc|?{$_.id -eq $bgId}).Name
$request = ((Invoke-WebRequest -uri $uri -WebSession:$session).Content |convertfrom-Json).Updates | select -unique -property baselineName| select *, @{n='parentBG';e={$parentBG}}
return $request
}

$VC should be your virtualcenter at which VUM is registered, your VC can be in linked mode as well. When you will open fiddler you will see that you can translate even creating baselinegroups , add something to baseline groups etc etc.. All we have to have is that JSESSION cookie with us. Heh.. before that i automated even Internet Explorer to get this cookie automatically but i failed at it ,as i could not get THAT PARTICULAR JSESSION cookie, i saw other cookies but not jsession so i gave up, and if i have to do now work at a lot of baselinegroups i just catch that JSESSION from cookie in browser addon.

Advertisements