Virtually Sober

If there is free booze and Virtualization; I'm there!

Tag Archives: Scripting

Scripting a Zerto Recovery Plan v2

One of the most popular blog posts in the archive has been scripting recovery plans in Zerto. This is most likely because one of the most frequent requests I hear is the ability to control the boot ordering of Virtual Protection Groups (VPGs), not just the VMs within a VPG. This makes total sense when you have multiple tiers of applications and you want to recover them in order of priority or based on inter-dependencies.

In version 5.0 U2, Zerto included the ability to reverse the protection using the REST API. This meant I could finally deliver a script that automates failover and failback operations in a orchestrated fashion! In a first for virtuallysober.com I decided to give an overview of the script using a video:

Read more of this post

Automated bulk IP address reconfiguration with Zerto Virtual Replication

When configuring IP address changes in Zerto Virtual Replication (ZVR) one common challenge is data entry. Yes, it’s certainly easy to configure the new IP addresses in the GUI, but when you are protecting hundreds of VMs with hundreds of vNICs then using the GUI can become a problem. Not only will it take you a long time to configure each vNIC one by one, but you are introducing the risk of human error.

editvnic

To solve this challenge I created 2 PowerShell scripts to fully automate re-IP addressing in bulk. The first script “ZVR Bulk Re-IP Export v1.ps1” exports a list of every protected VM vNIC to a CSV with a column for each configuration item possible. You will need to protect every VM first for its vNIC info to be exported, edit the variables at the top of script for your environment, then run it to get the below output: Read more of this post

Catching Ransomware infections with a Honeypot script & integration into Zerto Virtual Replication

Through my work at Zerto I’ve delivered multiple presentations and webinars on ransomware and how Zerto enables you to recover VMs, files and folders from seconds before the data was encrypted to minimize data loss and avoid having to pay a ransom. One question I’ve often been asked is how do I know what point in time my files were encrypted? And in one recent presentation a customer told me that their user didn’t tell IT until 3 days after the infection had occurred!

This got me thinking on how we could alert on this which led me to evaluate the different ransomware honeypot example scripts available online. These scripts validate a file placed on a user mapped share, where everyone has write permissions, against a gold or witness copy to catch the ransomware infection then perform a set of actions when found. In testing the multiple examples I struggled to find one that coped with the file itself being changed, I.E the extension changing, that ran consistently and none indicated this alert in the Zerto journal so I decided to write an example that did all of this and more. Read more of this post

Scripting a Recovery Plan

To protect VMs with Zerto they need to be placed into Virtual Protection Groups (VPGs) which are consistency groupings of VMs that are typically configured on a per application basis. A VM can only exist in 1 VPG at once, you can only failover the entire VPG and you can define the boot order of VMs inside each VPG.

A common request I receive is to specify a boot order between VPGs (a recovery plan) so that you can bring VPGs online in a specified order with time delays and pre/post failover scripts. A perfect use case is bringing Application 1 (I.E a Finance DB) online before Application 2 (I.E a CRM). You could work around this by placing all the VMs that form both applications in the same VPG, but this then removes the fidelity of failing over an individual application in the cases of logical failures. Another use case is running a site wide script that should only be initiated when failing over everything.

Based on this requirement I decided to create the Recovery Plan script. Read more of this post

Adding Zerto cmdlets to a script

In order to run Zerto cmdlets inside a script you have to add the snapin. This is easily done with the following command:

add-pssnapin Zerto.PS.Commands

Read more of this post

Scripting with Zerto Basics

To run PowerShell scripts with Zerto I recommend the following requirements be fulfilled, on the host running the scripts, as a best practice to cover running anything and everything:

  1. PowerShell 3.0 installed (available here)
  2. Zerto PowerShell Cmdlets 3.1 onwards (available from the Zerto Self-Service Portal here)
  3. Zerto PowerShell Security configured (see below)
  4. vSphere PowerCLI 5.5 (available here)
  5. Remote signed scripts allowed to run by running PowerShell as admin then the below cmd:
    “set-executionpolicy remotesigned”
  6. Ignore invalid certificate option set ignore to speed up connect-viserver operations by running PowerShell as admin then the below cmd:
    “set-PowerCLIConfiguration -invalidCertificateAction “ignore” -confirm:$false”

Read more of this post