From 1a014b36fa3ed999c7a5a31e5295bbdb62ddf998 Mon Sep 17 00:00:00 2001 From: Maik Stuebner Date: Tue, 17 Nov 2020 12:10:58 +0100 Subject: [PATCH 1/4] add Configuration for vDPorts and pester tests --- ReadMe.md | 6 +- Update-ThisModuleManifest.ps1 | 2 +- docs/examples.md | 13 + testing/vNugglets.VDNetworking.Tests.ps1 | 307 ++++++++++++++++++ testing/vNugglets.VDNetworking.Tests_Get.ps1 | 51 --- vNugglets.VDNetworking/GetItems.ps1 | 100 ++++-- vNugglets.VDNetworking/RemoveItems.ps1 | 11 +- vNugglets.VDNetworking/SetItems.ps1 | 38 ++- .../about_vNugglets.VDNetworking.help.txt | 2 +- .../vNugglets.VDNetworking.format.ps1xml | 2 + .../vNugglets.VDNetworking.psd1 | 2 +- ...vNugglets.VDNetworking_ClassDefinition.ps1 | 11 +- ...glets.VDNetworking_SupportingFunctions.ps1 | 197 ++++++++--- 13 files changed, 589 insertions(+), 153 deletions(-) create mode 100644 testing/vNugglets.VDNetworking.Tests.ps1 delete mode 100644 testing/vNugglets.VDNetworking.Tests_Get.ps1 diff --git a/ReadMe.md b/ReadMe.md index c835c60..6691466 100644 --- a/ReadMe.md +++ b/ReadMe.md @@ -11,12 +11,12 @@ Contents: This PowerShell module provides functionality to automate the management of VMware vSphere virtual distributed networking items for which VMware PowerCLI does not already provide support. For example, for the reporting on-, creation of-, and removal of traffic filtering and marking rules at the vDPortgroup level. Another capability: managing the VDUplink of which a VMHost VMNIC is a part. Some of the functionality provided by the cmdlets in this module: -- Get VDPortgroup traffic policy +- Get VDPortgroup and VDPort traffic policy - Get traffic policy rules - Get traffic policy rule qualifiers - Create traffic policy rule qualifiers, for use in creation of new policy rules -- Create new traffic rules for the ruleset for the given vDPortgroup -- Remove given traffic rule(s) from a vDPortgroup +- Create new traffic rules for the ruleset for the given vDPortgroup or vDPort +- Remove given traffic rule(s) from a vDPortgroup or vDPort - Set the VDSwitch Uplink for a VMHost physical NIC ("VMNIC") on the VDSwitch of which the VMNIC is already a part diff --git a/Update-ThisModuleManifest.ps1 b/Update-ThisModuleManifest.ps1 index 7b3f566..d59ac3f 100644 --- a/Update-ThisModuleManifest.ps1 +++ b/Update-ThisModuleManifest.ps1 @@ -33,7 +33,7 @@ begin { RequiredModules = "VMware.VimAutomation.Vds" RootModule = "${strModuleName}_ModRoot.psm1" ScriptsToProcess = "${strModuleName}_init.ps1", "${strModuleName}_ClassDefinition.ps1" - Tags = Write-Output vNugglets VMware vSphere PowerCLI VDPortGroup TrafficFiltering Filter Filtering TrafficMarking Mark Marking VDSwitch Uplink VDUplink VMHostNetworkAdapater VMNIC + Tags = Write-Output vNugglets VMware vSphere PowerCLI VDPortGroup VDPort TrafficFiltering Filter Filtering TrafficMarking Mark Marking VDSwitch Uplink VDUplink VMHostNetworkAdapater VMNIC # Verbose = $true } ## end hashtable diff --git a/docs/examples.md b/docs/examples.md index 0cdd565..b8fd9d2 100644 --- a/docs/examples.md +++ b/docs/examples.md @@ -15,6 +15,9 @@ Get-VDSwitch -Name myVDSw0 | Get-VDPortGroup -Name myVDPG0 | Get-VNVDTrafficFilt ## Get traffic rules whose name is like "myTestRule*" Get-VDSwitch -Name myVDSw0 | Get-VDPortGroup -Name myVDPG0 | Get-VNVDTrafficFilterPolicyConfig | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule myTestRule* + +## Get the traffic rules from the TrafficeRuleset, which was gotten from the vDP's TrafficFilterPolicyConfig +Get-VDSwitch -Name myVDSw0 | Get-VDPortGroup -Name myVDPG0 | Get-Port 123 | Get-VNVDTrafficFilterPolicyConfig | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule ``` #### `Get-VNVDTrafficRuleAction`: Get the VDTrafficRule Action for the TrafficRule from the given VDTrafficFilterPolicy configuration from VDPortgroup(s) @@ -107,6 +110,16 @@ Get-VDSwitch -Name myVDSw0 | Get-VDPortGroup -Name myVDPG0 | Get-VNVDTrafficFilt Get-VDSwitch -Name myVDSw0 | Get-VDPortGroup -Name myVDPG0 | Get-VNVDTrafficRuleSet | Set-VNVDTrafficRuleSet -Enabled:$false ``` +#### `New-VNVDTrafficRule`: Make new Traffic Rule and add it to the given Traffic Ruleset of a vDPort traffic filter policy + +```PowerShell +## Override to the given TrafficRuleset from the given vDPort. Then you can configure it. +Get-VDPortGroup myVDPG0 | Get-Port 123 | Get-VNVDTrafficRuleSet | Set-VNVDTrafficRuleSet -Override:$true + +## Create a new Traffic Rule that has two Qualifiers and add it to the given TrafficRuleset from the given vDPortgroup. The new Traffic Rule adds a DSCP tag with value 8 to VM traffic from given source IP +Get-VDPortGroup myVDPG0 | Get-Port 123 | Get-VNVDTrafficRuleSet | New-VNVDTrafficRule -Name "Apply DSCP tag to VM traffic from given address" -Action (New-VNVDTrafficRuleAction -DscpTag 8) -Qualifier (New-VNVDTrafficRuleQualifier -SystemTrafficType virtualMachine), (New-VNVDTrafficRuleQualifier -SourceIpAddress 172.16.1.2) -Direction outgoingPackets +``` + #### `Set-VNVMHostNetworkAdapterVDUplink`: Set the VDSwitch Uplink for a VMHost physical NIC ("VMNIC") on the VDSwitch of which the VMNIC is already a part ```PowerShell diff --git a/testing/vNugglets.VDNetworking.Tests.ps1 b/testing/vNugglets.VDNetworking.Tests.ps1 new file mode 100644 index 0000000..f9a9176 --- /dev/null +++ b/testing/vNugglets.VDNetworking.Tests.ps1 @@ -0,0 +1,307 @@ +<# .Description + Pester tests for vNugglets.VDNetworking PowerShell module. Expects that: + 0) vNugglets.VDNetworking module is already loaded (but, will try to load it if not) + 1) a connection to at least one vCenter is in place (but, will prompt for vCenter to which to connect if not) + + .Example + Invoke-Pester -Script @{Path = '\\some\path\vNuggletsPSMod_VDNetworking\testing\vNugglets.VDNetworking.Tests_Get.ps1'; Parameters = @{Datacenter = "myFavoriteDatacenter"}} + Invokes the tests in said Tests script, passing the given Datacenter parameter value, to be used for the cluster-specific tests +#> + +## initialize things, preparing for tests +$oDatacenterToUse = & $PSScriptRoot\vNugglets.VDNetworking.TestingInit.ps1 -Datacenter $Datacenter +$strGuidForThisTest = (New-Guid).Guid + +## create a new VDSwitch on which to test +$oTestVDSwitch = New-VDSwitch -Name "vNuggsTestVDS_toDelete_${strGuidForThisTest}" -Location $oDatacenterToUse -Verbose + +## create a new vDPortgroup +$oTestVDPG = New-VDPortgroup -VDSwitch $oTestVDSwitch -Name "vNuggsTestVDPG_toDelete_${strGuidForThisTest}" -Notes "testing vDPG" -Verbose + +## allow to config TrafficFilter on vDPort +$specDVPortgroupConfigSpec = New-Object -Type VMware.Vim.DVPortgroupConfigSpec -Property @{ + ConfigVersion = $oTestVDPG.ExtensionData.Config.ConfigVersion + Policy = $oTestVDPG.ExtensionData.Config.Policy +} ## end new-object +$specDVPortgroupConfigSpec.Policy.TrafficFilterOverrideAllowed = $true +$oTestVDPG.ExtensionData.ReconfigureDVPortgroup($specDVPortgroupConfigSpec) + +## get first vDPort +$oTestVDP = Get-VDPort -VDPortgroup $oTestVDPG | Select-Object -First 1 +$oTestVDP2 = Get-VDPort -VDPortgroup $oTestVDPG | Select-Object -First 1 -Skip 1 + +# Fill the Testcases with the values +$TestCasesVDP = @() +$TestCasesVDPG = @() +$TestCasesAll = @() +# $oTestVDP | ForEach-Object { $TestCasesAll += @{oTestVDthing = $_} } +$oTestVDPG | ForEach-Object { $TestCasesVDPG += @{oTestVDthing = $_} } +$oTestVDP | ForEach-Object { $TestCasesVDP += @{oTestVDthing = $_} } +$oTestVDP, $oTestVDPG, $oTestVDP2 | ForEach-Object { $TestCasesAll += @{oTestVDthing = $_} } + +Describe 'vNuggletsVDNetworking' { + Context "vDPort" -Tag "vDPort" { + It "get Traffic Fileter Policy config - " -TestCases $TestCasesVDP { + Param($oTestVDthing) + $oTestVDthing | Should -Not -BeNullOrEmpty + $oTestVDTrafficFilterPolicyConfig = $oTestVDthing | Get-VNVDTrafficFilterPolicyConfig + $oTestVDTrafficFilterPolicyConfig | Should -Not -BeNullOrEmpty + $oTestVDTrafficFilterPolicyConfig | Should -BeOfType "VNVDTrafficFilterPolicyConfig" + $oTestVDTrafficFilterPolicyConfig.Count | Should -Be 1 + $oTestVDTrafficFilterPolicyConfig.TrafficFilterPolicyConfig | Should -BeNullOrEmpty + } ## end It + + It "get TrafficRuleSet (should be disabled) - " -TestCases $TestCasesVDP { + Param($oTestVDthing) + $oTestVDTrafficRuleSet = $oTestVDthing | Get-VNVDTrafficRuleSet + $oTestVDTrafficRuleSet | Should -Not -BeNullOrEmpty + $oTestVDTrafficRuleSet.VDPortView | Should -Not -BeNullOrEmpty + $oTestVDTrafficRuleSet.TrafficRulesetEnabled | Should -BeFalse + } ## end It + + It "get TrafficRule (should be 0) - " -TestCases $TestCasesVDP { + Param($oTestVDthing) + $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule + $oTestVDTrafficRule | Should -BeNullOrEmpty + } ## end It + + It "Override FilterConfig on Port - " -TestCases $TestCasesVDP { + Param($oTestVDthing) + $oTestVDTrafficRuleSet = $oTestVDthing | Get-VNVDTrafficRuleSet | Set-VNVDTrafficRuleSet -Override:$true -Confirm:$false + $oTestVDTrafficRuleSet | Should -Not -BeNullOrEmpty + $oTestVDTrafficFilterPolicyConfig = $oTestVDthing | Get-VNVDTrafficFilterPolicyConfig + $oTestVDTrafficFilterPolicyConfig.TrafficFilterPolicyConfig.Inherited | Should -BeFalse + } ## end It + + It "create three TrafficRules - " -TestCases $TestCasesVDP { + Param($oTestVDthing) + $strTestSuffix = "_$($oTestVDthing.Key)" + + $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | New-VNVDTrafficRule -Name "testRule0_toDelete${strTestSuffix}" -Action (New-VNVDTrafficRuleAction -Allow) -Direction both -Qualifier (New-VNVDTrafficRuleQualifier -SystemTrafficType faultTolerance -NegateSystemTrafficType), (New-VNVDTrafficRuleQualifier -SourceIpAddress 172.16.10.0/24 -DestinationIpAddress 10.0.0.0/8 -SourceIpPort 443-444) + $oTestVDTrafficRule | Should -Not -BeNullOrEmpty + $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | New-VNVDTrafficRule -Name "testRule1_toDelete${strTestSuffix}" -Action (New-VNVDTrafficRuleAction -QosTag 5 -DscpTag 23) -Direction both -Qualifier (New-VNVDTrafficRuleQualifier -SystemTrafficType vsan) + $oTestVDTrafficRule | Should -Not -BeNullOrEmpty + $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | New-VNVDTrafficRule -Name "testRule2_toDelete${strTestSuffix}" -Action (New-VNVDTrafficRuleAction -QosTag 7 -DscpTag 30) -Direction both -Qualifier (New-VNVDTrafficRuleQualifier -SystemTrafficType vdp), (New-VNVDTrafficRuleQualifier -DestinationIpAddress 172.16.100.0/24) + $oTestVDTrafficRule | Should -Not -BeNullOrEmpty + } ## end It + + It "get TrafficRuleSet (should have three TrafficRules) - " -TestCases $TestCasesVDP { + Param($oTestVDthing) + $oTestVDTrafficRuleSet = $oTestVDthing | Get-VNVDTrafficRuleSet + $oTestVDTrafficRuleSet | Should -Not -BeNullOrEmpty + $oTestVDTrafficRuleSet.NumTrafficRule | Should -Be 3 + } ## end It + + It "enable the TrafficRuleSet - " -TestCases $TestCasesVDP { + Param($oTestVDthing) + $oTestVDTrafficRuleSet = $oTestVDthing | Get-VNVDTrafficRuleSet | Set-VNVDTrafficRuleSet -Enabled -Confirm:$false + $oTestVDTrafficRuleSet | Should -Not -BeNullOrEmpty + } ## end It + + It "get TrafficRules (should be three) - " -TestCases $TestCasesVDP { + Param($oTestVDthing) + $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule + $oTestVDTrafficRule.Count | Should -Be 3 + } ## end It + + It "remove two TrafficRules - " -TestCases $TestCasesVDP { + Param($oTestVDthing) + $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule | Select-Object -Last 2 | Remove-VNVDTrafficRule -Confirm:$false + $oTestVDTrafficRule | Should -BeNullOrEmpty + } ## end It + + It "get TrafficRuleSet (should have one TrafficRule) - " -TestCases $TestCasesVDP { + Param($oTestVDthing) + $oTestVDTrafficRuleSet = $oTestVDthing | Get-VNVDTrafficRuleSet + $oTestVDTrafficRuleSet.NumTrafficRule | Should -Be 1 + } ## end It + + It "get TrafficRules (should be one) - " -TestCases $TestCasesVDP { + Param($oTestVDthing) + $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule + $oTestVDTrafficRule.Count | Should -Be 1 + } ## end It + + It "Remove Override FilterConfig on Port - " -TestCases $TestCasesVDP { + Param($oTestVDthing) + $oTestVDTrafficRuleSet = $oTestVDthing | Get-VNVDTrafficRuleSet | Set-VNVDTrafficRuleSet -Override:$false -Confirm:$false + $oTestVDTrafficRuleSet | Should -Not -BeNullOrEmpty + $oTestVDTrafficFilterPolicyConfig = $oTestVDthing | Get-VNVDTrafficFilterPolicyConfig + $oTestVDTrafficFilterPolicyConfig.Count | Should -Be 1 + $oTestVDTrafficFilterPolicyConfig.TrafficFilterPolicyConfig | Should -BeNullOrEmpty + } ## end It + + It "get TrafficRules (should be 0) - " -TestCases $TestCasesVDP { + Param($oTestVDthing) + $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule + $oTestVDTrafficRule.Count | Should -Be 0 + } ## end It + } ## end Context + + Context "vDPortgroup" -Tag "vDPortgroup" { + It "get Traffic Fileter Policy config - " -TestCases $TestCasesVDPG { + Param($oTestVDthing) + $oTestVDthing | Should -Not -BeNullOrEmpty + $oTestVDTrafficFilterPolicyConfig = $oTestVDthing | Get-VNVDTrafficFilterPolicyConfig + $oTestVDTrafficFilterPolicyConfig | Should -Not -BeNullOrEmpty + $oTestVDTrafficFilterPolicyConfig | Should -BeOfType "VNVDTrafficFilterPolicyConfig" + $oTestVDTrafficFilterPolicyConfig.Count | Should -Be 1 + $oTestVDTrafficFilterPolicyConfig.TrafficFilterPolicyConfig | Should -BeNullOrEmpty + } ## end It + + It "get TrafficRuleSet (should be disabled) - " -TestCases $TestCasesVDPG { + Param($oTestVDthing) + $oTestVDTrafficRuleSet = $oTestVDthing | Get-VNVDTrafficRuleSet + $oTestVDTrafficRuleSet | Should -Not -BeNullOrEmpty + $oTestVDTrafficRuleSet.VDPortgroupView | Should -Not -BeNullOrEmpty + $oTestVDTrafficRuleSet.TrafficRulesetEnabled | Should -BeFalse + } ## end It + + It "get TrafficRule (should be 0) - " -TestCases $TestCasesVDPG { + Param($oTestVDthing) + $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule + $oTestVDTrafficRule | Should -BeNullOrEmpty + } ## end It + + It "create three TrafficRules - " -TestCases $TestCasesVDPG { + Param($oTestVDthing) + $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | New-VNVDTrafficRule -Name "testRule0_toDelete${strTestSuffix}" -Action (New-VNVDTrafficRuleAction -Allow) -Direction both -Qualifier (New-VNVDTrafficRuleQualifier -SystemTrafficType faultTolerance -NegateSystemTrafficType), (New-VNVDTrafficRuleQualifier -SourceIpAddress 172.16.10.0/24 -DestinationIpAddress 10.0.0.0/8 -SourceIpPort 443-444) + $oTestVDTrafficRule | Should -Not -BeNullOrEmpty + $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | New-VNVDTrafficRule -Name "testRule1_toDelete${strTestSuffix}" -Action (New-VNVDTrafficRuleAction -QosTag 5 -DscpTag 23) -Direction both -Qualifier (New-VNVDTrafficRuleQualifier -SystemTrafficType vsan) + $oTestVDTrafficRule | Should -Not -BeNullOrEmpty + $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | New-VNVDTrafficRule -Name "testRule2_toDelete${strTestSuffix}" -Action (New-VNVDTrafficRuleAction -QosTag 7 -DscpTag 30) -Direction both -Qualifier (New-VNVDTrafficRuleQualifier -SystemTrafficType vdp), (New-VNVDTrafficRuleQualifier -DestinationIpAddress 172.16.100.0/24) + $oTestVDTrafficRule | Should -Not -BeNullOrEmpty + } ## end It + + It "get TrafficRuleSet (should have three TrafficRules) - " -TestCases $TestCasesVDPG { + Param($oTestVDthing) + $oTestVDTrafficRuleSet = $oTestVDthing | Get-VNVDTrafficRuleSet + $oTestVDTrafficRuleSet | Should -Not -BeNullOrEmpty + $oTestVDTrafficRuleSet.NumTrafficRule | Should -Be 3 + } ## end It + + It "enable the TrafficRuleSet - " -TestCases $TestCasesVDPG { + Param($oTestVDthing) + $oTestVDTrafficRuleSet = $oTestVDthing | Get-VNVDTrafficRuleSet | Set-VNVDTrafficRuleSet -Enabled -Confirm:$false + $oTestVDTrafficRuleSet | Should -Not -BeNullOrEmpty + } ## end It + + It "get TrafficRules (should be three) - " -TestCases $TestCasesVDPG { + Param($oTestVDthing) + $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule + $oTestVDTrafficRule.Count | Should -Be 3 + } ## end It + + It "remove two TrafficRules - " -TestCases $TestCasesVDPG { + Param($oTestVDthing) + $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule | Select-Object -Last 2 | Remove-VNVDTrafficRule -Confirm:$false + $oTestVDTrafficRule | Should -BeNullOrEmpty + } ## end It + + It "get TrafficRuleSet (should have one TrafficRule) - " -TestCases $TestCasesVDPG { + Param($oTestVDthing) + $oTestVDTrafficRuleSet = $oTestVDthing | Get-VNVDTrafficRuleSet + $oTestVDTrafficRuleSet.NumTrafficRule | Should -Be 1 + } ## end It + + It "get TrafficRules (should be one) - " -TestCases $TestCasesVDPG { + Param($oTestVDthing) + $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule + $oTestVDTrafficRule.Count | Should -Be 1 + } ## end It + } ## end Context + + ## Do not configure portgroup to prevent a destroyed config + ## (you can also destroy the congig without code in the WebUI...) + # Context "vDPortgroup and vDPorts mixed" -Tag "Mix" -Skip { + # It "get Traffic Fileter Policy config - " -TestCases $TestCasesAll { + # Param($oTestVDthing) + # $oTestVDthing | Should -Not -BeNullOrEmpty + # $oTestVDTrafficFilterPolicyConfig = $oTestVDthing | Get-VNVDTrafficFilterPolicyConfig + # $oTestVDTrafficFilterPolicyConfig | Should -Not -BeNullOrEmpty + # $oTestVDTrafficFilterPolicyConfig | Should -BeOfType "VNVDTrafficFilterPolicyConfig" + # } ## end It + + # It "get TrafficRuleSet (should be disabled) - " -TestCases $TestCasesAll { + # Param($oTestVDthing) + # $oTestVDTrafficRuleSet = $oTestVDthing | Get-VNVDTrafficRuleSet + # $oTestVDTrafficRuleSet | Should -Not -BeNullOrEmpty + # # $oTestVDTrafficRuleSet.VDPortgroupView | Should -Not -BeNullOrEmpty + # $oTestVDTrafficRuleSet.TrafficRulesetEnabled | Should -BeFalse + # } ## end It + + # It "get TrafficRule (should be 0) - " -TestCases $TestCasesAll { + # Param($oTestVDthing) + # $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule + # $oTestVDTrafficRule | Should -BeNullOrEmpty + # } ## end It + + # It "create three TrafficRules - " -TestCases $TestCasesAll { + # Param($oTestVDthing) + # if ($oTestVDthing.GetType().Name -eq "VDPortImpl") { + # $strTestSuffix = "_$($oTestVDthing.Key)" + # $oTestVDTrafficRuleSet = $oTestVDthing | Get-VNVDTrafficRuleSet | Set-VNVDTrafficRuleSet -Override:$true -Confirm:$false + # $oTestVDTrafficRuleSet | Should -Not -BeNullOrEmpty + # $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule | Remove-VNVDTrafficRule -Confirm:$false + # } + # $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | New-VNVDTrafficRule -Name "testRule0_toDelete${strTestSuffix}" -Action (New-VNVDTrafficRuleAction -Allow) -Direction both -Qualifier (New-VNVDTrafficRuleQualifier -SystemTrafficType faultTolerance -NegateSystemTrafficType), (New-VNVDTrafficRuleQualifier -SourceIpAddress 172.16.10.0/24 -DestinationIpAddress 10.0.0.0/8 -SourceIpPort 443-444) + # $oTestVDTrafficRule | Should -Not -BeNullOrEmpty + # $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | New-VNVDTrafficRule -Name "testRule1_toDelete${strTestSuffix}" -Action (New-VNVDTrafficRuleAction -QosTag 5 -DscpTag 23) -Direction both -Qualifier (New-VNVDTrafficRuleQualifier -SystemTrafficType vsan) + # $oTestVDTrafficRule | Should -Not -BeNullOrEmpty + # $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | New-VNVDTrafficRule -Name "testRule2_toDelete${strTestSuffix}" -Action (New-VNVDTrafficRuleAction -QosTag 7 -DscpTag 30) -Direction both -Qualifier (New-VNVDTrafficRuleQualifier -SystemTrafficType vdp), (New-VNVDTrafficRuleQualifier -DestinationIpAddress 172.16.100.0/24) + # $oTestVDTrafficRule | Should -Not -BeNullOrEmpty + # } ## end It + + # It "get Override of Ports - " -TestCases $TestCasesVDP { + # Param($oTestVDthing) + # $oTestVDTrafficFilterPolicyConfig = $oTestVDthing | Get-VNVDTrafficFilterPolicyConfig + # $oTestVDTrafficFilterPolicyConfig.TrafficFilterPolicyConfig.Inherited | Should -BeFalse + # } ## end It + + # It "get TrafficRuleSet (should have three TrafficRules) - " -TestCases $TestCasesAll { + # Param($oTestVDthing) + # $oTestVDTrafficRuleSet = $oTestVDthing | Get-VNVDTrafficRuleSet + # $oTestVDTrafficRuleSet | Should -Not -BeNullOrEmpty + # $oTestVDTrafficRuleSet.NumTrafficRule | Should -Be 3 + # } ## end It + + # It "enable the TrafficRuleSet - " -TestCases $TestCasesAll { + # Param($oTestVDthing) + # $oTestVDTrafficRuleSet = $oTestVDthing | Get-VNVDTrafficRuleSet | Set-VNVDTrafficRuleSet -Enabled -Confirm:$false + # $oTestVDTrafficRuleSet | Should -Not -BeNullOrEmpty + # } ## end It + + # It "get TrafficRules (should be three) - " -TestCases $TestCasesAll { + # Param($oTestVDthing) + # $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule + # $oTestVDTrafficRule.Count | Should -Be 3 + # } ## end It + + # It "remove two TrafficRules - " -TestCases $TestCasesAll { + # Param($oTestVDthing) + # $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule | Select-Object -Last 2 | Remove-VNVDTrafficRule -Confirm:$false + # $oTestVDTrafficRule | Should -BeNullOrEmpty + # } ## end It + + # It "get TrafficRuleSet (should have one TrafficRule) - " -TestCases $TestCasesAll { + # Param($oTestVDthing) + # $oTestVDTrafficRuleSet = $oTestVDthing | Get-VNVDTrafficRuleSet + # $oTestVDTrafficRuleSet.NumTrafficRule | Should -Be 1 + # } ## end It + + # It "get TrafficRules (should be one) - " -TestCases $TestCasesAll { + # Param($oTestVDthing) + # $oTestVDTrafficRule = $oTestVDthing | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule + # $oTestVDTrafficRule.Count | Should -Be 1 + # } ## end It + # } ## end Context + + Context "CleanUp" -Tag "CleanUp" { + It "get TrafficRules (should be one) - " -TestCases $TestCasesVDPG -Tag "CleanUp" { + Param($oTestVDthing) + $oTestVDthing.VDSwitch | Remove-VDSwitch -Confirm:$false -Verbose + } ## end It + } ## end Context + +} ## end Describe + diff --git a/testing/vNugglets.VDNetworking.Tests_Get.ps1 b/testing/vNugglets.VDNetworking.Tests_Get.ps1 deleted file mode 100644 index 6b33664..0000000 --- a/testing/vNugglets.VDNetworking.Tests_Get.ps1 +++ /dev/null @@ -1,51 +0,0 @@ -<# .Description - Pester tests for vNugglets.VDNetworking PowerShell module. Expects that: - 0) vNugglets.VDNetworking module is already loaded (but, will try to load it if not) - 1) a connection to at least one vCenter is in place (but, will prompt for vCenter to which to connect if not) - - .Example - Invoke-Pester -Script @{Path = '\\some\path\vNuggletsPSMod_VDNetworking\testing\vNugglets.VDNetworking.Tests_Get.ps1'; Parameters = @{Datacenter = "myFavoriteDatacenter"}} - Invokes the tests in said Tests script, passing the given Datacenter parameter value, to be used for the cluster-specific tests -#> -param ( - ## Name of the vCenter cluster to use in the vNugglets.VDNetworking testing - [parameter(Mandatory=$true)][string]$Datacenter -) - -## initialize things, preparing for tests -$oDatacenterToUse = & $PSScriptRoot\vNugglets.VDNetworking.TestingInit.ps1 -Datacenter $Datacenter -$strGuidForThisTest = (New-Guid).Guid - -## create a new VDSwitch on which to test -$oTestVDSwitch = New-VDSwitch -Name "vNuggsTestVDS_toDelete_${strGuidForThisTest}" -Location $oDatacenterToUse -Verbose - -## create a new vDPortgroup -$oTestVDPG = New-VDPortgroup -VDSwitch $oTestVDSwitch -Name "vNuggsTestVDPG_toDelete_${strGuidForThisTest}" -Notes "testing vDPG" -Verbose - -<# tests - - get Traffic Fileter Policy config - $oTestVDPG | Get-VNVDTrafficFilterPolicyConfig - - get TrafficRuleSet (should be disabled) - $oTestVDPG | Get-VNVDTrafficRuleSet - - get TrafficRule (should be 0) - $oTestVDPG | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule - - create three TrafficRules - $oTestVDPG | Get-VNVDTrafficRuleSet | New-VNVDTrafficRule -Name "testRule0_toDelete_${strGuidForThisTest}" -Action (New-VNVDTrafficRuleAction -Allow) -Direction both -Qualifier (New-VNVDTrafficRuleQualifier -SystemTrafficType faultTolerance -NegateSystemTrafficType), (New-VNVDTrafficRuleQualifier -SourceIpAddress 172.16.10.0/24 -DestinationIpAddress 10.0.0.0/8 -SourceIpPort 443-444) - $oTestVDPG | Get-VNVDTrafficRuleSet | New-VNVDTrafficRule -Name "testRule1_toDelete_${strGuidForThisTest}" -Action (New-VNVDTrafficRuleAction -QosTag 5 -DscpTag 23) -Direction both -Qualifier (New-VNVDTrafficRuleQualifier -SystemTrafficType vsan) - $oTestVDPG | Get-VNVDTrafficRuleSet | New-VNVDTrafficRule -Name "testRule2_toDelete_${strGuidForThisTest}" -Action (New-VNVDTrafficRuleAction -QosTag 7 -DscpTag 30) -Direction both -Qualifier (New-VNVDTrafficRuleQualifier -SystemTrafficType vdp), (New-VNVDTrafficRuleQualifier -DestinationIpAddress 172.16.100.0/24) - - get TrafficRuleSet (should have three TrafficRules) - $oTestVDPG | Get-VNVDTrafficRuleSet - - enable the TrafficRuleSet - $oTestVDPG | Get-VNVDTrafficRuleSet | Set-VNVDTrafficRuleSet -Enabled - - get TrafficRules (should be three) - $oTestVDPG | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule | Measure-Object - - remove two TrafficRules - $oTestVDPG | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule | Select-Object -Last 2 | Remove-VNVDTrafficRule - - get TrafficRuleSet (should have one TrafficRule) - $oTestVDPG | Get-VNVDTrafficRuleSet - - get TrafficRules (should be one) - $oTestVDPG | Get-VNVDTrafficRuleSet | Get-VNVDTrafficRule | Measure-Object -#> - -## remove the VDSwitch when done -$oTestVDSwitch | Remove-VDSwitch -Verbose diff --git a/vNugglets.VDNetworking/GetItems.ps1 b/vNugglets.VDNetworking/GetItems.ps1 index 338dac8..ca34e33 100644 --- a/vNugglets.VDNetworking/GetItems.ps1 +++ b/vNugglets.VDNetworking/GetItems.ps1 @@ -13,17 +13,47 @@ function Get-VNVDTrafficFilterPolicyConfig { [OutputType([VNVDTrafficFilterPolicyConfig])] param ( ## The virtual distributed portgroup for which to get the traffic filtering and marking policy configuration - [parameter(Mandatory=$true, ValueFromPipeline=$true)][VMware.VimAutomation.Vds.Types.V1.VmwareVDPortgroup[]]$VDPortgroup + [parameter(Mandatory=$true, ValueFromPipeline=$true, ParameterSetName = 'ByVDPortgroup')][VMware.VimAutomation.Vds.Types.V1.VmwareVDPortgroup[]]$VDPortgroup, + + ## The View object for the virtual distributed portgroup for which to get the traffic filtering and marking policy configuration + [parameter(Mandatory = $true, ValueFromPipeline = $true, ParameterSetName = "ByVDPortGroupView")][VMware.Vim.DistributedVirtualPortgroup[]]$VDPortgroupView, + + ## The virtual distributed port for which to get the traffic filtering and marking policy configuration + [parameter(Mandatory = $true, ValueFromPipeline = $true, ParameterSetName = 'ByVDPort')][VMware.VimAutomation.Vds.Types.V1.VDPort[]]$VDPort, + + ## The View object for the virtual distributed port for which to get the traffic filtering and marking policy configuration + [parameter(Mandatory=$true, ValueFromPipeline=$true, ParameterSetName="ByVDPortView")][VMware.Vim.DistributedVirtualPort[]]$VDPortView ) ## end param process { - $VDPortgroup | Foreach-Object { - $oThisVDPG = $_ - New-Object -Type VNVDTrafficFilterPolicyConfig -Property @{ - TrafficFilterPolicyConfig = $oThisVDPG.ExtensionData.Config.DefaultPortConfig.FilterPolicy.FilterConfig - VDPortgroupView = $oThisVDPG.ExtensionData - } ## end new-object - } ## end foreach-object + Switch ($PSCmdlet.ParameterSetName) { + {"ByVDPortGroup", "ByVDPortGroupView" -contains $_} { + ## get the View objects over which to iterate (either the .ExtensionData) + $(if ($PSCmdlet.ParameterSetName -eq "ByVDPortGroup") {$VDPortgroup | Foreach-Object {$_.ExtensionData}} else {$VDPortgroupView}) | Foreach-Object { + ## update the ViewData for this vDPG, just to be sure that all is current + $oThisVDPGView = $_; $oThisVDPGView.UpdateViewData("Config") + New-Object -Type VNVDTrafficFilterPolicyConfig -Property @{ + TrafficFilterPolicyConfig = $oThisVDPGView.Config.DefaultPortConfig.FilterPolicy.FilterConfig + VDPortgroupView = $oThisVDPGView + } ## end new-object + } ## end foreach-object + } ## end case + + {"ByVDPort", "ByVDPortView" -contains $_} { + ## get the View objects over which to iterate (either the .ExtensionData) + $(if ($PSCmdlet.ParameterSetName -eq "ByVDPort") {$VDPort | Foreach-Object {$_.ExtensionData}} else {$VDPortView}) | Foreach-Object { + ## update the ViewData for this vDP, just to be sure that all is current + ## UpdateViewData not exist on port, so we have to take the long way + $oThisVDPView = (Get-VDPort -VDPortgroup (Get-VDPortgroup -Id "DistributedVirtualPortgroup-$($_.PortgroupKey)") -Key $_.Key).ExtensionData + $oThisVDPView.Config.Setting.FilterPolicy.FilterConfig | ForEach-Object { + New-Object -Type VNVDTrafficFilterPolicyConfig -Property @{ + TrafficFilterPolicyConfig = $_ + VDPortView = $oThisVDPView + } ## end new-object + } ## end foreach-object + } ## end foreach-object + } ## end case + } ## end switch } ## end process } ## end fn @@ -54,39 +84,36 @@ function Get-VNVDTrafficRuleSet { [parameter(Mandatory=$true, ValueFromPipeline=$true, ParameterSetName="ByVDPortGroup")][VMware.VimAutomation.Vds.Types.V1.VmwareVDPortgroup[]]$VDPortgroup, ## The View object for the virtual distributed portgroup for which to get the traffic ruleset - [parameter(Mandatory=$true, ValueFromPipeline=$true, ParameterSetName="ByVDPortGroupView")][VMware.Vim.DistributedVirtualPortgroup[]]$VDPortgroupView + [parameter(Mandatory=$true, ValueFromPipeline=$true, ParameterSetName="ByVDPortGroupView")][VMware.Vim.DistributedVirtualPortgroup[]]$VDPortgroupView, + + ## The virtual distributed port for which to get the traffic ruleset + [parameter(Mandatory=$true, ValueFromPipeline=$true, ParameterSetName="ByVDPort")][VMware.VimAutomation.Vds.Types.V1.VDPort[]]$VDPort, + + ## The View object for the virtual distributed port for which to get the traffic ruleset + [parameter(Mandatory=$true, ValueFromPipeline=$true, ParameterSetName="ByVDPortView")][VMware.Vim.DistributedVirtualPort[]]$VDPortView ) ## end param process { + # get the traffic filtering and marking policy configuration from portgroup or port Switch ($PSCmdlet.ParameterSetName) { - "ByTrafficFilterPolicyConfig" { - $TrafficFilterPolicyConfig | Foreach-Object { - New-Object -Type VNVDTrafficRuleSet -Property @{ - TrafficRuleset = $_.TrafficFilterPolicyConfig.TrafficRuleset - TrafficRulesetEnabled = $_.TrafficFilterPolicyConfig.TrafficRuleset.Enabled - NumTrafficRule = ($_.TrafficFilterPolicyConfig.TrafficRuleset.Rules | Measure-Object).Count - VDPortgroupView = $_.VDPortgroupView - } ## end new-object - } ## end foreach-object - break - } ## end case - - {"ByVDPortGroup", "ByVDPortGroupView" -contains $_} { - ## get the View objects over which to iterate (either the .ExtensionData) - $(if ($PSCmdlet.ParameterSetName -eq "ByVDPortGroup") {$VDPortgroup | Foreach-Object {$_.ExtensionData}} else {$VDPortgroupView}) | Foreach-Object { - ## update the ViewData for this vDPG, just to be sure that all is current - $oThisVDPGView = $_; $oThisVDPGView.UpdateViewData("Config") - $oThisVDPGView.Config.DefaultPortConfig.FilterPolicy.FilterConfig | Foreach-Object { - New-Object -Type VNVDTrafficRuleSet -Property @{ - TrafficRuleset = $_.TrafficRuleset - TrafficRulesetEnabled = $_.TrafficRuleset.Enabled - NumTrafficRule = ($_.TrafficRuleset.Rules | Measure-Object).Count - VDPortgroupView = $oThisVDPGView - } ## end new-object - } ## end foreach-object - } ## end foreach-object - } ## end case + "ByVDPortGroup" { $TrafficFilterPolicyConfig = Get-VNVDTrafficFilterPolicyConfig -VDPortgroup $VDPortgroup } + "ByVDPortGroupView" { $TrafficFilterPolicyConfig = Get-VNVDTrafficFilterPolicyConfig -VDPortgroupView $VDPortgroupView } + "ByVDPort" { $TrafficFilterPolicyConfig = Get-VNVDTrafficFilterPolicyConfig -VDPort $VDPort } + "ByVDPortView" { $TrafficFilterPolicyConfig = Get-VNVDTrafficFilterPolicyConfig -VDPortView $VDPortView } } ## end switch + + $TrafficFilterPolicyConfig | Foreach-Object { + $oThisTrafficPolicyConfig = $_ + $_.TrafficFilterPolicyConfig | Foreach-Object { + New-Object -Type VNVDTrafficRuleSet -Property @{ + TrafficRuleset = $_.TrafficRuleset + TrafficRulesetEnabled = $_.TrafficRuleset.Enabled + NumTrafficRule = ($_.TrafficRuleset.Rules | Measure-Object).Count + VDPortgroupView = $oThisTrafficPolicyConfig.VDPortgroupView + VDPortView = $oThisTrafficPolicyConfig.VDPortView + } ## end new-object + } ## end foreach-object + } ## end foreach-object } ## end process } ## end function @@ -134,6 +161,7 @@ function Get-VNVDTrafficRule { Name = $oThisTrafficRule.Description TrafficRule = $oThisTrafficRule VDPortgroupView = $oThisTrafficRuleset.VDPortgroupView + VDPortView = $oThisTrafficRuleset.VDPortView VNVDTrafficRuleSet = $oThisTrafficRuleset } ## end new-object } ## end foreach-object diff --git a/vNugglets.VDNetworking/RemoveItems.ps1 b/vNugglets.VDNetworking/RemoveItems.ps1 index 76d34f4..974151a 100644 --- a/vNugglets.VDNetworking/RemoveItems.ps1 +++ b/vNugglets.VDNetworking/RemoveItems.ps1 @@ -31,16 +31,23 @@ function Remove-VNVDTrafficRule { end { ## Group the TrafficRules by vDPortgroup (by grouping by MoRef per vCenter), then reconfig each vDPortgroup to remove the given Rule(s) for that vDPortgroup's sole TrafficRuleset all at once - $arrlVNVDTrafficRulesToRemove | Group-Object -Property @{e={$_.VDPortgroupView.MoRef}}, @{e={$_.VDPortgroupView.Client.ServiceUrl}} | Foreach-Object { + $arrlVNVDTrafficRulesToRemove | Group-Object -Property @{e = {$_.VDPortgroupView.MoRef}}, @{e = {$_.VDPortView.MoRef}}, @{e = {$_.VDPortgroupView.Client.ServiceUrl}} | Foreach-Object { $oThisPSGroupInfoOfTrafficRules = $_ # The vDPortgroup with these TrafficRules (used in logging/reporting) $oVDPG_TheseRules = $oThisPSGroupInfoOfTrafficRules.Group[0].VDPortgroupView + # The vDPort with these TrafficRules (used in logging/reporting) + $oVDP_TheseRules = $oThisPSGroupInfoOfTrafficRules.Group[0].VDPortView # The VNVDTrafficRuleSet for these TrafficRules, to be used to remove the given TrafficRule(s) $oVNVDTrafficRuleset_TheseRules = $oThisPSGroupInfoOfTrafficRules.Group[0].VNVDTrafficRuleSet ## the VMware.Vim.DvsTrafficRule objects to remove from the given TrafficRuleset $arrDvsTrafficRulesToRemove = $oThisPSGroupInfoOfTrafficRules.Group.TrafficRule - $strMsgForShouldProcess_Target = "Traffic ruleset '{0}' on vDPortgroup '{1}'" -f $oVNVDTrafficRuleset_TheseRules.TrafficRuleset.Key, $oVDPG_TheseRules.Name + if ($null -ne $oVDPG_TheseRules) { + $strMsgForShouldProcess_Target = "Traffic ruleset '{0}' on vDPortgroup '{1}'" -f $oVNVDTrafficRuleset_TheseRules.TrafficRuleset.Key, $oVDPG_TheseRules.Name + } ## end if + else { + $strMsgForShouldProcess_Target = "Traffic ruleset '{0}' on vDPort '{1}'" -f $oVNVDTrafficRuleset_TheseRules.TrafficRuleset.Key, $oVDP_TheseRules.Key + } ## end else $intNumDvsTrafficRulesToRemove = ($arrDvsTrafficRulesToRemove | Measure-Object).Count $strMsgForShouldProcess_Action = "Remove {0} traffic rule{1} (of name{1} '{2}')" -f $intNumDvsTrafficRulesToRemove, $(if ($intNumDvsTrafficRulesToRemove -ne 1) {"s"}), ($arrDvsTrafficRulesToRemove.Description -join ", ") if ($PSCmdlet.ShouldProcess($strMsgForShouldProcess_Target, $strMsgForShouldProcess_Action)) { diff --git a/vNugglets.VDNetworking/SetItems.ps1 b/vNugglets.VDNetworking/SetItems.ps1 index 16a58be..e6af46f 100644 --- a/vNugglets.VDNetworking/SetItems.ps1 +++ b/vNugglets.VDNetworking/SetItems.ps1 @@ -20,20 +20,40 @@ function Set-VNVDTrafficRuleSet { [parameter(Mandatory=$true, ValueFromPipeline=$true)][VNVDTrafficRuleSet[]]$TrafficRuleSet, ## Switch: Enable the TrafficRuleSet(s)? And, use "-Enabled:$false" to disable TrafficRuleSet(s) - [Switch]$Enabled + [Switch]$Enabled, + + ## Switch: Override the TrafficRuleSet(s) from PortGroup? And, use "-Override:$false" to inherited TrafficRuleSet(s) + [Switch]$Override ) ## end param process { $TrafficRuleSet | Foreach-Object { $oThisVNVDTrafficRuleset = $_ - $strMsgForShouldProcess_Target = "Traffic ruleset '{0}' on vDPG '{1}'" -f $oThisVNVDTrafficRuleset.TrafficRuleset.Key, $oThisVNVDTrafficRuleset.VDPortgroupView.Name - $strMsgForShouldProcess_Action = "{0} ruleset" -f $(if ($Enabled) {"Enable"} else {"Disable"}) - if ($PSCmdlet.ShouldProcess($strMsgForShouldProcess_Target, $strMsgForShouldProcess_Action)) { - try { - ## use the helper function to add this new TrafficRule to the TrafficRuleSet Rules array - Set-VNVDTrafficRuleset_helper -TrafficRuleSet $oThisVNVDTrafficRuleset -Enabled:$Enabled - } ## end try - catch {Throw $_} + if ($null -ne $oThisVNVDTrafficRuleset.VDPortgroupView) { + $strMsgForShouldProcess_Target = "Traffic ruleset '{0}' on vDPG '{1}'" -f $oThisVNVDTrafficRuleset.TrafficRuleset.Key, $oThisVNVDTrafficRuleset.VDPortgroupView.Name + } ## end if + else { + $strMsgForShouldProcess_Target = "Traffic ruleset '{0}' on vDP '{1}'" -f $oThisVNVDTrafficRuleset.TrafficRuleset.Key, $oThisVNVDTrafficRuleset.VDPortView.Key + } ## end else + if ($PSBoundParameters.ContainsKey("Override")) { + $strMsgForShouldProcess_Action = "{0} ruleset" -f $(if ($Override) {"Override"} else {"UnOverride"}) + if ($PSCmdlet.ShouldProcess($strMsgForShouldProcess_Target, $strMsgForShouldProcess_Action)) { + try { + ## use the helper function to add this new TrafficRule to the TrafficRuleSet Rules array + Set-VNVDTrafficRuleset_helper -TrafficRuleSet $oThisVNVDTrafficRuleset -Override:$Override + } ## end try + catch {Throw $_} + } ## end if + } ## end if + if ($PSBoundParameters.ContainsKey("Enabled")) { + $strMsgForShouldProcess_Action = "{0} ruleset" -f $(if ($Enabled) {"Enable"} else {"Disable"}) + if ($PSCmdlet.ShouldProcess($strMsgForShouldProcess_Target, $strMsgForShouldProcess_Action)) { + try { + ## use the helper function to add this new TrafficRule to the TrafficRuleSet Rules array + Set-VNVDTrafficRuleset_helper -TrafficRuleSet $oThisVNVDTrafficRuleset -Enabled:$Enabled + } ## end try + catch {Throw $_} + } ## end if } ## end if } ## end foreach-object } ## end process diff --git a/vNugglets.VDNetworking/en-US/about_vNugglets.VDNetworking.help.txt b/vNugglets.VDNetworking/en-US/about_vNugglets.VDNetworking.help.txt index 09e0d56..c9a6b7d 100644 --- a/vNugglets.VDNetworking/en-US/about_vNugglets.VDNetworking.help.txt +++ b/vNugglets.VDNetworking/en-US/about_vNugglets.VDNetworking.help.txt @@ -8,7 +8,7 @@ SHORT DESCRIPTION LONG DESCRIPTION The cmdlets in this module focus on VMware vSphere Virtual Distributed networking infrastructure. Mainly this is about traffic filtering rules - and traffic marking configurations for vDPortgroups + and traffic marking configurations for vDPortgroups and vDPorts EXAMPLES All of the cmdlets in this module have proper comment-based help. Discover diff --git a/vNugglets.VDNetworking/vNugglets.VDNetworking.format.ps1xml b/vNugglets.VDNetworking/vNugglets.VDNetworking.format.ps1xml index 296bc2c..ec98d64 100644 --- a/vNugglets.VDNetworking/vNugglets.VDNetworking.format.ps1xml +++ b/vNugglets.VDNetworking/vNugglets.VDNetworking.format.ps1xml @@ -9,6 +9,7 @@ + @@ -16,6 +17,7 @@ Name TrafficRule VDPortgroupView + VDPortView diff --git a/vNugglets.VDNetworking/vNugglets.VDNetworking.psd1 b/vNugglets.VDNetworking/vNugglets.VDNetworking.psd1 index 281186a..f96a01d 100644 --- a/vNugglets.VDNetworking/vNugglets.VDNetworking.psd1 +++ b/vNugglets.VDNetworking/vNugglets.VDNetworking.psd1 @@ -112,7 +112,7 @@ PrivateData = @{ PSData = @{ # Tags applied to this module. These help with module discovery in online galleries. - Tags = 'vNugglets','VMware','vSphere','PowerCLI','VDPortGroup','TrafficFiltering','Filter','Filtering','TrafficMarking','Mark','Marking','VDSwitch','Uplink','VDUplink','VMHostNetworkAdapater','VMNIC' + Tags = 'vNugglets','VMware','vSphere','PowerCLI','VDPortGroup','VDPort','TrafficFiltering','Filter','Filtering','TrafficMarking','Mark','Marking','VDSwitch','Uplink','VDUplink','VMHostNetworkAdapater','VMNIC' # A URL to the license for this module. LicenseUri = 'https://github.com/vNugglets/vNuggletsPSMod_vDNetworking/blob/master/License' diff --git a/vNugglets.VDNetworking/vNugglets.VDNetworking_ClassDefinition.ps1 b/vNugglets.VDNetworking/vNugglets.VDNetworking_ClassDefinition.ps1 index cb0b27e..294f33a 100644 --- a/vNugglets.VDNetworking/vNugglets.VDNetworking_ClassDefinition.ps1 +++ b/vNugglets.VDNetworking/vNugglets.VDNetworking_ClassDefinition.ps1 @@ -7,9 +7,10 @@ class VNVDTrafficFilterPolicyConfig : VNVDBase { ## the TrafficFilterPolicyConfig item for this object [VMware.Vim.DvsTrafficFilterConfig[]]$TrafficFilterPolicyConfig - ## the full View object for the vDPG that is the "parent" of this object + ## the full View object for the vDPG and vDP that is the "parent" of this object [VMware.Vim.DistributedVirtualPortgroup]$VDPortgroupView - + [VMware.Vim.DistributedVirtualPort]$VDPortView + ## constructor # VNVDTrafficFilterPolicyConfig() {} } ## end class @@ -26,8 +27,9 @@ class VNVDTrafficRuleSet : VNVDBase { ## number of Traffic Rules in this TrafficRuleSet. And int, or $null $NumTrafficRule - ## the full View object for the vDPG that is the "parent" of this object + ## the full View object for the vDPG and vDP that is the "parent" of this object [VMware.Vim.DistributedVirtualPortgroup]$VDPortgroupView + [VMware.Vim.DistributedVirtualPort]$VDPortView } ## end class @@ -39,8 +41,9 @@ class VNVDTrafficRule : VNVDBase { ## the TrafficFilter ruleset rule item for this object [VMware.Vim.DvsTrafficRule]$TrafficRule - ## the full View object for the vDPG that is the "parent" of this object + ## the full View object for the vDPG and vDP that is the "parent" of this object [VMware.Vim.DistributedVirtualPortgroup]$VDPortgroupView + [VMware.Vim.DistributedVirtualPort]$VDPortView ## the "parent" VNVDTrafficRuleSet to which this TrafficRule belongs [VNVDTrafficRuleSet]$VNVDTrafficRuleSet diff --git a/vNugglets.VDNetworking/vNugglets.VDNetworking_SupportingFunctions.ps1 b/vNugglets.VDNetworking/vNugglets.VDNetworking_SupportingFunctions.ps1 index 6c104af..49730c6 100644 --- a/vNugglets.VDNetworking/vNugglets.VDNetworking_SupportingFunctions.ps1 +++ b/vNugglets.VDNetworking/vNugglets.VDNetworking_SupportingFunctions.ps1 @@ -32,65 +32,172 @@ function Set-VNVDTrafficRuleset_helper { [parameter(Mandatory=$true, ParameterSetName="ActOnRules")][ValidateSet("Add", "Remove", "Overwrite")][String]$RuleOperation, ## Switch: enable the RuleSet? And, -Enabled:$false disables the Ruleset - [Switch]$Enabled + [Switch]$Enabled, + + ## Switch: Override the RuleSet? And, -Override:$false inherited the Ruleset + [parameter(Mandatory=$true, ParameterSetName="Override")][Switch]$Override ) ## end param process { $TrafficRuleSet | Foreach-Object { $oThisVNVDTrafficRuleset = $_ $oVDPortgroupView_ThisTrafficRuleset = $oThisVNVDTrafficRuleset.VDPortgroupView - $strShouldProcessMsg_target = "Traffic Ruleset of key '{0}' on VDPortGroup '{1}'" -f $oThisVNVDTrafficRuleset.TrafficRuleset.Key, $oVDPortgroupView_ThisTrafficRuleset.Name + $oVDPortView_ThisTrafficRuleset = $oThisVNVDTrafficRuleset.VDPortView + if ($null -ne $oVDPortgroupView_ThisTrafficRuleset) { + $strShouldProcessMsg_target = "Traffic Ruleset of key '{0}' on VDPortGroup '{1}'" -f $oThisVNVDTrafficRuleset.TrafficRuleset.Key, $oVDPortgroupView_ThisTrafficRuleset.Name + } ## end if + else { + $strShouldProcessMsg_target = "Traffic Ruleset of key '{0}' on VDPort '{1}'" -f $oThisVNVDTrafficRuleset.TrafficRuleset.Key, $oVDPortView_ThisTrafficRuleset.Key + } ## end else if ($PSCmdlet.ShouldProcess($strShouldProcessMsg_target)) { - ## update View data, to make sure we have the current info - $oVDPortgroupView_ThisTrafficRuleset.UpdateViewData("Config.ConfigVersion","Config.DefaultPortConfig.FilterPolicy.FilterConfig") - - ## make a new config spec using values from the existing config of the vDPG - $specDVPortgroupConfigSpec = New-Object -Type VMware.Vim.DVPortgroupConfigSpec -Property @{ - ConfigVersion = $oVDPortgroupView_ThisTrafficRuleset.Config.ConfigVersion - DefaultPortConfig = New-Object -Type VMware.Vim.VMwareDVSPortSetting -Property @{ - FilterPolicy = New-Object -Type VMware.Vim.DvsFilterPolicy -Property @{ - FilterConfig = New-Object -Type VMware.Vim.DvsTrafficFilterConfig -Property @{ - ## if the current TrafficRuleset property is $null, create a new TrafficRuleset; else, use the existing TrafficRuleset - TrafficRuleset = if ($null -eq $oThisVNVDTrafficRuleset.TrafficRuleset) {New-Object -TypeName VMware.Vim.DvsTrafficRuleset} else {$oThisVNVDTrafficRuleset.TrafficRuleset} - ## use the current FilterConfig value for this property, and not setting the other properties - AgentName = if ($null -eq $oVDPortgroupView_ThisTrafficRuleset.Config.DefaultPortConfig.FilterPolicy.FilterConfig.AgentName) {"dvfilter-generic-vmware"} else {$oVDPortgroupView_ThisTrafficRuleset.Config.DefaultPortConfig.FilterPolicy.FilterConfig.AgentName} + if ($null -ne $oVDPortgroupView_ThisTrafficRuleset) { + ## is there alraedy a configuration on a port? + ## then do not configure portgroup to prevent a destroyed config + ## (you can also destroy the congig without code in the WebUI...) + $criteria = New-Object VMware.Vim.DistributedVirtualSwitchPortCriteria + $criteria.PortgroupKey = New-Object String[] (1) + $criteria.PortgroupKey[0] = $oVDPortgroupView_ThisTrafficRuleset.Key + $criteria.Inside = $true + $oVDSwitchView_ThisTrafficRuleset = Get-View -Id $oVDPortgroupView_ThisTrafficRuleset.Config.DistributedVirtualSwitch.ToString() + $oVDPortViewWithOverride = $oVDSwitchView_ThisTrafficRuleset.FetchDVPorts($criteria) | Where-Object {$_.Config.Setting.FilterPolicy.FilterConfig.Inherited -eq $false} | Sort-Object Key + $oVDPortViewWithOverrideKeys = $($oVDPortViewWithOverride.Key -join (',')) + if ($null -ne $oVDPortViewWithOverride) { + Throw "Do not configure portgroup with already configured ports (PortKeys=$oVDPortViewWithOverrideKeys)." + } + + ## update View data, to make sure we have the current info + $oVDPortgroupView_ThisTrafficRuleset.UpdateViewData("Config.ConfigVersion","Config.DefaultPortConfig.FilterPolicy.FilterConfig") + + ## make a new config spec using values from the existing config of the vDPG + $specDVPortgroupConfigSpec = New-Object -Type VMware.Vim.DVPortgroupConfigSpec -Property @{ + ConfigVersion = $oVDPortgroupView_ThisTrafficRuleset.Config.ConfigVersion + DefaultPortConfig = New-Object -Type VMware.Vim.VMwareDVSPortSetting -Property @{ + FilterPolicy = New-Object -Type VMware.Vim.DvsFilterPolicy -Property @{ + FilterConfig = New-Object -Type VMware.Vim.DvsTrafficFilterConfig -Property @{ + ## if the current TrafficRuleset property is $null, create a new TrafficRuleset; else, use the existing TrafficRuleset + TrafficRuleset = if ($null -eq $oThisVNVDTrafficRuleset.TrafficRuleset) {New-Object -TypeName VMware.Vim.DvsTrafficRuleset} else {$oThisVNVDTrafficRuleset.TrafficRuleset} + ## use the current FilterConfig value for this property, and not setting the other properties + AgentName = if ($null -eq $oVDPortgroupView_ThisTrafficRuleset.Config.DefaultPortConfig.FilterPolicy.FilterConfig.AgentName) {"dvfilter-generic-vmware"} else {$oVDPortgroupView_ThisTrafficRuleset.Config.DefaultPortConfig.FilterPolicy.FilterConfig.AgentName} + } ## end new-object } ## end new-object } ## end new-object } ## end new-object - } ## end new-object - - if ($PSCmdlet.ParameterSetName -eq "ActOnRules") { - Switch ($RuleOperation) { - "Add" { - ## add the new TrafficRule to the RuleSet - $specDVPortgroupConfigSpec.DefaultPortConfig.FilterPolicy.FilterConfig.TrafficRuleset.Rules += $TrafficRule - $bReturnUpdatedRulesetObject = $true - break - } ## end case - "Remove" { - ## remove the TrafficRule(s) from the RuleSet - $specDVPortgroupConfigSpec.DefaultPortConfig.FilterPolicy.FilterConfig.TrafficRuleset.Rules = $specDVPortgroupConfigSpec.DefaultPortConfig.FilterPolicy.FilterConfig.TrafficRuleset.Rules | Where-Object {$TrafficRule.Key -notcontains $_.Key} - break - } ## end case - "Overwrite" { - ## overwrite the Rules Property in the RuleSet - $specDVPortgroupConfigSpec.DefaultPortConfig.FilterPolicy.FilterConfig.TrafficRuleset.Rules = $TrafficRule - $bReturnUpdatedRulesetObject = $true - break - } ## end case - } ## end switch - } ## end if - if ($PSBoundParameters.ContainsKey("Enabled")) { - $specDVPortgroupConfigSpec.DefaultPortConfig.FilterPolicy.FilterConfig.TrafficRuleset.Enabled = $Enabled.ToBool() - if ($PSBoundParameters["RuleOperation"] -ne "Remove") {$bReturnUpdatedRulesetObject = $true} + if ($PSCmdlet.ParameterSetName -eq "ActOnRules") { + Switch ($RuleOperation) { + "Add" { + ## add the new TrafficRule to the RuleSet + $specDVPortgroupConfigSpec.DefaultPortConfig.FilterPolicy.FilterConfig.TrafficRuleset.Rules += $TrafficRule + $bReturnUpdatedRulesetObject = $true + break + } ## end case + "Remove" { + ## remove the TrafficRule(s) from the RuleSet + $specDVPortgroupConfigSpec.DefaultPortConfig.FilterPolicy.FilterConfig.TrafficRuleset.Rules = $specDVPortgroupConfigSpec.DefaultPortConfig.FilterPolicy.FilterConfig.TrafficRuleset.Rules | Where-Object {$TrafficRule.Key -notcontains $_.Key} + break + } ## end case + "Overwrite" { + ## overwrite the Rules Property in the RuleSet + $specDVPortgroupConfigSpec.DefaultPortConfig.FilterPolicy.FilterConfig.TrafficRuleset.Rules = $TrafficRule + $bReturnUpdatedRulesetObject = $true + break + } ## end case + } ## end switch + } ## end if + + if ($PSBoundParameters.ContainsKey("Enabled")) { + $specDVPortgroupConfigSpec.DefaultPortConfig.FilterPolicy.FilterConfig.TrafficRuleset.Enabled = $Enabled.ToBool() + if ($PSBoundParameters["RuleOperation"] -ne "Remove") {$bReturnUpdatedRulesetObject = $true} + } ## end if + + ## reconfig the VDPortgroup with the config spec + $oVDPortgroupView_ThisTrafficRuleset.ReconfigureDVPortgroup($specDVPortgroupConfigSpec) + + ## get the current TrafficRuleSet and return it, if so specified (like, if add or overwrite of rules, but not for remove of a rule) + if ($bReturnUpdatedRulesetObject) {$oVDPortgroupView_ThisTrafficRuleset | Get-VNVDTrafficRuleSet} } ## end if + else { + ## update View data, to make sure we have the current info + ## UpdateViewData not exist on port, so we have to take the long way + $oVDPort_ThisTrafficRuleset = Get-VDPort -VDPortgroup (Get-VDPortgroup -Id "DistributedVirtualPortgroup-$($oVDPortView_ThisTrafficRuleset.PortgroupKey)") -Key $oVDPortView_ThisTrafficRuleset.Key + $oVDPortView_ThisTrafficRuleset = $oVDPort_ThisTrafficRuleset.ExtensionData + + ## is there alraedy a configuration on a port? + ## then do not configure portgroup to prevent a destroyed config + ## (you can also destroy the congig without code in the WebUI...) + if ($oVDPort_ThisTrafficRuleset.Portgroup.ExtensionData.Config.DefaultPortConfig.FilterPolicy.FilterConfig.TrafficRuleset.Enabled -eq $true) { $bVPGCOnfig = $true } + if ($null -ne $oVDPort_ThisTrafficRuleset.Portgroup.ExtensionData.Config.DefaultPortConfig.FilterPolicy.FilterConfig.TrafficRuleset.Rules) { $bVPGCOnfig = $true } + if ($bVPGCOnfig) { + Throw "Do not configure port with already configured portgroup." + } + + ## check if individual port config is allow + if ($oVDPort_ThisTrafficRuleset.Portgroup.ExtensionData.Config.Policy.TrafficFilterOverrideAllowed -eq $false) { + Throw "Config FilterPolicy of port is not allowed. Check Policy.TrafficFilterOverrideAllowed of portgroup." + } + + + ## make a new config spec using values from the existing config of the vDPG + $specDVPortConfigSpec = New-Object -Type VMware.Vim.DVPortConfigSpec -Property @{ + ConfigVersion = $oVDPortView_ThisTrafficRuleset.Config.ConfigVersion + Operation = 'edit' + key = $oVDPortView_ThisTrafficRuleset.Key + Setting = New-Object -Type VMware.Vim.DVPortSetting -Property @{ + FilterPolicy = New-Object -Type VMware.Vim.DvsFilterPolicy -Property @{ + FilterConfig = New-Object -Type VMware.Vim.DvsTrafficFilterConfig -Property @{ + ## if the current TrafficRuleset property is $null, create a new TrafficRuleset; else, use the existing TrafficRuleset + # TrafficRuleset = if ($null -eq $oThisVNVDTrafficRuleset.TrafficRuleset -or $PSBoundParameters.ContainsKey("Override")) {New-Object -TypeName VMware.Vim.DvsTrafficRuleset} else {$oThisVNVDTrafficRuleset.TrafficRuleset} + TrafficRuleset = if ($null -eq $oThisVNVDTrafficRuleset.TrafficRuleset) {New-Object -TypeName VMware.Vim.DvsTrafficRuleset} else {$oThisVNVDTrafficRuleset.TrafficRuleset} + ## use the current FilterConfig value for this property, and not setting the other properties + AgentName = if ($null -eq $oVDPortgroupView_ThisTrafficRuleset.Config.DefaultPortConfig.FilterPolicy.FilterConfig.AgentName) {"dvfilter-generic-vmware"} else {$oVDPortgroupView_ThisTrafficRuleset.Config.DefaultPortConfig.FilterPolicy.FilterConfig.AgentName} + Key = if ($null -eq $oVDPortView_ThisTrafficRuleset.Config.Setting.FilterPolicy.FilterConfig.Key) {""} else {$oVDPortView_ThisTrafficRuleset.Config.Setting.FilterPolicy.FilterConfig.Key} + } ## end new-object + } ## end new-object + } ## end new-object + } ## end new-object + + if ($PSBoundParameters.ContainsKey("Override")) { + $specDVPortConfigSpec.Setting.FilterPolicy.Inherited = !$Override.ToBool() + } ## end if + + + if ($PSCmdlet.ParameterSetName -eq "ActOnRules") { + Switch ($RuleOperation) { + "Add" { + ## add the new TrafficRule to the RuleSet + $specDVPortConfigSpec.Setting.FilterPolicy.FilterConfig.TrafficRuleset.Rules += $TrafficRule + $bReturnUpdatedRulesetObject = $true + break + } ## end case + "Remove" { + ## remove the TrafficRule(s) from the RuleSet + $specDVPortConfigSpec.Setting.FilterPolicy.FilterConfig.TrafficRuleset.Rules = $specDVPortConfigSpec.Setting.FilterPolicy.FilterConfig.TrafficRuleset.Rules | Where-Object {$TrafficRule.Key -notcontains $_.Key} + break + } ## end case + "Overwrite" { + ## overwrite the Rules Property in the RuleSet + $specDVPortConfigSpec.Setting.FilterPolicy.FilterConfig.TrafficRuleset.Rules = $TrafficRule + $bReturnUpdatedRulesetObject = $true + break + } ## end case + } ## end switch + } ## end if + + if ($PSBoundParameters.ContainsKey("Enabled")) { + $specDVPortConfigSpec.Setting.FilterPolicy.FilterConfig.TrafficRuleset.Enabled = $Enabled.ToBool() + if ($PSBoundParameters["RuleOperation"] -ne "Remove") {$bReturnUpdatedRulesetObject = $true} + } ## end if + + if ($PSBoundParameters.ContainsKey("Override")) { + $bReturnUpdatedRulesetObject = $true + } ## end if - ## reconfig the VDPortgroup with the config spec - $oVDPortgroupView_ThisTrafficRuleset.ReconfigureDVPortgroup($specDVPortgroupConfigSpec) + ## reconfig the VDPortgroup with the config spec + $oVDPort_ThisTrafficRuleset.Switch.ExtensionData.ReconfigureDVPort($specDVPortConfigSpec) - ## get the current TrafficRuleSet and return it, if so specified (like, if add or overwrite of rules, but not for remove of a rule) - if ($bReturnUpdatedRulesetObject) {$oVDPortgroupView_ThisTrafficRuleset | Get-VNVDTrafficRuleSet} + ## get the current TrafficRuleSet and return it, if so specified (like, if add or overwrite of rules, but not for remove of a rule) + if ($bReturnUpdatedRulesetObject) {$oVDPortView_ThisTrafficRuleset | Get-VNVDTrafficRuleSet} + } } ## end if } ## end foreach-object } ## end process From a3776da230a75f02b7534b6194d2274547ac976b Mon Sep 17 00:00:00 2001 From: Maik Stuebner Date: Thu, 19 Nov 2020 12:48:39 +0100 Subject: [PATCH 2/4] Add Sequence in Rules to make it visable in WebUI --- vNugglets.VDNetworking/NewItems.ps1 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/vNugglets.VDNetworking/NewItems.ps1 b/vNugglets.VDNetworking/NewItems.ps1 index 4ad3556..ab5ed22 100644 --- a/vNugglets.VDNetworking/NewItems.ps1 +++ b/vNugglets.VDNetworking/NewItems.ps1 @@ -353,6 +353,9 @@ function New-VNVDTrafficRule { ## always add Direction key/value is in the hsh (so that, if not specified by user, it takes default value) $hshParamForNewRuleObject = @{direction = $Direction} + ## Add Sequence in Rules to make it visable in WebUI, when add more then 1 rule + $hshParamForNewRuleObject = @{sequence = ($TrafficRuleSet.TrafficRuleset.Rules.Sequence | Sort-Object | Select-Object -Last 1) + 10} + ## for any of the other bound parameters that are for specific properties of a new Traffic Rule (i.e., that are not "common" PowerShell parameters like -Verbose or -PipelineVariable) $PSBoundParameters.Keys | Where-Object {$hshParameterNameToNewObjectPropertyNameMapping.ContainsKey($_)} | Foreach-Object { ## get the new API object property name to use from the NameMapping hashtable, and set the value to that of the given bound parameter From e6b6762a0b6be00c67999a17510d386a715697ff Mon Sep 17 00:00:00 2001 From: Maik Stuebner Date: Thu, 19 Nov 2020 12:49:40 +0100 Subject: [PATCH 3/4] Get vDPort config from VM or VM nic --- vNugglets.VDNetworking/GetItems.ps1 | 32 +++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/vNugglets.VDNetworking/GetItems.ps1 b/vNugglets.VDNetworking/GetItems.ps1 index ca34e33..e0b603f 100644 --- a/vNugglets.VDNetworking/GetItems.ps1 +++ b/vNugglets.VDNetworking/GetItems.ps1 @@ -22,7 +22,13 @@ function Get-VNVDTrafficFilterPolicyConfig { [parameter(Mandatory = $true, ValueFromPipeline = $true, ParameterSetName = 'ByVDPort')][VMware.VimAutomation.Vds.Types.V1.VDPort[]]$VDPort, ## The View object for the virtual distributed port for which to get the traffic filtering and marking policy configuration - [parameter(Mandatory=$true, ValueFromPipeline=$true, ParameterSetName="ByVDPortView")][VMware.Vim.DistributedVirtualPort[]]$VDPortView + [parameter(Mandatory=$true, ValueFromPipeline=$true, ParameterSetName="ByVDPortView")][VMware.Vim.DistributedVirtualPort[]]$VDPortView, + + ## The VM nic for which to get the traffic filtering and marking policy configuration + [parameter(Mandatory = $true, ValueFromPipeline = $true, ParameterSetName = 'ByNetworkAdapter')][VMware.VimAutomation.ViCore.Types.V1.VirtualDevice.NetworkAdapter[]]$NetworkAdapter, + + ## The VM for which to get the traffic filtering and marking policy configuration + [parameter(Mandatory = $true, ValueFromPipeline = $true, ParameterSetName = 'ByVM')][VMware.VimAutomation.ViCore.Types.V1.Inventory.VirtualMachine[]]$VM ) ## end param process { @@ -53,6 +59,20 @@ function Get-VNVDTrafficFilterPolicyConfig { } ## end foreach-object } ## end foreach-object } ## end case + + {"ByNetworkAdapter", "ByVM" -contains $_} { + ## get the NetworkAdapter objects over which to iterate (either the the nics of the VM) + $(if ($PSCmdlet.ParameterSetName -eq "ByVM") {$VM | Foreach-Object {$_ | Get-NetworkAdapter}} else {$NetworkAdapter}) | Foreach-Object { + ## get the vDPort View of the VM nic + $oThisVDPView = (Get-VDPort -VDPortgroup (Get-VDPortgroup -Id "DistributedVirtualPortgroup-$($_.ExtensionData.Backing.Port.PortgroupKey)") -Key $_.ExtensionData.Backing.Port.PortKey).ExtensionData + $oThisVDPView.Config.Setting.FilterPolicy.FilterConfig | ForEach-Object { + New-Object -Type VNVDTrafficFilterPolicyConfig -Property @{ + TrafficFilterPolicyConfig = $_ + VDPortView = $oThisVDPView + } ## end new-object + } ## end foreach-object + } ## end foreach-object + } ## end case } ## end switch } ## end process } ## end fn @@ -90,7 +110,13 @@ function Get-VNVDTrafficRuleSet { [parameter(Mandatory=$true, ValueFromPipeline=$true, ParameterSetName="ByVDPort")][VMware.VimAutomation.Vds.Types.V1.VDPort[]]$VDPort, ## The View object for the virtual distributed port for which to get the traffic ruleset - [parameter(Mandatory=$true, ValueFromPipeline=$true, ParameterSetName="ByVDPortView")][VMware.Vim.DistributedVirtualPort[]]$VDPortView + [parameter(Mandatory = $true, ValueFromPipeline = $true, ParameterSetName = "ByVDPortView")][VMware.Vim.DistributedVirtualPort[]]$VDPortView, + + ## The VM nic for which to get the traffic filtering and marking policy configuration + [parameter(Mandatory = $true, ValueFromPipeline = $true, ParameterSetName = 'ByNetworkAdapter')][VMware.VimAutomation.ViCore.Types.V1.VirtualDevice.NetworkAdapter[]]$NetworkAdapter, + + ## The VM for which to get the traffic filtering and marking policy configuration + [parameter(Mandatory = $true, ValueFromPipeline = $true, ParameterSetName = 'ByVM')][VMware.VimAutomation.ViCore.Types.V1.Inventory.VirtualMachine[]]$VM ) ## end param process { @@ -100,6 +126,8 @@ function Get-VNVDTrafficRuleSet { "ByVDPortGroupView" { $TrafficFilterPolicyConfig = Get-VNVDTrafficFilterPolicyConfig -VDPortgroupView $VDPortgroupView } "ByVDPort" { $TrafficFilterPolicyConfig = Get-VNVDTrafficFilterPolicyConfig -VDPort $VDPort } "ByVDPortView" { $TrafficFilterPolicyConfig = Get-VNVDTrafficFilterPolicyConfig -VDPortView $VDPortView } + "ByNetworkAdapter" { $TrafficFilterPolicyConfig = Get-VNVDTrafficFilterPolicyConfig -NetworkAdapter $NetworkAdapter } + "ByVM" { $TrafficFilterPolicyConfig = Get-VNVDTrafficFilterPolicyConfig -VM $VM } } ## end switch $TrafficFilterPolicyConfig | Foreach-Object { From e71470219138b43071e5cee73418819fbecc8fb6 Mon Sep 17 00:00:00 2001 From: Maik Stuebner Date: Fri, 20 Nov 2020 11:28:03 +0100 Subject: [PATCH 4/4] fix missing direction in new rule object --- vNugglets.VDNetworking/NewItems.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vNugglets.VDNetworking/NewItems.ps1 b/vNugglets.VDNetworking/NewItems.ps1 index ab5ed22..2b7c56b 100644 --- a/vNugglets.VDNetworking/NewItems.ps1 +++ b/vNugglets.VDNetworking/NewItems.ps1 @@ -354,7 +354,7 @@ function New-VNVDTrafficRule { $hshParamForNewRuleObject = @{direction = $Direction} ## Add Sequence in Rules to make it visable in WebUI, when add more then 1 rule - $hshParamForNewRuleObject = @{sequence = ($TrafficRuleSet.TrafficRuleset.Rules.Sequence | Sort-Object | Select-Object -Last 1) + 10} + $hshParamForNewRuleObject += @{sequence = ($TrafficRuleSet.TrafficRuleset.Rules.Sequence | Sort-Object | Select-Object -Last 1) + 10} ## for any of the other bound parameters that are for specific properties of a new Traffic Rule (i.e., that are not "common" PowerShell parameters like -Verbose or -PipelineVariable) $PSBoundParameters.Keys | Where-Object {$hshParameterNameToNewObjectPropertyNameMapping.ContainsKey($_)} | Foreach-Object {