Skip to content

Instantly share code, notes, and snippets.

Avatar

Chris Nakagaki Zsoldier

View GitHub Profile
@Zsoldier
Zsoldier / Clear-NSXTDNSCache.ps1
Last active Feb 22, 2021
Clears NSX-T DNS Service cache
View Clear-NSXTDNSCache.ps1
#Clear NSX-T DNS Cache
$creds = Get-Credential -Message "Provide NSX-T username and password"
$HostnameorIP = Read-Host "Provide IP or hostname for NSX-T Manager"
$DNSForwarders = Invoke-restmethod -Uri "https://$HostnameorIP/api/v1/dns/forwarders" -Method Get -Credential $creds -Authentication:Basic -SkipCertificateCheck:$true
$DNSForwarders.results | Select id, listenerip, display_name
#Copy the id value from the DNS forwarder you would like to clear cache on and place into $id variable below.
#$id=$DNSForwarders.results[0].id # < Works against first return. If you have more than one NSX-T DNS Forwarder, you'll need to select different record.
$id='id value provided by above'
@Zsoldier
Zsoldier / ClearNSXTDNSCache.sh
Created Feb 19, 2021
Curl method to force clear NSX-T DNS cache.
View ClearNSXTDNSCache.sh
nsxt=iporDNSnameofNSXManager
username=admin
password=''
curl -k -u $username:$password --request GET --url https://$nsxt/api/v1/dns/forwarders
#copy id of forwarder you want to clear the cache on.
forwarderid=''
curl -k -u $username:$password --request POST --url https://$nsxt/api/v1/dns/forwarders/$forwarderid?action=clear_cache
@Zsoldier
Zsoldier / Request-AzureJIT.ps1
Last active Feb 23, 2021
Requesting JIT access for Azure VM example.
View Request-AzureJIT.ps1
#Requires -Module az, az.security
function Request-AZJIT {
[CmdletBinding()]
param (
$AzureVMName = "nameofyourAzureVM",
$SubscriptionID = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx",
$AllowedSourceIP = (Invoke-Restmethod http://ipinfo.io/json).ip,
$TimeRequested = (get-date).AddHours(3),
$PortRequested = 22,
$JITPolicyName = "default"
@Zsoldier
Zsoldier / get-esxipcideviceinfo.ps1
Last active Jan 14, 2021
PowerCLI: Getting HCL DID, VID, and SVID information.
View get-esxipcideviceinfo.ps1
#Requires -Modules vmware.powercli
$esxihost = "DNSorIPofESXihost"
$vmhost = get-vmhost $esxihost
$vmhostcli = $vmhost | get-esxcli -v2
$pcidevices = $vmhostcli.hardware.pci.list.invoke()
#$pcidevices | where {$_.vendorname -match "Mellanox"}
$HCLData = @()
Foreach ($pcidevice in $pcidevices){
@Zsoldier
Zsoldier / vSANStoragePolicyApplytoVMsExample.ps1
Created Dec 16, 2020
Change VSAN storage policy on one or more VMs
View vSANStoragePolicyApplytoVMsExample.ps1
#See storage policies available
Get-SpbmStoragePolicy
#Define storage policy you want to apply
$storagepolicyname = "RAID-1 FTT-1"
#Capture Storage policy object.
$storagepolicies = Get-SpbmStoragePolicy
$targetstoragepolicy = ($storagepolicies | where-object {$_.name -eq $storagepolicyname})
@Zsoldier
Zsoldier / Set-NSXTSegmentProfiles.ps1
Created May 29, 2020
Example on how to change segment discovery, qos, and security profiles enmasse.
View Set-NSXTSegmentProfiles.ps1
#Change Segment Profiles
$Credential = Get-Credential
$skipcertcheck = $true
$AuthMethod = “Basic”
$NSXMgr=”IPorDNSName”
$policyapi = "/policy/api/v1"
$base_url = ("https://" + $NSXMgr + $policyapi)
#Change these to the name of the various profiles you want to remap all your segments to.
$TargetIPDPName = "default-ip-discovery-profile"
@Zsoldier
Zsoldier / delete-routeadvertisementrule.ps1
Created May 22, 2020
Example on how to call NSX-T Rest API via powershell to delete a route advertisement rule associated w/ a T1.
View delete-routeadvertisementrule.ps1
$NSXMgr=”IPorDNSName”
$Credential = Get-Credential #Must be Enterprise Admin role. Typically “admin”
$skipcertcheck = $true
$AuthMethod = “Basic”
$TargetRouterName = “LeeroyJenkinsT1”
#To get target logical router id
$lrdata = Invoke-restmethod -Uri “https://$($NSXMgr)/api/v1/logical-routers” -Method GET -Credential $Credential -SkipCertificateCheck:$skipcertcheck -Authentication:$AuthMethod
$routerid = ($lrdata.results | Where-Object {$_.display_name -eq $TargetRouterName}).id
View New-HCXMobilityGroupKai.ps1
# Grab VM object from HCX (Cannot be from vCenter)
$vm = Get-HCXVM -Name "NameofVM"
# If you have multiple sources or destination, you would need to augment with parameters such as name, server(hcxserver), and/or id.
$sourceSite = Get-HCXSite -Source
$targetSite = Get-HCXSite -Destination
# Source and target networks assume just one network adapter.
# For more than one adapter, you would need to loop through each source adapter and add to $NetworkMapping array.
$sourceNetwork = $vm.Network[0]
@Zsoldier
Zsoldier / Get-NSXESGFirewallRuleReport.ps1
Created Apr 25, 2020
Basically a way to pull the table you see in the interface in case you need to share config w/ someone.
View Get-NSXESGFirewallRuleReport.ps1
#Requires -Module PowerCLI,PowerNSX
$ESG = Get-NsxEdge -Name "BobLoblaw"
$ESGFW = $ESG | get-NSXEdgeFirewall
$ESGFWRules = Get-NSXEdgeFirewallRule -EdgeFirewall $ESGFW
$CustomReport = @()
$i = 1
Foreach ($Rule in $ESGFWRules)
{
$NewObject = "" | Select-Object RuleNo, RuleID, RuleName, Source, Destination, Description, ServicePorts, Action, appliedTo, datacentername
@Zsoldier
Zsoldier / MacOSTerminalProfileRestore.sh
Last active Apr 7, 2020
Basically a way for me to sync changes via dropbox and restore a MacOS terminal environment w/o bringing along all the garbage that Time Machine will likely haul with it.
View MacOSTerminalProfileRestore.sh
overwrite=true #only applies to zsh profile, not implemented for other stuff. no overwrite by default elsewhere.
brew=true
SyncDir=~/Documents/_NakaProfile
customsudodir=/etc/sudoers.d/
ZSHPlugins=$SyncDir/zsh/custom/plugins/
ZSHThemes=$SyncDir/zsh/custom/themes/
VPNConfigs=$SyncDir/vpn/
stoken=$SyncDir/stoken
customsudofiles=$SyncDir/customsudo/