Using PowerCLI for VMware Update Manager

May 31, 2012 6 By Eric Shanks

You never know when you’ll need to script something and PowerCLI gives you the tools to do it.  I decided to see if I could script some of the VMware Update Manager (VUM) tasks while I was reviewing section 5.2 of the VCAP5-DCA Beta Blueprint and found that the procedures were quite easy.  My next thought was, “Why would I want to script this when I can use the GUI, and on top of that I can schedule scans and remediation already?”  My answer was, “You never know.”  Who knows when you’ll need to use the PowerCLI to accomplish a task.  Maybe, you’re scripting something so someone else can run it without really knowing how to perform the task, or you’re trying to get a report, or who knows.

Here is a basic procedure to scan and remediate some ESX hosts.

You must have PowerCLI and the VUM cmdlets installed before you can run any of these commands.

First, we’ll create a patch baseline.  In this case the patch baseline will get dynamic updates that are for ESXi hosts, only critical VMware Updates, and released after May 1st 2012.  We’ve named the baseline “PowerCLIBaseline.”

[sourcecode language=”PowerShell”] new-patchbaseline -dynamic -name PowerCLIBaseline -description "PowerCLI Baseline Example -TargetType Host -SearchPatchVendor *VMware* -SearchPatchSeverity critical -SearchPatchStartDate 5.1.2012 [/sourcecode]





Just to make sure everything works the same, we take a look in the GUI to make sure our baseline has been created.





Next, we want to attach our newly created baseline to an object.  In my example we’re attaching it to the Prod Cluster, but it could be attached to a virtual machine, a host, or a folder just like it could be from the GUI.

[sourcecode language=”PowerShell”] get-baseline PowerCLIBaseline | attach-baseline -Entity "Prod Cluster" [/sourcecode]





Once the attach-baseline has been run, we check the GUI to be sure that it’s attached.





Now it’s time for a scan.  We run the Scan-inventory cmdlet on the Prod Cluster.

[sourcecode language=”PowerShell”] Scan-inventory -entity "Prod Cluster" [/sourcecode]





Luckily my Lab is not up to date and needs to be patched so that we can continue with our powerCLI scripting.





To show that you can run this on objects other than a Cluster, we’ll update only one of the two hosts.  We remediate hosts 192.168.160.30.
[sourcecode language=”PowerShell”] get-baseline -name PowerCLIBaseline | Remediate-inventory -entity 192.168.160.30 [/sourcecode]





Now we see that my host is up to date and my PowerCLIBaseline is now in compliance.





If you want more information about using the PowerCLI for VUM here are some additional links that might help.

VMware PowerCLI VUM Documentation

http://www.vexperienced.co.uk/2012/04/12/vcap5-dca-whats-new/