OK, so every environment has “That Guy”… if you don’t know what I’m on about, take a look at what floated past on Twitter this evening from @vSeanClark:
RT @techmute: Some people really make me wish vSphere had the option "take a snapshot when this guy logs in as an admin" <- startup idea?
Well… if anyone has some venture capital or Angel funds… I’m your guy. Why? Well with vSphere Alarms and PowerCLI, one can indeed snapshot a VM when a specific user pulls a remote console, here’s how:
Setup the Alarm:
At the vCenter level (after all… “that guy” is sneaky) create an alarm like so:
Under conditions you’ll setup the user you wish to… protect against:
With the following actions:
- Send a notification email
- Run a command: C:\WINDOWS\system32\cmd.exe“ “/c echo .|powershell.exe -nologo -noprofile -noninteractive C:\Scripts\OMG-ThatGuy.ps1”
* A few notes here: The “Run a command” is all one really long line…
Next the script:
If you copy/paste it from here you’ll want to make sure that everything after Get-VM is on a single line.
# Add the snapin:
#Take the snapshot!
Connect-VIServer -Server localhost -User something -Password something
$vmId = "VirtualMachine-" + $env:VMWARE_ALARM_TARGET_ID
Get-VM -Id $vmId | New-Snapshot -Name ((Get-Date).ToShortDateString())
The first bit adds the PowerCLI snapin, the second gets the VM that triggered the alarm and creates a snapshot with today’s date. Save this in c:\scripts, or another location of your choosing, and we’re ready to go!
So I’m not really sure where this script would be all that practical in real use. It is however an example of the power of both PowerCLI and vSphere. Here’s a screenshot of this working, btw:
What good would this post be if I didn’t link back to all the random places I found the info on how to do this on:
- The PS Snapin & Command Line way to launch a script:
- VMware’s PowerCLI and Alarms (Pay attention to the environment variables):
- Accessing said environment variables:
- Manipulating the Get-Date cmdlet:
- My old post on alarms:
- The actual bit that got this working:
5 thoughts on “Protecting your Virtual Machines From “That Guy””
Another “preventative” sysadmin idea is to have a “Lock” on a VM so you cannot delete or accidentally start a VM. That way turbo clicking won’t lead to a restore and lack of forethought won’t lead to duplicate IP/name found on the network.
how can can set a trigger to email me when backups of vm’s are complete?
What are you using for backups. It “Should” have it’s own mechanisim for
Comments are closed.