Managing Time in vSphere with PowerCli
One of the most important things you should do to your systems is to ensure they have the right time. In this post I will show how to check and ensure your systems have the correct time using PowerCli.
==> Login to vCenter:
$admin = Get-Credential –Credential EXAMPLE\john Connect-VIServer -Server vc.example.com -Credential $admin
==> Check time settings:
Get-VMHost | Sort Name | Select Name, `
@{N="NTPServer";E={$_ |Get-VMHostNtpServer}}, `
Timezone, `
@{N="CurrentTime";E={(Get-View $_.ExtensionData.ConfigManager.DateTimeSystem) | Foreach {$_.QueryDateTime().ToLocalTime()}}}, `
@{N="ServiceRunning";E={(Get-VmHostService -VMHost $_ |Where-Object {$_.key-eq "ntpd"}).Running}}, `
@{N="StartUpPolicy";E={(Get-VMHostService -VMHost $_ |Where-Object {$_.Key -eq "ntpd"}).Policy}}, `
@{N="FirewallException";E={$_ | Get-VMHostFirewallException | where {$_.Name -eq "NTP client"} | Select-Object –ExpandProperty Enabled}} `
| Format-Table -AutoSize
Output:
PowerCLI C:\Program Files\VMware\Infrastructure\vSphere PowerCLI> Get-VMHost | Sort Name | Select Name, `
>> @{N="NTPServer";E={$_ |Get-VMHostNtpServer}}, `
>> Timezone, `
>> @{N="CurrentTime";E={(Get-View $_.ExtensionData.ConfigManager.DateTimeSystem) | Foreach {$_.QueryDateTime().ToLocalTime()}}}, `
>> @{N="ServiceRunning";E={(Get-VmHostService -VMHost $_ |Where-Object {$_.key-eq "ntpd"}).Running}}, `
>> @{N="StartUpPolicy";E={(Get-VMHostService -VMHost $_ |Where-Object {$_.Key -eq "ntpd"}).Policy}}, `
>> @{N="FirewallException";E={$_ | Get-VMHostFirewallException | where {$_.Name -eq "NTP client"} | Select-Object -ExpandProperty Enabled}} `
>> | Format-Table -AutoSize
>>
Name NTPServer TimeZone CurrentTime ServiceRunning StartUpPolicy FirewallException
---- --------- -------- ----------- -------------- ------------- -----------------
esx1.example.com UTC 6/7/2015 3:25:39 PM False off False
esx2.example.com UTC 6/7/2015 3:25:40 PM False off False
esx3.example.com {192.168.10.1,192.168.11.1} UTC 6/7/2015 3:25:42 PM False off False
esx4.example.com 192.168.11.1 UTC 6/7/2015 3:25:43 PM False off False
==> Set time to correct time:
// Get time from the machine running PowerCli
$currentTime = Get-Date
// Update time on ESX hosts
$hosts_time = Get-VMHost | %{ Get-View $_.ExtensionData.ConfigManager.DateTimeSystem }
$hosts_time.UpdateDateTime((Get-Date($currentTime.ToUniversalTime()) -format u))
==> Remove old NTP servers (if any):
$old_ntp_server = '192.168.10.1'
Get-VMHost | Remove-VmHostNtpServer -NtpServer $old_ntp_server -Confirm
Output:
PowerCLI C:\Program Files\VMware\Infrastructure\vSphere PowerCLI> Get-VMHost | Sort Name | Select Name, `
>> @{N="NTPServer";E={$_ |Get-VMHostNtpServer}}, `
>> Timezone, `
>> @{N="CurrentTime";E={(Get-View $_.ExtensionData.ConfigManager.DateTimeSystem) | Foreach {$_.QueryDateTime().ToLocalTime()}}}, `
>> @{N="ServiceRunning";E={(Get-VmHostService -VMHost $_ |Where-Object {$_.key-eq "ntpd"}).Running}}, `
>> @{N="StartUpPolicy";E={(Get-VMHostService -VMHost $_ |Where-Object {$_.Key -eq "ntpd"}).Policy}}, `
>> @{N="FirewallException";E={$_ | Get-VMHostFirewallException | where {$_.Name -eq "NTP client"} | Select-Object -ExpandProperty Enabled}} `
>> | Format-Table -AutoSize
>>
Name NTPServer TimeZone CurrentTime ServiceRunning StartUpPolicy FirewallException
---- --------- -------- ----------- -------------- ------------- -----------------
esx1.example.com UTC 6/7/2015 3:25:39 PM False off False
esx2.example.com UTC 6/7/2015 3:25:40 PM False off False
esx3.example.com UTC 6/7/2015 3:25:42 PM False off False
esx4.example.com UTC 6/7/2015 3:25:43 PM False off False
==> Change NTP to desired configuration:
$ntp_server = '192.168.10.1'
Get-VMHost | Add-VMHostNtpServer $ntp_server
Get-VMHost | Get-VMHostFirewallException | where {$_.Name -eq "NTP client"} | Set-VMHostFirewallException -Enabled:$true
Get-VMHost | Get-VmHostService | Where-Object {$_.key -eq "ntpd"} | Start-VMHostService
Get-VMhost | Get-VmHostService | Where-Object {$_.key -eq "ntpd"} | Set-VMHostService -policy "automatic"
Output:
PowerCLI C:\Program Files\VMware\Infrastructure\vSphere PowerCLI> $ntp_server = '192.168.10.1'
PowerCLI C:\Program Files\VMware\Infrastructure\vSphere PowerCLI> Get-VMHost | Add-VMHostNtpServer $ntp_server
192.168.10.1
192.168.10.1
192.168.10.1
192.168.10.1
==> Enable Firewall Exception
PowerCLI C:\Program Files\VMware\Infrastructure\vSphere PowerCLI> Get-VMHost | Get-VMHostFirewallException | where {$_.Name -eq "NTP client"} | Set-VMHostFirewallException -Enabled:$true
Name Enabled IncomingPorts OutgoingPorts Protocols ServiceRunning
---- ------- ------------- ------------- --------- --------------
NTP Client True 123 UDP True
NTP Client True 123 UDP True
NTP Client True 123 UDP False
NTP Client True 123 UDP False
==> Start NTPd service
PowerCLI C:\Program Files\VMware\Infrastructure\vSphere PowerCLI> Get-VMHost | Get-VmHostService | Where-Object {$_.key -eq "ntpd"} | Start-VMHostService
Key Label Policy Running Required
--- ----- ------ ------- --------
ntpd NTP Daemon on True False
ntpd NTP Daemon on True False
ntpd NTP Daemon off True False
ntpd NTP Daemon off True False
==> Ensure NTPd service starts automatically (via policy)
PowerCLI C:\Program Files\VMware\Infrastructure\vSphere PowerCLI> Get-VMhost | Get-VmHostService | Where-Object {$_.key -eq "ntpd"} | Set-VMHostService -policy "automatic"
Key Label Policy Running Required
--- ----- ------ ------- --------
ntpd NTP Daemon automatic True False
ntpd NTP Daemon automatic True False
ntpd NTP Daemon automatic True False
ntpd NTP Daemon automatic True False
==> Verify all is set the way you expected
Get-VMHost | Sort Name | Select Name, `
@{N="NTPServer";E={$_ |Get-VMHostNtpServer}}, `
Timezone, `
@{N="CurrentTime";E={(Get-View $_.ExtensionData.ConfigManager.DateTimeSystem) | Foreach {$_.QueryDateTime().ToLocalTime()}}}, `
@{N="ServiceRunning";E={(Get-VmHostService -VMHost $_ |Where-Object {$_.key-eq "ntpd"}).Running}}, `
@{N="StartUpPolicy";E={(Get-VMHostService -VMHost $_ |Where-Object {$_.Key -eq "ntpd"}).Policy}}, `
@{N="FirewallException";E={$_ | Get-VMHostFirewallException | where {$_.Name -eq "NTP client"} | Select-Object –ExpandProperty Enabled}} `
| Format-Table -AutoSize
Output:
PowerCLI C:\Program Files\VMware\Infrastructure\vSphere PowerCLI> Get-VMHost | Sort Name | Select Name, `
>> @{N="NTPServer";E={$_ |Get-VMHostNtpServer}}, `
>> Timezone, `
>> @{N="CurrentTime";E={(Get-View $_.ExtensionData.ConfigManager.DateTimeSystem) | Foreach {$_.QueryDateTime().ToLocalTime()}}}, `
>> @{N="ServiceRunning";E={(Get-VmHostService -VMHost $_ |Where-Object {$_.key-eq "ntpd"}).Running}}, `
>> @{N="StartUpPolicy";E={(Get-VMHostService -VMHost $_ |Where-Object {$_.Key -eq "ntpd"}).Policy}}, `
>> @{N="FirewallException";E={$_ | Get-VMHostFirewallException | where {$_.Name -eq "NTP client"} | Select-Object -ExpandProperty Enabled}} `
>> | Format-Table -AutoSize
>>
Name NTPServer TimeZone CurrentTime ServiceRunning StartUpPolicy FirewallException
---- --------- -------- ----------- -------------- ------------- -----------------
esx1.example.com 192.168.10.1 UTC 6/7/2015 3:34:49 PM True automatic True
esx2.example.com 192.168.10.1 UTC 6/7/2015 3:34:51 PM True automatic True
esx3.example.com 192.168.10.1 UTC 6/7/2015 3:34:52 PM True automatic True
esx4.example.com 192.168.10.1 UTC 6/7/2015 3:34:54 PM True automatic True