Public/Connection.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
#
# Copyright 2018, Alexis La Goutte <alexis dot lagoutte at gmail dot com>
#
# SPDX-License-Identifier: Apache-2.0
#

function Connect-NSXT {

    <#
      .SYNOPSIS
      Connect to a NSX-T

      .DESCRIPTION
      Connect to a NSX-T

      .EXAMPLE
      Connect-NSXT -Server 192.0.2.1

      Connect to a NSX-T with IP 192.0.2.1

      .EXAMPLE
      Connect-NSXT -Server 192.0.2.1 -SkipCertificateCheck

      Connect to a NSX-T with IP 192.0.2.1 and disable Certificate (chain) check

      .EXAMPLE
      Connect-NSX-T -Server 192.0.2.1 -port 4443

      Connect to a NSX-T using HTTPS (with port 4443) with IP 192.0.2.1 using (Get-)credential

      .EXAMPLE
      $cred = get-credential
      Connect-NSXT -Server 192.0.2.1 -credential $cred

      Connect to a NSX-T with IP 192.0.2.1 and passing (Get-)credential

      .EXAMPLE
      $mysecpassword = ConvertTo-SecureString mypassword -AsPlainText -Force
      Connect-NSXT -Server 192.0.2.1 -Username admin -Password $mysecpassword

      Connect to a NSX-T with IP 192.0.2.1 using Username and Password

      .EXAMPLE
      $nsxt1 = Connect-NSXT -Server 192.0.2.1
      Connect to an NSX-T with IP 192.0.2.1 and store connection info to $nsxt1 variable

      .EXAMPLE
      $nsxt2 = Connect-NSXT -Server 192.0.2.1 -DefaultConnection:$false

      Connect to an NSX-T with IP 192.0.2.1 and store connection info to $nsxt2 variable
      and don't store connection on global ($DefaultNSXTConnection) variable
  #>


    Param(
        [Parameter(Mandatory = $true, position = 1)]
        [String]$Server,
        [Parameter(Mandatory = $false)]
        [String]$Username,
        [Parameter(Mandatory = $false)]
        [SecureString]$Password,
        [Parameter(Mandatory = $false)]
        [PSCredential]$Credential,
        [switch]$SkipCertificateCheck = $false,
        [Parameter(Mandatory = $false)]
        [ValidateRange(1, 65535)]
        [int]$port = 443,
        [Parameter(Mandatory = $false)]
        [boolean]$DefaultConnection = $true
    )

    Begin {
    }

    Process {

        $connection = @{server = ""; port = ""; headers = ""; invokeParams = "" }

        #If there is a password (and a user), create a credential
        if ($Password) {
            $Credential = New-Object System.Management.Automation.PSCredential($Username, $Password)
        }
        #Not Credential (and no password)
        if ($null -eq $Credential) {
            $Credential = Get-Credential -Message 'Please enter administrative credential for your NSX-T'
        }

        $cred = $Credential.username + ":" + $Credential.GetNetworkCredential().Password
        $base64 = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes($cred))
        $headers = @{ Authorization = "Basic " + $base64; Accept = "application/json"; "Content-type" = "application/json" }
        $invokeParams = @{DisableKeepAlive = $false; UseBasicParsing = $true; SkipCertificateCheck = $SkipCertificateCheck }


        if ("Desktop" -eq $PSVersionTable.PsEdition) {
            #Remove -SkipCertificateCheck from Invoke Parameter (not supported <= PS 5)
            $invokeParams.remove("SkipCertificateCheck")
        }
        else {
            #Core Edition
            #Remove -UseBasicParsing (Enable by default with PowerShell 6/Core)
            $invokeParams.remove("UseBasicParsing")
        }

        #for PowerShell (<=) 5 (Desktop), Enable TLS 1.1, 1.2 and Disable SSL chain trust (needed/recommended by VMware NSX-T)
        if ("Desktop" -eq $PSVersionTable.PsEdition) {
            #Enable TLS 1.1 and 1.2
            Set-NSXTCipherSSL
            if ($SkipCertificateCheck) {
                #Disable SSL chain trust...
                Set-NSXTuntrustedSSL
            }
        }

        $connection.server = $server
        $connection.headers = $headers
        $connection.port = $port
        $connection.invokeParams = $invokeParams

        if ( $DefaultConnection ) {
            set-variable -name DefaultNSXTConnection -value $connection -scope Global
        }

        $connection
    }

    End {
    }
}

function Disconnect-NSXT {

    <#
        .SYNOPSIS
        Disconnect to a NSX-T

        .DESCRIPTION
        Disconnect the connection on NSX-T

        .EXAMPLE
        Disconnect-NSXT

        Disconnect the connection

        .EXAMPLE
        Disconnect-NSXT -confirm:$false

        Disconnect the connection with no confirmation

    #>


    [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'high')]
    Param(
        [Parameter (Mandatory = $False)]
        [ValidateNotNullOrEmpty()]
        [PSObject]$connection = $DefaultNSXTConnection
    )

    Begin {
    }

    Process {

        if ($PSCmdlet.ShouldProcess($connection.server, 'Proceed with removal of NSX-T connection ?')) {
            Write-Progress -activity "Remove NSX-T connection"
            if (Test-Path variable:global:DefaultNSXTConnection) {
                Remove-Variable -name DefaultNSXTConnection -scope global
            }
            write-progress -activity "Remove NSX-T connection" -completed
        }

    }

    End {
    }
}