Author: codyhosterman

Posted on

Generating a Pure1 REST JWT with Python

I’ve written about generating the JSON Web Token for Pure1 REST API authentication before. Mostly around PowerShell. Though of course many may not want to use PowerShell and prefer to opt for something like Python.

So here is the process.

We have a script posted on the support site here. But that actually doesn’t return the JWT, it creates a session. So it takes the next step after the JWT. But if you just want to generate the JWT so something else can authenticate it won’t do the trick. So I made some modifications and threw it on GitHub as a gist. You can get it here:

https://gist.github.com/codyhosterman/697ebfd72c4f7f7276afc3b74e3b5e40

First off let’s review how to actually authenticate:

  1. Create a private/public key pair
  2. Enter the public key into Pure1
  3. Take the provided application ID and generate a JSON web token
  4. Send the JSON web token to Pure1 for an access token

I will walk through step 1-3. Using Python on Linux to generate the JWT.

Continue reading “Generating a Pure1 REST JWT with Python”
Posted on

Persisting a Pure1 Certificate created by PowerShell

In a previous post I talk about how to easily create the private/public key needed for Pure1:

Pure1 REST API Authentication Made Easy

So when I create a certificate in PowerShell I store the reference in an object, in the below case the object is called $cert:

But if I close that PowerShell window the object is removed. What happens to that certificate? What if I want to re-use it? Good question.

Continue reading “Persisting a Pure1 Certificate created by PowerShell”
Posted on

Managing vCenter Permissions for Pure1 VM Analytics

For the un-initiated, Pure1 VM Analytics is a tool where you can deploy a collector and authenticate it with one or more vCenters. That collector then sends performance and topology data back to Pure1. We then display it in an easy-to-understand view to help you view your end-to-end environment. Identify performance bottlenecks, heavy hitters, whatever.

For this to work, the collector needs authentication to vCenter of course, but not a lot. Read Only will do. If you want it to see the entire vCenter and every object, the simplest option is to create a new user, and assign it read-only permissions to the vCenter object and propagate it down to everything:

Then select your user, choose read only and make sure to select “Propagate to Children”

Continue reading “Managing vCenter Permissions for Pure1 VM Analytics”
Posted on

Troubleshooting a Pure1 Connection with the vSphere Plugin

In the 4.2.0 release of the vSphere Plugin, we added Pure1 integration which provided additional insight into your Pure Storage and vSphere Environment. In order to use this though, you need to connect the plugin with Pure1 of course. The authentication method is based on a process which involves something called a JSON Web Token. This is a secure option, but a bit more involved than a user name and password. I made the process of generating this fairly easy, but if something goes wrong you get a fun error message like below:

Continue reading “Troubleshooting a Pure1 Connection with the vSphere Plugin”
Posted on

Pure1 REST API Authentication Made Easy

I’ve been working with the Pure1 REST for about a year now and have really enjoyed what it brings. I’ve integrated it into a few things: PowerShell. vRO. vSphere Plugin. One of the “tricky” things about it though is the authentication. Instead of a username and password it requires the use of a RSA256 public/private key pair. This is inherently more secure, but of course requires a bit more know-how when it comes to pair generation.

I simplified a fair amount of it in PowerShell, but didn’t quite get to the finish line. The generation of the key pair could be done but it came in the form of a PFX–which basically combines the public key and private key into one file. Unfortunately, Pure1 requires the them to be separated as all it needs is the public key, not your private key. While this is “better” it does leave Windows users at a bit of a disadvantage–there is no built in mechanism to generate this without installing OpenSSL directly. The process could not be done entirely in PowerShell. Or so I thought…

Continue reading “Pure1 REST API Authentication Made Easy”
Posted on

Deploying the Pure Storage OVA to vCenter 6.0

I will start this off with the usual rant. Why are you on vCenter 6.0?! It is going End of Support March 12th, 2020! https://kb.vmware.com/s/article/66977

But you likely know that and probably have your reasons and you didn’t come here for a lecture, you came here for an answer! Can I deploy the OVA to vCenter 6.0? Is it supported?

Let’s first clarify a few things. There are two different things when it comes to vCenter support with the collector. What it can be deployed TO and what it can collect FROM.

Let’s start off with what versions of vCenter it can collect from. We support collecting back to vCenter 5.5. The ESXi host versions that we support for collection in that vCenter lines up with whatever versions of ESXi that that particular vCenter supports. We support collection from versions up to the latest release of vCenter at the time of this writing–vCenter 6.7 U3. So collection support is from 5.5-6.7.x. As new vSphere releases come out we will add those at that time.

Continue reading “Deploying the Pure Storage OVA to vCenter 6.0”
Posted on

Automating the Setup and Configuration of the Pure Storage OVA with PowerShell

A few weeks back we introduced the Pure Storage OVA which currently now focuses on the VM Analytics Collector and I blogged about deploying it with PowerShell:

https://www.codyhosterman.com/2019/10/deploying-the-pure1-vm-analytics-collector-ova-with-powershell/

This was only deploying the OVA, not configuring it. Once deployed, you need to (or might want to):

  • Change the default password
  • Add vCenters
  • Remove vCenters
  • Import configuration
  • Test phone home

Wouldn’t it be nice to do that all from PowerShell instead of SSH or the VM console? Of course it would! So I got to work on it! I have now updated my cmdlet Deploy-PfaAppliance to be able to reset the default password upon deployment and added a new cmdlet called Get-PfaAppliance to retrieve appliances and then configure them.

Continue reading “Automating the Setup and Configuration of the Pure Storage OVA with PowerShell”
Posted on

Pure Storage Plugin 4.2.0 for the HTML-5 vSphere Client

Another quarter, another vSphere Plugin release from Pure! This is the release I have been really looking forward to as it sets the stage for a lot of the future work I want to build into the plugin. To recap:

  • 4.0.0 was our initial release of our plugin that only had the basic configuration support and VMFS management.
  • 4.1.0 was the 2nd release that added vVol support back into the plugin.
  • 4.2.0 enhances the plugin to add more vVol stuff into it as well as Pure1 Integration! So we are finally to the point where we are adding features into it that were never in the previous flash plugin. Yay!

So what are the new features?

  • Pure1 authentication
  • FlashArray fleet registration
  • Load meter integration
  • Pure1 tag integration
  • Intelligent provisioning
  • Full VM-undelete
Continue reading “Pure Storage Plugin 4.2.0 for the HTML-5 vSphere Client”
Posted on

VMware Cloud Foundation and Pure Storage

A few weeks ago, VMware released the latest version of VMware Cloud Foundation, version 3.9. There were more than a few things in this release but one enhancement was around Fibre Channel:

https://docs.vmware.com/en/VMware-Cloud-Foundation/3.9/rn/VMware-Cloud-Foundation-39-Release-Notes.html

The release notes mention:

Fibre Channel Storage as Principal Storage: Virtual Infrastructure (VI) workload domains now support Fibre Channel as a principal storage option in addition to VMware vSAN and NFS.

vCF 3.9 Release Notes

So this leads to three questions:

  • What does this mean?
  • What does this mean for non-FC storage?
  • What was the stance around FC storage BEFORE this release?

Let’s answer the first question first.

Continue reading “VMware Cloud Foundation and Pure Storage”
Posted on

Gartner Critical Capabilities Report–Virtualization

FlashArray Receives the Highest Scores for Server Virtualization in 2019 Gartner Critical Capabilities for Solid State Arrays Report

This is a semi-non-technical post for once here, but somewhat of a state of the union which is something I’ve been meaning to write. A great thing to provide me with the impetus to do this is the recent 2019 Gartner Magic Quadrant for Primary Storage and the even more recent 2019 Gartner Critical Capabilities for Solid-State Arrays.

Continue reading “Gartner Critical Capabilities Report–Virtualization”