PowerShell: HP OneView Appliance backup script

When you’re using HP OneView to manage your HP hardware (virtual connect etc.) you can manually create a backup by using the web interface.
Because its a manual proces, it would be an to intensive process to do that on daily or weekly base.

That’s why i created this HP OneView Appliance backup script that uses the Rest API to create a backup and then download it from the appliance.
The script also can archive older backups, to keep everything nice and clean ;).

Please email me when you have any question or suggestion.

Save the script as Oneview-backup.ps1 and run it once (per host and per user) to provide the password which will be saved encrypted.

# OneView-backup.ps1
# Licensing: GNU General Public License, version 3 (GPL-3.0)
# Author: Hendricus Kramer - PepperByte
# Questions: H.kramer@pepperbyte.com
# Version 0.3
# Tested with OneView Appliance 1.20
#
# prereq https://github.com/HewlettPackard/POSH-HPOneView/releases - HP.OneView.1.20.PowerShell.Library.exe or up
#
# Changelog
# version 0.1 - basic commands with plain password
# version 0.1.1 - added some basic password encryption
# version 0.2 - added necessary folder structure creation
# version 0.3 - added archiving options
#
# Usage: run the script to create necessary folders and files, then schedule it to run daily.

#parameters
$OneViewAppliance="FQDN"
$OneViewUser="BackupUsername"
$archiving=$True
$retention="-5"

#filenames
$pwdfile="$env:username.txt"

#folder locations
$pwdloc="c:\temp\config"
$bkploc="c:\temp\backup"
$archloc="$bkploc\archive"

Function CreateOneViewBackup
{
 Import-Module HPOneView.120
 $password = Get-Content $pwdloc\$pwdfile | ConvertTo-SecureString
 $BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($password)
 $plainpwd = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)
 Connect-HPOVMgmt $OneViewAppliance $OneViewUser $plainpwd
 New-HPOVbackup $bkploc
 Write-Host "backup is located at" $bkploc
 Disconnect-HPOVMgmt
}

Function ArchiveOneView
{
 get-childitem -Path $bkploc | where-object {$_.LastWriteTime -lt (get-date).AddDays(-1)} | move-item -Destination $archloc
 get-childitem -Path $archloc | where-object {$_.LastWriteTime -lt (get-date).AddDays($retention)} | remove-item
}

Function CreateOneViewFolders
{
if(!(Test-Path -Path $pwdloc )){ New-Item -ItemType directory -Path $pwdloc }
if(!(Test-Path -Path $bkploc )){ New-Item -ItemType directory -Path $bkploc }
if(!(Test-Path -Path $archloc )){ New-Item -ItemType directory -Path $archloc }
}

If (Test-Path $pwdloc\$pwdfile){
 #file with encrypted password exists
 CreateOneViewFolders
 CreateOneViewBackup
}Else{
 CreateOneViewFolders
 #file with encrypted password does not exist
 #asking the user to provide the password and save it encrypted to the password file
 Write-Host "CAUTION! The Password file cant be exchanged between users and hosts (running this script), generate a new one per host!"
 read-host -AsSecureString | ConvertFrom-SecureString | Out-File $pwdloc\$pwdfile
 CreateOneViewBackup
}

if ($archiving)
{
 Write-Host "Archiving: All backups before" (get-date).AddDays($retention) "will be removed"
 ArchiveOneView
} else { Write-Host "Archiving: Archiving is disabled)" }

 

Was once an enthusiastic PepperByte employee but is now working elsewhere. His blogs are still valuable to us and we hope to you too.

2 replies
  1. Rende Luitjes
    Rende Luitjes says:

    Ha die Hendricus, mooi stuk PowerShell hierboven! Kun je voor een realtief PowerShell no-no persoon aangeven hoe je het beste zo’n wachtwoord in die c:tempconfig structuur krijgt?

    Met vriendelijke groet,

    Rende Luitjes

    Reply
    • Hendricus Kramer
      Hendricus Kramer says:

      Hallo Rende,

      De eerste keer dat je het script uitvoert, worden alle benodigde mappen en het password filetje aangemaakt.
      Om het wachtwoord zal worden gevraagd en wordt versleuteld opgeslagen.
      Daarna kun je het script ook aan een taak toevoegen zodat je regelmatig een nieuwe backup hebt.
      Het is belangrijk om te weten dat de gebruiker, die de taak uitvoert, altijd eenmalig het script moet uitvoeren (in de GUI) om het password filetje aan te maken.

      vr.gr.
      Hendricus

      Reply

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *