vmware inventory script enhancements (#17106)

* Allow the user to disable certificate verification
* Allow the user to find VMs only in specific clusters

2 files changed, 43 insertions, 2 deletions

diff --git a/contrib/inventory/vmware.ini b/contrib/inventory/vmware.ini
index 5097735fd0..93de5d67b4 100644
--- a/contrib/inventory/vmware.ini
+++ b/contrib/inventory/vmware.ini
@@ -27,6 +27,10 @@ guests_only = True
 # not be returned.
 # prefix_filter = test_
 
+# Specify a cluster filter list (colon delimited). Only clusters matching by
+# name will be scanned for virtualmachines
+#clusters = cluster1,cluster2
+
 [auth]
 
 # Specify hostname or IP address of vCenter/ESXi server.  A port may be
@@ -41,3 +45,6 @@ user = ihasaccess
 # Specify a password to access the vCenter host. This setting may also be
 # defined with the VMWARE_PASSWORD environment variable.
 password = ssshverysecret
+
+# Force SSL certificate checking by default or ignore self-signed certs.
+#sslcheck=True
diff --git a/contrib/inventory/vmware.py b/contrib/inventory/vmware.py
index 8f723a638d..c84371f63a 100755
--- a/contrib/inventory/vmware.py
+++ b/contrib/inventory/vmware.py
@@ -35,6 +35,7 @@ import json
 import logging
 import optparse
 import os
+import ssl
 import sys
 import time
 import ConfigParser
@@ -54,7 +55,7 @@ logging.getLogger('suds').addHandler(NullHandler())
 
 from psphere.client import Client
 from psphere.errors import ObjectNotFoundError
-from psphere.managedobjects import HostSystem, VirtualMachine, ManagedObject, Network
+from psphere.managedobjects import HostSystem, VirtualMachine, ManagedObject, Network, ClusterComputeResource
 from suds.sudsobject import Object as SudsObject
 
 
@@ -90,6 +91,28 @@ class VMwareInventory(object):
         auth_password = os.environ.get('VMWARE_PASSWORD')
         if not auth_password and self.config.has_option('auth', 'password'):
             auth_password = self.config.get('auth', 'password')
+        sslcheck = os.environ.get('VMWARE_SSLCHECK')
+        if not sslcheck and self.config.has_option('auth', 'sslcheck'):
+            sslcheck = self.config.get('auth', 'sslcheck')
+        if not sslcheck:
+            sslcheck = True
+        else:
+            if sslcheck.lower() in ['no', 'false']:
+                sslcheck = False
+            else:
+                sslcheck = True
+
+        # Limit the clusters being scanned
+        self.filter_clusters = os.environ.get('VMWARE_CLUSTERS')
+        if not self.filter_clusters and self.config.has_option('defaults', 'clusters'):
+            self.filter_clusters = self.config.get('defaults', 'clusters')
+        if self.filter_clusters:
+            self.filter_clusters = [x.strip() for x in self.filter_clusters.split(',') if x.strip()]
+
+        # Override certificate checks
+        if not sslcheck:
+            if hasattr(ssl, '_create_unverified_context'):
+                ssl._create_default_https_context = ssl._create_unverified_context
 
         # Create the VMware client connection.
         self.client = Client(auth_host, auth_user, auth_password)
@@ -314,8 +337,19 @@ class VMwareInventory(object):
         else:
             prefix_filter = None
 
+        if self.filter_clusters:
+            # Loop through clusters and find hosts:
+            hosts = []
+            for cluster in ClusterComputeResource.all(self.client):
+                if cluster.name in self.filter_clusters:
+                    for host in cluster.host:
+                        hosts.append(host)
+        else:
+            # Get list of all physical hosts
+            hosts = HostSystem.all(self.client)
+
         # Loop through physical hosts:
-        for host in HostSystem.all(self.client):
+        for host in hosts:
 
             if not self.guests_only:
                 self._add_host(inv, 'all', host.name)