Automation is one of several tech buzz words of late, and it’s one that has caught on amongst most infrastructure/networking folk. The tech behind the buzzword is Ansible, AWS CloudFormation, vRealize, etc. which provide the capability to automate your infrastructure and start treating infrastructure as code or just to improve workflow between teams and take the human equation (error prone) out of the process entirely. So when a friend of mine coined the phrase Human Logic, Robot Automation, I thought it was a succinct definition of how automation has become so prevalent in many enterprises today and why repeatable workflows are so important. Most organisations have always had some level of automation, but it now seems to be encroaching on I.T silos that never had any real need for it before, such as networking. The industry has been talking about network automation for many years, but it’s now out of the realms of labs/POCs and is being used by organisations to deploy real networking constructs on demand.
So instead of using the old point-click method of navigating NSX to find an IP address, firewall rule or service definition, I often find myself using PowerNSX to find that same information.
I was recently looking for the username and password to login to the vRNI virtual machine, and, after much looking around I found the credentials buried deep in a document which wasn’t the first Google hit.
It’s always difficult organising links to various resources for a particular piece of technology in your bookmarks. Speaking for myself, the list of bookmarks starts with the best of intentions, all nicely organised with tags and in the correct folders, but over time as I am sure most people can attest to; it becomes very dis-organised and a bit of a mess.
Continue reading “My list of NSX-v resources”
In NSX-v 6.2.3 a new feature to aid troubleshooting and operations got introduced, called Central CLI for Packet Capture. The feature is intended to reduce the administrative burden of logging onto any ESXi host to start a packet capture. The ability to perform packet captures for troubleshooting network issues is something all network guys do from time to time and using a network virtualisation platform such as VMware NSX for vSphere it’s no different. Therefore, in this post, I will go through the process of initiating a packet capture using the NSX-v Central CLI for a VM that is misbehaving.
Documenting firewall configuration is challenging at the best of times, in most enterprise networks there are tens of thousands of lines of ACLs that have been added organically over time to any number of firewalls. Documentation of said policy is normally the actual configuration that you see on the console in front of you, which is great but depending on the vendor it may be difficult to extract that data into a more usable format. Continue reading “Documenting the NSX-v DFW with PowerNSX”
Packet capture is an essential tool in any network/systems engineers toolset, mainly when working with services in a development environment or during troubleshooting. So recently when I was testing the installation of the NSX VIBs onto the nested ESXi host in my VMware Workstation lab, I wanted a facility to capture the conversation between a single ESXi host, NSX Manager and the vCenter Server (vcsa). You could naturally perform this packet capture directly on the ESXi host (running as a VM), or instead, perform it from your underlying operating system.
Why you would want to execute tasks via the NSX API asynchronously is a good question, and, can be answered with two words “Parallel Workflows”. In a Software Defined Datacenter (SDDC) where automation is extensively used, it may be beneficial to execute tasks asynchronously so that your automation workflow can continue while a certain NSX logical construct is built (deployed), one such example is an Edge Services Gateway. This same framework also provides us the ability to query the status of the job to verify if it has been successful or not, which can be quite important if you need to check if a logical component is configured or not. Continue reading “NSX-v: ESG – submitting tasks via the API Asynchronously”