DFW2Excel now with Hyperlink Support

So it’s been close to a year since I took this tool out of the murky depths of my ~/code folder and put it on GitHub and during the last twelve months, I have made some minor improvements here and there. But since I’ve been using it, I found although it documents the contents of the DFW configuration well enough, wouldn’t it be great if I could click on a Security Group or IPSET and go straight to the worksheet that contained its configuration.

Continue reading “DFW2Excel now with Hyperlink Support”

Advertisements

Human Logic, Robot Automation

Automation is one of several tech buzz words of late, and it’s one that has caught on amongst most infrastructure/networking folk. The tech behind the buzzword is Ansible, AWS CloudFormation, vRealize, etc. which provide the capability to automate your infrastructure and start treating infrastructure as code or just to improve workflow between teams and take the human equation (error prone) out of the process entirely. So when a friend of mine coined the phrase Human Logic, Robot Automation, I thought it was a succinct definition of how automation has become so prevalent in many enterprises today and why repeatable workflows are so important. Most organisations have always had some level of automation, but it now seems to be encroaching on I.T silos that never had any real need for it before, such as networking. The industry has been talking about network automation for many years, but it’s now out of the realms of labs/POCs and is being used by organisations to deploy real networking constructs on demand.

Continue reading “Human Logic, Robot Automation”

PowerNSX One Liners

So instead of using the old point-click method of navigating NSX to find an IP address, firewall rule or service definition, I often find myself using PowerNSX to find that same information.

Using PowerNSX comes with the added bonus of extreme speed i.e. not using the pointy-clicky method!
Continue reading “PowerNSX One Liners”

My list of NSX-v resources

It’s always difficult organising links to various resources for a particular piece of technology in your bookmarks. Speaking for myself, the list of bookmarks starts with the best of intentions, all nicely organised with tags and in the correct folders, but over time as I am sure most people can attest to; it becomes very dis-organised and a bit of a mess.
Continue reading “My list of NSX-v resources”

NSX-v Central CLI Packet Capture

In NSX-v 6.2.3 a new feature to aid troubleshooting and operations got introduced, called Central CLI for Packet Capture. The feature is intended to reduce the administrative burden of logging onto any ESXi host to start a packet capture. The ability to perform packet captures for troubleshooting network issues is something all network guys do from time to time and using a network virtualisation platform such as VMware NSX for vSphere it’s no different. Therefore, in this post, I will go through the process of initiating a packet capture using the NSX-v Central CLI for a VM that is misbehaving.

Continue reading “NSX-v Central CLI Packet Capture”

Documenting the NSX-v DFW with PowerNSX

Documenting firewall configuration is challenging at the best of times, in most enterprise networks there are tens of thousands of lines of ACLs that have been added organically over time to any number of firewalls. Documentation of said policy is normally the actual configuration that you see on the console in front of you, which is great but depending on the vendor it may be difficult to extract that data into a more usable format. Continue reading “Documenting the NSX-v DFW with PowerNSX”

NSX-v: ESG – submitting tasks via the API Asynchronously

Why you would want to execute tasks via the NSX API asynchronously is a good question, and, can be answered with two words “Parallel Workflows”. In a Software Defined Datacenter (SDDC) where automation is extensively used, it may be beneficial to execute tasks asynchronously so that your automation workflow can continue while a certain NSX logical construct is built (deployed), one such example is an Edge Services Gateway. This same framework also provides us the ability to query the status of the job to verify if it has been successful or not, which can be quite important if you need to check if a logical component is configured or not. Continue reading “NSX-v: ESG – submitting tasks via the API Asynchronously”

NSX-v Communications Diagram

Below is diagram to visually see the communications (protocol/port) of the NSX-v (6.2.x) components. The focus of the diagram is from an NSX-v viewpoint. Therefore, I haven’t included the comms for vSphere, and it’s relevant components. Continue reading “NSX-v Communications Diagram”