PowerNSX: PowerShell extensions for the enterprise administrator
What is PowerNSX
PowerNSX provides PowerShell commandlets or extensions for administrators of NSX for vSphere. PowerNSX delivers the capability to administrators to programmatically drive their infrastructure. Its focus is on exposing New, Update, Remove and Get operations for all key NSX functions as well as adding additional functionality to extend the capabilities of NSX management beyond the native UI or API. The author of the module is Senior Solution Architect Nick Bradford. After waiting for something official to be written he decided to do something about it. One day Nick showed me what he was working (after finally getting started on it) and I was hooked. Over the last couple of months I have been exposed to a lot of PowerShell. I’ve enjoyed every moment of it and it honestly has sparked a desire to do all the things in PowerNSX!
Why PowerNSX
From scratch not knowing PowerShell, PowerCLI or the newly minted PowerNSX, I was able to quickly start to grok the basics of powershell. Building out knowledge of the pipeline is key to success. Understanding that everything is indeed an object does help when starting out. Channel your inner Emmet (Lego Movie) and remember “Everything is (an) object!. For every single object that is piped the following command is then run against each object output was very different to any Python training that I had previously received.
Take the example as follows:
Get-NsxTransportZone will return all Transport Zones. Transport Zones are the scope of which network elements are associated to within NSX. In my environment I have one. The result of Get-NsxTransportZone is TZ-Global. When I pipe the command Get-NsxTransportZone to Get-NsxLogicalSwitch the output of Get-NsxTransportZone (Which is TZ-Global) has the command Get-NsxLogicalSwitch run against it. This will return all Logical Switches associated with that Transport Zone. In this case this there is one Switch.
PowerCLI C:\> Get-NsxTransportZone | Get-NsxLogicalSwitch objectId : virtualwire-223 objectTypeName : VirtualWire vsmUuid : 4201BAC9-7509-46FD-7813-35D817ADB861 nodeId : d704f7a1-e9c2-4c7c-bb5e-7116145905bf revision : 2 type : type name : TSWeb description : clientHandle : extendedAttributes : isUniversal : false universalRevision : 0 tenantId : vdnScopeId : vdnscope-1 vdsContextWithBacking : vdsContextWithBacking vdnId : 5001 guestVlanAllowed : false controlPlaneMode : UNICAST_MODE ctrlLsUuid : 7162fa90-602c-433f-ad7a-67c8a08998d3 macLearningEnabled : false
If two Transport Zones were output then Get-NsxLogicalSwitch will iterate across both Transport Zones and list all switches. Note that I am using the select command to only output Name and vdnscope to keep the example clean.
PowerCLI C:\> Get-NsxTransportZone | Get-NsxLogicalSwitch | select Name, vdnscopeid name vdnScopeId ---- ---------- TSTransit vdnscope-1 TSWeb vdnscope-1 TSApp vdnscope-1 TSDb vdnscope-1 TSMgmt vdnscope-1 PowerNSX vdnscope-1 LS-DifferentTZ vdnscope-2
Creating a Logical Switch follows the same method. Getting the specific transport is important. If you have more than one the New-NsxLogicalSwitch will iterate across each Transport Zone found.
PowerCLI C:\> Get-NsxTransportZone TZ-Global | New-NsxLogicalSwitch -name PowerNSX objectId : virtualwire-227 objectTypeName : VirtualWire vsmUuid : 4201BAC9-7509-46FD-7813-35D817ADB861 nodeId : d704f7a1-e9c2-4c7c-bb5e-7116145905bf revision : 2 type : type name : PowerNSX description : clientHandle : extendedAttributes : isUniversal : false universalRevision : 0 tenantId : vdnScopeId : vdnscope-1 vdsContextWithBacking : vdsContextWithBacking vdnId : 5005 guestVlanAllowed : false controlPlaneMode : UNICAST_MODE ctrlLsUuid : e3c5d18c-7354-4068-8c93-32dda84b7cbb macLearningEnabled : false
Quick and efficient.
But I am a network guy? Why do I want to use this?
You know what is amusing? Other than dabbling in Python and some other languages before embarking on testing and QA’ing PowerNSX I did not have much code chops. Not much of this was beyond the confines of the walled garden that is CodeAcademy. Sure, I have written some dirty OpenStack hacks but that is just using an API. After using PowerNSX from pre-alpha through to the internal beta I have begun gaining a sound understanding over PowerShell. With that said the question the is often asked is, “I am an engineer with a network background – why do I need to code?” No matter your preference – be whether it be hardware (smirks) or software – the fact is clicking repetitively through a GUI or bashing at a CLI falls short compared to executing against an API. PowerShell provides an environment that many VMware and Microsoft administrators are familiar with. For VMware administrators this is through PowerCLI extensions to PowerShell.
I also confess – this is highly addictive. I am currently writing this post on a plane heading to an internal Tech Summit. I know my boss reads this and I will admit (Hi Tim!) that there was so much else I should have been doing in the last fortnight and PowerNSX consumed me. Lucky 14 hours in the air gives you plenty of time to catch up!
Where do I get power NSX?
PowerNSX has been Open Sourced – yay! The commitment to administrators of virtual networks everywhere at large is demonstrated by this. You can grab the current version of PowerCLI on BitBucket. The current BitBucket repository has the PowerNSX PowerShell module which includes all the goodness and some additional scripts made by Nick and yours truly. Feel free to provide feedback to us as we are the ones supporting it.
PowerNSX has an automated installer too which will go and download PowerShell and other correct versions including pointing you to the right PowerCLI installer required too. It will also suck down the current published master release of PowerNSX.
Talk about PowerNSX
I encourage the feedback both positive and negative about PowerNSX on Twitter and here on Networkinferno.net to continuously improve PowerNSX. Use the hashtag #PowerNSX on Twitter and get invovled. Try it out. I will continuously release the tools that I create or tips using PowerNSX through the blog with all code being posted on my BitBucket repo.
Enjoy.
Now if only there was a complimentary open source IPAM solution that you could ask to provide IP addresses or subnet allocations each time one was needed! That being said, this looks wonderful.
Ha! Tommy, I agree wholeheartedly here.
IP Pools are a start of this – I don’t know where the feature is going at this stage but it could have merit to use that.
This is great stuff, thanks for your efforts!
I wonder, would you happen to know how to modify a transport zone to either add or remove clusters?
The API says to make a POST to https://NSX-Manager-IP-Address/api/2.0/vdn/scopes/scopeId?action=patch, but no matter what I do I cannot get it to work!
What error are you seeing? Can you share some examples?
Thanks Mark.
Anthony
I get nothing back but a lovely “Generic Error” when I invoke the request!
The NSX Manager log though suggests that the action “patch” was not recognised.
Through trial and error I was able to discover two more actions, repair and replace. Replace will only be accepted if you set the controlPlaneMode to Multicast. This does allow me to add/remove clusters, but I need unicast mode.
So in summary, sending action=patch with my XML fails with a generic error. Sending the same XML but with action=replace fails with the error “you must use multicast mode” (words to that effect). Resending the same XML but with controlPlaneMode set to multicast is accepted and works, but changes the controlPlaneMode to something I do not want 🙂
Hi,
I have installed powercli in docker. Could you tell me how to install powernsx based on that?
It seems the installation in https://github.com/vmware/powernsx/wiki/Installing-PowerNSX is used for windows.
Thanks!
Hi there,
Currently PowerNSX only works on windows. We are currently waiting for a commit and a PR into powershell/powershell-core for PowerNSX to begin development on linux!
We will announce it when it releases,
Anthony!