Automation

Automating HCX Add On for VMware Cloud on AWS

06/19/2019 by William Lam 1 Comment

Enabling Hybrid Cloud Extension (HCX) for a VMware Cloud on AWS SDDC is just a click of a button and is completely self-service which makes consuming the HCX Service extremely easy! All the hard work of deploying and configuring the required HCX infrastructure for your SDDC is completely automated for you by VMware when you click on "Deploy HCX" button.

Once the HCX infrastructure has been deployed in your SDDC, you can then deploy the respective HCX components for your on-premises vSphere environment which you can fully automate end-to-end which I have blogged about here.

Although the deployment of the HCX components for the SDDC is just click of a button, I recently had a need to automate this and I figure this would be a nice addition to my HCX PowerShell Community Module and complete the end-to-end story quite nicely from enabling the HCX Cloud Service to automating the deployment and configuration of the on-premises HCX components.

Forwarding VMC Events to AWS Lambda/CloudWatch using Log Intelligence Webhook

06/11/2019 by William Lam Leave a Comment

In my previous post, I provided an example on how customers can take advantage of Log Intelligence's Webhook capability to consume VMware Cloud on AWS (VMC) based events and extend that to other Public Cloud Services like Slack as an example to build new and interesting integrations. We took advantage of the fact that some of these Public Cloud Services either have native webhook support or have a built-in Webhook listener like IFTTT which in turn can support other services which may not have native Webhook support.

However, customers can also build their own Webhook listener, which is nothing more than being able to POST to an API endpoint with a pre-defined JSON payload. In fact, this would be needed for any on-premises integration if the solution does not support webhooks.

For VMC customers who currently consume AWS Services such as Lambda and CloudWatch, it is actually very easy to integrate these and other AWS Services directly using LINT's Webhook feature. In fact, I chose Lambda and CloudWatch as these are two of the mostly frequently asked integration points. At our recent VMC Customer Summit, which took place last month, I had built a demo based on an actual customer use case for sending specific VMC Events from LINT to Cloud Watch as that was their tool of choice for auditing purpose.

I decided to make use of Lambda as it allowed me to quickly integrate with CloudWatch and I could also show how lambda integration would work given the number of customers asking. Ultimately, Lambda also enabled me to easily build a Webhook listener to process the LINT Webhook by simply front-ending the Lambda function with an AWS API Gateway, which was super easy to setup and use.

Forwarding VMC Events to Slack using Log Intelligence Webhook

06/04/2019 by William Lam Leave a Comment

VMware Log Intelligence (LINT) is a public VMware Cloud Service that is available to all VMware Cloud on AWS (VMC) customers. LINT provides customers with a unified view of their SDDC infrastructure including vSphere, NSX and vSAN from a logging standpoint and LINT can also be used with an on-premises deployment. The LINT team recently published a nice overview here, which I highly recommend a read.

One really interesting capability of LINT is the alert and notification feature, which includes UI and email, but what really stood out to me with this feature is that you can also trigger a Webhook! This means you can literally integrate with any external system including public cloud services that can receive or process a Webhook. Some examples can include publishing to a specific Slack channel, sending an SMS to your SRE team, an alert in PagerDuty or even calling an AWS Lambda function. The possibilities are truly endless on what you can do with a Webhook integration!

For our recent VMC Customer Summit, I thought it would be really cool to show off some demos on what you could do with LINT Webhooks. In this blog post, I will show you how to use the If Then This That (IFTTT) service which natively supports Webhooks and publish a specific VMC event into a Slack channel. Slack also supports native webhooks, but using IFTTT, you can apply this example to other Cloud Services that you may want to integrate with.

Connecting to NSX-T Policy API using NSX-T Private IP in VMC

05/30/2019 by William Lam 1 Comment

As explained in my Getting started with NSX-T Policy API in VMware Cloud on AWS (VMC) article, there are two ways in which you can interact with the NSX-T Policy API in VMC. The initial method is with the NSX-T Reverse Proxy which designed for initial setup including Edge Firewall and connectivity configuration (VPN/Direct Connect). Once you have enabled remote access from your network to the SDDC, you can continue using the reverse proxy method or you can connect directly to the NSX-T Manager via its private IP Address.

So how do you actually connect to the NSX-T Manager using its private IP? To be honest, this was not something I had to do before as I really like the simplicity of the reverse proxy but since this came up today in one of our VMC Slack channels, I figured I take a closer look.

Automating VMware Site Recovery (DRaaS) with VMC

05/28/2019 by William Lam Leave a Comment

VMware Site Recovery provides customers with an easy and on-demand Disaster Recovery as-as-Service (DRaaS) for both their on-premises and VMware Cloud on AWS (VMC) workloads. DRaaS is one of the most popular VMware Cloud Service as it literally enables customers to setup a fully functional target DR site with just a click of a button, no joke!

As simple as this is, customers are also interested in automating the setup of DRaaS, especially for testing purposes. A couple of weeks back, I had a customer reach out asking if it was possible to automate the setup of DRaaS?

Funny enough, I just had this conversation a few weeks prior with the PM/Engineer and was in the process of looking into this. It turns out we do indeed have DRaaS Service API, which is what the VMC Console uses, however we had not publicized the API nor showed how to actually get more information about it. Do not worry, I have already feature request with the PM to not only get this published publicly but also show up as part of the VMC Developer Center API Explorer 🙂

NSX-T Policy API Explorer, Docs and Sample Updates for VMC

05/20/2019 by William Lam Leave a Comment

The VMware Cloud on AWS (VMC) in-product API Explorer is something that I use on a regular basis, especially for executing a quick tasks without needing to write a single line of code or for documentation purposes to understand the required parameter to a specific API. Today, the VMC API Explorer includes both the VMC Service and Cloud Services Platform API, but one key API that has been missing is the inclusion of the NSX-T Policy API.

With the release of VMC 1.7 which just came out a few days ago, customers will now be able to also access the NSX-T Policy API directly from within the VMC API Explorer! In addition to adding to the VMC API Explorer, the NSX team has also enhanced their Swagger JSON and documentation to provide a better developer experience when working with NSX-T in VMC.

NSX-T Policy API Explorer

The new NSX-T Policy API Explorer is only available for SDDCs running 1.7, which can be newly created SDDC or an SDDC that has been upgraded to 1.7. In addition, since there still SDDC running NSX-V, to view the new API Explorer, you will need to select an NSX-T 1.7 SDDC and then two new NSX-T API references will be available: NSX VMC Policy API and NSX VMC AWS Integrations API