PowerCLI

Can a VM in the VMC Compute Network access the SDDC Management Network?

11/19/2018 by William Lam Leave a Comment

Similiar to an on-premises vSphere deployment, VMware Cloud on AWS follows good security practices by isolating and preventing access to the SDDC Management Network including Virtual Machines running in the Compute Network. With that said, the SDDC can be configured to enable access to the SDDC Management Network for either all or subset of workloads running in the Compute Network.

I have seen this request come up a few times, usually around proof of concepts, lack of on-premises infrastructure or wanting to run completely isolated within VMC for Dev/Test purposes. Below are the step by step instruction on setting this up for both an NSX-V and NSX-T based SDDC. Once enabled, customers can access the vCenter vSphere UI from within the specified Virtual Machine(s) including using tools like OVFTool or PowerCLI for importing new or existing workloads.

Note: Please refer to this blog post here to determine if you are running an NSX-V or NSX-T based SDDC.

All vSphere 6.7 Update 1 release notes & download links

10/16/2018 by William Lam 10 Comments

The highly anticipated vSphere 6.7 Update has officially GA'ed! Below is an aggregation of all the related release notes and downloads for this vSphere release. I have also created a short URL which you can use to access this exact same page using vmwa.re/vsphere67u1

The downloads are currently being staged, so please be patient.

vCenter Server 6.7u1

ESXi 6.7u1

vSAN 6.7u1

Automating new Cloud Motion with vSphere Replication using Hybrid Cloud Extension (HCX) API

09/25/2018 by William Lam Leave a Comment

Cloud Motion with vSphere Replication is the newest migration type that has been added to the Hybrid Cloud Extension (HCX) solution, which was also demonstrated during the VMworld US 2018 keynote (watch here). Unlike the traditional Bulk Migration, which also uses vSphere Replication to perform the initial replication, Cloud Motion with VR does not incur any downtime during the VM switch over. This is possible with our most beloved vSphere feature, vMotion!

With Bulk Migration, the VM on the source vCenter Server must be shutdown before the newly replicated VM on the destination vCenter Server can be powered on or else a network conflict will occur. Using Cloud Motion with VR, the VM is simply vMotion'ed from the source vCenter Server to the destination vCenter Server and because the VM's storage has already been replicated, the only thing that needs to transfer is the memory state of the VM.

All three HCX Migration Types can be scheduled from the HCX UI using the vSphere Client or automated using the HCX API. The latter option is definitely ideal for customers with large number of migrations but it can also help with smaller migrations as it reduces the amount of user input required when using the UI and ultimately, this reduces user errors.

To help demonstrate the HCX Migration APIs, I have updated my VMware HCX PowerShell Module to include the following two new functions:

New-HcxMigration
Get-HcxMigration

Automating Hybrid Cloud Extension (HCX) Manager OVA deployment

09/24/2018 by William Lam Leave a Comment

Feedback on my recent Hybrid Cloud Extension (HCX) Automation articles has been very positive, thanks to those who have reached out. One area that I have not had a chance to spend much time on which a few of you have pinged me about is the automating the actual deployment of the HCX Manager, which is provided to customers as an OVA image. In this article, I have created a basic PowerCLI script called deploy_hcx_manager_ova.ps1 that demonstrates using the Import-VApp and Get-OVFConfiguration cmdlets to import the OVA along with specifying the required OVF properties. The script will also wait for the HCX Manager to be ready by checking the VAMI URL located at https://[HCX-MANAGER]:9443

Lastly, for those of you who are new to HCX or would like a step by step walk through of setting up HCX, Emad Younis just kicked off a new blog series on learning about HCX, which I highly recommend folks check out here.

Here are the instructions on using the PowerCLI script to automate the HCX OVA deployment:

Step 1 - Download the latest HCX Manager OVA from HCX Cloud (you will need to login with your cloudadmin credentials)

Step 2- Download the PowerCLI HCX deployment script here.

Step 3 - Edit the script with your HCX configuration and deployment details

Step 4 - You will need to connect to your vCenter Server by using the Connect-VIServer cmdlet and then run the deployment script using the following command:

.\deploy_hcx_manager.ova.ps1

Once the deployment is successful, you can now open a browser to https://[HCX-MANAGER]:9443 and login using the admin credentials that you had specified in the script. I also plan to do a follow-up to this blog post on automating the initial configuration using the HCX VAMI APIs, so stay tuned.

Getting started with the new NSX-T Policy API in VMC

09/17/2018 by William Lam 1 Comment

Today, when you deploy a new SDDC on VMware Cloud on AWS (VMC), it is based on NSX-V by default, nothing ground breaking. However, customers also have the option to request an NSX-T based SDDC, which actually came as a surprise to a couple of folks who I spoke with at VMworld. Back in August, Early Access for NSX-T based SDDC was announced and customers can take advantage of the additional networking and security capabilities provided by NSX-T within VMC. Humair Ahmed who works over in our Networking & Security Business Unit has an excellent blog post here that goes into more details. If you are interested in an NSX-T based SDDC, please reach out to your local VMware account team for more information.

Upon first glance, you might think that this is the exact same version of NSX-T that we have been shipping to our on-premises customers but in fact, it is actually a brand new and improved version. Similar to vSphere (vCenter and ESXi) and VSAN, VMC is always running a newer version of our software than our on-prem customers. One immediate difference that you should be aware of when using NSX-T in VMC is that the current NSX-T API is not available and instead a new NSX-T Policy API has been introduced to help simplify the consumption of NSX-T. All functionality in the current on-prem NSX-T API can be consumed using the new Policy API.

At VMworld, I spoke to a number of current and upcoming customers with NSX-T based SDDCs and they were really interested in using the new NSX-T Policy API and as the title of this blog post suggests, this will be a quick primer on how to do that. Before we get started, confirm that you have an NSX-T based SDDC deployed. If you are not sure, there are a few ways to determine this using either the VMC Console UI or API, instructions can be found here and here.

Using VMC API to answer commonly asked questions about your SDDC

09/06/2018 by William Lam Leave a Comment

In the past month or so since joining the VMware Cloud on AWS (VMC) team, I have seen a number of inquiries from our Customer Success team, partners and customers on how to retrieve certain pieces information about their deployed SDDC, usually for information or integration purposes. Some of these questions can simply be answered by using the VMC Console UI, however there are others that is only available when using the VMC API, which provides a ton more data than what the UI could ever display. In any case, I figure it would be useful to share some of this information, especially as it pertains to the VMC API.

Below are just some of the frequently asked questions that I have seen and they can all be answered simply performing a GET /api/orgs/<orgId>/sddcs/<sddcId> on your specific SDDC via VMC API. In addition, I have also create two sample scripts which exercises these VMC APIs, one using the native VMC REST API and another with PowerCLI using the VMC cmdlet, which you can find more details below.

1) What version is my SDDC running?

This can be found in the VMC Console UI under the "Support" tab for a given SDDC.

You can also find this information using the VMC API by referring to the resource_config.sddc_manifest.vmc_version property.

2) When was my SDDC created?

This can be found in the VMC Console UI under the "Support" tab for a given SDDC.

You can also find this information using the VMC API by referring to the created property.

3) How long do I have until my 1-Node SDDC expires?

This can be found in the VMC Console UI under the SDDC card summary view or detailed view.

You can also find this information using the VMC API by referring to the expiration_date property. This property will be null if your SDDC is NOT a 1-Node, which is the only configuration which has an expiration.