One of the main benefits of ACI is the flexibility it offers. In particular, how easy it is to take configuration we have already completed, copy it, and re-use it for something else! For this demo, we’ll take configuration from Tenant dev, and copy the entire policy configuration to make a new Tenant called Tenant prod.
The real value of this demo, highlights the fact that we could take an exact copy of an application (or Tenant) from a dev/test environment (same IP addresses, same security posture), and move the exact configuration into an identical environment in production, and beginning using the application right away.
The tangible benefits of this include:
- A reduction in human error (we aren’t configuring the same thing twice)
- We don’t have to change IP addresses on our VMs (the Developers will love that!)
- The Knowledge that we are deploying our Application Policy for our Production application just as it was tested in dev/test and QA!
And now – Onto our demo!!!
Tenant Configurations used in the demo:
VMware PowerShell Commands used in the demo:
Commands to move VM vnics to dev
PS /Users/admin> Get-VM "Centos6-vm9" | Get-NetworkAdapter -Name "Network adapter 1" | Set-NetworkAdapter -NetworkName “dev|MyApp1|epg1" -Confirm:$False PS /Users/admin> Get-VM "Centos6-vm10” | Get-NetworkAdapter -Name "Network adapter 1" | Set-NetworkAdapter -NetworkName “dev|MyApp1|epg2” -Confirm:$False
Commands to move VM vnics to prod
PS /Users/admin> Get-VM "Centos6-vm9" | Get-NetworkAdapter -Name "Network adapter 1" | Set-NetworkAdapter -NetworkName “prod|MyApp1|epg1" -Confirm:$False PS /Users/admin> Get-VM "Centos6-vm10” | Get-NetworkAdapter -Name "Network adapter 1" | Set-NetworkAdapter -NetworkName “prod|MyApp1|epg2” -Confirm:$False
Other helpful PowerShell commands
### Once in PowerShell, use the "Connect-Server" cmd to login to vCenter PS /Users/admin> Connect-VIServer -Server 10.10.10.1 -User firstname.lastname@example.org ### Getting the Network Adapter list for a specified VM PS /Users/admin> Get-VM "Centos6-vm9" | Get-NetworkAdapter ### Setting the portgroup to "prod|MyApp1|epg2 on VM "Centos6-vm9" PS /Users/admin> Get-VM "Centos6-vm9" | Get-NetworkAdapter | Set-NetworkAdapter -NetworkName "prod|MyApp1|epg2”
Useful links for learning PowerCLI and PowerShell
Installing PowerShell and VMware PowerCLI on macOS
Summary Install Method:
1) brew tap caskroom/cask
2) brew cask install powershell
4) install-module -name vmware.powercli -scope currentuser
5) Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$false
6) Set-PowerCLIConfiguration -Scope User -ParticipateInCEIP $false
7) Connect-VIServer -Server <vCenter_IP> -User <email@example.com> -Password <SecretPassword>
8) use it: Get-VM, Get-VMHost
9). when done: Disconnect-VIServer -Server <vCenter_IP>
Install PowerCLI on CentOS:
# Register the Microsoft RedHat repository
curl https://packages.microsoft.com/config/rhel/7/prod.repo | sudo tee /etc/yum.repos.d/microsoft.repo
# Install PowerShell
sudo yum install -y powershell
# Start PowerShell
# Now follow from Step 4 onwards in the MAC Install method
2 thoughts on “dev to prod: A network programmability demo with ACI”
Awesome Demo & great job. Keep them coming. Glad to see I am not the only one using ZOC.