dev to prod: A network programmability demo with ACI

Posted on by Jody

One of the main benefits of ACI is the flexibility it offers. In particular, how easy it is to take configuration we have already completed, copy it, and re-use it for something else! For this demo, we’ll take configuration from Tenant dev, and copy the entire policy configuration to make a new Tenant called Tenant prod.

The real value of this demo, highlights the fact that we could take an exact copy of an application (or Tenant) from a dev/test environment (same IP addresses, same security posture), and move the exact configuration into an identical environment in production, and beginning using the application right away.

The tangible benefits of this include:

  • A reduction in human error (we aren’t configuring the same thing twice)
  • We don’t have to change IP addresses on our VMs (the Developers will love that!)
  • The Knowledge that we are deploying our Application Policy for our Production application just as it was tested in dev/test and QA!

And now – Onto our demo!!!

Tenant Configurations used in the demo:

TenantConfigsDownload

VMware PowerShell Commands used in the demo:

Commands to move VM vnics to dev

PS /Users/admin> Get-VM "Centos6-vm9" | Get-NetworkAdapter -Name "Network adapter 1" | Set-NetworkAdapter -NetworkName “dev|MyApp1|epg1" -Confirm:$False
PS /Users/admin> Get-VM "Centos6-vm10” | Get-NetworkAdapter -Name "Network adapter 1" | Set-NetworkAdapter -NetworkName “dev|MyApp1|epg2” -Confirm:$False

Commands to move VM vnics to prod

PS /Users/admin> Get-VM "Centos6-vm9" | Get-NetworkAdapter -Name "Network adapter 1" | Set-NetworkAdapter -NetworkName “prod|MyApp1|epg1" -Confirm:$False
PS /Users/admin> Get-VM "Centos6-vm10” | Get-NetworkAdapter -Name "Network adapter 1" | Set-NetworkAdapter -NetworkName “prod|MyApp1|epg2” -Confirm:$False

Other helpful PowerShell commands

### Once in PowerShell, use the "Connect-Server" cmd to login to vCenter
PS /Users/admin> Connect-VIServer -Server 10.10.10.1 -User administrator@vsphere.local

### Getting the Network Adapter list for a specified VM
PS /Users/admin> Get-VM "Centos6-vm9" | Get-NetworkAdapter

### Setting the portgroup to "prod|MyApp1|epg2 on VM "Centos6-vm9"
PS /Users/admin> Get-VM "Centos6-vm9" | Get-NetworkAdapter | Set-NetworkAdapter -NetworkName "prod|MyApp1|epg2”

Useful links for learning PowerCLI and PowerShell

Installing PowerShell and VMware PowerCLI on macOS

Summary Install Method:

1) brew tap caskroom/cask
2) brew cask install powershell
3) pwsh
4) install-module -name vmware.powercli -scope currentuser
5) Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$false
6) Set-PowerCLIConfiguration -Scope User -ParticipateInCEIP $false
7) Connect-VIServer -Server <vCenter_IP> -User <administrator@vsphere.local> -Password <SecretPassword>
8) use it: Get-VM, Get-VMHost
9). when done: Disconnect-VIServer -Server <vCenter_IP>

Install PowerCLI on CentOS:

https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell-core-on-linux?view=powershell-6#centos-7

# Register the Microsoft RedHat repository
curl https://packages.microsoft.com/config/rhel/7/prod.repo | sudo tee /etc/yum.repos.d/microsoft.repo

# Install PowerShell
sudo yum install -y powershell

# Start PowerShell
pwsh

# Now follow from Step 4 onwards in the MAC Install method

Basic PowerCLI Scripting for VMware vSphere

2 thoughts on “dev to prod: A network programmability demo with ACI

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.