Last week, I had spent some time exploring and getting myself more familiar with NSX-T, which is the next generation release of the NSX platform from VMware. One of the first thing I do when learning about a new product is to setup a lab environment that I can using. Having gone through the deployment once by hand, I realized it would be quite painful if I needed to do this again, which I know I will and I did 🙂 I wanted to have a simliar experience to my vGhetto Automated vSphere Lab deployment script which also including setting up the entire vSphere infrastructure along with deploying and configuring NSX-V and extending it to support NSX-T.
Since my original script leverages PowerCLI to access both the vSphere and NSX APIs, I wanted to do the same with NSX-T. Funny enough, the PowerCLI team had just published an update release (6.5.3) which also added support for NSX-T and I thought this was perfect timing to try out the NSX-T APIs, which I had never used before.
UPDATE (01/01/2018) - I have verified the script also works with the latest NSX-T 2.1 which was just released before Christmas. The script has also been updated to create a new Edge Uplink Profile along with an Edge Cluster and automatically associate all Edge VMs to Edge Cluster.
I have created a new Github repository called vghetto-nsxt-automated-lab-deployment which contains detailed instructions along with the PowerCLI script.
Here is what the script is currently performing:
- Deploy and configure vCenter Server Appliance 6.5u1
- Deploy and configure 3 x Nested ESXi 6.5u1 Virtual Appliance VMs and attaching it to vCenter Server
- Deploy NSX-T Manager, 3 x Controllers & 1 x Edge and setup both the Management and Control Cluster Plane
- Configure NSX-T with IP Pool, Transport Zone, Add vCenter Server as Compute Manager, Create Logical Switch, Prepare ESXi hosts, Create Uplink Profile & Add configure ESXi hosts as a Transport Node
Similiar to the vSphere version of this script, all deployed VMs will be placed inside of a vCenter vApp construct as shown in the example screenshot below:
Here is an example output of a succesful deployment and you go from nothing to a fully functional NSX-T environment in just 50 minutes, which is pretty awesome if you ask me!?
Here are a few additional screenshot of NSX-T UI after deployment and you should the NSX Manager and Controller Nodes registered.
If you go into Fabric->Nodes->Hosts, you should see all the ESXi hosts that was deployed, prepared and associated with NSX-T
Obviously, I have only scratched the surface of NSX-T and its automation capabilities and while the deployment is fairly basic, it does enable customers to quickly spin up an NSX-T environment without any prior knowledge. Hopefully I will be able to expand on this script in the future and if folks would like to contribute back, feel free to submit a pull request to the Github repository. It was definitely a learning experience using the new NSX-T APIs and for areas where there were Automation gaps, I was able to take advantage of a recently published article I had on sending keyboard keystrokes to a VM using the vSphere API which was quite handy for places where I did not want to rely on SSH. I definitely have some feedback to share with the NSX team and hopefully we can improve NSX-T in future releases so both initial setup and day operations can be even easier!
Christoph Leygraf says
I'm still struggling with the automatic customizing of the nested esxi hosts: one half of the esxi have hostnames and ips configured, the other half of the nested esxi is coming up with "localhost" and an ip address assigned by DHCP. Any ideas?
Antony Stefanov says
I would suggest that you do not nave reverse DNS resolving.
steveplz says
I know this question was asked a while back but in the interests of anyone else experiencing the same. I had the same result and I found it was due to a change in command syntax when your physical host is using a VSS and not a VDS. BTW I am working on getting the script working with the latest PowerCLI 11.0.0, W2K8 R2 and NSX-T 2.3 so this could be the result of using different versions to what William developed it with originally? I make no claims to be anything but a hack-scripter and want to offer thanks to Mr Lam for his great work.
My $PSVersionTable output.
Name Value
---- -----
PSVersion 5.1.14409.1005
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.14409.1005
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
Below are my changes with first the original lines commented out -
#When using a standard switch portgroup the syntax has to be -NetworkName and not -Portgroup
New-NetworkAdapter -VM $vm -Type Vmxnet3 -NetworkName $NSXPrivatePortgroup -StartConnected -confirm:$false | Out-File -Append -LiteralPath $verboseLogFile
New-NetworkAdapter -VM $vm -Type Vmxnet3 -NetworkName $NSXPrivatePortgroup -StartConnected -confirm:$false | Out-File -Append -LiteralPath $verboseLogFile
Hope this helps. I'm still feeling my way but hopefully getting there eventually 🙂 Enjoy.
Andrew G says
Hey Steveplz -
I am trying the latest PowerCLI and NSX2.3 as well. A bunch of syntax changes, and for some reason my VMs fail to move into a vApp. Also I failed with VDS because I didn't have a Standard Switch (unused). After creating one on my main host, it got further.
@William - Might be worth having a section on what to have on the main ESXi host - screen shot of defined networks and how that translates to the config. Also, maybe a note on IP ranges - mention that 172.30.0.0/16 needs to be available.
steveplz says
Hi Andrew, I looked at it and gave up on it as, as far as I can tell, the syntax for the move-vm command simply doesn't support VAPP as a target. I just set the variable $moveVMsIntovApp = 0 to disable it.
Jim S says
Andrew or Steveplz,
Have either of you been able to get the script to work with NSX-t 2.3?
Thanks.
Yusuf says
i would like to build an lab environment too. How could I get the OVAs ?
Vincent Han says
Hi, is the $VirtualSwitchType = "VSS" # VSS or VDS working well?
Its giving me problems.
[10-31-2017_09:39:59] Adding vmnic2/vmnic3 to VSS00-VLAN310-VTEP ...
New-NetworkAdapter : 31/10/2017 9:39:59 PM New-NetworkAdapter Could not find VirtualPortGroupBase with name
'VSS00-VLAN310-VTEP'.
William Lam says
Yes, its working. Make sure you didn't fat finger the name 🙂
See https://github.com/lamw/vghetto-nsxt-automated-lab-deployment/blob/master/nsxt-2.0-vghetto-lab-deployment.ps1#L578-L586 for implementation
Ryan says
Any chance of updating the script to work with nsx-t 2.4? It seems that they have made a few changes since 2.0/2.1 release.
Chris Van den Abbeele says
Indeed... same issue here with NSXt2.5 (edge and controller are now part of the unified OVA)
Antony Stefanov says
I had similar problem. It turned out that the physical ESXi i'm using for the lab, was not member of the VDS. The new-networkadpter is searching for dPortgroups.
Roy says
I seem to be struggling with configuring the NSX installation, despite being able to login to the NSX manager through the web UI nad everything appears normal I get the following error
"
Connection to NSX server x.x.x.x failed : Invoke-NsxRestMethod : The NSX
API response received indicates a failure. 404 : : Response Body:
At C:\Users\Administrator\Documents\WindowsPowerShell\Modules\PowerNSX\PowerNSX
.psm1:4634 char:13
+ Throw "Connection to NSX server $NsxServer failed : $_"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (Connection to N...Response Bo
dy: :String) [], RuntimeException
+ FullyQualifiedErrorId : Connection to NSX server x.x.x.x failed : I
nvoke-NsxRestMethod : The NSX API response received indicates a failure. 4
04 : : Response Body:
"
Tried connecting using the following commands to the NSX Manager with the same error.
Connect-NsxServer -Server x.x.x.x -Username admin -Password VMware1! -WarningAction SilentlyContinue
Connect-NsxServer -NsxServer x.x.x.x -Username admin -Password VMware1! -WarningAction SilentlyContinue
Manual configuration seems to work just fine.
R
Roy says
The command list for PowerCLI vs the version of PowerNSX I was trying to use were different, updating to the latest version of PowerCLI resolved this issue.
Antony Stefanov says
I have problem executing the script. In the on-screen log everything was green, but i found that now ESXis are added to the fabric and no edge was added to edge nodes. I tried to make manual cluster config and prepare the nodes. I also installed manually an edge. Tried to run the script again .. but it fails on:
(Get-NsxtService -Name "com.vmware.nsx.fabric.nodes").list().results
Unable to get field 'resource_type', no field of that name found
At line:1 char:1
+ (Get-NsxtService -Name "com.vmware.nsx.fabric.nodes").list().results
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], CisException
+ FullyQualifiedErrorId : VMware.VimAutomation.Cis.Core.Types.V1.CisException
Not sure if there is some API change, but this service always fail with the same error.
Neil Hewitt says
Hi William, thanks for this, im porting this to NSX-T 2.2 and im failing on the NIOC profile when converting ESXi hosts to transport nodes as i cant seen to find enough info for the Key for searching for the NIOC profiles. Can you help?
Shawn Ho says
Me 2. Neil, have you figured it out?
Simran K says
setting up controllers and edges are not working for me using VM keystroke function
Andrew says
Anyone have issues with moving the VMs into the new vApp? It creates the vApp and fails with "A specified parameter was not correct: PlacementSpec.relocateSpec.pool". On vCenter I see "Call DRS for cross vMotion placement recommendation" failing for each move command. NOTE: Using PowerCLI 11.0 and NSX-T 2.3.
Ron Flax says
Here's a fix for the Move-VM problem:
$vm = Get-VM -Name $_.Key -Server $viConnection
$spec = New-Object VMware.Vim.VirtualMachineRelocateSpec
$spec.pool = $vApp.ExtensionData.MoRef
$vm.ExtensionData.RelocateVM($spec, $null)
Ryan says
Any chance of updating the script to work with nsx-t 2.4? It seems that they have made a few changes since 2.0/2.1 release.