PowerCLI 11.2.0, was just released last week and for a "dot" release, it includes a number of new capabilities and enhancements. One of the most exciting features for me personally was the introduction of the VMware Hybrid Cloud Extension (HCX) PowerCLI module which I also had the pleasure of working on and providing early feedback to the HCX Engineering team. The new HCX module enables customers to use PowerCLI to now easily automate the HCX Fleet deployment (Interconnect, WAN Optimization and Network Extension) as well as perform bulk live migrations of workloads between two HCX-enabled environments, with on-premises vSphere to VMware Cloud on AWS (VMC) being the most popular.
I have written a number articles on HCX Automation using both the HCX REST API and PowerCLI and with this latest PowerCLI module, I realized that we now have complete end-to-end automation with PowerCLI from the HCX OVA deployment to initial configuration and fleet deployment to your very first HCX vMotion! This is quite exciting as I know a number of folks have been asking about automating the fleet deployment, especially for enabling quick proof of concepts and quickly showing the value of HCX to our customers for moving large amount of workloads without any downtime.
Below, you will find a breakdown of the HCX setup which I have split into three sections, each section includes the respective PowerCLI sample code that can easily be adapted to your own environment. I look forward to seeing what customers do with the new HCX PowerCLI module and if you have any feedback, be sure to leave a comment or better yet, file a feature enhancement using the PowerCLI Feature Request Tool.
1. HCX OVA Deployment
Take a look at this blog post on using PowerCLI to automate the deployment of the HCX OVA.
2. HCX Initial Configuration
Take a look at this blog post on using PowerCLI and the HCX REST API to automate the initial setup of the HCX Manager.
3. HCX Fleet Deployment
To use the new HCX PowerCLI Module, we first need to connect to your HCX Manager which you should have already deployed and configured from (1) and (2) above.
To do so, run the following command and specify the hostname/ip of your HCX Manager:
Connect-HCXServer -Server mgmt-hcxm-01.cpbu.corp
Site Pairing
Before we can deploy the HCX Fleet, we need to first pair our on-prem HCX Manager with our HCX Cloud Manager which resides within VMC. You will need to obtain the HCX Cloud Manager hostname (e.g. hcx.sddc.....vmcvmware.com) along with the SDDC CloudAdmin credentials using the VMC Console and then run the following commands:
$HcxCloudUrl = "https://hcx.sddc...." $HcxCloudUsername = "*protected email*" New-HCXSitePairing -Url $HcxCloudUrl -Username $HcxCloudUsername
Interconnect
Next, we can deploy our Interconnect Appliance using the following code sample:
$HcxComputeName = "MGMT RP" # Cluster or Resource Pool $HcxDatastoreName = "vsanDatastore" $HcxInterconnectName = "MGMT-HCXGW-01" $HcxInterconnectAdminPassword = "VMware1!" $HcxInterconnectRootPassword = "VMware1!" $HcxInterconnectApplianceNetwork = "SJC-CORP-MGMT-EP" $HcxInterconnectApplianceNetworkIP = "172.17.31.19/24" $HcxInterconnectApplianceNetworkGW = "172.17.31.253" $HcxInterconnectApplianceNetworkDNS = "172.17.31.5" $HcxInterconnectvMotionNetwork = "SJC-CORP-MGMT-EP" $HcxInterconnectvMotionIP = "172.17.31.19/24" ## DO NOT EDIT BEYOND HERE ## $HcxSrcSite = (Get-HCXSite -Source) $HcxDstSite = (Get-HCXSite -Destination) $HcxCompute = (Get-HCXApplianceCompute -Network (Get-HCXNetwork -Name $HcxInterconnectApplianceNetwork) -Name $HcxComputeName) $HcxDatastore = (Get-HCXApplianceDatastore -Name $HcxDatastoreName -Compute $HcxCompute) $HcxInterconnectApplianceNetworkConf = (Get-HCXNetwork -Name $HcxInterconnectApplianceNetwork) $HcxInterconnectvMotionNetworkConf = (Get-HCXApplianceNetwork -Name $HcxInterconnectvMotionNetwork) New-HCXAppliance -Interconnect -Name $HcxInterconnectName ` -AdminPassword $HcxInterconnectAdminPassword -RootPassword $HcxInterconnectRootPassword ` -Compute $HcxCompute ` -Datastore $HcxDatastore ` -DestinationSite $HcxDstSite ` -ManagementNetwork $HcxInterconnectApplianceNetworkConf ` -NetworkIp $HcxInterconnectApplianceNetworkIP -NetworkGateway $HcxInterconnectApplianceNetworkGW -NetworkDns $HcxInterconnectApplianceNetworkDNS ` -VMotionNetwork $HcxInterconnectvMotionNetworkConf ` -VMotionNetworkIp $HcxInterconnectvMotionIP
If the operation was successful, the New-HCXAppliance cmdlet will return an ID which you can use to monitor the progress of the deployment by using the Get-HCXJob cmdlet and specify the -Id along with the ID that was returned to get more information. If want to monitor the progress and output to the screen, you can use this little snippet which loops until the operation has completed. This can also be used as a way to monitor the progress programmatically if you want to ensure the appliance is fully up and running before moving on.
$JobID = "abbfda94-ecd9-49f3-bbac-00bc1599143e"
while (!(Get-HCXJob -Id $JobID).IsDone) { Get-HCXJob -Id $JobID }
WAN Optimization
Deploying the WAN Optimization Appliance is literally two lines of code and also uses the New-HCXAppliance cmdlet. You can also monitor its progress by specifying the Job ID and using the snippet above.
$HcxWanOptName = "MGMT-HCXGW-01-WANOPT" ### DO NOT EDIT BEYOND HERE ### New-HCXAppliance -WANOptimization -Name $HcxWanOptName -DestinationSite $HcxDstSite
L2 Concentrator
As you may have guessed, the L2 Concentrator (L2C) Appliance deployment also makes use of the New-HCXAppliance cmdlet, simply fill out the variables to match your environment.
$HcxL2CName = "MGMT-HCXL2C-01" $HcxL2CVDSName = "SJC-CORP-VDS" $HcxL2CAdminPassword = "VMware1!" $HcxL2CRootPassword = "VMware1!" $HcxL2CApplianceNetwork = "SJC-CORP-MGMT-EP" $HcxL2CApplianceNetworkIP = "172.17.31.20/24" $HcxL2CApplianceNetworkGW = "172.17.31.253" ### DO NOT EDIT BEYOND HERE ### $HCXL2CVDSConf = (Get-HCXApplianceDVS -Name $HcxL2CVDSName) $HcxL2CApplianceNetworkConf = (Get-HCXApplianceNetwork -Name $HcxL2CApplianceNetwork) New-HCXAppliance -L2Concentrator -Name $HcxL2CName ` -AdminPassword $HcxL2CAdminPassword -RootPassword $HcxL2CRootPassword ` -Compute $HcxCompute ` -Datastore $HcxDatastore ` -DestinationSite $HcxDstSite ` -DVS $HCXL2CVDSConf ` -ApplianceManagementNetwork $HcxL2CApplianceNetworkConf ` -NetworkIp $HcxL2CApplianceNetworkIP -NetworkGateway $HcxL2CApplianceNetworkGW
Network Extension
An L2C Appliance is required to be deployed prior to creating a Network Extension, make sure it is up and running as it needs to be referenced as shown in the code below:
$NetworkExtL2CName = "MGMT-HCXL2C-01" $NetworkExtNetworkName = "SJC-CORP-DEV" $NetworkExtNetworkGW = "172.30.10.1" $NetworkExtNetworkNetmask = "255.255.255.0" ### DO NOT EDIT BEYOND HERE ### $HcxGateway = Get-HCXGateway -DestinationSite $NetworkExtDestinationSite $L2CAppliance = Get-HCXAppliance -Type L2Concentrator -Name $NetworkExtL2CName $NetworkExtNetwork = Get-HCXNetwork -Name $NetworkExtNetworkName New-HCXNetworkExtension -Appliance $L2CAppliance ` -Network $NetworkExtNetwork ` -SourceSite $HcxSrcSite -DestinationSite $HcxDstSite ` -DestinationGateway $HcxGateway ` -GatewayIp $NetworkExtNetworkGW ` -Netmask $NetworkExtNetworkNetmask
Once you have completed the deployment of your HCX Fleet, you can see all appliances by using the Get-HCXAppliance cmdlet as shown in the screenshot below.
We can also verify the status of our HCX Fleet deployment by logging into the vSphere H5 Client and using the HCX Plugin, we can see that all three of our appliances are up and healthy and we did not have to touch the UI one single bit!
HCX Workload Migration
Finally, to initiate an HCX Migration, you will use the New-HCXMigration cmdlet to create a new Migration requests, which will allow you to create multiple migrations. We can then verify the migration request by using the Test-HCXMigration cmdlet and if that passes, we can then start the migration using the Start-HCXMigration cmdlet and specify the migration requested that we had created earlier.
$vm = Get-HCXVM -Name "SJC-APP-1337" $DstCompute = Get-HCXContainer -Name "Compute-ResourcePool" -Site $HcxDstSite $DstDatastore = Get-HCXDatastore -Name "WorkloadDatastore" -Site $HcxDstSite $SrcNetwork = Get-HCXNetwork -Name "SJC-CORP-DEV" -Site $HcxSrcSite $DstNetwork = Get-HCXNetwork -Name "L2E_SJC-CORP-DEV-0-d28eb273" -Site $HcxDstSite $NetworkMapping = New-HCXNetworkMapping -SourceNetwork $SrcNetwork -DestinationNetwork $DstNetwork $NewMigration = New-HCXMigration -VM $vm -MigrationType vMotion ` -SourceSite $HcxSrcSite ` -DestinationSite $HcxDstSite ` -TargetComputeContainer $DstCompute ` -TargetDatastore $DstDatastore ` -NetworkMapping $NetworkMapping Test-HCXMigration -Migration $NewMigration Start-HCXMigration -Migration $NewMigration -Confirm:$false
To monitor a migration, you can use the Get-HCXMigration and specify the ID that was returned from the previous command.
We have only scratched the surface of the HCX PowerCLI Module, there are a total of 41 cmdlets and to view the complete list, you can run the following command:
Get-Command -Module VMware.VimAutomation.HCX
To get more details for each cmdlet, either use the Get-Help cmdlet or simply refer to the PowerCLI cmdlete reference documentation. Happy Automating HCX!
Roberto Chan says
Hello, this is great for people that use powershell. How do you do it via rest api ?
Shibin says
Nice article William. I was using your modules. But with recent HCX updates, there are few changes.
1. API URL for migrations are no longer valid. It need to be replaced with mobility ( example, /migrations?action=validate with /mobility/migration/validate )
2. With new update, we can update IP address, subnet mask, gateway, DNS servers and even we can mark it as connected it or not as well as primary IP. I modified your modules and tried to insert all of these, but for some reason validation JSON do not show all of these and I get 400 error.
3. Also note, for all customer have luxury to connect from source / on-premise jump host to reach SDDC VC. Migration module has that part. I managed to overcome that by manually updating the value.
4. Also on another note, we use VNI at targets, not distributed virtual port groups. The network field in the module has no reference for VNI. I guess that takes as Network only.
Can you check your modules and update accordingly in github ?
Shibin says
Read the point 3 as "Also, not for all customer have luxury"
William Lam says
Thanks for the comments Shibin. Feel free to submit a PR for the changes needed for the latest HCX release. I currently don't have the cycles right now, but certainly welcome contributions from the community
Angelo says
hello, thank you for this information. i want to change VM Ip adress before migrate VM and DNS, GW. This option is available in GUI when i choose bulk option.
how can use this option with script please