WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud
  • Tanzu
    • Application Modernization
    • Tanzu services
    • Tanzu Community Edition
    • Tanzu Kubernetes Grid
    • vSphere with Tanzu
  • Home Lab
  • Nested Virtualization
  • Apple
You are here: Home / Automation / Retrieving network statistics on VMware Cloud on AWS using NSX-T Policy API

Retrieving network statistics on VMware Cloud on AWS using NSX-T Policy API

07.16.2020 by William Lam // 1 Comment

One question that has come up lately from VMware Cloud on AWS customers is to understand their network traffic usage, especially as it pertains to traffic that exit or egress their SDDC. There are a number of graphical tools that can be used today to get insights into this information, one is the popular vRealize Network Insight Cloud solution which many of our VMware Cloud on AWS customers are taking advantage of to not only understand traffic usage and flow data history but is also instrumental in aiding customers when planning workload migrations from their on-premises datacenter to VMware Cloud on AWS.

While researching this topic, I also came to learn that this information can be retrieved using the NSX-T Policy API which is available to all customers to use. We are going to be leveraging the Tier-0 statistics interface API from NSX-T which will give us both transmit and receive stats on all supported interfaces. From the diagram below, we can see the interfaces that are applicable to VMware Cloud on AWS is the Internet interface which includes VPN traffic, VPC interface which includes traffic going to Linked VPC and Direct Connect interface which includes traffic when using AWS Direct Connect.

NSX-T Topology in VMware Cloud on AWS

As you might expect, these exact same three interface types is then represented as logical interfaces within the NSX-T Policy API which uses the following IDs:

  • cross-vpc
  • public
  • direct-connect

Note: Statistics on the Direct Connect interface will also include traffic if you are using the new VMware Transit Connect with AWS Transit Gateway feature.

These interface can be discovered by performing a GET on /policy/api/v1/infra/tier-0s/vmc/locale-services/default/interfaces and then you would then identify the two NSX-T Edge (Active/Passive) and construct the T0 URL to retrieve the statistics. I will not bore you with the details and have implemented this as a new PowerShell function called Get-NSXTT0Stats and for those interested in the implementation, please see the code here.

Note: For those wanting to see the full NSX-T Policy REST URLs, simply append -Troubleshoot flag and that will output additional information on how I am retrieving the various pieces of information required to call into the T0 Stats API.

Below are the instructions for setting up and using the new NSX-T Policy API function.

Step 1 - Install the NSX-T for VMC Community PowerShell Module from PS Gallery:

Install-Module VMware.VMC.NSXT

Step 2 - Connect to VMC API endpoint using Connect-VmcServer cmdlet:

Connect-VmcServer -RefreshToken $RefreshToken

Step 3 - Connect to NSX-T Proxy API endpoint using Connect-NSTProxy function:

Connect-NSXTProxy -RefreshToken $RefreshToken -OrgName $Org -SDDCName $SDDCName

Step 4 - Run the Get-NSXTT0Stats function to retrieve both RX/TX stats for all interface types on the T0


By default, the function will do a "pretty print" of the output for readability. If you prefer to extract specific values, you can specify -NonPrettyPrint option which you can then save the output to a variable for further processing and/or alerting.

Its great having this point-in-time visibility of your traffic usage but I imagine most customers will want to track and trend this over time and probably even generate an alert when certain thresholds may occur. I think this would be an awesome set of metrics to collect and forward to our vRealize Operations Cloud or VMware Wavefront 🙂

More from my site

  • Automating the creation of NSX-T "Disconnected" Segments for DR testing on VMware Cloud on AWS 
  • Connecting to NSX-T Policy API using NSX-T Private IP in VMC
  • NSX-T Policy API Explorer, Docs and Sample Updates for VMC
  • NSX-T Opaque Networks now supported with Cross vCenter Workload Migration Fling
  • Which NSX-T Policy APIs are used in the NSX-T UI in VMC?

Categories // Automation, NSX, VMware Cloud on AWS Tags // NSX-T, VMware Cloud on AWS

Comments

  1. alladisrihari says

    09/15/2020 at 2:23 pm

    Hi , I am getting the below error while retreiving stats
    Get-NSXTT0Stats: Error in retrieving NSX-T Edge Cluster
    Get-NSXTT0Stats:
    ({
    "module_name" : "common-services",
    "error_message" : "The requested URI: /api/v1/infra/sites/default/enforcement-points/vmc-enforcementpoint/edge-clusters could not be found.",
    "error_code" : "258"
    }
    .Exception.Message)

    Reply

Thanks for the comment! Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search

Author

William Lam is a Senior Staff Solution Architect working in the VMware Cloud team within the Cloud Infrastructure Business Group (CIBG) at VMware. He focuses on Cloud Native technologies, Automation, Integration and Operation for the VMware Cloud based Software Defined Datacenters (SDDC)

Connect

  • Email
  • GitHub
  • LinkedIn
  • RSS
  • Twitter
  • Vimeo

Recent

  • Changing the default HTTP(s) Reverse Proxy Ports on ESXi 8.0 03/22/2023
  • Quick Tip - How to download ESXi ISO image for all releases including patch updates? 03/15/2023
  • SSD with multiple NVMe namespaces for VMware Homelab 03/14/2023
  • Is my vSphere Cluster managed by vSphere Lifecycle Manager (vLCM) as a Desired Image or Baseline? 03/10/2023
  • Interesting VMware Homelab Kits for 2023 03/08/2023

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2023

 

Loading Comments...