After spending a few days playing with the NSX Advanced Load Balancer (NSX ALB) APIs, I am happy to share my latest automation lab deployment script for deploying vSphere with Tanzu using the new NSX ALB which was introduced with the latest vSphere 7.0 Update 2 release.
🙌 BOOM!!!
Fully Automated vSphere with @VMwareTanzu using the new @vmwarensx Advanced Load Balancer introduced in vSphere 7.0 Update 2 Lab Deployment in just 32 minutes! 🔥
Still need to clean up some things, but this beats clicking around the UI! My 🤲 thanks me pic.twitter.com/hN32Qk3oDc
— William Lam (@lamw.bsky.social | @*protected email*) (@lamw) March 29, 2021
Lab Deployment Automation
You can find the new automation script along with all the details at the following Github Repo: https://github.com/lamw/vsphere-with-tanzu-nsx-advanced-lb-automated-lab-deployment#enable-workload-management
In my environment, it took about ~32 minutes for the deployment to finish, but YMMV based on the performance of your underlying hardware.
Workload Management Automation
In addition to the automated lab deployment script above, I have also updated my community VMware.WorkloadManagement module to add support for enabling Workload Management on a vSphere Cluster using NSX ALB. This is introduced as a new function creatively called New-WorkloadManagement3. You use the Get-Help cmdlet to get a list of supported arguments or you can take a look at this example.
Great work William!
Hi William,
I am getting an error when Creating subnet mapping for Service Engine Network and stopped with the below error messages.
Failed to create subnet mapping for DVPG-Supervisor-Management-Network
Write-Error: ({"detail": "Method 'PUT' not allowed."}.Exception.Message)
Any ideas what can cause this issue?
Same here... just trying today the automatic deployment and fails on same place.. Doing my investigation, but so far didn't find the reason yet.
I'm Having the same exact issue.
Failed to create subnet mapping for DVPG-Supervisor-Management-Network
Write-Error: ({"detail": "Method 'PUT' not allowed."}.Exception.Message)
I'm getting just this one error when deploying from your script.
"WARNING: Specifying a distributed port group name as network name is no longer supported. Use the -Portgroup parameter." I'm not great at powershell yet. Would you be able to Assist?
It Happens right after:
Adding vmnic2/vmnic3 for "Nested-Tanzu-Mgmt" and "Nested-Tanzu-Workload" to passthrough to Nested ESXi VMs ...
Hi Guys.
In the script, line 1012 (hardcoded username of nested vCenter), i change it for my "administrator@$VCSASSODomainName" and its working right now.
Sorry for delay 😀
Hi William.
I had to add the parameter "-Force" to the line 455 ($vm = Import-VApp -Source $NSXAdvLBOVA...) because I was not be able to deploy the NSX ALB version 30.1.1 with vCenter/ESXi 8.0.1a (I want to test new versions) because I was seeing always the error: "Import-VApp" The certificate used to sign the OVF package is not valid. (Untrusted).
I don't know if with your original versions was the same...
Regards.
First off, thanks for putting this together and sharing. Has been a tremendous head start.
I currently have the script combined to deploy vSphere, NSX ALB and enable Workload Management in our lab using vSphere 8U2 with NSX ALB 20.1.4.
I've been banging my head on the wall a bit now trying to get ALB 30.1 to configure the networks after successful deployment, but there seems to be some issue with the API call changes from 20.1.4 as expected.
Seems the older version pre-populates the networks through discovery so the PUT method works as opposed to 30.1. Anyway, at the moment I'm just deploying 20.1.4 which works and then upgrading to 30.1. Would love to figure out how to complete 30.1 configuration directly with script as opposed to upgrading.
I had got it using 30.1 version... I have done some local modifications on the script (adding vCenter Proxy automated configuration, and other little changes) and it's working for me with vSphere 8.0U2 and NSX ALB 30.1.1.
I can send you the changed script if you like. Sorry @William Lam, I have not documented it anywhere, but I can send you my little modifications if you want.
For your problem, @JD, basically, I have changed "x-avi-version" to 30.1.1 and added a line at vCenter registration over 1055 line disabling the "use_content_lib" with "use_content_lib" = "false" that doesn't be able to register vCenter in NSX ALB.
if($registervCenter -eq 1) {
$cloudConfigResult = ((Invoke-WebRequest -Uri https://${NSXAdvLByManagementIPAddress}/api/cloud -Method GET -Headers $newPassbasicAuthHeaders -SkipCertificateCheck).Content | ConvertFrom-Json).results[0]
$cloudConfigResult.vtype = "CLOUD_VCENTER"
$vcConfig = @{
"username" = "*protected email*"
"password" = "$VCSASSOPassword";
"vcenter_url" = "$VCSAHostname";
"privilege" = "WRITE_ACCESS";
"datacenter" ="$NewVCDatacenterName";
"management_ip_subnet" = @{
"ip_addr" = @{
"addr" = "$NSXAdvLBManagementNetwork";
"type" = "V4";
};
"mask" = "$NSXAdvLBManagementNetworkPrefix";
}
"use_content_lib" = "false";
}
Awesome! Please send GitHub PR to bring in your changes
I have made several modifications to adapt it to my company environment that is complex about networking (I need two vSphere cluster with two Supervisor Tanzu Cluster, and different networks for Supervisor Workload and K8s Workloads). I will put all in order and translate the interesting modifications. Permit me some days out of my work.
Fantastic and thanks for sharing! I will play around with the script and see if it works now without upgrading ALB afterward.
I'll try to put all in William github to his approve.
Done. I'm new with Github stuff... I hope I did it correctly. I have deleted some lines relatives to my company networking and datacenter organization (I need two vpshere clusters and two supervisors for my lab). I haven't tested yet this final script.
Hi William
I'm trying to deploy NSX-NAPP on nested ESXi environment which requires Tanzu on vsphere to be deployed, I was able to deploy supervisors successfully , but for some reason Host Config Status stuck on "Installed and Started Kubernetes Node Agent on the ESXi Host", I checked logs on ESXi hosts ( /esxupdate.log) and found this error : vmware.esximage.Errors.NoMatchError: ('spherelet', "No VIB matching VIB search specification 'spherelet' on host.") , any idea what could be the issue?
Regards,
Joe
Are you using compatible version of VCSA/ESXi? spherelet is a VIB that's deployed to ESXi host as part of vSphere w/Tanzu enablement and it seems like its unable to find the correct version. This would indicate that supervisor enablement was not fully successful
I have the same issue.
The version information is as below. Is there a solution?
vCenter Server 8.0 Update 2a 22617221
VMware ESXi, 8.0.2, 22380479
Take a look at the VCSA installer logs, it should give you more info on what it’s not happy about
Do you mean vc-installer.log?
Logs associated with spherelet vib are not visible.