WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
  • VKS
  • Homelab
    • Resources
    • Nested Virtualization
  • VMware Nostalgia
  • Apple

How To Quickly Get Started With The New VMware Puppet Modules

03.01.2013 by William Lam // 5 Comments

Yesterday, VMware Automation gurus Nick Weaver and Nan Liu just announced the release of four awesome new VMware Puppet modules that can help you manage and configure vCenter Server (including ESXi) and vCloud Networking & Security (vShield). You can read all about the details here and here and if you were lucky enough to have attended PEX (Partner Exchange) you might even have caught the demo given by Nick in his session.

I have used Puppet in the past, but it was pretty limited and specifically in How to Deploy ESXi 5 Using Razor & Puppet. I thought this might be a good time to revisit Puppet and try out the new VMware Puppet modules. I took a look at some of the examples provided by Nan on his blog but for new users to Puppet, it may not provide enough details to quickly get started (including myself). I thought I document the minimal steps I took to quickly get started (I also ran into a few bugs which Nan has fixed).

Step 1 - Install Ubuntu Precise (Ubuntu Server 12.04 LTS - See more at: http://www.virtuallyghetto.com/2012/05/how-to-deploy-esxi-5-using-razor-puppet.html

Step 1 - Install Ubuntu Precise (Ubuntu Server 12.04 LTS). You can use other distros, I just choose Ubuntu as I had the image lying around.

Step 2 - Download Puppet Labs package repository by running the following commands:

wget http://apt.puppetlabs.com/puppetlabs-release-$(lsb_release -c | cut -f 2).deb
dpkg -i puppetlabs-release-$(lsb_release -c | cut -f 2).deb
apt-get update

Step 3 - Install all the necessary packages such as Ruby, Ruby Gems, Puppet, etc. by running the following commands:

apt-get install -y libxslt-dev libxml2-dev ruby rubygems puppet
gem install nokogiri
gem install net-ssh

Step 4 - Install the VMware Puppet modules by running the following command:

puppet module install vmware/vcsa
puppet module install vmware/vcenter
puppet module install vmware/vshield

To start using the VMware Puppet modules, you will need to create what's known as a manifest file that contains the resources which maps to the actions you wish to perform (e.g. configure a newly deployed VCSA appliance or create a Cluster in vCenter Server and add an ESXi host to that cluster). You can find a bunch of example manifest files in each of the Puppet modules, here is the path to each:

/etc/puppet/modules/vcsa/tests/
/etc/puppet/modules/vcenter/tests/
/etc/puppet/modules/vshield/tests/

You will see in some of the examples, they import a file in each directory called data.pp which contains the actual definitions of your VCSA, vCNS and ESXi hosts but you can also just specify that in the main manifest file as well for simplicity. The latter option provides more flexibility as you can easily reference various configurations for different environments. For your convenience, I have created the following manifest files that you can use and you just need to modify them to fit your environment.

  • rbvmomi.pp
  • configure-vcsa.pp
  • setup-vcenter.pp
  • configure-vcns.pp
  • deploy-edge.pp

Here is what my lab environment looks like and their respective IP Addresses for your reference (these must already be deployed and vCenter & vCNS does not need to be configured but just accessible over network):

vCenter Server = 172.30.0.135
vCloud Networking and Security = 172.30.0.136
ESXi Host = 172.30.0.137

Step 5 - As mentioned by Nan, a custom Rbvmomi was used and we will need to ensure our Puppet management host (Ubuntu system we are on) includes it. To ensure all the necessary packages are downloaded for us, we will use the rbvmomi.pp manifest file for our host and use Puppet to apply the policy. Replace management_server in rbvmomi.pp with the hostname or IP Address of your Ubuntu host and then run the following command:

puppet apply rbvmomi.pp

Note:  You can safely ignore the red warnings, it must not have liked something in my environment.

Step 6 - We will start off by configuring the VCSA so we can then perform operations such as adding in Datacenters, Clusters, ESXi hosts, etc. We will use the configure-vcsa.pp manifest file by running the following command:

puppet apply configure-vcsa.pp

Step 7 - Next we will create a Datacenter, Cluster and add our ESXi host by using the setup-vcenter.pp manifest file by running the following command:

puppet apply setup-vcenter.pp

Step 8 - We are now onto configuring vCloud Networking and Security and we will also associate it with our vCenter Server by using the configure-vcns.pp manifest file and running the following command:

puppet apply configure-vcns.pp

Step 9 - After configuring vCloud Networking and Security, we can now deploy a vCloud Networking and Security Edge Gateway to provide various networking services to our vSphere environment using the deploy-edge.pp and by running the following command:

puppet apply deploy-edge.pp

In about 5-10 minutes, you will have a fully configured vSphere environment that contains your vCenter Server, vCloud Networking and Security Manager and Edge Gateway and ESXi hosts all ready to start providing compute and networking services for your virtual machines and applications! I want to stress the above is a very simplistic example of what you can do with the new VMware Puppet modules. There are definitely more advanced capabilities provided in the modules and I would recommend you take a look in the samples directory of each module for more details.

Overall, I was pretty impressed with the VMware integration that Nick, Nan and team built with Puppet. This was a great learning experience for myself, I learned quite a bit with just trying out these modules and I think I might have found a reason to dive more into Puppet! 🙂

Big thanks to Nan for helping me out with some of my Puppet questions!

Categories // Uncategorized Tags // puppet, ubuntu, vcloud networking and security, vcns, VCSA, vcva, vshield, vSphere

Exploring the vCloud Networking & Security API Using Ruby

02.25.2013 by William Lam // 2 Comments

In my previous article I demonstrated how you can easily use Ruby and the HTTParty Gem to access the vCloud API. As mentioned at the end of the article I also performed a similar exercise for the vCloud Networking and Security API and here is the sample Ruby script I reated called vcns.rb.

Before getting started, you will need to have the following installed on your system:

  • ruby (I used the latest release which is 1.9.3)
  • ruby gem
  • httparty
  • libxml
  • yaml

You will also need to access to a vCloud Networking and Security 5.x environment to use this script.  To begin, create a file called config-vcns.yml which contains the credentials to your vCNS system and will be used to login. Here is what the file should look like the following:

:username: admin
:password: default
:site: https://vcns.primp-industries.com

The script provides the following output:

  • vCNS Configuration
  • vCNS Edge Gateway(s) Details
  • Syslog Service Details
  • HA Service Details
  • Firewall Service Details
  • DNS Service Details
  • SSL-VPN Service Details
  • IPSec Service Details
  • DHCP Service Details
  • NAT Service Details
  • Load Balancer Service Details

Here is a screenshot of running the vcns.rb script:

As you can see, you can easily implement any of the features provide from the vCloud Networking and Security API, with some basic knowledge of how the API works (of course the documentation examples help too!). To further demonstrate this, I thought for kicks and giggles, I would take a part of the script and apply it to another language, this time using PowerShell (yep, you heard right!).

Luckily, it turns out my colleague Alan Renouf already wrote an awesome little PowerShell module for vShield (vCNS) awhile back. With some knowledge of the vCNS API, it was trivial to add a new command called get-vShieldEdge which Alan did not have that would list all the vCNS Edge Gateways that have been deployed.

Here is what the the code looks like in Ruby:

Here is what the code looks like for PowerShell:
Minus the language syntax, it looks pretty similar right? Both Ruby and PowerShell are accessing the same vCNS API. As long as you know how the API works, it is pretty easy to switch between programming/scripting languages.

To show the above code works, here is screenshot using the new get-vShieldEdge command:

If you are interested in further automation of vCNS, I would highly recommend you take a look at the vCloud Networking and Security API Programming Guide.

Useful Resources:

  • http://blogs.vmware.com/security/2011/11/using-the-vshield-api.html

Categories // Uncategorized Tags // httparty, REST API, ruby, vcns, vshield

Using the New vCloud Networking and Security to Load Balance Multiple vSphere Web Client Servers

10.16.2012 by William Lam // 1 Comment

If you followed my previous two articles Configuring Additional Windows vSphere Web Client 5.1 Servers & Configuring Additional VCSA 5.1 as vSphere Web Client Servers I demonstrated how easy it is to add additional vSphere Web Client Servers to provide additional connection load balancing as well as redundancy in accessing your vSphere 5.1 environment. The next logical step is to actually place a load balancer in front of all the vSphere Client Servers to provide a single entry point for users to connect to.

I did a quick search for some load balancer solutions for testing, but found that they were quite complex and non-intuitive to setup. Since this was for my home lab, I decided to try out the new vCloud Networking & Security 5.1 (previously known as vShield). This being my first time setting up a load balancer (usually a task given to Network Engineers), I was pleasantly surprised and shocked at how easy it was to deploy and configure a load balancer using the new vCloud Networking and Security. Instead of going through this step by step, I thought I record a quick video.

The video below shows how you can leverage the new vCloud Networking & Security 5.1 to deploy and configure a Load Balancer to load balance multiple vSphere Web Client Servers.

If you have not tried out the new vCloud Networking and Security, I highly recommend you give it a try, especially with all the new network and security features in the latest 5.1 release.

Categories // vSphere Web Client Tags // load balancer, vcloud networking and security, vcns, vshield, vSphere 5.1, vsphere web client

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Mastodon
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • Programmatically accessing the Broadcom Compatibility Guide (BCG) 05/06/2025
  • Quick Tip - Validating Broadcom Download Token  05/01/2025
  • Supported chipsets for the USB Network Native Driver for ESXi Fling 04/23/2025
  • vCenter Identity Federation with Authelia 04/16/2025
  • vCenter Server Identity Federation with Kanidm 04/10/2025

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2025