Automation

 View Only
  • 1.  VLAN Bridge removed after configuring Tier 1

    Posted Apr 09, 2024 07:13 AM

    Hi all

    I created a script to configure a VLAN bridge and a second to configure a Tier 1 router. Running the script to configure the Tier 1 router however removes the VLAN bridge which is not what I want.

    # SCRIPT1
    $Segment = (Invoke-ListAllInfraSegments).Results
    
    $BridgeProfileConfig = Initialize-BridgeProfileConfig `
                    -BridgeProfilePath $BridgeProfile.Path `
                    -VlanIds $VlanId `
                    -VlanTransportZonePath $VlanTz.Path
    
    $SegmentUpdate = Initialize-Segment `
                    -id $Segment.Id `
                    -BridgeProfiles $BridgeProfileConfig `
                    -Description "Bridged to VLAN: $($VlanName)"
    
    Invoke-PatchInfraSegment -SegmentId $Segment.Id -Segment $SegmentUpdate
    
    #SCRIPT2
    $Segment = (Invoke-ListAllInfraSegments).Results
    
    $SegmentSubnet = Initialize-SegmentSubnet -GatewayAddress $GatewayCIDR
    
    $segmentUpdate = Initialize-Segment -id $segment.Id -ConnectivityPath $tier1.Path -Subnets $SegmentSubnet
    
    Invoke-PatchInfraSegment -SegmentId $Segment.Id -Segment $SegmentUpdate

     



  • 2.  RE: VLAN Bridge removed after configuring Tier 1

    Posted May 24, 2024 04:43 AM

    Aparently I forgot to add the script itslelf ....

    Here is the code I'm using.

    <#
    .SYNOPSIS
        The script will automate connecting NSX-T Overlay Segments to a Tier1 router and
        setting the CIDR gateway IP Address.
    .DESCRIPTION
        The script will read a CSV file that contains a list of all the networks, filtered down per Wave/Batch, 
        that must be connected to their corresponding Tier 1 Router.
        It will then connect to the NSX-T REST API's to iterate through the list and connect the 
        corresponding Overlay Segment to the Tier 1 router with the corresponding CIDR Gateway IP.
    .NOTES
        This script has been tested with PowerShell Core 7.3.7 and VMware PowerCLI Module 13.1 build 21605976.
    .LINK
        Specify a URI to a help page, this will show when Get-Help -Online is used.
    .EXAMPLE
        Set-SegmentGW.ps1 -LogPath "C:\NSXScripts" -CsvPath "C:\NSXScripts" 
        -CsvName "Set-SegmentGWLog.txt" -Wave "PILOT" -SegmentName "Overlay_Bridged_VLAN_65"
    .EXAMPLE
        Use the parameter Rollback to remove the CIDR Gateway Address and disconnect the Overlay Segment
        from the Tier 1 Router.
    
        Set-SegmetGW.ps1 -Rollback.
    #>
    
    
    [CmdletBinding()]
    param (
        # Provide a location for the log file
        [Parameter()]
        [string] $LogPath = (Get-Location | Select-Object -ExpandProperty Path),
    
        # Provide the path where the CSV file is located. Standard this will be in the same location as the script.
        [Parameter()]
        [string] $CsvPath = (Get-Location | Select-Object -ExpandProperty Path),
        
        # Provide the name of the CSV file.
        [Parameter()]
        [string] $CsvName = 'VLans-Segments in scope.csv',
    
        # Provide the Wave / Batch
        [Parameter()]
        [string] $Wave = 'TEST',
    
        # Provide the Display Name of the VLAN Transport Zone to be used for the Bridge.
        # [Parameter()]
        # [string] $VlanTzName = 'TZ-Edge-Bridge',
    
        # Provide the name of the Overlay Segment Name
        [Parameter()]
        [string] $SegmentName = 'Overlay_Bridged_VLAN_',
    
        # Switch to rollback changes
        [Parameter()]
        [switch] $Rollback
    )
    
    function Write-Log {
        [CmdletBinding()]
        param (
            # The actual message to log
            [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true)]
            [ValidateNotNullOrEmpty()]
            [string] $Message,
    
            # Provide the level of logging
            [Parameter()]
            [ValidateSet('Information', 'Warning', 'Error', 'Debug', 'Verbose')]
            [string] $Level = 'Information',
    
            # Disable logging to the host (console)
            [Parameter()]
            [switch] $NoHost,
    
            # Enable logging to a file. The $path parameter configures the location for the log file
            [Parameter()]
            [switch] $NoFile
        )
        
        begin {
            
        }
        
        process {
            $DateFormat = "%d/%m/%Y %H:%M:%S"
    
            if (-Not $NoHost) {
                switch ($Level) {
                    'Information' {
                        Write-Host ("[{0}] {1}" -F (Get-Date -UFormat $DateFormat), $Message)
                        Break
                    }
                    'Warning' {
                        Write-Warning ("[{0}] {1}" -F (Get-Date -UFormat $DateFormat), $Message)
                        Break
                    }
                    'Error' {
                        Write-Error ("[{0}] {1}" -F (Get-Date -UFormat $DateFormat), $Message)
                        Break
                    }
                    'Debug' {
                        Write-Debug ("[{0}] {1}" -F (Get-Date -UFormat $DateFormat), $Message) -Debug:$true
                        Break
                    }
                    'Verbose' {
                        Write-Verbose ("[{0}] {1}" -F (Get-Date -UFormat $DateFormat), $Message) -Verbose:$true
                        Break
                    }
                    Default {}
                }
    
            }
    
            if (-Not $NoFile) {
                Set-Content -Path (Join-Path $LogPath "Set-SegmentGWLog-$($wave)-$(Get-Date -Format "ddMMyyyy-HHmmss").txt") -Value ("[{0}] ({1}) {2}" -F (Get-Date -UFormat $DateFormat), $Level, $Message)
            }
        }
        
        end {
            
        }
    }
    
    function Get-InfoFromCsv {
        [CmdletBinding()]
        param (
            
        )
        
        begin {
            
        }
        
        process {
            if ($null -ne $Wave) {
                Import-Csv -Path (Join-Path $CsvPath $CsvName) -Delimiter ',' |Where-Object {$_.{Wave/Batch} -like $Wave}
            } else {
                Import-Csv -Path (Join-Path $CsvPath $CsvName) -Delimiter ','
            }
            
        }
        
        end {
            
        }
    }
    
    function Connect-ToNsx {
        [CmdletBinding()]
        param (
        
        )
        
        begin {
        }
        
        process {
            if (-Not $Session.IsConnected) {
                
                $ServerAddress = 'nsxmanager.labo.local'
                # $User = Read-Host 'Provide username to logon to NSX-T Manager'
                # $Pass = Read-Host 'Provide password to logon to NSX-T Manager' -AsSecureString
                
                try {
                    Write-Log 'Connecting to NSX Manager'
                    Connect-NsxServer -Server $ServerAddress -IgnoreInvalidCertificate # -User $User -Password $Pass 
                }
                catch {
                    Write-Log 'Unable to connect to NSX Manager' -Level Error
                    $PSItem | Write-Log -Level Error
                }
            } else {
                Write-Log 'Using existing connection'
            }
        }
        
        end {
            
        }
    }
    
    if (-Not $Rollback) {
        Write-Log ("=" * 80)
        Write-Log "`n"
        Write-Log "Starting Segment Tier 1 Router Configuration" -Level Warning
        Write-Log "`n"
        Write-Log ("=" * 80)
        Write-Log "`n"
    } else {
        Write-Log ("=" * 80)
        Write-Log "`n"
        Write-Log "Rolling back Segment Tier 1 Router Configuration" -Level Warning
        Write-Log "`n"
        Write-Log ("=" * 80)
        Write-Log "`n"
    }    
    
    $Networks = Get-InfoFromCsv
    Write-Log "The following items have been selected from the CSV file"
    $Networks | Format-Table | Out-String | Write-Log -Level Verbose
    
    if ($null -eq $Session -or $Session.IsConnected -eq $false) {
        $Session = Connect-ToNsx
        Write-Log 'The following connecction has been established'
        $Session | Format-Table | Out-String | Write-Log -Level Verbose
    }
    
    if ($null -eq $Segments) {
        Write-Log 'Getting all Overlay Segments'
        $Segments = (Invoke-ListAllInfraSegments).Results
    } else {
        Write-Log 'Segments already stored' -Level Warning
    }
    
    if ($null -eq $tier1s) {
        Write-Log 'Getting all Tier 1 Routers'
        $tier1s = (Invoke-ListTier1).Results
    } else {
        Write-Log 'Tier 1 routers already stored' -Level Warning
    }
    
    # Prepare changes
    foreach ($Network in $Networks) {
    
        Write-Log 'Getting the VLAN Name and VLAN ID from the CSV file'
        $VlanName = $Network | Select-Object -ExpandProperty 'VLAN Name'
        $VlanId = ($Network | Select-Object -ExpandProperty 'VLAN ID').Trim()
        Write-Log "Found VLAN Name $($VlanName) with VLAN ID $($VlanId)" -Level Verbose
    
        Write-Log 'Finding the NSX-T Overlay segment by using the VLAN Id from the CSV file'
        # Segment names are like Overlay_Bridged_VLAN_xxx
        $Segment = $Segments | Where-Object {$_.DisplayName -like ($SegmentName + $VlanId)}
        Write-Log "Found Overlay Segment $($Segment.DisplayName)" -Level Verbose
    
        Write-Log "Finding the Tier 1 router to connect to Overlay Segment $($Segment.DisplayName)"
        switch ($Network.Environment.ToLower())
        {
            dev {$T1Name = 'tier-1-dc-dev-01'}
            acc {$T1Name = 'tier-1-dc-acc-01'}
            tst {$T1Name = 'tier-1-dc-acc-01'}
            prod {$T1Name = 'tier-1-dc-prd-01'}
        }
    
        $Tier1 = $tier1s | Where-Object {$_.DisplayName -like $T1Name}
        Write-Log "Found Tier 1 Router $($Tier1.DisplayName)"
    
        Write-log 'Getting Gateway CIDR from CSV file'
        $GatewayCIDR = $Network.'CIDR GW IP'
        Write-Log "Found Gateway CIDR IP $($GatewayCIDR)"
    
        if (-Not $Rollback) {
            # Preparing changes for Overlay Segment
            try {
                Write-Log 'Preparing changes for Gateway IP on Overlay Segment'
                $SegmentSubnet = Initialize-SegmentSubnet `
                    -GatewayAddress $GatewayCIDR 
            }
            catch {
                Write-Log 'Unable to initialize Gateway IP for Overlay Segment' -Level Error
                $PSItem | Write-Log -Level Error
            }
        
            try {
                Write-Log 'Preparing changes for Overlay Segment'
                $segmentUpdate = Initialize-Segment `
                    -id $segment.Id `
                    -DisplayName $Segment.DisplayName `
                    -ConnectivityPath $tier1.Path `
                    -Subnets $SegmentSubnet `
                    -Description " "
            }
            catch {
                Write-Log 'Unable to initialize Segment Update' -Level Error
                $PSItem | Write-Log -Level Error
            }
            
            # Pushing changes
            try {
                Write-Log 'Pushing changes'
                Invoke-PatchInfraSegment `
                    -SegmentId $Segment.Id `
                    -Segment $SegmentUpdate
            }
            catch {
                Write-Log 'Unable to push changes' -Level Error
                $PSItem | Write-Log -Level Error
            }
        } else {
            # Rolling back changes
            # First remove the Tier 1 Router
            try {
                Write-Log 'Preparing rollback of Tier 1 on Overlay Segment' -Level Warning
                $segmentUpdate = Initialize-Segment `
                    -id $segment.Id `
                    -DisplayName $Segment.DisplayName `
                    -ConnectivityPath ""
            }
            catch {
                Write-Log 'Unable to prepare Tier 1 removal on Overlay Segment' -Level Error
                $PSItem | Write-Log -Level Error
            }
    
            try {
                Write-Log 'Rolling back Tier 1 Router from Overlay Segment' -Level Warning
                Invoke-PatchInfraSegment `
                    -SegmentId $Segment.Id `
                    -Segment $SegmentUpdate
            }
            catch {
                Write-Log 'Unable to push changes' -Level Error
                $PSItem | Write-Log -Level Error
            }
    
            # Now that the Tier 1 Router is removed, we can remove the CIDR.
            try {
                Write-Log 'Preparing rollback of CIDR Gateway on Overlay Segment'
                $SegmentSubnet = Initialize-SegmentSubnet
            }
            catch {
                Write-Log 'Unable to to prepare removal of CIDR Gateway on Overlay Segment' -Level Error
                $PSItem | Write-Log -Level Error
            }
    
            try {
                Write-Log 'Preparing Overlay Segment changes' -Level Warning
                $segmentUpdate = Initialize-Segment `
                    -id $segment.Id `
                    -DisplayName $Segment.DisplayName `
                    -Description " " `
                    -Subnets $SegmentSubnet
                    
            }
            catch {
                Write-Log 'Unable to prepare Segment Update' -Level Error
                $PSItem | Write-Log -Level Error
            }
    
            try {
                Write-Log 'Rolling back CIDR Gateway on Overlay Segment' -Level Warning
                Invoke-PatchInfraSegment `
                    -SegmentId $Segment.Id `
                    -Segment $SegmentUpdate
            }
            catch {
                Write-Log 'Unable to remove CIDR Gateway' -Level Error
                $PSItem | Write-Log -Level Error
            }
        }
    }
    
    if (-Not $Rollback) {
        Write-Log ("=" * 80)
        Write-Log "`n"
        Write-Log "Finished Overlay Segment Tier 1 Configuration" -Level Warning
        Write-Log "`n"
        Write-Log ("=" * 80)
    } else {
        Write-Log ("=" * 80)
        Write-Log "`n"
        Write-Log "Finished rolling back Overlay Segment Tier 1 Configuration" -Level Warning
        Write-Log "`n"
        Write-Log ("=" * 80)
    }
    
    # Comment out if you are not running the script from CLI
    Disconnect-NsxServer *