The document discusses the VMware NSX automation and API, emphasizing the potential future features that are still in development and subject to change. It highlights the benefits of automation in networking and security, such as consistent configuration and reduced human error, along with various tools like Ansible and PowerShell for achieving desired infrastructure states. It encourages users to explore and create custom use cases by combining different tools effectively.

1. Romain Decker
@woueb
VMTN6665E
#VMworld #VMTN6665E
NSX, API, AutomationNSX, API, Automation and
Unicorns

2. • This presentation may contain product features that are currently under development.
• This overview of new technology represents no commitment from VMware to deliver these
features in any generally available product.
• Features are subject to change, and must not be included in contracts, purchase orders, or
sales agreements of any kind.
• Technical feasibility and market demand will affect final delivery.
• Pricing and packaging for any new technologies or features discussed or presented have not
been determined.
Disclaimer
2

3. Why Automate?
Application + Infrastructure
App
request
NETWORKING
SECURITY
New or pre-existing virtual networking and security
Infrastructure Only
Infra
request
NETWORKING
SECURITY
New virtual networking and/or security infrastructure
3
Consistent configuration
Accelerate workload deployment
Avoid risk from human errors
Compliance and auditability

4. NSX Manager
NSX REST API
NSX Automation Solutions
4
vRealize
Automation
vCloud
Director
vRealize
Orchestrator
VIO
VMware Cloud Management DevOps Language / Tools

5. curl -X get https://{{nsxmanager}}/api/7.0/nsx/postman
5
Postman Collection
NSX API calls can be easily added
with RAML Spec
https://github.com/vmware/nsxraml
Variable Input
Globally defined
XML Body pre-populated
Code Snippets
Generates code
snippets for multiple
tools or languages

6. NSX Ansible Module
6
Infrastructure as Code to get NSX to a desired state
https://github.com/vmware/nsxansible
Ansible features an state-driven resource model
that describes the desired state of a configuration
Ansible in 5 key words: abstraction, agentless,
playbooks, extensibility, idempotency
Based on NSX RAML specification file describing
the NSX-v API
Deployment, installation and logical topologies
supported
macOS and Linux

7. Execution #1
2 logical switches are created
Execution #2
Nothing happens, as the logical
switches already exist
Execution #3
Playbook re-creates 1st logical switch,
and leave the 2nd one untouched
Idempotency? ¯_(ツ)_/¯
Idempotence ~ property of certain operations in mathematics and computer
science, that can be applied multiple times without changing the result beyond
the initial application. – Wikipedia
7
Wikipedia, please help me!
Idempotency ~ An operation is idempotent if the result of performing it once is
exactly the same as the result of performing it repeatedly without any intervening
actions. – Ansible Documentation

8. PowerNSX
8
PowerShell module that abstracts the VMware
NSX API to a set of easily used functions
https://github.com/vmware/powernsx
Available for Windows, but also for Linux and
macOS (using PowerShell Core)
Requires PowerShell 3.0
Opensource
 NSX Manager setup
 Host Preparation
 Logical Switching
 Logical Routing
 NSX ESG
 Dynamic Routing
273 FUNCTIONS
 Distributed Firewall
 Service Composer
 NSX Edge LB
 SSL VPN
#TAM3281E CONFIDENTIAL

9. Which Tools Should I Use?
9
Meet Kevin, Stuart and Bob
Bob: Cloud AdminKevin: Network / Security AdminStuart: VMware Admin

10. Use the Force Code Luke!
10
Don’t be limited by existing examples
Invent use cases
Use the tools that you need
Combine tools
Describe your infrastructure: separation of
configuration (WHAT) from the logic (HOW)

11. More Resources
11
Automating NSX for vSphere with
PowerNSX
CONFIDENTIAL
PowerNSX in Hands on Labs
VMware Github
https://github.com/vmware/nsxansible
https://github.com/vmware/nsxraml
https://github.com/vmware/powernsx
https://github.com/vmware/pynsxv