-
Notifications
You must be signed in to change notification settings - Fork 0
Script
Pascal van de Bor edited this page Sep 16, 2017
·
6 revisions
For using PowerShell you will need the VMware.PowerShell module. -> Install-Module -Name VMware.PowerShell
For using PowerNSX you will need the PowerNSX module. -> Install-Module -Name PowerNSX
The script also requires PSYaml module. This module is included and called in the script.
The script connects via the vCenter and uses SSO credentials.
This SSO user must have permissions in vCenter and NSX manager specifically.
Script currently does:
- Check for yml file
- read contents of yml file
- Get input user for connecting to vCenter
- Connect
- Loop through Firewall services and checks if they exist (Get-NsxService)
- Log actions (can be turned of in settings part)
- Add services to NSX if they do not exist (New-NsxService)
- Loop through ServiceGroups and check if they exist (Get-NSxServiceGroup)
- Add Servicesgroups in NSX when not existing (New-NsxServiceGroup)
- within the servicegroups adds one or more children. (Get-NsxService for id and Get-NsxServiceGroup | Add-NsxServiceGroupMember)
- Empty servicegroups with no children in the yml configuration will throw error
- Loop through SecurityGroups and check if they exist (Get-NsxSecurityGroup)
- Add SecurityGroup in NSX when not existing (New-NsxSecurityGroup)
- Empty FirewallSection in the yml configuration will throw error
- Loop through FirewallSections and check if they exist and have rules (Get-NsxFirewallSection)
- Add FirewallSection in NSX when not existing (New-NsxFirewallSection)
- Checks with that section for FireWall rules and adds these (Get-NsxFirewallSection | New-NsxFireWallRule)
PowerNSX is essential, therefore please ensure you have the latest version of PowerNSX installed, which can be updated in an administrative PowerShell terminal with the following command (or use -User for installing in the user context):
Update-PowerNsx master (tested with master branch of 09/16/2017)