Add routing capabilities to the nested workload #5
Conversation
lrivallain
commented
Dec 29, 2023
lrivallain
commented
- Add routing capabilities to the nested workload by deploying a router VM
- Enable to test HCX networking including MON
- Add a way to build labs without using the System Assigned Managed Identity
- Scripts will use a user-customized yaml configuration file to get IP, users and passwords
- Readme was updated to match this deployement method
- Cleanup of some unused code and comments
* Add routing capabilities to the nested workload by deploying a router VM * Enable to test HCX networking including MON * Add a way to build labs without using the System Assigned Managed Identity * Scripts will use a user-customized yaml configuration file to get IP, users and passwords * Readme was updated to match this deployement method * Cleanup of some unused code and comments
Updated module 2 based on feedback and changes made for the last LevelUp. Added new scenarios to test: * Replication Assisted vMotion * Mobility Optimized Network * Network extension cutover The MON scenario will only work with the following changes in [https://github.com/Azure/avslabs/pull/5][avslabs] content to provide routing capabilities to the lab. Also made some organisation change to simplify the reading of instructions.
|
Ping @husamhilal : if you have any chance of reviewing this change proposal. |
Thanks a lot @lrivallain . Please allow me couple days to review the proposed changes. I really appreciate your work here, and I really like adding a router VM. Thanks a lot! |
There was a problem hiding this comment.
@lrivallain Thank you so much for all the changes and updates. I really loved the idea of adding the router to fix the routing blocker from the workload segments. I'm hoping that with this we can RDP or SSH into the VMs deployed in the nested environment.
I made few comments below, some of them require some minor updates from your end. Can you please update? Once you update, I'll go ahead and approve the PR 👍
| $sRouteURL = "https://$nsxtHost/policy/api/v1/infra/tier-1s/$t1Name/static-routes/$NewVcVAppName" | ||
| $sRoute = Invoke-RestMethod -Uri $sRouteURL -Headers $Header -Method PUT -Body $Body -ContentType "application/json" -SkipCertificateCheck | ||
| Start-Sleep 15 | ||
| Write-Log "Static route $NewVcVAppName created....." | ||
| } | ||
|
|
There was a problem hiding this comment.
Please, add logic to dispose vCenter connection: Disconnect-VIServer
There was a problem hiding this comment.
@lrivallain . I cannot find line 1004. But yes. toward the end. We can check if the connection is still open, then we should close it to avoid exhausting resources. Also same for NSX-T please.
scripts/bootstrap-nestedlabs.ps1
Outdated
| } | ||
| } | ||
| } | ||
| } else { | ||
| Write-Log "Building labs without using the System Assigned Managed Identity" | ||
| if (Test-Path "$TempPath/nestedlabs.yml" -PathType Leaf) { |
There was a problem hiding this comment.
Can you put the following 4/5 lines in a seperate function and call it from here. just for clarity and consistency with the rest of the code. For example the function name can be:
Get-NestedLabConfigurationsFromYaml
There was a problem hiding this comment.
I changed a bit the logic behind to simplify the "if" sequence and to create a Set-NestedLabConfigurationsFromYaml. The function will try to copy the YAML file to the extraction path, if no file exists, the script will continue to managed ID method.
|
Hi @husamhilal ! Thanks a lot for the review. Very constructive ! Routing capabilities enable to connect to the workload VMs and to test a set of new HCX scenarios that I submitted to the avshub repository: Azure/avshub#7 like :
|
| $sRouteURL = "https://$nsxtHost/policy/api/v1/infra/tier-1s/$t1Name/static-routes/$NewVcVAppName" | ||
| $sRoute = Invoke-RestMethod -Uri $sRouteURL -Headers $Header -Method PUT -Body $Body -ContentType "application/json" -SkipCertificateCheck | ||
| Start-Sleep 15 | ||
| Write-Log "Static route $NewVcVAppName created....." | ||
| } | ||
|
|
There was a problem hiding this comment.
@lrivallain . I cannot find line 1004. But yes. toward the end. We can check if the connection is still open, then we should close it to avoid exhausting resources. Also same for NSX-T please.
