NSX ALB Cloud Migrator v1.0 – My First Python Project

Posted in VMware NSX

Over the last few months, I have been busy learning Programming with Python and at the same time I was actively working on an NSX Advanced Load Balancer migration tool based on python that will migrate Virtual Services and it’s dependencies (Pools, Pool Groups, HTTP Content Switching Policy Sets and VSVIPs) from one NSX ALB Cloud Account to another. Currently this is an NSX ALB intra-Tenant migrator. Inter-Tenant migration will be a future scope of work. I wrote this using Python classes, objects, methods and modules based on my current level of learning and code named it as NSX ALB Cloud Migrator v1.0. Based on the amount of testing I did, it was able to meet more migration scenarios than what I originally planned, and in the subsequent blog series over the next few weeks I will cover all of those migration scenarios.

The project is available in my Github repository:

Repository : https://github.com/harikrishnant/NsxAlbCloudMigrator (Currently private, will be public soon)

ReadMe : https://github.com/harikrishnant/NsxAlbCloudMigrator/blob/main/README.md

Release Notes : https://github.com/harikrishnant/NsxAlbCloudMigrator/blob/main/RELEASENOTES.md

Overview

NSX ALB Cloud Migrator will migrate Virtual Services (and it’s dependencies – Pools, PoolGroups, HTTPPolicySets and VSVIPs) across NSX ALB Cloud Accounts, VRFs, Service Engine Groups and NSX-T T1 gateways. Currently the below NSX ALB cloud accounts are supported:

  • vCenter Cloud
  • NSX-T VLAN cloud
  • NSX-T Overlay cloud
  • No-Orchestrator cloud

Supported NSX ALB Versions

I have tested the tool against NSX ALB API Versions 18.1.2 to 21.1.2

Code Release History

Version 1.0 (First Edition) – March 15, 2022

Current Capabilities

This NSX ALB Cloud Migrator supports the below migration scenarios for Virtual Services and dependencies within the same NSX ALB Tenant:

Migration across Cloud Accounts

  1. Migration from vCenter Cloud Account to No-Orchestrator Cloud
  2. Migration from No-Orchestrator Cloud to vCenter Cloud Account
  3. Migration from one vCenter Cloud Account to another vCenter Cloud Account
  4. Migration from vCenter Cloud Account to NSX-T VLAN Cloud Account
  5. Migration from NSX-T VLAN Cloud Account to vCenter Cloud Account
  6. Migration from No-orchestrator Cloud to NSX-T VLAN Cloud Account
  7. Migration from NSX-T VLAN Cloud Account to No-orchestrator Cloud
  8. Migration from vCenter Cloud Account to NSX-T Overlay Cloud
  9. Migration from No-Orchestrator Cloud to NSX-T Overlay Cloud
  10. Migration from NSX-T VLAN Cloud Account to NSX-T Overlay Cloud

Migration across VRF Contexts (Routing Domains)

  1. Migration from one VRF Context to another in vCenter Cloud accounts
  2. Migration from one VRF Context to another in No-Orchestrator Cloud accounts
  3. Migration from one VRF Context to another in NSX-T VLAN Cloud accounts
  4. Migration from one VRF Context (T1 Gateway) to another in NSX-T Overlay Cloud accounts
  5. Migration to VRF Contexts within the same or across cloud accounts – vCenter, No-Orchestrator, NSX-T VLAN and Overlay cloud accounts

Migration across Service Engine Groups

  1. Migration from one Service Engine Group to another in vCenter Cloud accounts
  2. Migration from one Service Engine Group to another in No-Orchestrator Cloud accounts
  3. Migration from one Service Engine Group to another in NSX-T VLAN Cloud accounts
  4. Migration from one Service Engine Group to another in NSX-T Overlay Cloud accounts

Note: This NSX ALB Cloud Migrator supports only migration within the same NSX ALB Tenant. Cross Tenant migration is currently not supported

NSX ALB Cloud Migrator Workflow

The below flowchart illustrates the migration workflow in NSX ALB Cloud Migrator:

Known Limitations

The below NSX ALB features are not yet tested with NSX ALB Cloud Migrator and hence migration of below features may or may not work as expected.

  • NSX ALB Controllers with SAML / LDAP configured. Currently only local accounts are supported
  • Virtual Services with VIP sharing
  • TLS SNI based Virtual Service Hosting (Parent – Child VS)
  • GSLB DNS Virtual Services
  • Any datascripts with mention of pools / pool groups need to be manually updated post migration
  • GSLB services
  • Virtual Services with IPAM / DNS profiles
  • For NSX-T VLAN backed clouds, the placement networks for each virtual service need to be manually added. This is an NSX ALB Cloud limitation
  • Migration from NSX-T Overlay Cloud to vCenter Cloud succeeds but requires additional manual fixes for VIP connectivity.
  • Migration scenarios across NSX ALB Tenants are not supported.

Usage instructions

  1. Make sure that the target cloud account to which the Virtual Services need to be migrated is configured. This includes the connector configuration, VRF Contexts, networks & routing configuration and service engine configuration under the Service Engine Group.
  2. The necessary routes (default routes / static routes to the pool members) need to be available on the target VRF context before migrating the VS / Pools.
  3. A linux VM with connectivity to NSX ALB controllers
  4. Install Python3 on the linux VM. On CentOS or RHEL systems, run -> yum install -y python3
  5. Install git -> yum install -y git
  6. Install the below python modules:
    • requests -> python3 -m pip install requests
    • urllib3 -> python3 -m pip install urllib3
    • tabulate -> python3 -m pip install tabulate
  7. Clone the repository and navigate to NsxAlbCloudMigrator ->  git clone https://github.com/harikrishnant/NsxAlbCloudMigrator.git && cd NsxAlbCloudMigrator
  8. Set the bash script migrator.sh to execute -> chmod +x migrator.sh
  9. Execute migrator.sh -> ./migrator.sh This will launch NSX ALB Cloud Migrator. Follow instructions on the screen.

Some snippets from the NSX ALB Cloud Migrator below:

Coming Up

Over the next few weeks, I will be publishing a series of blog posts demonstrating the various migration scenarios and capabilities. Stay Tuned

If you have any feedback and / or wish to collaborate, please reach out to me.

Part 1 – Virtual service migration across vCenter Clouds
Part 2Virtual service migration from vCenter to No-Orchestrator Cloud
Part 3Virtual service migration from No-Orchestrator to vCenter Cloud
Part 4 – Virtual service migration from vCenter to NSX-T VLAN Cloud
Part 5 – Virtual service migration from NSX-T VLAN to vCenter Cloud
Part 6 – Virtual service migration from No-Orchestrator to NSX-T VLAN Cloud
Part 7 – Virtual service migration from NSX-T VLAN to No-Orchestrator Cloud
Part 8 – Virtual service Migration from vCenter to NSX-T Overlay Cloud
Part 9 – Virtual service Migration from No-Orchestrator to NSX-T Overlay Cloud
Part 10 – Virtual service Migration from NSX-T VLAN to NSX-T Overlay Cloud
Part 11 – Virtual service Migration across VRF Contexts in vCenter / NSX-T VLAN and No-Orchestrator Clouds
Part 12 – Application Migration across T1 Gateways (VRF Contexts) in NSX-T Overlay Cloud

Published by HariKrishnan

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s