NSX - Configure a DHCP service in an Edge Security Gateway using Powershell
This is a quick snippet explaining how to use Powershell to configure the DHCP service in an Edge Security Gateway (ESG).
Objective
Setting up a simple DHCP server with a single IP pool - 192.168.0.100/24 - 192.168.0.200/24 - in an ESG using Powershell.
We will use an existing ESG instead of creating a new one, similar to what we did in NSX - Configure a Load Balancer in an Edge Security Gateway using Powershell/PowerNSX
The DHCP service will be listening in the ESG internal interface (Transit - VXLAN X).
Setup
Let’s set it up, step by step.
Challenge
Our prefered Powershell module PowerNSX (v 3.0.1125), unfortunatelly do not have any cmdlets to help us with the DHCP service configuration, so we will need to fallback to the XML and Invoke-NSXWebRequest method.
PS /Users/radao> get-help Invoke-NsxWebRequest
NAME
Invoke-NsxWebRequest
SYNOPSIS
Constructs and performs a valid NSX REST call and returns a response object
including response headers.
SYNTAX
Invoke-NsxWebRequest [-method <String>] [-URI <String>]
[-body <String>] [-connection <PSObject>] [-extraheader <Hashtable>]
[-Timeout <Int32>] [<CommonParameters>]
Invoke-NsxWebRequest -cred <PSCredential> -server <String> -port <Int32>
-protocol <String> -UriPrefix <String> -ValidateCertificate <Boolean>
-method <String> -URI <String> [-body <String>] [<CommonParameters>]
Preparing the XML payload needed for the call
We will need to get the following info to a XML payload/format that we can push to Invoke-NSXWebRequest cmdlet:
- Enable service
- Range = 192.168.0.100-192.168.0.200
- Gateaway = 192.168.0.1
- Subnet = 255.255.255.0
- Lease Time = 86400
$xmlPayload = "
<dhcp>
<enabled>true</enabled>
<ipPools>
<ipPool>
<ipRange>192.168.0.100-192.168.0.200</ipRange>
<defaultGateway>192.168.0.1</defaultGateway>
<subnetMask>255.255.255.0</subnetMask>
<leaseTime>86400</leaseTime>
<autoConfigureDNS>false</autoConfigureDNS>
</ipPool>
</ipPools>
<logging><enable>true</enable>
<logLevel>info</logLevel></logging>
</dhcp>"
Make the Invoke-NSXWebRequest call done with the XML payload that we just created
Get the ESG ID that we need to get the current object information.
$edgeID = (Get-NsxEdge -Name "vPOD-Edge").Id
Setting up the call URL:
$uri = "/api/4.0/edges/$($edgeID)/dhcp/config"
Execute and call _Invoke-NSXWebRequest:
$null = invoke-nsxwebrequest -method "put" `
-uri $uri -body $xmlPayload -connection $nsxConnection
The $nsxConnection is the object produced by the Connect-NSXServer when connecting to the NSX manager of the solution.
Summary
A quick summary of what we setup
- Enable DHCP service in the _ESG
- Prepare the XML payload
- Make the PUT call Invoke-NSXWebRequest