NSX-T Data Center - Using NSX-T Policy API to add a new overlay segment connected to a T1 router

2 minute read

In previous posts:

Information needed to setup our snippet

Transport Zone

To be able to create the segment in the right transport zone, we will need to collect the Transport Zone ID and the easiest way to retrieve it is through the simplified UI.

NSX-T Transport Zone ID

Now that we have the Transport Zone ID we can build the variable that will give us the path for the transport zone object.

# Example: /infra/sites/default/enforcement-points/default/transport-zones/<transport zone ID>
$transportZone = "/infra/sites/default/enforcement-points/default/transport-zones/ce028afd-c95f-4ed8-8fdb-1ecb06fb4bde"

T1 Router information

We will use a T1 router that we have already created, we will cover the T1 router creation in a future post.

To check the T1 router ID, and the information of the T1 router path object, we can use the following call to list all T1 routers:

(Get-NsxtPolicyService -Name com.vmware.nsx_policy.infra.tier1s).list().results | Select display_name, id, parent_path
  • Result NSX-T Router T1s list
# path - /infra/tier-1s/<router ID>
$routerT1Path = "/infra/tier-1s/_T1-GW-AP-01_"

New segment gateway

To connect the new overlay segment to the T1 router a gateway IP needs to be setup also.

# Gateway IP will need to use CIDR format (IP/PrefixLength)
$newSegmentGateway = "10.10.103.1/24"

Variables

Since it is a quick code snippet we could keep the list of variables on the top to reduce the need of editing the functional part of the snippet.

# Segment information
$segmentID = "POD01-SegmentA-Overlay-TZ-01"

# Transport Zone
$transportZone="/infra/sites/default/enforcement-points/default/transport-zones/ce028afd-c95f-4ed8-8fdb-1ecb06fb4bde"

# Router Path
$routerT1Path = "/infra/tier-1s/_T1-GW-AP-01_"

# Segment Gateway
$newSegmentGateway = "10.10.103.1/24"

Main code snippet body

This code snippet assumes that you are already connected to the NSX-T Manager using:

Connect-NsxtServer -Server "vcenter.lab" -User "admin" -Password "MyAwesomePassword"
# Pull the current segment information
$segmentList = Get-NsxtPolicyService -Name com.vmware.nsx_policy.infra.segments

# Creating a new segment object
$newSegmentSpec = $segmentList.Help.patch.segment.Create()
$newSegmentSpec.id = $segmentID
$newSegmentSpec.transport_zone_path = $transportZone
$newSegmentSpec.connectivity_path = $routerT1Path

# Retrieve a Subnet object from the segment structure
$newSubnetSpec = $segmentList.Help.patch.segment.subnets.Element.Create()
$newSubnetSpec.gateway_address = $newSegmentGateway

# Add subnet object to our new segment spec
$newSegmentSpec.subnets.Add($newSubnetSpec)

# Create the segment
$segmentList.patch($segmentID, $newSegmentSpec)

Result

Code Snippet run

New Overlay Segments T1 connected - Simplified UI

New Overlay Segments T1 connected - Subnet - Simplified UI