NSX-T Data Center - Using NSX-T Policy API to add new segments (VLAN Backed)

  2 minute read  

One of the fundamental tasks of an NSX-T deployment is creating new segments.

If you are just adding an hand full of segments probably the easier way is to use the UI and add the segments through the Simplified UI.

However, if you have more than an hand full of segments you will probably check if you can leverage the NSX-T Policy API to reduce the admin effort to create them all.

PowerCLI NSX-T Policy API CMDlets

The list of NSX-T Policy API CMDlets is not massive.

NSX-T Policy API CMDlets

Based in the number of cmdlets available could give the impression that you will not be able to do a lot of things with them, however these four cmdlets are powerful enough to create, remove or modify any object in the NSX-T Manager.

Quick snippet to create a new segment (VLAN Backed)

This post will focus in a quick code snippet to allow us to create multiple segments VLAN backed in NSX-T using the NSX-T Policy API.

The cmdlet Get-NsxtPolicyService is the main key to all of it.

Information needed to setup our snippet

To be able to create the segment in the right transport zone, we will need to collect the Transport Zone ID and the easiest way to retrieve it is through the simplified UI.

NSX-T Transport Zone ID

Now that we have the Transport Zone ID we can build the variable that will give us the path for the transport zone object.

$transportZone="/infra/sites/default/enforcement-points/default/transport-zones/c8e7a995-573f-4001-9288-f4d5b5ee8789"

Variables

Since it is a quick code snippet we could keep the list of variables on the top to reduce the need of editing the functional part of the snippet.

# Segment information
$segmentIDPrefix = "POD01-VLAN-"

# Transport Zone
$transportZone="/infra/sites/default/enforcement-points/default/transport-zones/c8e7a995-573f-4001-9288-f4d5b5ee8789"

# VLAN IDs to use for the new segments
$vlanIDs = @(10, 11, 12, 13, 14)

Main code snippet body

The main body of the code snippet has two sections:

  • Foreach cycle to go through our VLAN ID list
    • Segment creation within the Foreach cycle

Foreach cycle to go through our VLAN ID list

This code snippet assumes that you are already connected to the NSX-T Manager using:

Connect-NsxtServer -Server "vcenter.lab" -User "admin" -Password "MyAwesomePassword"
Foreach ($vlanID in $vlanIDs) {
  # create SegmentID information using the predefined prefix + VLAN ID from the list
  $segmentID = $segmentIDPrefix + $vlanID

  # Pull the current segment information
  $segmentList = Get-NsxtPolicyService -Name com.vmware.nsx_policy.infra.segments

  # Creating a new segment object
  $newSegmentSpec = $segmentList.Help.patch.segment.Create()
  $newSegmentSpec.id = $segmentID
  $newSegmentSpec.vlan_ids = @( $vlanID )
  $newSegmentSpec.transport_zone_path = $transportZone

  # Create the segment
  $segmentList.patch($segmentID, $newSegmentSpec)
}

Result

Code Snippet run

New Segments List - Simplified UI