Version 1.7 of PowervRNI was released yesterday, and this post covers what’s new in this version. If you’re not familiar with PowervRNI, it is a PowerShell module that you can use to manage vRealize Network Insight. From adding data sources & applications, to retrieve data from it, such a network flows, PowervRNI covers most of the public API endpoints of Network Insight.
What’s New?
A bunch! First off, it has been updated to support the new data sources and API calls that have been added in Network Insight 5.0. Second, I’ve added a few backlog items. I’ll go through the changes below.
Data Sources
New: Update-vRNIDataSource
Let’s start with a good one. PowervRNI had to ability to add and remove data sources, but not edit them. Update-vRNIDataSource adds the possibility to update one or multiple data sources by updating their Nickname, Notes, or, most importantly, their Username and Password details. Imaging updating the login credentials of 52 switches, all at once. This example does just that:
PS # Get-vRNIDataSource -DataSourceType ciscoswitch | Update-vRNIDataSource -Username readonly -Password secret
New Data Sources
Version 1. 7 adds support for the new data sources: Azure, VeloCloud, FortiManager, and Generic Router/Switch devices (UANI). Here are a few examples:
Adding a VeloCloud Orchestrator
PS # New-vRNIDataSource -DataSourceType velocloud -Username [email protected] -Password password -CollectorVMId $collectorId -Nickname VeloCloud -FDQN vcoxx.velocloud.net entity_id : 10771:962:1907704854791059140 entity_type : VeloCloudDataSource fqdn : vcoxx.velocloud.net proxy_id : 10771:901:8169725906866024439 nickname : VeloCloud enabled : True credentials : @{[email protected]; password=}
Adding an Azure subscription
PS # New-vRNIDataSource -DataSourceType azure -CollectorVMId $collectorId -Nickname Azure-TenantID xxx-xxx-xxx-xxx -ApplicationID xxx-xxx-xxx-xxx -SecretKey secret -SubscriptionID xxx-xxx-xxx-xxx entity_id : 10771:966:6062894549792355656 entity_type : AzureDataSource proxy_id : 10771:901:8169725906866024439 nickname : Azure-Dev enabled : True credentials : @{azure_client=xxx-xxx-xxx-xxx; azure_tenant=xxx-xxx-xxx-xxx; azure_subscription=xxx-xxx-xxx-xxx} flows_enabled : True
Adding a Generic Switch/Router device
PS # New-vRNIDataSource -DataSourceType generic-device -CollectorVMId $collectorId -IP 10.0.0.1 -Nickname gw1 entity_id : 10771:963:7000486714130462696 entity_type : GenericSwitchDataSource ip : 10.0.0.1 proxy_id : 10771:901:8169725906866024439
Uploading the Generic Switch/Router ZIP file with CSVs
PS # Get-vRNIDataSource -DataSourceType generic-device | where {$_.nickname -eq "gw1"} | Update-vRNIDataSourceData -Zipfile ~/new-gw1-csv.zip entity_id : 10771:963:1592443492322905846 entity_type : GenericSwitchDataSource ip : 10.0.0.1 proxy_id : 10771:901:8169725906866024439 nickname : gw1 enabled : True
Adding Kubernetes and OpenShift clusters has also been fixed, by using the contents of your KubeConfig:
PS # $nsxtId = (Get-vRNIDataSource -DatasourceType nsxt | Where {$_.nickname -eq "my-nsxt-manager"} | Select -ExpandProperty id) PS C:\> $collectorId = (Get-vRNINodes | Where {$_.ip_address -eq "10.0.0.11"} | Select -ExpandProperty id) PS # $kubeconfig = (Get-Content ~/.kube/config | Out-String) PS # New-vRNIDataSource -DataSourceType kubernetes -Nickname k8s-cluster-1 -CollectorVMId $collectorId -NSXTManagerID $nsxtId -KubeConfig $kubeconfig
F5 Load Balancer support has been fixed. The API in 4.2 didn’t work, as the data source had a different entity type.
PS # New-vRNIDataSource -DataSourceType f5-bigip -Username admin -Password password -CollectorVMId $collectorId -Nickname F5 -FDQN f5.lab.local entity_id : 10771:952:7880684499039039792 entity_type : F5BIGIPDataSource fqdn : f5.lab.local proxy_id : 10771:901:8169725906866024439 nickname : F5 enabled : True credentials : @{username=admin}
Setting NSX-v Controller Passwords
Network Insight collects routing information from the NSX-v controllers. To do so, it needs the password to log in to those controllers. I’ve added a new cmdlet called Update-vRNINSXvControllerPassword to do this:
PS # Get-vRNIDataSource -DatasourceType nsxv | Update-vRNINSXvControllerClusterPassword -Password secret
Support for NSX-v and NSX-T Virtual Infra Latency
From NSX-v 6.4.5+ and NSX-T 2.5+ – NSX can stream telemetry on latency between VTEPs, physical and virtual NICs. NSX is configured by Network Insight and the new -NSXEnableLatency $True parameter on New-vRNIDataSource, will do that when adding the NSX Manager as a data source. Example:
PS # New-vRNIDataSource -DataSourceType nsxv -NSXEnableLatency $True -FDQN mgr.nsx.local -Username admin -Password secret -Nickname mgr.nsx.local -CollectorVMId $collectorId -Enabled $True -NSXEnableCentralCLI $True -NSXEnableIPFIX $True -NSXvCenterID $vcId
A better experience with Connect-vRNIServer
Before 1.7, when connecting with LDAP/Active Directory credentials, the Connect-vRNIServer cmdlet looked as following:
Connect-vRNIServer -Server platform -Username [email protected] -Domain ld.local -Password secret
Maybe you’ve noticed the domain name is mentioned twice, both in the Username and Domain values. This was mostly due to the input that the vRNI API requires. It’s a small change, but now, PowervRNI now detects the usage of a non-local domain and allow you to omit the Domain parameter.
Connect-vRNIServer -Server platform -Username [email protected] -Password secret
If you have local vRNI accounts with domains other than local, you can make sure it authenticates locally by still adding the parameters: -Domain LOCAL, *or* -UseLocalAuth.
Get-vRNIKubernetesServices
Network Insight can pull Kubernetes information (services, namespaces, clusters, nodes, etc.) and the networking details behind these containers. But, there’s only 1 public API added to retrieve information, and it’s to retrieve a list of the Kubernetes services:
PS # Get-vRNIKubernetesServices -Limit 1 entity_id : 10771:1504:7006772991589105315 name : metrics-server entity_type : KubernetesService vendor_id : c88a10d1-e04c-11e9-a348-0050569525d5 annotations : {kubectl.kubernetes.io/last-applied-configuration} labels : {kubernetes.io/name} creation_timestamp : 09/26/2019 10:59:59 namespace : @{entity_id=10771:1503:2077432250506315584} cluster_ip : @{ip_address=10.100.200.71;netmask=255.255.255.255; network_address=10.100.200.71/32} loadbalancer_ip : @{ip_address=; netmask=; network_address=} type : ClusterIP external_ips : {} selectors : {k8s-app}
Set-vRNIUserPassword
Network Insight 5.0 also added a new API endpoint to manage passwords of local users. The new cmdlet Set-vRNIUserPassword allows you to change your own password, or as an administrator; change passwords of all users.
PS # Set-vRNIUserPassword -Username admin@local -NewPassword newpassword
or
PS # Set-vRNIUserPassword -Username [email protected]
PowerShell credential request
Input the new password
Password for user [email protected]: ********
Other things
- Fixed adding Huawei switches as data sources by using the new DataSourceType in vRNI 5.0.
- Fixed returning multiple entities with the same name (e.g. same VM names with Get-vRNIVM)
Leave a Reply