At several EUC projects we have a testing Workspace ONE environment(s) where desktop image and application packaging takes place, and a production Workspace ONE environment where only tested and approved items from the test are released. The environments are separated into vCenter/NSX managers. Actually, the production ones are even more separated in management and two or more desktop pods. All with their own NSX managers, and with there own management and rules. There is a need for a way to synchronize the approved NSX DFW rule set from testing to production, and between the production pods, without too much effort or human interference. We couldn’t find a cmdlet that does this all, so I wrote up the following script to synchronize the NSX configuration between pods: PowerNSX DFW Synchronization Script. We also have the same need for other projects, and I think it will benefit the next iteration of the NSXHorizonJumpstart I was working on earlier. You can go and grab the first version of the PowerNSX DFW synchronization script at https://github.com/Paikke/NsxSynchronization. In the remainder of this blog post, I will explain some further this script.
Almost a month from now, but I’m very proud and honored to be on the agenda at this years NLVMUG UserCon on March 20th with a Horizon and NSX Secure Desktop session. Go and say hi to me in Dexter 17 – 18 at 10:20.
While you will be at the NLVMUG, also take a peek at the awesome speaker’s list or the agenda, for some other speakers and their awesome sessions. Though choices ;). The keynotes will be done by no other than Pat Gelsinger –Pat Gelsinger, CEO VMware for the Opening keynote, and Joshua McKenty –Vice President, Global Ecosystem Engineering, Pivotal will do the afternoon keynote.
This year there is a pre-con day on March the 19th. Details for the pre-con can be found over here. The pre-con is also pretty packed with a Hackathon (I can only say I had a very good experience at the VMworld Hackathon), VCDX Workshop, and multiple R&D tracks.
On Tuesday 21st of November ITQ will host her Digital Transformation Event: Transform! This jam-packed event will have several ITQ, VMware, Pivotal and IBM speakers covering a range of topics such as End User Computing (EUC), (Cloud Native) Development, Software-Defined Data Center (SDDC), Hybrid Cloud and IT Transformation Services (ITTS). For more details on the awesome sessions, take a peek at the Transform! agenda.
There is still room so register here. Hope to see you there!
And now for a shameless plug of my own session.
The team that brought you PowerNSX just released the ‘Minimum Viable Product’ (MVP) of project Magpie. The ‘Multi Access General Purpose Infrastructure Explorer’ is specifically designed to be modular, and by this allowing new tools to be rapidly integrated into Magpie. I instantaneously have a small flashback to the Webcommander days, but that can just be me. In short, Project Magpie is an appliance containing various tools and utilities to support NSX. This appliance will serve as a framework for various tools to support operation and management of VMware (NSX) deployments. In short, the v0.1 Magpie contains release contains the following features:
- Multi-user Support – Create accounts for all users that require access to PowerNSX.
- PowerCLI and PowerNSX modules included and ready to go.
- Web-based User Interface – Access PowerNSX and PowerCLI from just via a web browser.
- Hosted documentation – You can access a searchable PowerNSX documentation that is updated from the Internet (Github). The documentation requires a working Internet connection, no Internet no documentation.
- PowerNSX SSH access – Access the PowerNSX/PowerCLI environment via an SSH terminal to the appliance.
- Photon OS – The appliance is built upon VMware’s lightweight Photon OS.
Pretty awesome as for NSX who does not use PowerNSX? And this is just the first initial release. Let us take her out for a spin and play!
A few blog posts ago (https://www.pascalswereld.nl/2017/08/24/nsx-for-desktop-jumpstart-microsegmentation-with-horizon-service-installer-fling/) I wrote about using the Horizon Service Installer fling for adding Horizon services to NSX for Desktop. From that blog post, I have been continuing to evolve the services file with services, sections, and rules that will normally appear in an EUC solution with VMware products. I tried to maintain the services yml file to keep on working with the fling. Currently you still can, however I don’t know how long this will be.
And this is because of another part I am working on, using PowerNSX for adding the services file to the NSX environment, and in turn, replace the need of the fling. You can read about me starting this at the post PowerCLI Collection: PowerNSX Desktop Jumpstart and process YAML (yml) config file. And this blog post is about explaining the first version to reach feature parity to the Horizon Service installer fling. The NSXHorizonJumpstart script now reads and adds to the complete yml file to NSX services, service groups, security groups and adds the Firewall sections with the firewall groups.
You can find both the services file as the current version of the script from the master branch at: https://github.com/Paikke/NSXHorizonJumpstart.
In my last blog post (https://www.pascalswereld.nl/2017/08/24/nsx-for-desktop-jumpstart-microsegmentation-with-horizon-service-installer-fling/) I wrote about using the Horizon Service Installer fling for adding Horizon services to NSX for Desktop. From that blog post I have been evolving the services file with services and rules that will normally appear in an EUC solution with VMware products. Not just sticking with Horizon 7, but also getting App Volumes, UEM, UAG, and infrastructure components in the picture. And I will be continuing to evolve the services.
Another part I am working on is using PowerShell/PowerNSX for adding the services file to the NSX environment, and in turn, replace the need of the fling. And this blog post is about explaining the current structure from reading the yml file and using this information to check and add to NSX. For now, the services yml file will be maintained to keep on working with the fling.