Importing vSphere Networks into Aria Automation – Part 4 – Update Network Profiles

byArron King 10.18.2023 Aria Automation Importing vSphere Networks into Aria Automation

If you are standing up a new Aria Automation environment and have a large number of vSphere Networks (aka Port Groups), it could take a very long time to Aria Automationenter this information manually.  I have written a few scripts that can make Importing vSphere networks into Aria Automation fairly easy!

This blog article is the last in a 4-part series that discusses how you can update the Network Profiles configured in Aria Automation.  Before an Aria Automation Network Profile can be associated with the vSphere Networks in an environment, both the Network and IP Range definitions must be updated.

Blog Series Overview –  Importing vSphere Networks into Aria Automation

  1. Export Networks with Missing IP Info – This will export a file that can be used to determine which networks need updated.  This will be the basis for the other 3 sections as an input file to target updates.  This file will need updated with the pertinent IP information.
  2. Update Network IP Info  – This script will use the file created in step 1 to update the IP Information for vSphere networks discovered by Aria Automation
  3. Update IP Ranges – This script will use the file created in step 1 and define IP Ranges for the subnets used by the discovered vSphere Networks.  This must be completed after the networks have updated IP Information
  4. Update Network Profiles – The final step is to take the results from the prior 3 steps and create Network Profiles that can be used by Aria Automation for workload deployment

Update Network Profiles

Now that the networks all have valid IP Information and the IP ranges defined, we can complete the task and update the existing Network Profiles in Aria Automation so workloads can be deployed!    The Network Profile definitions are located in Cloud Assembly, under Infrastructure -> Configure -> Network Profiles.

The environment this script was written for has 1 Network Profile for each Cloud Account (named after the vCenter it represents).  Each Network Profile will have all of the networks for that vCenter.

This step uses the same input file used previously.  However it should contain all Networks you wish to have listed in a Network Profile.  See Update Note for more details.

 

The Script

Requirements

  • Powershell – written and tested using 7.3.8
  • PowervRA –  This script was written and tested with Power vRA 6.0.  Make sure to use PowervRA 4.x and above.   Earlier versions were compatible with vRealize Automation 7.x.  The APIs in Aria Automation 8.x are completely different

Usage

You will need to edit the script and enter a few details about your environment:

  • $vRAServer – FQDN of the Aria Automation Server
  • $vRAUser – name of the user used for authentication to Aria Automation
  • $ImportFile – path of the CSV input file
  • $RunLog – path for the log file

The script will loop through all existing Network Profiles to look for any Networks discovered in that Cloud Account.  The CloudAccountID field is used to look for a match.  The PortGroup field from the input file is used as a filter to ensure that only Networks represented in the input file are added.  If the Network is included in the input file and a Network Profile with a matching Cloud Account is found – it will be added to the Network Profile.

  • The Network Profile(s) must be created before running this script
  • Only Networks in the input file will be included in updates performed by this script
  • The updates performed by this script will overwrite any existing Network associations in the Network Profile(s).
Important - Read and Test before use
All Network Profiles will be updated; but only with the Networks listed in the input file. Any other Networks listed in a Network Profile will be overwritten when this script is run.
  • The earlier steps in this process only updated items contained in the input file. This allowed for  multiple runs updating only a selective portion of the configuration each time.
  • This step should be run last as the cumulative update for all networks you wish to have in your Aria Automation Network Profiles.

Output

The script creates a verbose log file that can be used to understand what occurred during the run.  The log output was slightly truncated to show complete process.

Update Network Profiles - Log

 

When you return to the Aria Automation GUI, you will find that the Network Profiles have had the Networks updated.

Network Profile - After Update

 

Getting the Code

Tips
Test environments are your friend.  Make sure your Aria Automation environment is backed up and take snapshots to save yourself time and agony

If you are new to using APIs with PowerShell,  check out my article on Using Aria Automation APIs with PowerShell.

You can download the script from GitHub.

<#
Update-Network-Profiles.ps1

This script will update Network Profiles configured in vRA 8.x.  It reads an input file containing a list of networks 
and the corresponding Network information.  The script will look for networks that are in the same 
Cloud Account as the existing Network Profiles, and update the Network Profile with any network that is listed in the
input file using a name match on the PortGroup data.  It does overwrite any existing networks attached to the Network 
Profile.

Input File Column Headers
 * PortGroup
 * Gateway
 * SubnetMask
 * NetworkAddress
 * CIDR
 * StartAddr
 * LastAddr

Disclaimer:  This script was obtained from https://github.com/cybersylum
  * You are free to use or modify this code for your own purposes.
  * No warranty or support for this code is provided or implied.  
  * Use this at your own risk.  
  * Testing is highly recommended.
#>

##
## Define Environment Variables
##

$ImportFile = "network-ip-info.csv"   #First row must by header which is used by script - it should be PortGroup,Gateway,SubnetMask,NetworkAddress,CIDR,2ndIP,End

#Verify Import File exists
if ((Test-Path -Path $ImportFile -PathType Leaf) -eq $False) {
    write-host ""
    write-host "Import File not found - " + $Import File + " - cannot continue..."
    write-host ""
    exit
}

$vRAServer = "vra8.domain.com"
$vRAUser = "[email protected]"
$DateStamp=Get-Date -format "yyyyMMdd"
$TimeStamp=Get-Date -format "hhmmss"
$RunLog = "Update-Network-Profiles-$DateStamp-$TimeStamp.log"
#QueryLimit is used to control the max rows returned by invoke-restmethod (which has a default of 100)
$QueryLimit=9999

##
## Function declarations
##
function Write-Log  {

    param (
        $LogFile,
        $LogMessage    
    )

    # complex strings may require () around message paramter 
    # Write-Log $RunLog ("Read " + $NetworkData.count + " records from $ImportFile. 1st Row is expected to be Column Names as defined in script.")

    $LogMessage | out-file -FilePath $LogFile -Append
}

function FilterNetworks {

    param (
        $AllNetworks
    )
    &amp;amp;amp;amp;amp;lt;#
    Takes the a list of Network IDs and returns the Network IDs that match up with network names provided in the input file
    #&amp;amp;amp;amp;amp;gt;

    $Results = @()
    $ExcludedNetworks = @()
    $counter=0

    foreach ($NetworkID in $AllNetworks) {
        # get the full record for the current network
        $thisNetwork = $DefinedNetworks | where-object -Property Id -eq $NetworkID
        #Does the name of the current network exist in the input file (PortGroup field)?
        $IncludeNetwork = $NetworkData | where-object -Property PortGroup -eq $thisNetwork.name
        if ($null -eq $IncludeNetwork.PortGroup) {
            #no match tally count
            $counter++
            $ExcludedNetworks += $NetworkID
        } else {
            $Results += $NetworkID
        }

    }

    if ($counter -gt 0) {
        Write-Log $RunLog $("Found " + $counter + " networks that are not in the input file.  They will be excluded:")
        Write-Log $RunLog $($ExcludedNetworks)
        Write-Log $RunLog " "
    }

    return $Results

}

function ReformatNetworkIDList {

    param (
        $TempList
    )

    &amp;amp;amp;amp;amp;lt;#
    Takes the filtered network collection and reformats into a quoted, comma-delimited list that can be used in an API call
    #&amp;amp;amp;amp;amp;gt;

    $counter=1
    $Last=$TempList.Count
    $Result = ""
    foreach ($NetworkID in $TempList) {
        if ($counter -eq $Last) {
            #add quotes; no comma needed after the last item
            $Result += '"' + $NetworkID + '"'
        } else {
            #add quotes and a comma
            $Result += '"' + $NetworkID + '",'
        }
        $counter++
    }

    return $Result
}


##
## Main Script
##

# Load input file
write-host "Reading input file for Network Information"
if (-not(Test-Path -Path $ImportFile -PathType Leaf)) {
    write-host "Input file '$ImportFile' not found..."
    exit
} else {
    $NetworkData = import-csv $ImportFile
    Write-Log $RunLog ("Read " + $NetworkData.count + " records from $ImportFile. 1st Row is expected to be Column Names as defined in script.")

}

#Connect to vRA
write-host "Connecting to Aria Automation - $vRAServer as $vRAUser"
$vRA=connect-vraserver -server $vRAServer -Username "$vRAUser" -IgnoreCertRequirements

if ($vRA -eq $null) {
    write-host "Unable to connect to vRA Server '$vRAServer'..."
    Write-Log $RunLog ("Unable to connect to vRA Server '$vRAServer'...")
    exit
}

#Grab the bearer token for use with invoke-restmethod (which is needed for queries with more than 100 results)
$APItoken= $vRA.token | ConvertTo-SecureString -AsPlainText -Force

# Load vRA Network Profiles
write-host "Searching $vRAServer for Network Profiles"
Write-Log $RunLog $("Searching $vRAServer for Network Profiles")

$Body = @{
    '$top' = $QueryLimit
}
$APIparams = @{
    Method = "GET"
    Uri = "https://$vRAServer/iaas/api/network-profiles"
    Authentication = "Bearer"
    Token = $APItoken
    Body = $Body
}

try{
    $NetworkProfiles = (Invoke-RestMethod @APIparams -SkipCertificateCheck).content
} catch {
    Write-Log $RunLog $("    Unable to get network profiles from vRA")
    Write-Log $RunLog $Error
    Write-Log $RunLog $Error[0].Exception.GetType().FullName
}

Write-Log $RunLog $("Found " + $NetworkProfiles.Count + " network profiles in " + $vRAServer)
foreach ($Profile in $NetworkProfiles) {
    Write-Log $RunLog $("    " + $Profile.name + " using Cloud Account -  " + $Profile.cloudAccountId)
}

# Load the defined vRA Networks
write-host "Searching $vRAServer for Defined Networks"
Write-Log $RunLog $("Searching $vRAServer for defined networks")

$Body = @{
    '$top' = $QueryLimit
}
$APIparams = @{
    Method = "GET"
    Uri = "https://$vRAServer/iaas/api/fabric-networks-vsphere"
    Authentication = "Bearer"
    Token = $APItoken
    Body = $Body
}

try{
    $DefinedNetworks = (Invoke-RestMethod @APIparams -SkipCertificateCheck).content
} catch {
    Write-Log $RunLog $("    Unable to get networks from vRA")
    Write-Log $RunLog $Error
    Write-Log $RunLog $Error[0].Exception.GetType().FullName
}

Write-Log $RunLog $("Found " + $DefinedNetworks.Count + " defined networks in " + $vRAServer)

&amp;amp;amp;amp;amp;lt;# 
Loop through each Network Profile. 
    Use the CloudAccountID to get list of Networks that link to that Cloud Account using Where-object
    Take the resulting Network IDs and filter out any Networks that are not included in the input file.
    Then reformat the final list into a quoted, comma-delimited list for API call.
    Update each network profile with that list - overwriting any pre-existing associated Networks
#&amp;amp;amp;amp;amp;gt;

Write-Host "Updating Network Profiles with matching Networks"
Write-Log $RunLog "Updating Network Profiles with matching Networks"

foreach ($NetworkProfile in $NetworkProfiles) {

    Write-Log $RunLog $("Searching for Networks that should reside in Network Profile " + $NetworkProfile.name + " - Cloud Account " + $NetworkProfile.cloudAccountId)
    $CloudMatchNetworkIDs = ""
    $CloudMatchNetworkIDs = $DefinedNetworks | where-object -Property cloudAccountIds -eq $NetworkProfile.cloudAccountId
    Write-Log $RunLog $("   Found " + $CloudMatchNetworkIDs.Count + " networks using that cloud account")

## Need to filter out networks that do not match PortGroup name in input file
    $InputMatchingNetworks = FilterNetworks $CloudMatchNetworkIDs.id

    # convert the array of Cloud Account IDs into a Quoted, comma-delimited list usable in the API call
    $APINetworkIDs = ReformatNetworkIDList $InputMatchingNetworks
    Write-Log $RunLog $("Final list of networks to update in " + $NetworkProfile.name)
    Write-Log $RunLog $APINetworkIDs
    
    write-Log $RunLog $("Updating Network Profile - " + $NetworkProfile.name + " / " + $NetworkProfile.id)
$json = @"
{
    "fabricNetworkIds": [
        $APINetworkIDs
    ]
}
"@  
    $URI =  "/iaas/api/network-profiles/" + $NetworkProfile.id
    
    try {
        $Results=Invoke-vRARestMethod -Method PATCH -URI $URI -Body $json
    } catch {
        Write-Log $RunLog $("       Unable to Update Network Profile")
        Write-Log $RunLog $Results
        Write-Log $RunLog $Error
        Write-Log $RunLog $Error[0].Exception.GetType().FullName
    }

    write-host -NoNewline "."
    Write-Log $RunLog " "
   
}

# Clean up
write-host
Write-Host "More details available in the log - $RunLog"
Disconnect-vRAServer -Confirm:$false

This completes the Importing vSphere Networks into Aria Automation blog series. Thank you for reading!

Importing vSphere Networks into Aria Automation - Part 3 - Update IP Ranges

Basic Math in an Aria Automation Cloud Template
Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.