HCX Network Extension fails for Service Mesh created via PowerCLI
search cancel

HCX Network Extension fails for Service Mesh created via PowerCLI

book

Article ID: 437281

calendar_today

Updated On:

Products

VMware HCX

Issue/Introduction

You have used PowerCLI to create a Service Mesh, and an NE (no IX). You are unable to use PowerCLI to extend the networks.

When you attempt to use the UI on the SM to extend the NE, you receive in either the Source or the Destination window a notification that the Service Mesh is undefined :

When running the CMDLets there are no logs or errors thrown, but the Activity Log shows that it failed within a second with the message "JSONObject["request"] not found".

 

Environment

HCX 4.11.x

VMWare.VimAutomation.HCX 12.5.0.19184575 and later.

Cause

The `New-HCXServiceMesh` PowerCLI cmdlet lacks parameters for tunnel encryption settings, preventing the population of the `isEncryptionlessTunnelEnabledForNE` key in the HCX database.

Resolution

Use the native API calls from the HCX UI with curl to build the Service Mesh NE pair (Replace the tokens in Upper Case inside Double Braces with the value requested with one pair of braces example {{USERNAME}} replaced with someuserid:

curl "https://{{HCX_FQDN}}/hybridity/api/interconnect/serviceMesh?vcGuid={{VC_GUID}}&encryptionlessTunnelSwitchMode=false" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Origin: https://{{HCX-FQDN}} \
-H "x-hm-authorization: {{AUTH_TOKEN}}" \
--data-raw '{
                        "name": "{{MESH_NAME}}",
                        "computeProfiles": [
                           {
                            "endpointId": "{{SOURCE_ENDPOINT_ID}}",
                            "computeProfileId": "{{SOURCE_CP_ID}}",
                            "networks": [{"id": "{{SOURCE_NET_ID}}", "overriddenMtu": 8800}]
                           },
                           {
                            "endpointId": "{{DEST_ENDPOINT_ID}}",
                            "computeProfileId": "{{DEST_CP_ID}}",
                            "networks": [{"id": "{{DEST_NET_ID}}", "overriddenMtu": 8800}]
                            }
                           ],
             "services": [{"name": "NETWORK_EXTENSION"}],
             "trafficEnggCfg": {
                        "isAppPathResiliencyEnabled": true,
                       "isTcpFlowConditioningEnabled": false,
                       "isEncryptionlessTunnelEnabledForMigration": false,
                       "isEncryptionlessTunnelEnabledForNE": false,
                       "groEnabled": false
                     },
                    "switchPairCount": [
                                                  {
                                                   "switches": [
                                                                     { "cmpId": "{{VC_GUID}}", "id": "{{DVS_ID}}", "type": "VmwareDistributedVirtualSwitch" },
                                                                     { "cmpId": "{{DEST_VC_GUID}}", "id": "{{TZ_ID}}", "type": "OVERLAY_STANDARD" }
                                                                    ],
                                                 "l2cApplianceCount": 1
                                                }
                                              ]
}'

IMPORTANT: A Note on Authentication: HCX sessions are temporary. If you are building a script, you should first call the POST /hybridity/api/sessions endpoint to programmatically retrieve the  x-hm-authorization token rather than hardcoding it.

Additional Information

PowerCLI may also be unable to extend SMs created with the GUI, and it may be necessary to use the native API to extend the network.

Powered by Wolken Software