Clever Geek Handbook

Cómo restaurar NSX Edge y transferir su configuración a través de API

Este artículo le mostrará cómo trabajar a través de la API con NSX Edge. Esta solución de VMware realiza enrutamiento, firewall, NAT, DHCP, VPN y otras funciones para un centro de datos virtual. Las capacidades de API hacen que enviar solicitudes a Edge sea más fácil e intuitivo que usar la línea de comandos. 





El método que se describe aquí también resuelve algunos de los problemas de acceso a Edge a través de vCloud Director. Cuando trabajamos a través de la API, tenemos la oportunidad de trabajar con Edge directamente a través de NSX o vCloud Director, y también usamos la API para acceder a la base de datos de vCloud Director. Te mostraré ambas opciones. 





Estos son los escenarios más interesantes cuando el uso de la API es útil:





  1. Migración de Edge a otro NSX Manager.





  2. Restaurando Edge o parte de su configuración. Por ejemplo, si luego de migrar de un centro de datos a otro, también transferimos la configuración del firewall, VPN, balanceador de carga, etc. 





  3. Configuración de copia de seguridad. Por ejemplo, si queremos guardar la configuración de Edge en formato XML y volver a ella si es necesario. 





En la descripción, utilizo NSX-V 6.4.6 y vCloud Director 10.2, pero el artículo también es relevante para otras versiones de software. Para todos los experimentos, utilicé la documentación de la API de aquí .





Preparando una herramienta para trabajar con API

API . Postman: API . VMware API, .





:





GET – , .





POST – .





PUT – , .





DELETE – .





, Postman NSX-, Edge.





  1. Postman . Basic Auth, . 





  2. . Content-Type: application/xml





  3. Edge GET https://nsx-fqdn/api/4.0/edges ( nsx-fqdn – IP- FQDN NSX-).





200 , , : , .





Edge . , .





Edge

, API. 





, 2 NSX-,   ,





NSX- nsx-fqdn-1,   NSX-manager nsx-fqdn-2. , - edge-8 , .





  1. Edge NSX. , FQDN NSX-.





    GET https://nsx-fqdn-2/api/4.0/edges/edge-8





  2. . , . 





    . 
    <?xml version="1.0" encoding="UTF-8"?>
<edge>
    <id>edge-8</id>
    <version>8</version>
    <description></description>
    <status>deployed</status>
    <tenant>88ed64d3-516d-4932-a262-9987e9779f1e</tenant>
    <name>vse-test-delete-edge (877a6842-8a67-4dad-87cf-81e155c45763)</name>
    <fqdn>vse-f8b2ccec-ef9b-464f-8bab-eb67e27f15c3</fqdn>
    <enableAesni>true</enableAesni>
    <enableFips>false</enableFips>
    <vseLogLevel>info</vseLogLevel>
    <vnics>
        <vnic>
            <label>vNic_0</label>
            <name>vnic0</name>
            <addressGroups>
                <addressGroup>
                    <primaryAddress>esxternal-ip</primaryAddress>
                    <secondaryAddresses>
                        <ipAddress>esxternal-ip</ipAddress>
                    </secondaryAddresses>
                    <subnetMask>255.255.255.192</subnetMask>
                    <subnetPrefixLength>26</subnetPrefixLength>
                </addressGroup>
            </addressGroups>
            <mtu>1500</mtu>
            <type>uplink</type>
            <isConnected>true</isConnected>
            <index>0</index>
            <portgroupId>dvportgroup-731</portgroupId>
            <portgroupName>internet</portgroupName>
            <enableProxyArp>false</enableProxyArp>
            <enableSendRedirects>true</enableSendRedirects>
        </vnic>
        <vnic>
            <label>vNic_1</label>
            <name>vnic1</name>
            <addressGroups>
                <addressGroup>
                    <primaryAddress>10.0.0.1</primaryAddress>
                    <subnetMask>255.255.255.0</subnetMask>
                    <subnetPrefixLength>24</subnetPrefixLength>
                </addressGroup>
            </addressGroups>
            <mtu>1500</mtu>
            <type>internal</type>
            <isConnected>true</isConnected>
            <index>1</index>
            <portgroupId>virtualwire-380</portgroupId>
            <portgroupName>dvs.VCDVStest-1-5ca1ab95-ded5-4af5-bf90-96eaa70e5512</portgroupName>
            <enableProxyArp>false</enableProxyArp>
            <enableSendRedirects>true</enableSendRedirects>
        </vnic>
        <vnic>
            <label>vNic_2</label>
            <name>vnic2</name>
            <addressGroups/>
            <mtu>1500</mtu>
            <type>internal</type>
            <isConnected>false</isConnected>
            <index>2</index>
            <enableProxyArp>false</enableProxyArp>
            <enableSendRedirects>true</enableSendRedirects>
        </vnic>
        <vnic>
            <label>vNic_3</label>
            <name>vnic3</name>
            <addressGroups/>
            <mtu>1500</mtu>
            <type>internal</type>
            <isConnected>false</isConnected>
            <index>3</index>
            <enableProxyArp>false</enableProxyArp>
            <enableSendRedirects>true</enableSendRedirects>
        </vnic>
        <vnic>
            <label>vNic_4</label>
            <name>vnic4</name>
            <addressGroups/>
            <mtu>1500</mtu>
            <type>internal</type>
            <isConnected>false</isConnected>
            <index>4</index>
            <enableProxyArp>false</enableProxyArp>
            <enableSendRedirects>true</enableSendRedirects>
        </vnic>
        <vnic>
            <label>vNic_5</label>
            <name>vnic5</name>
            <addressGroups/>
            <mtu>1500</mtu>
            <type>internal</type>
            <isConnected>false</isConnected>
            <index>5</index>
            <enableProxyArp>false</enableProxyArp>
            <enableSendRedirects>true</enableSendRedirects>
        </vnic>
        <vnic>
            <label>vNic_6</label>
            <name>vnic6</name>
            <addressGroups/>
            <mtu>1500</mtu>
            <type>internal</type>
            <isConnected>false</isConnected>
            <index>6</index>
            <enableProxyArp>false</enableProxyArp>
            <enableSendRedirects>true</enableSendRedirects>
        </vnic>
        <vnic>
            <label>vNic_7</label>
            <name>vnic7</name>
            <addressGroups/>
            <mtu>1500</mtu>
            <type>internal</type>
            <isConnected>false</isConnected>
            <index>7</index>
            <enableProxyArp>false</enableProxyArp>
            <enableSendRedirects>true</enableSendRedirects>
        </vnic>
        <vnic>
            <label>vNic_8</label>
            <name>vnic8</name>
            <addressGroups/>
            <mtu>1500</mtu>
            <type>internal</type>
            <isConnected>false</isConnected>
            <index>8</index>
            <enableProxyArp>false</enableProxyArp>
            <enableSendRedirects>true</enableSendRedirects>
        </vnic>
        <vnic>
            <label>vNic_9</label>
            <name>vnic9</name>
            <addressGroups/>
            <mtu>1500</mtu>
            <type>internal</type>
            <isConnected>false</isConnected>
            <index>9</index>
            <enableProxyArp>false</enableProxyArp>
            <enableSendRedirects>true</enableSendRedirects>
        </vnic>
    </vnics>
    <appliances>
        <applianceSize>compact</applianceSize>
        <appliance>
            <highAvailabilityIndex>0</highAvailabilityIndex>
            <vcUuid>500615b5-3f65-146a-1d5c-0dce84fc60ea</vcUuid>
            <vmId>vm-4274</vmId>
            <resourcePoolId>resgroup-53</resourcePoolId>
            <resourcePoolName>System vDC (c8a308dd-2509-48ad-ab8e-54e93938394d)</resourcePoolName>
            <datastoreId>datastore-1</datastoreId>
            <datastoreName>DATASTORE</datastoreName>
            <hostId>host-18</hostId>
            <hostName>ESXi-host</hostName>
            <vmFolderId>group-v453</vmFolderId>
            <vmFolderName>Service VMs</vmFolderName>
            <vmHostname>vse-f8b2ccec-ef9b-464f-8bab-eb67e27f15c3-0</vmHostname>
            <vmName>vse-test-delete-edge (877a6842-8a67-4dad-87cf-81e155c45763)-0</vmName>
            <deployed>true</deployed>
            <cpuReservation>
                <limit>-1</limit>
                <reservation>64</reservation>
            </cpuReservation>
            <memoryReservation>
                <limit>-1</limit>
                <reservation>256</reservation>
            </memoryReservation>
            <edgeId>edge-8</edgeId>
            <configuredResourcePool>
                <id>resgroup-53</id>
                <name>System vDC (c8a308dd-2509-48ad-ab8e-54e93938394d)</name>
                <isValid>true</isValid>
            </configuredResourcePool>
            <configuredDataStore>
                <id>datastore-1</id>
                <name>DATASTORE</name>
                <isValid>true</isValid>
            </configuredDataStore>
            <configuredHost>
                <id>host-18</id>
                <name>ESXi-host</name>
                <isValid>true</isValid>
            </configuredHost>
            <configuredVmFolder>
                <id>group-v453</id>
                <name>Service VMs</name>
                <isValid>true</isValid>
            </configuredVmFolder>
        </appliance>
        <deployAppliances>true</deployAppliances>
    </appliances>
    <cliSettings>
        <remoteAccess>false</remoteAccess>
        <userName>admin</userName>
        <sshLoginBannerText>
***************************************************************************
NOTICE TO USERS
 
This computer system is the private property of its owner, whether
individual, corporate or government.  It is for authorized use only.
Users (authorized or unauthorized) have no explicit or implicit
expectation of privacy.
 
Any or all uses of this system and all files on this system may be
intercepted, monitored, recorded, copied, audited, inspected, and
disclosed to your employer, to authorized site, government, and law
enforcement personnel, as well as authorized officials of government
agencies, both domestic and foreign.
 
By using this system, the user consents to such interception, monitoring,
recording, copying, auditing, inspection, and disclosure at the
discretion of such personnel or officials.  Unauthorized or improper use
of this system may result in civil and criminal penalties and
administrative or disciplinary action, as appropriate. By continuing to
use this system you indicate your awareness of and consent to these terms
and conditions of use. LOG OFF IMMEDIATELY if you do not agree to the
conditions stated in this warning.
 
****************************************************************************</sshLoginBannerText>
        <passwordExpiry>99999</passwordExpiry>
    </cliSettings>
    <features>
        <nat>
            <version>3</version>
            <enabled>true</enabled>
            <natRules>
                <natRule>
                    <ruleId>196609</ruleId>
                    <ruleTag>196609</ruleTag>
                    <loggingEnabled>false</loggingEnabled>
                    <enabled>true</enabled>
                    <translatedAddress>esxternal-ip</translatedAddress>
                    <ruleType>user</ruleType>
                    <action>snat</action>
                    <vnic>0</vnic>
                    <originalAddress>10.0.0.0/24</originalAddress>
                    <snatMatchDestinationAddress>any</snatMatchDestinationAddress>
                    <protocol>any</protocol>
                    <originalPort>any</originalPort>
                    <translatedPort>any</translatedPort>
                    <snatMatchDestinationPort>any</snatMatchDestinationPort>
                </natRule>
                <natRule>
                    <ruleId>196610</ruleId>
                    <ruleTag>196610</ruleTag>
                    <loggingEnabled>false</loggingEnabled>
                    <enabled>true</enabled>
                    <translatedAddress>10.0.0.3</translatedAddress>
                    <ruleType>user</ruleType>
                    <action>dnat</action>
                    <vnic>0</vnic>
                    <originalAddress>esxternal-ip</originalAddress>
                    <dnatMatchSourceAddress>any</dnatMatchSourceAddress>
                    <protocol>tcp</protocol>
                    <originalPort>443</originalPort>
                    <translatedPort>8443</translatedPort>
                    <dnatMatchSourcePort>any</dnatMatchSourcePort>
                </natRule>
            </natRules>
            <nat64Rules/>
        </nat>
        <l2Vpn>
            <version>2</version>
            <enabled>false</enabled>
            <logging>
                <enable>true</enable>
                <logLevel>notice</logLevel>
            </logging>
        </l2Vpn>
        <featureConfig/>
        <featureConfig/>
        <dns>
            <version>2</version>
            <enabled>false</enabled>
            <cacheSize>16</cacheSize>
            <listeners>
                <vnic>any</vnic>
            </listeners>
            <dnsViews>
                <dnsView>
                    <viewId>view-0</viewId>
                    <name>vsm-default-view</name>
                    <enabled>true</enabled>
                    <viewMatch>
                        <ipAddress>any</ipAddress>
                        <vnic>any</vnic>
                    </viewMatch>
                    <recursion>false</recursion>
                </dnsView>
            </dnsViews>
            <logging>
                <enable>false</enable>
                <logLevel>info</logLevel>
            </logging>
        </dns>
        <syslog>
            <version>2</version>
            <enabled>false</enabled>
            <protocol>udp</protocol>
        </syslog>
        <sslvpnConfig>
            <version>2</version>
            <enabled>false</enabled>
            <logging>
                <enable>true</enable>
                <logLevel>notice</logLevel>
            </logging>
            <advancedConfig>
                <enableCompression>false</enableCompression>
                <forceVirtualKeyboard>false</forceVirtualKeyboard>
                <randomizeVirtualkeys>false</randomizeVirtualkeys>
                <preventMultipleLogon>false</preventMultipleLogon>
                <clientNotification></clientNotification>
                <enablePublicUrlAccess>false</enablePublicUrlAccess>
                <timeout>
                    <forcedTimeout>0</forcedTimeout>
                    <sessionIdleTimeout>10</sessionIdleTimeout>
                </timeout>
            </advancedConfig>
            <clientConfiguration>
                <autoReconnect>true</autoReconnect>
                <upgradeNotification>false</upgradeNotification>
            </clientConfiguration>
            <layoutConfiguration>
                <portalTitle>VMware</portalTitle>
                <companyName>VMware</companyName>
                <logoExtention>jpg</logoExtention>
                <logoUri>/api/4.0/edges/edge-8/sslvpn/config/layout/images/portallogo</logoUri>
                <logoBackgroundColor>56A2D4</logoBackgroundColor>
                <titleColor>996600</titleColor>
                <topFrameColor>000000</topFrameColor>
                <menuBarColor>999999</menuBarColor>
                <rowAlternativeColor>FFFFFF</rowAlternativeColor>
                <bodyColor>FFFFFF</bodyColor>
                <rowColor>F5F5F5</rowColor>
            </layoutConfiguration>
            <authenticationConfiguration>
                <passwordAuthentication>
                    <authenticationTimeout>1</authenticationTimeout>
                    <primaryAuthServers/>
                    <secondaryAuthServer/>
                </passwordAuthentication>
            </authenticationConfiguration>
        </sslvpnConfig>
        <featureConfig/>
        <highAvailability>
            <version>3</version>
            <enabled>false</enabled>
            <declareDeadTime>15</declareDeadTime>
            <logging>
                <enable>false</enable>
                <logLevel>info</logLevel>
            </logging>
            <security>
                <enabled>false</enabled>
            </security>
        </highAvailability>
        <routing>
            <version>3</version>
            <enabled>true</enabled>
            <routingGlobalConfig>
                <ecmp>false</ecmp>
                <logging>
                    <enable>false</enable>
                    <logLevel>info</logLevel>
                </logging>
            </routingGlobalConfig>
            <staticRouting>
                <defaultRoute>
                    <vnic>0</vnic>
                    <mtu>1500</mtu>
                    <gatewayAddress>external-ip</gatewayAddress>
                    <adminDistance>1</adminDistance>
                </defaultRoute>
                <staticRoutes/>
            </staticRouting>
            <ospf>
                <enabled>false</enabled>
                <ospfAreas>
                    <ospfArea>
                        <areaId>51</areaId>
                        <type>nssa</type>
                        <authentication>
                            <type>none</type>
                        </authentication>
                    </ospfArea>
                    <ospfArea>
                        <areaId>0</areaId>
                        <type>normal</type>
                        <authentication>
                            <type>none</type>
                        </authentication>
                    </ospfArea>
                </ospfAreas>
                <ospfInterfaces/>
                <redistribution>
                    <enabled>false</enabled>
                    <rules/>
                </redistribution>
                <gracefulRestart>true</gracefulRestart>
                <defaultOriginate>false</defaultOriginate>
            </ospf>
        </routing>
        <featureConfig/>
        <gslb>
            <version>2</version>
            <enabled>false</enabled>
            <serviceTimeout>6</serviceTimeout>
            <persistentCache>
                <maxSize>20</maxSize>
                <ttl>300</ttl>
            </persistentCache>
            <queryPort>5666</queryPort>
            <logging>
                <enable>false</enable>
                <logLevel>info</logLevel>
            </logging>
        </gslb>
        <firewall>
            <version>6</version>
            <enabled>true</enabled>
            <globalConfig>
                <tcpPickOngoingConnections>false</tcpPickOngoingConnections>
                <enableFtpLooseMode>false</enableFtpLooseMode>
                <tcpAllowOutOfWindowPackets>false</tcpAllowOutOfWindowPackets>
                <tcpSendResetForClosedVsePorts>true</tcpSendResetForClosedVsePorts>
                <dropInvalidTraffic>true</dropInvalidTraffic>
                <logInvalidTraffic>false</logInvalidTraffic>
                <tcpTimeoutOpen>30</tcpTimeoutOpen>
                <tcpTimeoutEstablished>21600</tcpTimeoutEstablished>
                <tcpTimeoutClose>30</tcpTimeoutClose>
                <udpTimeout>60</udpTimeout>
                <icmpTimeout>10</icmpTimeout>
                <icmp6Timeout>10</icmp6Timeout>
                <ipGenericTimeout>120</ipGenericTimeout>
                <enableSynFloodProtection>false</enableSynFloodProtection>
                <logIcmpErrors>false</logIcmpErrors>
                <dropIcmpReplays>false</dropIcmpReplays>
                <enableSnmpAlg>true</enableSnmpAlg>
                <enableFtpAlg>true</enableFtpAlg>
                <enableTftpAlg>true</enableTftpAlg>
            </globalConfig>
            <defaultPolicy>
                <action>deny</action>
                <loggingEnabled>false</loggingEnabled>
            </defaultPolicy>
            <firewallRules>
                <firewallRule>
                    <id>131076</id>
                    <ruleTag>131076</ruleTag>
                    <name>firewall</name>
                    <ruleType>internal_high</ruleType>
                    <enabled>true</enabled>
                    <loggingEnabled>false</loggingEnabled>
                    <description>firewall</description>
                    <action>accept</action>
                    <source>
                        <exclude>false</exclude>
                        <vnicGroupId>vse</vnicGroupId>
                    </source>
                </firewallRule>
                <firewallRule>
                    <id>131077</id>
                    <ruleTag>131077</ruleTag>
                    <name>test</name>
                    <ruleType>user</ruleType>
                    <enabled>true</enabled>
                    <loggingEnabled>false</loggingEnabled>
                    <action>accept</action>
                    <source>
                        <exclude>false</exclude>
                        <vnicGroupId>vnic-index-1</vnicGroupId>
                    </source>
                    <application>
                        <service>
                            <protocol>icmp</protocol>
                            <icmpType>any</icmpType>
                        </service>
                    </application>
                </firewallRule>
                <firewallRule>
                    <id>131075</id>
                    <ruleTag>131075</ruleTag>
                    <name>default rule for ingress traffic</name>
                    <ruleType>default_policy</ruleType>
                    <enabled>true</enabled>
                    <loggingEnabled>false</loggingEnabled>
                    <description>default rule for ingress traffic</description>
                    <action>deny</action>
                </firewallRule>
            </firewallRules>
        </firewall>
        <loadBalancer>
            <version>2</version>
            <enabled>false</enabled>
            <enableServiceInsertion>false</enableServiceInsertion>
            <accelerationEnabled>false</accelerationEnabled>
            <monitor>
                <monitorId>monitor-1</monitorId>
                <type>tcp</type>
                <interval>5</interval>
                <timeout>15</timeout>
                <maxRetries>3</maxRetries>
                <name>default_tcp_monitor</name>
            </monitor>
            <monitor>
                <monitorId>monitor-2</monitorId>
                <type>http</type>
                <interval>5</interval>
                <timeout>15</timeout>
                <maxRetries>3</maxRetries>
                <method>GET</method>
                <url>/</url>
                <name>default_http_monitor</name>
            </monitor>
            <monitor>
                <monitorId>monitor-3</monitorId>
                <type>https</type>
                <interval>5</interval>
                <timeout>15</timeout>
                <maxRetries>3</maxRetries>
                <method>GET</method>
                <url>/</url>
                <name>default_https_monitor</name>
            </monitor>
            <logging>
                <enable>false</enable>
                <logLevel>info</logLevel>
            </logging>
        </loadBalancer>
        <ipsec>
            <version>2</version>
            <enabled>false</enabled>
            <logging>
                <enable>true</enable>
                <logLevel>warning</logLevel>
            </logging>
            <sites/>
            <global>
                <psk>******</psk>
                <caCertificates/>
                <crlCertificates/>
            </global>
        </ipsec>
        <bridges>
            <version>2</version>
            <enabled>false</enabled>
        </bridges>
        <dhcp>
            <version>2</version>
            <enabled>false</enabled>
            <staticBindings/>
            <ipPools/>
            <logging>
                <enable>false</enable>
                <logLevel>info</logLevel>
            </logging>
        </dhcp>
    </features>
    <autoConfiguration>
        <enabled>true</enabled>
        <rulePriority>high</rulePriority>
    </autoConfiguration>
    <type>gatewayServices</type>
    <isUniversal>false</isUniversal>
    <hypervisorAssist>false</hypervisorAssist>
    <tunnels/>
</edge>

  3. XML Edge. : 









    • <id>edge-8</id>
<version>8</version>
<status>deployed</status>

    • <name> </name>, Edge .





    • , 





      <resourcePoolId>
<resourcePoolName>
<vmFolderId>
<vmFolderName>

      .





    • <password> </password> Edge  <userName> <sshLoginBannerText>, : 





      <userName>admin</userName>
<password>Test123!test123!</password>
<sshLoginBannerText>

    • NAT   ruleId, ruleTag, ruleType, : 





      <ruleId>196609</ruleId>
<ruleTag>196609</ruleTag>
<ruleType>user</ruleType>

  4. XML Edge. Body XML, raw XML . 





    POST https://nsx-fqdn-1/api/4.0/edges/





Edge edge-9





.





  1. , NAT. , Edge . <nat>. , NAT- :





    GET https://nsx-fqdn-1/api/4.0/edges/edge-9/nat/config





  2. NAT POST-.   ruleId, ruleTag, ruleType, :





    <ruleId>196609</ruleId>
<ruleTag>196609</ruleTag>
<ruleType>user</ruleType>

    POST https://nsx-fqdn-1/api/4.0/edges/edge-9/nat/config/rules





    NAT-:





    <natRules>
<natRule>
<action>dnat</action>
<vnic>0</vnic>
<originalAddress>esxternal_ip</originalAddress>
<translatedAddress>192.168.1.9</translatedAddress>
<loggingEnabled>false</loggingEnabled>
<enabled>true</enabled>
<description></description>
<protocol>udp</protocol>
<originalPort>80</originalPort>
<translatedPort>80</translatedPort>
</natRule>
</natRules>

  3. , NAT POST- , .





    , :





(firewall, vpn, load balancer ). XML . 





API vCloud Director. Edge API. Edge vCloud Director’, NSX-, edge-8 vCenter, . Edge id, vCloud Director .   vCloud Director . , vCloud Director id c edge-8 edge-9.





  1. gateway, id:





    select * from gateway where name like 'test-delete-edge%'





    :





    -- id=' 877a6842-8a67-4dad-87cf-81e155c45763 ' --name=' test-delete-edge' --backing-ref='edge-8'





  2. , Edge:





    select * from global_search('edge-8')





  3. , Edge: 





    select * from gateway where id = '877a6842-8a67-4dad-87cf-81e155c45763'





  4. id Edge , .





    update gateway set backing_ref = 'edge-9' where id = '877a6842-8a67-4dad-87cf-81e155c45763'





  5. Edge vCloud Director.





.





Edge

Edge vCloud Director, Postman . API vCloud Director :





  1. Postman.





  2. :





    Autorization: Basic Auth - administrator@system





  3. GET https://vCD-fqdn/api/versions





    , api.





  4. :





    Accept application/*+xml;version=35.0





  5. . POST https://vCD-fqdn/api/sessions





    : X-VMWARE-VCLOUD-ACCESS-TOKEN.





  6. Bearer Token X-VMWARE-VCLOUD-ACCESS-TOKEN.





  7. GET https://vCD-fqdn/api/admin, , .





  8. Powershell connect-ciserver vCD-fqdn





    : Get-OrgVdc OrgVDCName| Get-EdgeGateway EdgeName





    Href.





    Href: https://vCD-fqdn/api/admin/edgeGateway/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx





  9. Postman :





    GET https://vCD-fqdn/api/admin/edgeGateway/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx





  10. . “”:





    <?xml version="1.0" encoding="UTF-8"?>
<EdgeGatewayServiceConfiguration
   xmlns="http://www.vmware.com/vcloud/v1.5">
…   ,     
  <EdgeGatewayServiceConfiguration>
  </EdgeGatewayServiceConfiguration>

    :





    <?xml version="1.0" encoding="UTF-8"?>
<EdgeGatewayServiceConfiguration
   xmlns="http://www.vmware.com/vcloud/v1.5">
            <GatewayDhcpService>
                <IsEnabled>false</IsEnabled>
            </GatewayDhcpService>
            <FirewallService>
                <IsEnabled>true</IsEnabled>
                <DefaultAction>allow</DefaultAction>
                <LogDefaultAction>false</LogDefaultAction>
            </FirewallService>
            <NatService>
                <IsEnabled>true</IsEnabled>
                <NatRule>
                    <RuleType>SNAT</RuleType>
                    <IsEnabled>true</IsEnabled>
                    <Id>196609</Id>
                    <GatewayNatRule>
                        <Interface href="https://fqdn-vcd/api/admin/network/xxxxxx" name="network" type="application/vnd.vmware.admin.network+xml"/>
                        <OriginalIp>10.0.0.0/24</OriginalIp>
                        <TranslatedIp>external-ip</TranslatedIp>
                    </GatewayNatRule>
                </NatRule>
            </NatService>
            <GatewayIpsecVpnService>
                <IsEnabled>false</IsEnabled>
            </GatewayIpsecVpnService>
            <StaticRoutingService>
                <IsEnabled>true</IsEnabled>
            </StaticRoutingService>
            <LoadBalancerService>
                <IsEnabled>false</IsEnabled>
            </LoadBalancerService>
</EdgeGatewayServiceConfiguration>

    Edge , <Interface/> Edge Edge, :





    <Interface href="https://fqdn-vcd/api/admin/network/xxxxxx" name="network" type="application/vnd.vmware.admin.network+xml"/>

  11. POST-.  XML Body raw Edge.  content-type application/vnd.vmware.admin.edgeGatewayServiceConfiguration+xml





    Edge, url /action/configureServices, :





    POST https://vCD-fqdn/api/admin/edgeGateway/XXXX/action/configureServices





.





. XML Edge , api. – vCloud Director, . , , .







More articles:


All Articles