lhc2281bu intriguing integrations with vmware cloud … · intriguing integrations with vmware...
TRANSCRIPT
Matt Dreyer, Director Product ManagementBrian Graf, Sr Technical Marketing Manager
LHC2281BU
#VMWonAWS
Intriguing Integrations with VMware Cloud on AWS, EC2, S3, Lambda, and more…
VMworld 2017 Content: Not fo
r publication or distri
bution
Disclaimer
• This presentation may contain product features that are currently under development
• Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind
• Technical feasibility and market demand will affect final delivery
• Pricing and packaging for any new technologies or features discussed or presented have not been determined
VMworld 2017 Content: Not fo
r publication or distri
bution
Partnering to deliver a game-changing solution
✓ Leading private compute, storage, and
network virtualization capabilities
✓ Support for broad range of workloads
✓ De facto standard for the on-premises
enterprise
✓ Global scale and reach
✓ Flexible consumption economics
✓ Broadest set of cloud services
✓ Elastic infrastructure on demand
Uniting the leaders in private and public cloud services
+
VMworld 2017 Content: Not fo
r publication or distri
bution
AWS Global Infrastructure
VMware Cloud™ on AWSPowered by VMware Cloud Foundation
AWS Global InfrastructureCustomer Data Center
vSphere vSAN NSX
Operational
Management
Native AWS Services
Amazon
EC2
Amazon
S3
Amazon
RDS
AWS
Direct
Connect
AWS IAMAWS IoT
…
…
…
…
vRealize Suite, vSphere Integrated Containers, ISV Ecosystem
vCentervCenter
VMware Cloud on AWS
• ESXi on Dedicated Hardware
• Support for VMs and Containers
• vSAN on Flash and EBS Storage
• Replication and DR Orchestration
• NSX Spanning on-premises and Cloud
• Advanced Networking & Security Services
AWS Global Infrastructure
VMworld 2017 Content: Not fo
r publication or distri
bution
Let’s start with a little tour of the SDDC
6
VMworld 2017 Content: Not fo
r publication or distri
bution
VMware Cloud on AWSPlatform API Introduction
VMworld 2017 Content: Not fo
r publication or distri
bution
VMware Cloud on AWS Platform API Overview
• VMC Exposes three API surfaces that work together to provide end-to-end functionality
– Console, VMC, vCenter
• All APIs adhere to modern API standards
– RESTful
• HTTP Verbs - GET, POST, DELETE, PATCH
– JSON
• Dictionaries with Key – Value pairs
– OAuth
• Authentication tokens as part of the HTTP Header
• Documentation provided inline and online
CONFIDENTIAL 8
console.cloud.vmware.com
vmc.vmware.com
vcenter.{customer}.vmc.vmware.comVMworld 2017 Content: N
ot for publicatio
n or distribution
VMware Cloud on AWS API Reference documentation
• VMware Cloud Console API documentation
– Operations for Authentication, Users, and Organizations
– https://console.cloud.vmware.com/csp/gateway/api-docs
• VMware Cloud on AWS API documentation
– Operations for SDDCs
– https://vmc.vmware.com/swagger/index.html#/
• vCenter REST API documentation
– Operations for vCenter and Virtual Machines
– https://code.vmware.com/apis/191/vsphere-automation
CONFIDENTIAL 9
VMworld 2017 Content: Not fo
r publication or distri
bution
CONFIDENTIAL10
console.cloud.vmware.com
vmc.vmware.com
vcenter.{customer}.vmc.vmware.comVMworld 2017 Content: N
ot for publicatio
n or distribution
Key Cloud Console API Endpoints (Orgs & Users)
• console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize
– Authenticate to CSP and retrieve a “csp-auth-token”
• console.cloud.vmware.com/csp/gateway/am/api/orgs/{org id}/users?expand=1
– Display information about all users in an Org
• console.cloud.vmware.com/csp/gateway/am/api/orgs/{org id}/invitations
– Invite a user to an Org
• console.cloud.vmware.com/csp/gateway/am/api/users/{user id}
– Remove a user from an Org
CONFIDENTIAL 11
VMworld 2017 Content: Not fo
r publication or distri
bution
Simple example – Login and list Org Users#API Key obtained manually from the VMC Console
myAPIKey = “91e555b9-4553-4558-a551-df55055bc55e”
#Get an Auth Token
myHeader = {'refresh_token': myAPIKey}
Token = requests.post(
'https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize', \
params = myHeader)
#List the Users in my Org, with an OrgID obtained manually from the VMC Console
myHeader = {'csp-auth-token' : Token}
Users = requests.get(
‘https://console.cloud.vmware.com/csp/gateway/am/api/orgs/a45s/users?expand=1’, \
params = myHeader)
#print out the Users in my Org
Print (Users)
CONFIDENTIAL 12
VMworld 2017 Content: Not fo
r publication or distri
bution
CONFIDENTIAL13
console.cloud.vmware.com
vmc.vmware.com
vcenter.{customer}.vmc.vmware.comVMworld 2017 Content: N
ot for publicatio
n or distribution
Key VMC API Endpoints (SDDC)
• vmc.vmware.com/vmc/api/orgs/{org id}/sddcs
– Provision an SDDC or display information about all existing SDDCs in an Org
• vmc.vmware.com/vmc/api/orgs/{org id}/sddcs/{sddc id}
– Destroy an SDDC or display detailed information about an existing SDDC
• vmc.vmware.com/vmc/api/orgs/{org id}/sddcs/{sddc id}/esxs
– Provision or destroy a host from an SDDC or display information about all hosts in an SDDC
• vmc.vmware.com/vmc/api/orgs/{org id}/sddcs/{sddc id}/publicips
– Provision a Public IP address for an SDDC
• vmc.vmware.com/vmc/api/orgs/{org id}/sddcs/{sddc id}/dns
– Configure DNS settings for the SDDC
CONFIDENTIAL 14
VMworld 2017 Content: Not fo
r publication or distri
bution
Simple example – Login and list SDDCs#API Key obtained manually from the VMC Console
myAPIKey = “91e555b9-4553-4558-a551-df55055bc55e”
#Get an Auth Token
myHeader = {'refresh_token': myAPIKey}
Token = requests.post(
'https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize', \
params = myHeader)
#List the SDDCs with my OrgID obtained manually from the VMC Console
myHeader = {'csp-auth-token' : Token}
SDDCs = requests.get(
‘https://vmc.vmware.com/vmc/api/orgs/a45s-a45s-a45s/sddcs’, \
params = myHeader)
#print out the SDDCs for my Org
Print (SDDCs)
CONFIDENTIAL 15
VMworld 2017 Content: Not fo
r publication or distri
bution
CONFIDENTIAL16
console.cloud.vmware.com
vmc.vmware.com
vcenter.{customer}.vmc.vmware.comVMworld 2017 Content: N
ot for publicatio
n or distribution
Key vCenter API Endpoints (VMs)
• vcenter.{SDDC IP}.vmc.vmware.com/rest/com/vmware/cis/session
– Login and obtain an API token “vmware-api-session-id”
• vcenter.{SDDC IP}.vmc.vmware.com/rest/vcenter/vm
– List all of the VMs running in an SDDC
• vcenter.{SDDC IP}.vmc.vmware.com/rest/vcenter/vm?filter.resource_pools=resgroup-55
– List all of the Customer Workload VMs running in an SDDC
• vcenter.{SDDC IP}.vmc.vmware.com/rest/com/vmware/content/library
– List all of the Content Libraries in an SDDC (requires additional calls)
CONFIDENTIAL 17
VMworld 2017 Content: Not fo
r publication or distri
bution
Example – Get an API session token for vCenter Server#Get vCenter connection details from VMC
myHeader = {'csp-auth-token' : sessiontoken}
SDDCs = requests.get(
‘https://vmc.vmware.com/vmc/api/orgs/a45s-a45s-a45s/sddcs/5555-555-555-555’, \
params = myHeader)
#Create variables from the response
vCenterURL = SDDCs['vcenter_url']
vCenterUsername = SDDCs['cloud_username']
vCenterPassword = SDDCs['cloud_password']
#Now get an API token from vcenter
myURL = vCenterURL + "rest/com/vmware/cis/session"
token = requests.post(myURL, auth=(vCenterUsername,vCenterPassword))
#create a variable to store the session token
vCenterAuthHeader = {'vmware-api-session-id':token}
CONFIDENTIAL 18
VMworld 2017 Content: Not fo
r publication or distri
bution
Example – List all of the VMs running in an SDDC#Assume that we already got a token from vCenter
vCenterAuthHeader = {'vmware-api-session-id': abcd-2345-defg-7890}
#List the VMs managed by vCenter Server
VMs = requests.get(“https://vcenter.sddc-34-53-23-6.vmc.vmware.com/rest/vcenter/vm”, \
headers=vCenterAuthHeader)
#print out the VMs in my SDDC
Print(VMs)
CONFIDENTIAL 19
VMworld 2017 Content: Not fo
r publication or distri
bution
Interesting Integrations!(please try this at home!)
VMworld 2017 Content: Not fo
r publication or distri
bution
A simple application for self-service Virtual Machines
• Static Website hosted in an S3 bucket calls vCenter APIs to create Virtual Machines in VMC
AWS
Lambda
Amazon
S3
SDDC
VMware Cloud
on AWS
Amazon
Cognito
VMworld 2017 Content: Not fo
r publication or distri
bution
Post SDDC Inventory to Slack every day
• AWS CloudWatch Events (think cron) fire a Lambda function every today to query vCenter for inventory information that is then posted to a Slack channel.
AWS
Lambda
SDDC
VMware Cloud
on AWSAWS
CloudWatch
Event
Slack
#Channel
VMworld 2017 Content: Not fo
r publication or distri
bution
Post SDDC Inventory to Slack every day
24
VMworld 2017 Content: Not fo
r publication or distri
bution
Single click: Add VMs to the SDDC cluster
+1
VMware Cloud VPC
AWS IoT
AWS Lambda
VMworld 2017 Content: Not fo
r publication or distri
bution
Alexa Skill for VMC Status
• Simple Alexa Skill retrieves information about the SDDC from the VMC API
AWS
Lambda
SDDC
VMware Cloud
on AWSAlexa
Skill
VMworld 2017 Content: Not fo
r publication or distri
bution
Get the code!
• All code demonstrated in the session today is available on Github!
• https://github.com/vmware
32
VMworld 2017 Content: Not fo
r publication or distri
bution