top of page
  • Rajeshkumar M

SRM - Automatic NSX-T Global Manager Active/Passive during recovery


In NSX-T federation, if the primary site running active global manager failed then the global manager in secondary site needs to be promoted as active manually or through api.

To automate this along with SRM recovery, I have created a simple shell script to call from SRM appliance when the recovery plan named globa-manager-recovery (you can use any name and update in script) runs. The principle identity authentication is not working, so I used encoded credentials to authenticate with NSX api.


I placed the script in both primary and recovery SRM appliance to call and make global manager active during fail over and fail back accordingly. I used shell scrip because it doesn't require any library/api dependency.


Placed this script under /home/admin/global-manager-recovery.sh in recovery site-A SRM appliance.


to encode the credential i used echo -n "username:password" | base64

nsxgfqdn="site-B-NSX-fqdn/IP"
gmdisplayName="Site-B-GM"
cred="YWRtaW46Vk13YXJlQDEhVk13YXJlQDEh"
recovery_plan="global-manager-recovery"
if [ $VMware_RecoveryMode == 'recovery' ] && [ $VMware_RecoveryName == $recovery_plan ]
then
gmID=`curl -k -s -X GET -H "Authorization:Basic $cred" https://$nsxgfqdn/global-manager/api/v1/search/query?query=display_name:$gmdisplayName AND resource_type:GlobalManager | grep "id" | awk '{print $3}' | cut -d '"' -f 2 | tail -n 1`
curl -k -s -X PATCH https://$nsxgfqdn/global-manager/api/v1/global-infra/global-managers/$gmID \
    -H "Content-Type: application/json" \
    -H "Authorization:Basic $cred" \
    -d "{\"display_name\":\"$gmdisplayName\",\"mode\":\"ACTIVE\"}"
fi

Placed same script with other nsx server fqdn/credentials under /home/admin/global-manager-recovery.sh in primary site SRM appliance this will be called during fail back if we want reverse the NSX global manager active state during fail back.


nsxgfqdn="site-A-NSX-fqdn/IP"
gmdisplayName="Site-A-GM"
cred="YWRtaW46Vk13YXJlQDEhVk13YXJlQDEh"
recovery_plan="global-manager-recovery"
if [ $VMware_RecoveryMode == 'recovery' ] && [ $VMware_RecoveryName == $recovery_plan ]
then
gmID=`curl -k -s -X GET -H "Authorization:Basic $cred" https://$nsxgfqdn/global-manager/api/v1/search/query?query=display_name:$gmdisplayName AND resource_type:GlobalManager | grep "id" | awk '{print $3}' | cut -d '"' -f 2 | tail -n 1`
curl -k -s -X PATCH https://$nsxgfqdn/global-manager/api/v1/global-infra/global-managers/$gmID \
    -H "Content-Type: application/json" \
    -H "Authorization:Basic $cred" \
    -d "{\"display_name\":\"$gmdisplayName\",\"mode\":\"ACTIVE\"}"
fi





Fig 1




Include in recovery plan step 6 to call this script from SRM.





Fig 2


Fig 2, Global manager recover script as Command on SRM server








NSX-T version and global manager status before and after recovery Fig 3/Fig4





Fig 3




Fig 4

47 views0 comments

Recent Posts

See All

vSphere Tags to NSX-T Tags

I created a simple powercli script to copy the vSphere Tags to NSX-T, it helped me to copy the NSX-T tags on the recovery VM's in...

Comments


bottom of page