OsvaldoRamirez
Contributor
Contributor

How to export objects, Groups DFW Rules, Services in NSX-T 3.2.0

Jump to solution

Hello community

We have to migrate Datacenter from location in two different sites
we have NSX-T Federation 3.2.0 to manage the migration of the two sites and we want to export the groups, services, rules, etc. from DFW on the other site

Unfortunately, in version 3.2.0 of NSX-T for Federation, when configuring Site A's location manager, the option to import discovered objects from Site A's local manager to the NSX-T Global Federation Manager is disabled.

Unfortunately upgrading NSX-T from 3.2.0 to 3.2.1 is impossible for us because my environment is very large (about 2500 VMs) and the migration process takes a long time.

We use NSX-T only for security functions and I use it to implement DFW rules

Is there a way to export these objects from NSX-T Site A to NSX-T Site B, either through a VMware tool, a 3rd party tool, some scripts that can help us through API calls or using PowerCLI, or some Work Around to do this task?

I would appreciate any information related to this topic.

Tags (1)
0 Kudos
1 Solution

Accepted Solutions
aggarwalvinay31
Enthusiast
Enthusiast

Hi,

You can use RestNSX as a third party tool but it will cost associated with it. There are couple of helper scripts for DFW backup and restore which you can give a try.

Use file - nsx-dfw-backup-n-restore.py

Or, there is another blog by Luca to export dfw rules without exporting System Owned entries, which you can refer as well and using Patch API you can import exported rules.

Blog - https://lucacamarda.wordpress.com/2020/08/20/exporting-the-nsx-t-dfw-configuration-via-the-policy-ap...

Script Location - https://github.com/lcamarda/blog/blob/master/nsxt_export_dfw.py

Please note, these are community scripts and as with any script, should be well tested before running in production to avoid any unfore.

View solution in original post

0 Kudos
3 Replies
aggarwalvinay31
Enthusiast
Enthusiast

Hi,

You can use RestNSX as a third party tool but it will cost associated with it. There are couple of helper scripts for DFW backup and restore which you can give a try.

Use file - nsx-dfw-backup-n-restore.py

Or, there is another blog by Luca to export dfw rules without exporting System Owned entries, which you can refer as well and using Patch API you can import exported rules.

Blog - https://lucacamarda.wordpress.com/2020/08/20/exporting-the-nsx-t-dfw-configuration-via-the-policy-ap...

Script Location - https://github.com/lcamarda/blog/blob/master/nsxt_export_dfw.py

Please note, these are community scripts and as with any script, should be well tested before running in production to avoid any unfore.

0 Kudos
OsvaldoRamirez
Contributor
Contributor

Thanks @aggarwalvinay31 

The lucamarada scripts served my purpose of exporting the DFW rules.

Cheers

Tags (1)
0 Kudos
Dave34
Enthusiast
Enthusiast

Many thanks for the tips

0 Kudos