VMware Cloud Community
avarcher
Commander
Commander

vApp deployment and NAT rules retention

Help appreciated ...

  • I create a vApp with multiple VMs

  • I enable NAT
  • I create ONE NAT rule (manual or automatic\port or IP all behave the same as far as I can see), to be clear just ONE VM has a NAT rule in the original vApp
  • I create a template from it
  • I deploy a new vApp from the template and ALL of the VMs in the vApp have NAT rules.

I need the NAT rules in the deployed vApp to be the same as the original vApp. I cannot find anything to help me on it hence the post.

vCD 5.5, VCNS 5.5, vSphere 5.5. Attached screenshots show the original vApp and the deployed vApp.

Any specific or general advice would be appreciated.

Thanks, Andy.

Message was edited by: Andy Archer

Tags (2)
Reply
0 Kudos
4 Replies
TeKilla79
Enthusiast
Enthusiast

i hope that i understand your situation correctly, you can retrieve and change settings from the network section of an vapp via the rest api

http://pubs.vmware.com/vcd-51/topic/com.vmware.ICbase/PDF/vcd_51_api_guide.pdf <- Page 114

example: update a networkconfigsection

http://pubs.vmware.com/vcd-51/topic/com.vmware.ICbase/PDF/vcd_51_api_guide.pdf#unique_81_Connect_42_...

retrieve network/nat details from the original vapp and compare this with the deployed vapp

if it is neccesary, change the nat rules in the deployed vapp

Reply
0 Kudos
cfor
Expert
Expert

A little more detail might be needed in your example, the rules are suppose to stay, if they are not open a case with support.

That said a few things can cause them to go away, and is expected behavior: deploying to a new org, changing the uplink(parent) network.  Under some conditions these events can drop firewall and NAT rules.  (Also make sure when adding to catalog to select, Make Identical Copy" - or the system needs  to re-internal ip/ and re-mac the vm's; something you should not need to do if using a vAppNetwork)

You might want to layout the whole flow so we can understand if working as expected, or if this is a bug (v5.1 had some bugs in this area, most appear to have been fixed with v5.5)

ChrisF (VCP4, VCP5, VCP-Cloud) - If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful
Reply
0 Kudos
avarcher
Commander
Commander

Hi and thanks.

Its not disappearing rules that is the problem.

  • I have multliple VMs in the original vApp and only 1 VM has a rule set on it.
  • I copy it to the catalog (identical copy)
  • I then 'Add a vApp from Catalog' I change only the name.

In the new vApp ALL the VMs geta NAT rule.

I want only one VM to have a NAT rule.

I would rather not have to resort to the REST API, and I know it could fix this but I'd like the vApp object to be repeatable.

Thanks, Andy.

Reply
0 Kudos
IamTHEvilONE
Immortal
Immortal

when a vapp network which has nat enabled is deployed, I think we automatically check if there is a NAT on the primary NIC interface.  if not, then we auto-map one.  In this sense I think this is normal operation during the deployment phase.

you might be able to create 2 vapp networks, one for internal and one for external, do the manual mapping for the one VM and then don't even connect the other externally.

Reply
0 Kudos