I have created a Security Group with the scope of a PortGroup via the REST API. I am now trying to add a vNIC to it, also via the REST API.
To help illustrate I have a VM JMTest1 with 1 vNIC connected to the PortGroup that is the scope of the Security Group. When I edit this Security Group the first item in the list that could be added into the group is the first (and only) vNIC of JMTest1.
To add it via the REST API I need to supply the following:
https://192.168.x.x/api/2.0/services/securitygroup/securitygroup-xx/members/<member-moref>
i.e. I need to figure out what is the <member-moref> for the vNIC of JMTest1 and this is what I am having trouble with.
If I add the vNIC via the GUI and then query the Security Group it gives me the below response:
<securitygroup>
<objectIdobjectId>securitygroup-xx</objectId>
<type>
<typeName>SecurityGroup</typeName>
</type>
<name>JMTest7</name>
<description />
<revision>9</revision>
<objectTypeName>SecurityGroup</objectTypeName>
<scope>
<id>dvportgroup-xxxxx</id>
<objectTypeName>DistributedVirtualPortgroup</objectTypeName>
<name>dv-xxxxx</name>
</scope>
<extendedAttributes />
<inheritanceAllowed>false</inheritanceAllowed>
<member>
<objectId>500758f6-b97b-7a79-0c04-996f53edf3f0.000</objectId>
<type>
<typeName>Vnic</typeName>
</type>
<name>JMTest1 - Network adapter 1</name>
<revision>6</revision>
<objectTypeName>Vnic</objectTypeName>
<scope>
<id>vm-xxxxx</id>
<objectTypeName>VirtualMachine</objectTypeName>
<name>JMTest1</name>
</scope>
<extendedAttributes />
</member>
</securitygroup>
So it looks like the <member-moref> for the vNIC of JMTest1 is <objectId>500758f6-b97b-7a79-0c04-996f53edf3f0.000</objectId>
If I now run:
then the vNIC is successfully added to the Security Group. (yay!) So I am now left with the task of how to get
<objectId>500758f6-b97b-7a79-0c04-996f53edf3f0.000</objectId>
from a vNIC?
I've examined the object in the vCenter Mob and via PowerCLI, but can't see how to derive it.
Anyone know the answer to this?
The vnic uuid is created by concatenating the vm instanceUuid + "." + the last three digits of the vnic device key. (The vnic is found in the config.hardware.device field of the vm and the key will be of the form 4xxx, where xxx is the 3 digits that you need.)
The vnic uuid is created by concatenating the vm instanceUuid + "." + the last three digits of the vnic device key. (The vnic is found in the config.hardware.device field of the vm and the key will be of the form 4xxx, where xxx is the 3 digits that you need.)
There is an API to get all nics for a given VM moid
https://<ip>/api/2.0/services/inventory/vm/<moid>/vnics
There is an API available in SecurityGroup to get all applicable member for a given type
https://<ip>/api/2.0/services/securitygroup/scope/globalroot-0/members/Vnic
Hope this helps.
@vSx - thank you, that's just what I needed!
@mahaines - thank you also for the additional info. Had a couple of issues with those URLs though (vShield version 5.5.0a):
https://<ip>/api/2.0/services/inventory/vm/<moid>/vnics
returns a 404 Not Found, e.g.
https://192.168.x.x/api/2.0/services/inventory/vm/vm-15669/vnics
same with https://192.168.x.x/api/2.0/services/inventory/vm/
and also the same with the second URL
https://192.168.x.x//api/2.0/services/securitygroup/scope/globalroot-0/members/Vnic
I did have some success though with:
https://192.168.x.x/api/2.0/services/securitygroup/scope/datacenter-xx/members/
https://192.168.x.x/api/2.0/services/securitygroup/scope/portgroup-xxxxx/members/
i.e. a datacenter or portgroup scope and no Vnic on the end returns multiple results. From there I was able identify the vnic I was looking for and the objectId.
However, was not able to progress that URL down further to just vnics as I'm guessing that's where the addition of the /Vnic was heading?
Ah! My bad - I just assumed (incorrectly) this was NSX for vSphere! Just for completeness here is why is returned :
$ https://<nsxmgr-ip>/api/2.0/services/securitygroup/scope/globalroot-0/members/Vnic | python -m json.tool
Returns (Example):
{
"clientHandle": "",
"extendedAttributes": [],
"name": "esxvm-99-setup3-<IP> - Network adapter 1",
"objectId": "503497ec-1d9c-501e-8b06-3bdb54d57bcd.000",
"objectTypeName": "Vnic",
"revision": 2,
"scope": {
"id": "vm-7258",
"name": "esxvm-99-setup3-<IP>",
"objectTypeName": "VirtualMachine"
},
"type": {
"name": "Vnic"
},
"vsmUuid": "423440C0-11EB-8C30-05A3-4092EEBC968A"
},
{
"clientHandle": "",
"extendedAttributes": [],
"name": "esxvm-39-setup2-<IP> - Network adapter 1",
"objectId": "503460dc-619f-c87c-d2b3-e734652f265f.000",
"objectTypeName": "Vnic",
"revision": 2,
"scope": {
"id": "vm-7459",
"name": "esxvm-39-setup2-<IP>",
"objectTypeName": "VirtualMachine"
},
"type": {
"name": "Vnic"
},
"vsmUuid": "423440C0-11EB-8C30-05A3-4092EEBC968A"
},
{
"clientHandle": "",
"extendedAttributes": [],
"name": "esxvm-103-setup3-<IP> - Network adapter 2",
"objectId": "50347b63-17ec-8298-29b4-6198fc802133.001",
"objectTypeName": "Vnic",
"revision": 3,
"scope": {
"id": "vm-7262",
"name": "esxvm-103-setup3-<IP>",
"objectTypeName": "VirtualMachine"
},
"type": {
"name": "Vnic"
},
"vsmUuid": "423440C0-11EB-8C30-05A3-4092EEBC968A"
},
{
"clientHandle": "",
"extendedAttributes": [],
"name": "esxvm-184-setup3-<IP> - Network adapter 3",
"objectId": "5034bbaa-207f-6a9d-6dbc-19bc65f3a334.002",
"objectTypeName": "Vnic",
"revision": 3,
"scope": {
"id": "vm-7343",
"name": "esxvm-184-setup3-<IP>",
"objectTypeName": "VirtualMachine"
},
"type": {
"name": "Vnic"
},
"vsmUuid": "423440C0-11EB-8C30-05A3-4092EEBC968A"
}
And https://<ip>/api/2.0/services/inventory/vm/<moid>/vnics returns :
https://<nsxmgr-ip>/api/2.0/services/inventory/vm/vm-7262/vnics | python -m json.tool
{
"basicDomainObjects": [
{
"clientHandle": "",
"extendedAttributes": [],
"name": "esxvm-103-setup3-<IP> - Network adapter 1",
"objectId": "50347b63-17ec-8298-29b4-6198fc802133.000",
"objectTypeName": "Vnic",
"revision": 2,
"scope": {
"id": "vm-7262",
"name": "esxvm-103-setup3-<IP>",
"objectTypeName": "VirtualMachine"
},
"type": {
"name": "Vnic"
},
"vsmUuid": "423440C0-11EB-8C30-05A3-4092EEBC968A"
},
{
"clientHandle": "",
"extendedAttributes": [],
"name": "esxvm-103-setup3-<IP> - Network adapter 2",
"objectId": "50347b63-17ec-8298-29b4-6198fc802133.001",
"objectTypeName": "Vnic",
"revision": 3,
"scope": {
"id": "vm-7262",
"name": "esxvm-103-setup3-<IP>",
"objectTypeName": "VirtualMachine"
},
"type": {
"name": "Vnic"
},
"vsmUuid": "423440C0-11EB-8C30-05A3-4092EEBC968A"
},
{
"clientHandle": "",
"extendedAttributes": [],
"name": "esxvm-103-setup3-<IP> - Network adapter 3",
"objectId": "50347b63-17ec-8298-29b4-6198fc802133.002",
"objectTypeName": "Vnic",
"revision": 3,
"scope": {
"id": "vm-7262",
"name": "esxvm-103-setup3-<IP>",
"objectTypeName": "VirtualMachine"
},
"type": {
"name": "Vnic"
},
"vsmUuid": "423440C0-11EB-8C30-05A3-4092EEBC968A"
},
{
"clientHandle": "",
"extendedAttributes": [],
"name": "esxvm-103-setup3-<IP> - Network adapter 4",
"objectId": "50347b63-17ec-8298-29b4-6198fc802133.003",
"objectTypeName": "Vnic",
"revision": 3,
"scope": {
"id": "vm-7262",
"name": "esxvm-103-setup3-<IP>",
"objectTypeName": "VirtualMachine"
},
"type": {
"name": "Vnic"
},
"vsmUuid": "423440C0-11EB-8C30-05A3-4092EEBC968A"
},
{
"clientHandle": "",
"extendedAttributes": [],
"name": "esxvm-103-setup3-<IP> - Network adapter 5",
"objectId": "50347b63-17ec-8298-29b4-6198fc802133.004",
"objectTypeName": "Vnic",
"revision": 3,
"scope": {
"id": "vm-7262",
"name": "esxvm-103-setup3-<IP>",
"objectTypeName": "VirtualMachine"
},
"type": {
"name": "Vnic"
},
"vsmUuid": "423440C0-11EB-8C30-05A3-4092EEBC968A"
}
]
}
The APIs which I mentioned previously are not available on the vCloud Networking and Security v5.5.0 build (sorry).
There is another API that returns all applicable member(s) for a securitygroup :
https://<ip>/api/2.0/services/securitygroup/scope/globalroot-0/members
Also, you asked about the <objectId>500758f6-b97b-7a79-0c04-996f53edf3f0.000</objectId> and how it is derived.
If a vm has an instance UUId: 50104df1-6db3-c80c-d1c5-c7e2d98d1362 (https://<vc>/mob/?moid=vm-9436&doPath=summary.config) and if there are 3 nics associated with it then the nic ids will be 50104df1-6db3-c80c-d1c5-c7e2d98d1362.000 - 50104df1-6db3-c80c-d1c5-c7e2d98d1362.001 and 50104df1-6db3-c80c-d1c5-c7e2d98d1362.002
Hope this helps.
-Michael
Thanks for the extra info 🙂
I know this is really old post however it helped me a lot to find out the vnic uuid. I was completely lost until I found this thread. Thanks very much