Re: Can't apply NSX segment to VM in terraform scr...

Dura_lex · ‎02-08-2024

I have NSX 4.1.2 and vsphere 8

I use terraform for deploy resources

The code from NSX part:

resource "nsxt_policy_segment" "seg-dc" {
  display_name        = "DC-seg"
  description         = "Terraform provisioned Segment"
  transport_zone_path = data.nsxt_policy_transport_zone.tz1.path
  connectivity_path   = nsxt_policy_tier1_gateway.tier1_gw.path

   subnet {
    cidr        = "1.1.1.1/24"
  }
}

The code from Vsphere part:

# create VM
resource "vsphere_virtual_machine" "vm" {			
name             = "ter-test-01"			
resource_pool_id = "test-001"			
datastore_id     = data.vsphere_datastore.datastore.id			
folder           = "test-folder"			
			
num_cpus = 1			
memory   = 1024			
guest_id         = "other3xLinux64Guest"			
			
network_interface {			
  network_id = data.nsxt_policy_segment.seg-dc.id	
}			
			
disk {			
label = "disk0"			
size  = 15			
}			
wait_for_guest_net_timeout = -1			
wait_for_guest_ip_timeout  = -1	

depends_on = [nsxt_policy_segment.seg-dc]
}

End I recive an error about "No such network with name DC-seg"

Sreec · ‎02-09-2024

Can you give a consistent naming convention for the policy_segment, display_name, and retry the task?

resource "nsxt_policy_segment" "seg-dc" {
  display_name        = "DC-seg"

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered

Dura_lex · ‎02-09-2024

What do you mean under "consistent naming convention"? I've written my code above, and it looks exactly like that.

resource "nsxt_policy_segment" "seg-dc" {
  display_name        = "DC-seg"
  description         = "Terraform provisioned Segment"
  transport_zone_path = data.nsxt_policy_transport_zone.tz1.path
  connectivity_path   = nsxt_policy_tier1_gateway.tier1_gw.path
}

The segments are created with the names I specified. In the NSX GUI, I can see them, and I can manually attach these segments to any VM.

I try to create the data object:

data "nsxt_policy_segment" "seg-dc" {
id = "${nsxt_policy_segment.seg-dc.id}"
depends_on = [nsxt_policy_segment.seg-dc]

}

and use it in VM configuration -this give me an error about incorect network...

bmcb555 · ‎02-23-2024

Hi,

I haven't got TF available to me at the moment but I have got the CLI and REST APIs to confirm the behaviour, the ID from NSX and vSphere are not the same

I've blanked out most of the information as I do not want to share it but you can confirm it through TF using and verifying against an existing VM

data "vsphere_datacenter" "datacenter" {

name = "dc-01"

}

data "vsphere_virtual_machine" "template" {

name = "ubuntu-server-template"

datacenter_id = data.vsphere_datacenter.datacenter.id

}

output output {

value = data.vsphere_virtual_machine.template.network.id

}

I would break the creation of the segmentation into it's own module, output the name and then use a data output based on the name eg

data "vsphere_datacenter" "datacenter" {

name = "dc-01"

}

data "vsphere_network" "network" {

name = module.nsxsegement.name

datacenter_id = data.vsphere_datacenter.datacenter.id

}

Then call that into the creation of the VM, I'm fairly sure this will let you avoid using depends on as we have created the link between it all

resource "vsphere_virtual_machine" "vm" {

name = "ter-test-01"

resource_pool_id = "test-001"

datastore_id = data.vsphere_datastore.datastore.id

folder = "test-folder"

num_cpus = 1

memory = 1024

guest_id = "other3xLinux64Guest"

network_interface {

network_id = data.vsphere_network.network.id

}

disk {

label = "disk0"

size = 15

}

wait_for_guest_net_timeout = -1

wait_for_guest_ip_timeout = -1

}

All

Can't apply NSX segment to VM in terraform script