Workflows

In this article

Feature Description

ReSTNSX workflows are bulk automation tasks that will create objects in bulk. These workflows are multi-step in nature, can be customized and linked to other workflows. Simple workflows, on the other hand, are also singular in nature – meaning only one type of object (IP Set, dFW Rule, etc…) per workflow. Similar to other workflows, CSV import, pre-staging of configs and rollback (undo) are supported.

Minimum Release: 1.0 
Application: NSX-v, NSX T 
License: Enterprise 
Privilege level: Engineer or higher

Setup

No setup required. Once a data source (NSX-v or NSX T) is added, this feature is enabled.

Select Workflow

To begin using Workflows, navigate to the main dashboard and select a pre-defined workflow or custom.

Pre-Defined Workflow Example

The following is an example of a Security workflow where all the steps needed for deploying micro-segmentation are provided. Each step provides manual and CSV-based input similar to Simple Workflows. All are not required steps to complete a workflow but are provided in a sequence if dependencies are created.

Dependencies

ReSTNSX supports the creation of dependent objects where one step of the workflow can reference objects pending creation in another step of a workflow. An example of this is illustrated below where a Security Tag named Pending Tag was created in Step 1 of a workflow and is then able to be referenced in Step 2 of a workflow for attaching it to a virtual machine. These are referred to as pending objects and pending relationships.

Pending Object (Security Tag)

Pending Relationship (Security Tag assigned to a VM)

Note that neither the pending Security Tag nor the VM relationship exist yet on NSX. These are pending objects and relationships that only exist within ReSTNSX until published.

Custom Workflow

Custom workflows are multi-step workflows that are user defined. To create a custom workflow, click the green + icon in the Workflows section. This will load the custom workflow definition page where the user will enter the workflow name and select one or more steps to be included. The following example illustrates a two step workflow with Security Tags and Security Tag attachment.

When the workflow is saved, it appears on the dashboard and is ready to be used. To begin the workflow, select the green play button.

Custom workflows are repeatable until deleted

Upon launching, only the desired two steps – Security Tag creation and VM Association – are displayed. The remaining steps are the same as simple and multi-step workflows.

CSV Templates and Storage

Every object type (Security Tag, IP Set, etc…) has a corresponding downloadable template with sample data for reference.

CSV templates are available within each workflow type. The template can be downloaded for data input and then uploaded directly into the workflow itself. Below is an example of a Security Tag template provided.

Completed CSV files can also be stored on-box for quick reference or as a “golden template” for repeatable builds that require objects to be accurate each time. To access previously uploaded or to manage the CSV files, navigate to Admin > Files.

Enterprise Admin permissions are required to add, edit or delete on-box CSV files. Other users can only reference them in any given workflow.

On the Files page, upload, download, view and edit functions are available. Additionally, there is a templates bundle available for download that contains all of the pre-defined system templates with sample data.

Completing a workflow

Once all the data has been entered, continue to the next step of the workflow by clicking Next in the top right corner of the workflow. This will bring the user to job preview screen where the session can be saved for immediate or future execution. In this example, we will save the job as Create Security Tags.

XML or JSON preview toggling is supported for every API call
Users can copy / export the API calls and contents for use in 3rd party tools or their own custom scripts

At this point, the user can navigate away from the workflow to return at a later date. The job is saved and can be launched from the purple pull-out tab on the top right of the page.

Saved jobs are stored on the ReSTNSX appliance for 45 days. Note that the jobs are NOT saved in the event of an upgrade.

Managing saved workflows

Enterprise Administrators can delete any previously saved workflows by navigating to the Saved Workflow tab and clicking the Manage button.

Launching a workflow

When selecting a job from the saved jobs menu, the user is returned to the same job preview screen as before where the job can be run. Upon clicking Publish, the API calls are executed with verbose logging and progress indicators against the active data source (NSX, vCenter, etc…).

Job Metrics

Processing – the number of objects that have been processed by ReSTNSX and are ready to be created, edited or deleted.

Jobs Complete – the number of objects from the total processed that were successfully created, edited or deleted. The resultant object names, IDs and API return messages are stored in the More Info button once the job is completed.

Errors – the number of objects from the total processed that were not created, edited or deleted. The processed objects that failed are stored in the More Info button once the job is completed.

Once this job is complete, the results can be validated directly on the data source itself or within ReSTNSX. In our use case, we use the ReSTNSX Query on the right hand side of the application to validate the objects were indeed created.

Rollback

Up to 45 days after the job has been run, users can return to the same saved job to rollback (undo) any create or edit publish by clicking the Rollback button on the publish screen.

Rollback of workflows where objects were being deleted are not supported. Once an object is deleted, it cannot be recovered.
Was this article helpful?
Dislike 0
Views: 127