Migrate VSS based portgroups to NSX-T VLAN backed segments in an N-VDS

Recently I worked on a customer engagement where I installed NSX-T into their environment. After the installation, a migration needed to be done from the VSS port groups (VLAN backed) to the NSX-T Segments (VLAN backed).

This customer initially did not intend to use the distributed routing features from NSX-T. The hosts were prepped with the NSX bits to be able to configure an N-VDS to the host. The use case for this was micro-segmentation with vRealize Network Insight.

I am not covering the initial steps which I needed to perform in detail, since I want to share the script that I used for the virtual machines instead of explaining the whole migration plan.

High over the following steps were performed;

Install NSX-T Manager
Add Compute Manager (vCenter)
Create two transport node profiles
- 1-PNIC-Migration-TN-Profile (only configure 1 vmnic to the N-VDS, the other ‘leg’ is still on the VSS)
- 2-PNIC-Final-TN-Profile (both vmnics are configured on the N-VDS, this profile is applied after the Virtual Machine migration)
Create migration script;
Apply final Transport Node Profile (requires maintenance mode per ESXi host)

The customer had to migrate approximately 3000 VMs in different batches and timeframes. The script I wrote is levering a single *.csv file with only VM names like this;

vmname
example-vm1
example-vm2
example-vm3
..
..

###########################################################################

VM VSS to N-VDS Migration – (W. Geelhoed ) #

###########################################################################

Get-Module-ListAvailable VMware*|Import-Module

##Infra-Variables##

$vcenterserver = “”

$vcenteradmin = “”

$vcenteradminpw = “”

#VMs to be migrated to N-VDS in this batch##

$vmlist = Import-Csv “vms_to_migrate.csv”

##Connect to vCenter##

write-host Connecting to vCenter Server instance $vcenterserver -ForegroundColor Yellow

Connect-VIServer $vcenterserver -User $vcenteradmin -Password $vcenteradminpw -Force

##Show NSX based networks##

Get-View -ViewType OpaqueNetwork | Select-Object Name

##Migration##

foreach ($row in $vmlist) {

$vm=$row.vmname

$connectedportgroups = Get-vm $vm | Get-VirtualPortGroup | Select-Object name

foreach ($portgroup in $connectedportgroups) {

$portgroup = $portgroup.name

if (($portgroup) -eq “PORTGROUPNAME” ) { Write-host “VM $VM is selected for network migration for $portgroup to N-VDS” -ForegroundColor Green

Get-vm $vm | Get-NetworkAdapter | where {$_.NetworkName -eq “PORTGROUPNAME“} | Set-NetworkAdapter -NetworkName “NSXTSEGMENTNAME” -confirm:$false | Format-List | Out-Null}

else { Write-host “$portgroup no match, skipping.” -ForegroundColor Yellow }

##You can add as many if-else statements here as you need. In my original script, I had 30 of them since I had 30 source port groups to migrate from

PORTGROUPNAME = Name of VSS based Portgroup on ESXi host

NSXTSEGMENTNAME = Name of NSX-T Segment which holds the VLAN tag in the config
##

}

#Disconnect vcenter server

Disconnect-VIServer -Force -Confirm:$False

###########################################################################

source:
vmware.com

versions:
vSphere 6.5 U3
NSX-T 2.5.1
PowerCLI: 10+

If you have any questions or remarks, feel free to reach out!

3 comments

Iwan Hoogendoorn says:

March 3, 2020 at 13:18

Awesome script and work Wesley!

LikeLike

Martin Pika says:

November 15, 2020 at 12:39

Hello Wesley,
just curious, were in the case you mentioned only N-VDS segments used at the end? So all migrated VSS portgroups were removed? I´m thinking whether there is an overhead when using NSX-T segments compared to traditional VDS portgroups when not using NSX-T features.
Thank.
Martin

LikeLike

1. Wesley Geelhoed says:
  
  November 16, 2020 at 15:32
  
  Hi Martin,
  
  In this case almost all VSS port groups were removed. There is no real overhead using VLAN backed NSX-T segments compared to traditional VDS.VSS Portgroups. In the end it is also a port group with just a VLAN ID.
  
  LikeLike