Migrate VSS based portgroups to NSX-T VLAN backed segments in an N-VDS

Recently I worked on a customer engagement where I installed NSX-T into their environment. After the installation, a migration needed to be done from the VSS port groups (VLAN backed) to the NSX-T Segments (VLAN backed).

This customer initially did not intend to use the distributed routing features from NSX-T. The hosts were prepped with the NSX bits to be able to configure an N-VDS to the host. The use case for this was micro-segmentation with vRealize Network Insight.

I am not covering the initial steps which I needed to perform in detail, since I want to share the script that I used for the virtual machines instead of explaining the whole migration plan.

High over the following steps were performed;

  • Install NSX-T Manager
  • Add Compute Manager (vCenter)
  • Create two transport node profiles
    • 1-PNIC-Migration-TN-Profile (only configure 1 vmnic to the N-VDS, the other ‘leg’ is still on the VSS)
    • 2-PNIC-Final-TN-Profile (both vmnics are configured on the N-VDS, this profile is applied after the Virtual Machine migration)
  • Create migration script;
  • Apply final Transport Node Profile (requires maintenance mode per ESXi host)

The customer had to migrate approximately 3000 VMs in different batches and timeframes. The script I wrote is levering a single *.csv file with only VM names like this;

vmname
example-vm1
example-vm2
example-vm3
..
..

###########################################################################
VM VSS to N-VDS Migration – (W. Geelhoed ) #
###########################################################################
Get-Module-ListAvailable VMware*|Import-Module
##Infra-Variables##
$vcenterserver = “”
$vcenteradmin = “”
$vcenteradminpw = “”
#VMs to be migrated to N-VDS in this batch##
$vmlist = Import-Csv “vms_to_migrate.csv”
##Connect to vCenter##
write-host Connecting to vCenter Server instance $vcenterserver -ForegroundColor Yellow
Connect-VIServer $vcenterserver -User $vcenteradmin -Password $vcenteradminpw -Force
##Show NSX based networks##
Get-View -ViewType OpaqueNetwork | Select-Object Name
##Migration##
foreach ($row in $vmlist) {
$vm=$row.vmname
$connectedportgroups = Get-vm $vm | Get-VirtualPortGroup | Select-Object name
foreach ($portgroup in $connectedportgroups) {
$portgroup = $portgroup.name
if (($portgroup) -eq “PORTGROUPNAME” ) { Write-host “VM $VM is selected for network migration for $portgroup to N-VDS” -ForegroundColor Green
Get-vm $vm | Get-NetworkAdapter | where {$_.NetworkName -eq “PORTGROUPNAME“}  | Set-NetworkAdapter -NetworkName “NSXTSEGMENTNAME” -confirm:$false | Format-List | Out-Null}
else { Write-host $portgroup no match, skipping.” -ForegroundColor Yellow }

##You can add as many if-else statements here as you need. In my original script, I had 30 of them since I had 30 source port groups to migrate from

PORTGROUPNAME = Name of VSS based Portgroup on ESXi host

NSXTSEGMENTNAME = Name of NSX-T Segment which holds the VLAN tag in the config
##
}
}
#Disconnect vcenter server
Disconnect-VIServer -Force -Confirm:$False
###########################################################################

 

source:
vmware.com

versions:
vSphere 6.5 U3
NSX-T 2.5.1
PowerCLI: 10+

If you have any questions or remarks, feel free to reach out!

5 comments

  2. Hello Wesley,
    just curious, were in the case you mentioned only N-VDS segments used at the end? So all migrated VSS portgroups were removed? I´m thinking whether there is an overhead when using NSX-T segments compared to traditional VDS portgroups when not using NSX-T features.
    Thank.
    Martin

    Like

    Reply

    1. Hi Martin,

      In this case almost all VSS port groups were removed. There is no real overhead using VLAN backed NSX-T segments compared to traditional VDS.VSS Portgroups. In the end it is also a port group with just a VLAN ID.

      Like

      Reply

  3. Do we need to mirror all NSXV port groups on NSXT Switch or just Portgroups will be managed by NSXT firewall rules?

    Like

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s