Home > Blogs > VMware PowerCLI Blog > Tag Archives: VMware Cloud on AWS

Tag Archives: VMware Cloud on AWS

Automating VMware Cloud on AWS SDDC Cluster Lifecycle

VMware Cloud on AWS has the ability to add new clusters to an existing SDDC. This is most useful for workload separation. A cluster could be specified as the failover resource, a development environment, and so forth. However, as of Version 1.6, there’s a new reason to add new clusters to an SDDC: custom core counts! The ability to control the CPU count for hosts in a cluster is extremely important when it comes to running mission-critical applications that happen to be licensed per-core. Even better, it is extremely easy to automate the lifecycle of a cluster with PowerCLI.

Let’s check out some examples of how we can manage clusters within the VMware Cloud on AWS service.

Environment Setup

As part of this blog, I will be using a previously deployed SDDC and will begin by working with the low-level VMC module to perform these tasks. We will start by opening a PowerShell session and authenticating to the VMware Cloud on AWS service with our API Token. Then, we need to identify a couple services to use. These services will be the following:

  • com.vmware.vmc.orgs
  • com.vmware.vmc.orgs.sddcs
  • com.vmware.vmc.orgs.sddcs.clusters
  • com.vmware.vmc.orgs.tasks

One last setup requirement, we will need to grab IDs for the Organization and SDDC which we’ll be working with.

We can summarize the above criteria with the following code:

If any of these commands seem foreign, please check out the following blog post for more information: Getting Started with the VMware Cloud on AWS Module

SDDC Cluster Service Overview

We will be using the SDDC Clusters service, and therefore the sddcClusterSvc variable. In order to discover the actions we can perform with the Clusters service, we will take the output from the sddcClusterSvc variable and pipeline that into the Get-Member cmdlet:

Sample: Getting additional information from the SDDC Cluster Service

Here we can see that there are two methods available, create and delete. As part of this blog post, we will walk through the usage of these two methods in the following sections. However, there’s a method or two that are missing, get and list. We can pull that information directly from the get method on the SDDC itself. The cluster information is available by referencing the resource_config property, then the clusters property.

To pull out some basic cluster information, we can use the following command:

Example: Pulling output from the SDDC response about only the clusters

Cluster Creation

For the first example, we have been tasked with creating a new cluster within our SDDC.

In order to populate the parameters for the create method, we will make use of the Help property for the SDDC Cluster service stored in the sddcClusterSvc variable. We can identify all of the parameters required for the create method, including an Org ID, SDDC ID, and the cluster configuration specification, with the following command:

Example: Output from Help for the Create method

We already have our Org ID and SDDC ID stored in a variable. Next, we need to create a cluster config spec for the new cluster. If we take the prior command and append the ‘cluster_config’ property, we can view all of the properties available to populate the spec. Then, by again using ‘Get-Member’, we can see that the cluster_config has a method of create which we can use to create the object for that particular specification.

Example: Establishing the contents for the Cluster Config spec

We’ll then store the spec in a variable named sddcClusterCreateSpec. Based on the prior screenshot, there’s only one required property. This property is for the desired number of hosts for the new cluster. We’ll populate that property with a value of ‘1’, then run our create method to start the creation of the new cluster.

Example: Creating a new cluster with 1 host

Putting the above together, we can create a new cluster with a single host using the following code:

If we login to the VMware Cloud on AWS Cloud Console, we should see the following in our SDDC’s Summary tab:

Example: SDDC Cluster Deployment

Cluster Creation – Custom Core Count

For the second example, we have been tasked with creating another new cluster within our SDDC. However, this time, we only want a specific core count to be available. We will use our prior example and add-on to the specification by setting the host_cpu_cores_count to be a value of 8, 16, 36, or 48, depending on the host type. We can do this by adding the following command to the existing workflow:

Putting the prior example together with the above command, we can create a new cluster with a single host that’s been configured with a CPU core count of 8 using the following code:

Example: Creating a new cluster with 1 host and only 8 CPU cores per host

Cluster Removal

For the third example, we have been tasked with deleting the first cluster we created, Cluster-2. Making use of the Help property from the SDDC Cluster service, we can run the following command to find out what parameters the delete method requires:

Example: Output from Help for the Delete method

We can see that we have three parameters to enter: Org ID, SDDC ID, and Cluster ID. We still have the first two stored in variables, so we need to obtain the Cluster ID. If we remember back to the SDDC Cluster Service Overview section, there’s no list or get methods for the SDDC Cluster service. Therefore, we need to refresh our sddc variable and return back the updated list of clusters to obtain the ID. We can do that with the following commands:

We will then store the cluster information for only Cluster-2, by filtering the cluster_name property with a where statement and storing it in a variable by the name of cluster. Then, we’re ready to run the delete method. We can do that with the following commands:

Example: Deleting a cluster from an SDDC

Putting the above together, we can delete the newly created Cluster-2 with the following code:

VMC Community Module Update

Another option to perform the above tasks is with the VMware.VMC community module, which is available on the PowerCLI Community Repository as well as the PowerShell Gallery. I have updated the module to include the following advanced functions:

  • Get-VMCSDDCCluster
  • New-VMCSDDCCluster
  • Remove-VMCSDDCCluster

The only difference between the above sections and these functions, these functions expect names instead of IDs as input. Otherwise, they work exactly as you would expect. An example of them in use:

Example: Using the SDDC Cluster functions from the VMware.VMC module


VMware Cloud on AWS based SDDCs can contain multiple clusters, which is beneficial for a couple reasons. First, workload separation. A cluster could be specified as the failover resource, a development environment, and more. Second, and new as of Version 1.6, these clusters can be deployed with a specific amount of CPU cores. This control is certainly important when it comes to running mission-critical applications that happen to be licensed per-core. All of the cluster actions are available via the VMware Cloud on AWS APIs, and therefore PowerCLI as well! This blog post walked us through how to identify the deployed clusters, deploy new clusters, and remove clusters which are no longer needed.

Let us know in the comments how you’re making use of additional clusters in your automation workflows!

Getting Started with the VMware Cloud on AWS Module

VMware Cloud on AWS is a new on-demand service that enables you to run applications across vSphere-based environments plus access to a broad range of AWS services. PowerCLI already helps to automate your VMware Cloud on AWS tasks! This includes tasks such as creating SDDCs, adding or removing ESXi hosts, managing firewall rules, and so forth.

The VMware Cloud on AWS (VMC) module was released as a low-level, API access only, module and will feature the following cmdlets:

  • Connect-VMC
  • Disconnect-VMC
  • Get-VmcService

Let’s take a look at how we can get started using this new module.

Getting Started

When getting started with the VMC module, we’ll notice immediately that it has a little different authentication process than the other PowerCLI connection cmdlets. This module requires you first acquire the OAuth Refresh Token from the VMware Cloud Console:
Example: VMware Cloud on AWS Console - OAuth Refresh Token

Copy the refresh token, open a new PowerShell session, and connect to the VMC service with the following command:

Now that we are connected, let’s start by doing some discovery. The more you work with this module, and the VMC API as a whole, the more you’ll notice the need to be able to easily recall the organization (Org) ID. Therefore, let’s start by looking into how we can discover information about our org. First, we want to figure out what the service is itself with the ‘Get-VmcService’ cmdlet. Notice that we can use the standard PowerShell filtering and wildcard usage to help make the discovery process a bit simpler. Example code:

Next, we’ll make use of the ‘Get-Member’ cmdlet which will show us the available properties and methods for each issued command. We can pipeline the return from the ‘com.vmware.vmc.orgs’ service to the ‘Get-Member’ cmdlet and discover there’s a ‘Get’ and a ‘List’ method available. Since we don’t have any current information about the Orgs within this environment, we’ll opt for the ‘List’ method. Example code:

Example: Service and Org Discovery

Now that we have our org information, the next thing we will want to discover is information about the org’s SDDC. That information can be found with the following commands:

Example: SDDC Discovery

Notice, there’s quite a bit of information to parse through. Let’s look at a simple way to pull out some information about the SDDC’s ESXi hosts. Example code:

Example: ESXi Host Information

VMware Cloud on AWS uses NSX under the covers to provision all of the networking. Therefore, we will also want to have an understanding of the Edge nodes that are available in the environment. This information is actually in a separate service. Remembering what we’ve done previously, here’s some example code to discover some basic information about the SDDC’s Edge nodes:

Example: NSX Edge Discovery

Another good area to be aware of in your SDDC are the firewall rules. These are also easily retrievable through the ‘Get-VmcService’ cmdlet as well. Example of the firewall rules associated with the edge-2 node:

Example: Firewall Rule Discovery

Last example, let’s do something exciting! How about we automate the creation of an SDDC? This is going to require quite a bit of what we’ve learned so far, plus some new tricks. We can find the ‘Create’ method against the com.vmware.vmc.orgs.sddc service. We see that input requires the Org ID and an ‘sddc_config’ input. This is where it gets tricky.

If we remember back in the PowerCLI 6.5.3 release, there was the addition of the ‘Create’ method to a couple cmdlets. This method is also available with the ‘Get-VmcService’ cmdlet. The whole point of this method is to allow us to create a specification in an easy manner. For this example, we’re reference the ‘sddcSvc’ variable, the ‘Help’ property, then the create property. This shows us a property of ‘sddc_config’. This is the specification we’ll need to use. The ‘sddc_config’ property has this ‘Create’ method available so we can automatically build out the specification. Pretty simple, right?

We’re not quite done quite yet though. Each SDDC can have multiple VPC subnets. Therefore, we also need to populate the spec’s customer_subnet_ids list object with the ‘Add’ method.

Example code:

Example: SDDC Creation

The output above from our last create method is a task object. There’s a service for those too! Since the call we made is asynchronous, you can also have a bit of fun and build a progress checker as well!

Here’s some example code I tossed together while waiting on the SDDC to deploy:

Example: SDDC Creation Progress Output


VMware Cloud on AWS is a fantastic new service that enables you to run applications across vSphere environments as well as accessing a broad range of AWS services. Within this service, PowerCLI is one of the best ways to automate your VMware Cloud on AWS tasks! In this blog post we covered how to discover the available services, explore was methods are available as actions against each of those services, and how to start interacting with those services. We obtained detailed information about our organization, that org’s SDDC and its accompanied configuration including firewall rules, and then had some fun while deploying a brand new SDDC!

Check PowerCLI’s functionality in your own VMware Cloud on AWS environment today and let us know your feedback!