Using Nutanix NCM Self Service & eScript: Update

Using Nutanix Calm & eScript Update

Table of Contents

Introduction

Some time ago, we published an article titled “Using Nutanix Calm & eScript”. Since that article was published back in 2019, this one will take its place and use current Nutanix NCM Self Service (formerly Calm) UI examples & features.

Update September 2022: For the remainder of this article Nutanix Calm will be referred to by the new naming convention: Nutanix NCM Self Service. Please note this is a gradual change and both names may be used interchangeably across various Nutanix resources.

We’ll still use the same customer requirement, so to understand the requirement, let’s look at a question:

What if I don’t use DHCP in my environment? How can I call an external API that returns an IP address while creating a VM with Nutanix NCM Self Service?

At first, that might seem like an edge case, but it’s something that actually comes up quite often. The problem is essentially this:

  • Nutanix NCM Self Service requires VMs to have an IP address in order to run actions e.g. VM customisation after creation.
  • If a VM doesn’t have an IP address, Nutanix NCM Self Service can’t login via SSH and, therefore, can’t do that customisation.
  • In environments that don’t use common DHCP services like Active Directory or dhcpd (to name just a few), a third-party IPAM service can be used to manage IP address assignments

Intended Audience

For those reading this article, I’m going to assume a basic knowledge of Nutanix NCM Self Service. For example, the Nutanix NCM Self Service terminology that will be used is as follows:

  • Blueprint: The application design containing how the virtual machines should be configured e.g. CPU, RAM, storage, network connectivity
  • App: The result of deploying the blueprint’s VMs i.e. the logical representation of all parts that make up the app
  • Action: A defined set of steps that run during a specific part of the deployment e.g. pre-create, after VM creation
  • Task: A defined set of steps that run as part of an action e.g. a deployment action can be made up of multiple tasks or script that install various packages

Requirements

For the walk-through referenced in this article, the following items are required. Note that most of these items, or items similar to them, will already be available in customer environments.

  • A CentOS Linux 7 VM image. In today’s article we’ll use an image made available via Nutanix download servers
  • The IP address of an existing machine that can be used as “Jump Host”. No changes are made on this machine!
  • A free IP address that can be assigned to our new VM
  • Nutanix NCM Self Service enabled and operational. Configuring Prism Central & Nutanix NCM Self Service is beyond the scope of this article

Our demo environment is configured as follows:

  • AOS version 6.0.2.4
  • Prism Central pc.2022.1
  • Nutanix NCM Self Service 3.4.0

eScript

This demo makes use of the “eScript” feature of NCM Self Service. eScript allows Python code to be run on the Prism Central in a controlled manner, exposing a selected subset of Python 2.7 modules. Please see the NCM Self Service Administration and Operations Guide on the Nutanix Portal for detailed information on which Python modules are supported.

Getting a third-party IP address

The steps below are a complete example of how to achieve our desired result. To summarise before getting started, we are deploying a new VM based on CentOS 7 Linux and assigning an IP address to that VM from an external/third-party IPAM service. Note that the external/third-party IPAM service is simulated in this example, but would be handled in a similar way in production.

Create Blueprint

  1. From the Nutanix NCM Self Service UI, create a new Multi VM/Pod blueprint. This blueprint can be named anything you like, although this article will named the blueprint “eScript-Demo-PC-API-2022”.

VM Base Image

  1. From the “Configuration” tab, click the plus sign next to “Downloadable Image Configuration” and configure the new image as follows:
    • Package Name: CentOSImage
    • Description: CentOS 7 Downloadable Disk Image
    • Image Name: CentOS-7.8-2003
    • Image Type: Disk Image
    • Architecture: X86_64
    • Source URI: https://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-2003.qcow2
    • Product Name: CentOS
    • Product Version: 7.8

Jump Host

In our example, the “Jump Host” is the VM responsible for generating the IP address assigned to our new VM. While this step is simulated here, this is equivalent to the VM responsible for getting an IP address from the IPAM service in production.

  1. Add a single service to the new blueprint. Name the service “JumpHostService”, noting that the service name is important. The name will be referenced later in this article.
    • Configure the service as follows:
    • Account: Existing Machine. Note that the “Existing Machine” construct will consume 1x Nutanix NCM Self Service license. This is due to an Existing Machine, once added to a blueprint is considered “NCM Self Service-managed”.
    • OS = Linux.
    • IP address = The IP address of your Existing Machine, i.e. the machine acting as the “Jump Host”.

Blueprint Credentials

  1. Configure the credentials for the blueprint. These credentials must have permissions to login to your Jump Host VM via SSH. In Nutanix NCM Self Service, this can be via username/password or public/private key pair.

Jump Host Tasks

  1. On the “Service” pane, expand the “JumpHostService” and select the “Create” action.
  2. Add a new task and set the type to “Set Variable”. This article will refer to a task named ReturnIPAddress. In production, this task would run the eScript that gets an IP address from the IPAM service.
    • Set the script type to “eScript”.
    • Enter the sample script seen in Appendix A below. This demo script is for testing purposes only and will need to be heavily modified with appropriate error checking (etc.) before use in production. If you are running this demo on your own cluster, make sure to change the IP address below to an unused IP address in your environment!.
    • Note: This script is for simulation purposes only. The “proof of concept” for this demo is receiving an IP address from eScript and returning it for later use. In a production or real environment this would likely be an API call to a third-party service such as InfoBlox or some other third-party IPAM service.
    • In the “Output” section, create a variable named IP_ADDRESS. This output is used by NCM Self Service to “watch” for information coming from an eScript (see figure A below)
  3. Add a second task to this service. This article refers to a task named “LogIPAddress” and will be used to show that the IP address has been received successfully.
    • Set the task type to “Execute”.
    • Set the “Script Type” to “Shell”.
    • Set the credentials to those configured earlier.
    • Enter the sample script seen in Appendix B below. This sample script is for testing purposes and will need to be heavily modified with appropriate exception handling (etc) before use in production.

New VM

In our demo, the “New VM” will be configured with the IP address returned by the Jump Host.

  1. Add a second service to the blueprint, as follows:
    • Name: eScriptDestinationService
    • Account: Nutanix as per already configured NTNX_LOCAL_AZ
    • OS: Linux
    • VM name = eScript-PC-API
    • Select your CentOSImage downloadable image as the clone source
    • CPU and RAM can be any value that fits your environment. For small CentOS 7 tests, 1x vCPU and 0.5GB RAM is more than enough.

New VM Customisation & Tasks

  1. Guest Customization checked and set to “Cloud-init”. Set the contents of the Cloud-init script to that shown in Appendix D below. Make sure to set the credential appropriately – the example shown assumes the credential is named “admin”.
    • Single NIC connected to your cluster’s guest VM network. This article refers to a VLAN named “vlan.0”. There is an important difference to note at this point. When using DHCP, the “Static IP” field would be left empty. However, because we are configuring the VM with an IP address being returned from eScript, this will be different.
    • Set the “Private IP” to Static and, in the “Static IP” field, enter the following NCM Self Service macro: @@{JumpHostService.IP_ADDRESS}@@. At this point you can see why the name of the Jump Host service was important.
    • Configure the VM credentials. These credentials must have permissions to connect to your CentOS 7 Linux VM via SSH.
    • On the “Service” pane, expand the new service and, under the new service, select the “Create” action.
    • Add a new task to the “Create” action.
      • Type = “Execute”
      • Script Type = “Shell”
      • Select the credentials that were configured during blueprint creation.
      • Enter the sample script seen in Appendix C below. As with previous samples, this script will need to be heavily modified before it can be used anywhere near production.
      • Note that all this script does is provide a message to the user informing them that the IP address has been set as requested. If this IP address came from a third party or external IPAM source, this is certainly a realistic use-case and demonstrates the concepts required for this demo.

Saving and Testing

  1. Save the blueprint.
  2. The blueprint can now be launched in the usual way. Click the “Launch” button at the top-right of the Nutanix NCM Self Service interface and follow the standard procedure by entering an application name, populating the runtime variables if you didn’t pre-populate them earlier.
  3. Note: If you receive warning while saving the blueprint (see Figure B below), it can be safely ignored.
ReturnIPAddress task
Warnings when saving blueprint – these can be safely ignored

Appendix A:

# Appendix A
print "IP_ADDRESS={0}".format('10.133.16.153')

Appendix B:

#!/bin/sh
# Appendix B
touch ~/ip_address.txt
echo "IP address @@{IP_ADDRESS}@@ passed back to Calm." | tee ~/ip_address.txt

Appendix C:

#!/bin/sh
# Appendix C
touch ~/ip_address.txt
echo "VM IP address set to @@{JumpHostService.IP_ADDRESS}@@" | tee ~/ip_address.txt

Appendix D:

#cloud-config
users:
  - name: @@{admin.username}@@
    ssh-authorized-keys:
      - @@{admin.public_key}@@
    sudo: ['ALL=(ALL) NOPASSWD:ALL']

Checking the Results

How do we make sure our blueprint does what we’ve told it to?

Within the Nutanix NCM Self Service interface, each App deployment will show a “Services” tab. For example:

NCM Self Service UI showing the services used in our demo app

Clicking the “Services” tab will allow us the services deployed by the blueprint. Clicking each service will show that service’s IP address on the right of the NCM Self Service UI.

In this demo, the script returned IP address 10.42.250.79. Checking the Services tab does indeed show that our new VM has been assigned IP address 10.42.250.79.

Confirmation our deployed VM received the IP address given to it via eScript

Hopefully this article has shown the extended (but simple) steps required to interact with external/third-party services via eScript. This is just a single use-case but can be extended to obtain information from any API, if required. The next article in this series will do the same thing but will utilise one of the newest NCM Self Service features.

Thanks for reading and have a great day! 🙂

© 2024 Nutanix, Inc. All rights reserved. Nutanix, the Nutanix logo and all Nutanix product, feature and service names mentioned herein are registered trademarks or trademarks of Nutanix, Inc. in the United States and other countries. Other brand names mentioned herein are for identification purposes only and may be the trademarks of their respective holder(s). This post may contain links to external websites that are not part of Nutanix.com. Nutanix does not control these sites and disclaims all responsibility for the content or accuracy of any external site. Our decision to link to an external site should not be considered an endorsement of any content on such a site. Certain information contained in this post may relate to or be based on studies, publications, surveys and other data obtained from third-party sources and our own internal estimates and research. While we believe these third-party studies, publications, surveys and other data are reliable as of the date of this post, they have not independently verified, and we make no representation as to the adequacy, fairness, accuracy, or completeness of any information obtained from third-party sources.