Enabling Self Service for your DataCenter — Part I

Arm Yourself with Event-Driven Functions and Reimagine SDDC Capabilities [HCP1404] — http://bit.ly/pksession

So, what does the Self-Service app do?

Video of the VMworld 2020 Demo


This function was written in Python because of my familiarity with Python.

These functions were first attempted to be implemented in Python but I found the PowerCLI an easy and efficient way to interact with vSphere.

These functions were written in Go purely because Frankie,our Go expert, was exploring and implementing these usecases.

Self-Service App Architecture with VEBA (depoyed with OpenFaaS)

The Gateway Function (written in python)

Publicly trusted TLS for VMware Event Broker — here

Dynamic DNS solution with NoIP — here

Pro Tip: If you are setting up a Slackbot with OpenFaaS functions, make sure to use the async-function path for the deployed function. For example if your deployed function URL is https://pdotk.lab.net/function/veba-echo use https://pdotk.lab.net/async-function/veba-echo as this ensures that an acknowledgement is immediately sent back to Slack and thus giving you the ability to do any processing asynchronously.

# token = 'pXxmdXfxxxxxxxxx4mslg'
# team_id = 'T9DXXXD7Z'
# team_domain = 'pkslack'
# channel_id = 'C017763BZGX'
# channel_name = 'vmworld2020'
# user_id = 'U9BXXXEQ1'
# user_name = 'partheeban.kandasamy'
# command = 'echo'
# response_url = 'https://hooks.slack.com/commands/T9DiY7'
# trigger_id = '1258627504981.319069523.979f734485f07cc27'
# text = "createvm"

Pro Tip: If you are working on a new integration or even when developing a new VEBA event-driven function and need to check the event payload, deploy any of the echo functions (here is the python version) to get a sense for the payload that the function is going to receive.

Pro Tip: With OpenFaaS functions, all the HTTP headers are made available within the function (container) as an environment variable prepended with Http_ and all the hyphens replaced with underscores. For example X-Slack-Signature in the HTTP request header would be available as an environment variable Http_X_Slack_Signature.

Pro Tip: These functions will be available through the endpoint http://gateway.openfaas:8080 within the kubernetes cluster. For example https://pdotk.lab.net/function/veba-echo would be available at http://gateway.openfaas:8080/function/veba-echo

call http://gateway.openfaas:8080/async-function/powercli-echo
with json=slack_payload + shared_key
call http://gateway.openfaas:8080/async-function/powercli-createvm'
with json=slack_payload + shared_key
call http://gateway.openfaas:8080/function/powercli-vmclonetemplate
with json=slack_payload + shared_key
call http://gateway.openfaas:8080/async-function/powercli-clonevm
with json=slack_payload + shared_key
call http://gateway.openfaas:8080/async-function/powercli-poweronvm
with json=slack_payload + shared_key
call http://gateway.openfaas:8080/async-function/powercli-poweroffvm with json=slack_payload + shared_key
call http://gateway.openfaas:8080/async-function/powercli-rebootvm
with json=slack_payload + shared_key
call http://gateway.openfaas:8080/async-function/powercli-deletevm
with json=slack_payload + shared_key
call http://gateway.openfaas:8080/async-function/powercli-setvm
with json=slack_payload + shared_key
call http://gateway.openfaas:8080/async-function/powercli-danger
with json=slack_payload + shared_key
#Make a POST request to Slack response URL with an
ERROR that the command was not found

The VM Lifecycle Functions (written in PowerCLI)

Psuedo Code
1. Process function secrets or configs - this function needs the vCenter Credentials
2. Process the payload received from the Gateway3. Validate that the request is indeed from the Gateway function before allowing any critical functionality - verify the presence of the shared secret4. Connect to vCenter Server and Perform the intended change such as poweron, poweroff etc..
command: /iaas echo <type something here>
: pkbu/powercli-echo
command: /iaas spawn <vmname>
: pkbu/powercli-createvm
command: /iaas clone <vmname>
: pkbu/powercli-clonevm
command: /iaas clonetemplate <vmname> <templatename>
: powercli-vmclonetemplate
command: /iaas poweron <vmname>
: pkbu/powercli-poweronvm
command: /iaas poweroff <vmname>
: pkbu/powercli-poweroffvm
command: /iaas reset <vmname>
: pkbu/powercli-rebootvm
command: /iaas nuke <vmname>
- image: pkbu/powercli-deletevm
command: /iaas transform <vmname> <templatename>
: pkbu/powercli-setvm
command: /iaas invoke get-vm -Name veba-test-vm| fl Id, Name, PowerState, NumCpu, CoresPerSocket, MemoryMB, VMHost | Out-string
: pkbu/powercli-danger

Function Deployment



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store