THE GAME HAS CHANGED

Introducing Infoblox Universal DDI ManagementTM

Watch the launch to discover the new era of management for critical network services. Watch Now

NIOS DNS DHCP IPAM

Reply

Network Container "next available network" conflicting with vDiscovery
ericwoodford
New Member
Posts: 1

‎04-16-2020 11:00 AM

2170     0

Background: we're working to configure a fully automated process that would allow for spinning up new AWS accounts and tie it to vRealize Automation for the deployment of servers. To support this, I have configured a network container in Infoblox Grid Master. An Ansible script reaches out and grabs the next available /24 network from the container and uses it to create the AWS account. The ansible script then proceeds to create a new VPC and several /28 subnets inside it for each of the various roles (web, app, DB, etc.). I then make a WAPI call to Infoblox and spin up a new vDiscovery task (code below) for this new AWS account using a new AWS "Infoblox user" service account. VRA needs this discovery completed so that it can relate the new subnets with IP ranges in the network profile. 

 

Problem: At the moment, the vDiscovery fails if I attempt to have it merge the discovered data with the existing network "default" view. It will work if I let the vDiscovery spin up a new network view, but the Network team does not want that as it creates a bit of confusion. Now the 'default' view of the network container shows that the subnet mostly unused, but the new network view shows the new subnets and 'used' IP addresses. 

 

Overlapped VPCs encountered with direct network view mapping option, entire discovered dataset discarded. (Overlapping with existing NIOS objects)

 

 

JSON for the new vDiscovery task:

{
  "auto_consolidate_managed_vm": true,
  "public_network_view": "default",
  "member": "infoblox.localdomain",
  "name": "NewAWSCloudAccount",
  "username": "AWSAccountAccessKey",
  "auto_consolidate_managed_tenant": true,
  "private_network_view_mapping_policy": "DIRECT",
  "password": "itsAsecret",
  "private_network_view": "default",
  "protocol": "HTTPS",
  "update_metadata": true,
  "port": 443,
  "merge_data": true,
  "auto_consolidate_cloud_ea": true,
  "driver_type": "AWS",
  "public_network_view_mapping_policy": "DIRECT",
  "fqdn_or_ip": "ec2.us-west-2.amazonaws.com"
}

Question

  1. Is this the best way to be configuring the environment for my project? Network Container with large subnet range. vDiscovery set to run against each new AWS account that is created. 
  2. If I continue with this, how do I get the vDiscovery data to correctly merge with the network container object? 

 

----------------
lok'tar ogar
Reply
0 Kudos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Latest Annoucements

Businesses are investing heavily into securing company resources from cyber-attacks form cybercrimin

playicon