Use API calls to upgrade an North-South Service VM.
Prerequisites
Procedure
- Use the following API to retrieve the payload of the North-South service deployment.
GET https://<nsx-manager>/api/v1/serviceinsertion/services/<ns_service_id>
{ "functionalities": [ "NG_FW" ], "implementations": [ "NORTH_SOUTH" ], "attachment_point": [ "TIER1_LR", "TIER0_LR" ], "transports": [ "L2_BRIDGE" ], "on_failure_policy": "BLOCK", "service_deployment_spec": { "deployment_template": [ { "name": "NS_DepTemp", "attributes": [ { "key": "LicenseKey", "display_name": "License", "attribute_type": "STRING", "read_only": false } ] } ], "deployment_specs": [ { "name": "NS_DepSpec", "ovf_url": "http://<server-FQDN/IP>/ovfs/nsxt/NorthSouth/v1/PA-VM-NST-8.1.3-c15.ovf", "min_host_version": "6.5", "host_type": "ESXI", "service_form_factor": "MEDIUM", "svm_version": "1.0" } ], "nic_metadata_list": [ { "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" }, { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT", "user_configurable": true }, { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" }, { "interface_label": "eth", "interface_index": 4, "interface_type": "HA2" }, { "interface_label": "eth", "interface_index": 3, "interface_type": "HA1" } ] }, "vendor_id": "ABC_Service", "resource_type": "ServiceDefinition", "id": "9ea92ea7-a6b0-4640-9c28-5b364713e8c0", "display_name": "NS Service_automation", "description": "This service is inserted at T0 & T1 router and it provides advanced security", "_create_user": "admin", "_create_time": 1614099580424, "_last_modified_user": "admin", "_last_modified_time": 1614099580424, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } - Update the service deployment specification. In this call, deployment sepcs are updated with NS_Deployment_Specfication_11 and NS_Deployment_Specfication_12.
PUT https://<nsx-manager>/api/v1/serviceinsertion/services/<ns_service_id>
{ "functionalities": [ "NG_FW" ], "implementations": [ "NORTH_SOUTH" ], "attachment_point": [ "TIER1_LR", "TIER0_LR" ], "transports": [ "L2_BRIDGE" ], "on_failure_policy": "BLOCK", "service_deployment_spec": { "deployment_template": [ { "name": "NS_DepTemp", "attributes": [ { "key": "LicenseKey", "display_name": "License", "attribute_type": "STRING", "read_only": false } ] } ], "deployment_specs": [ { "name": "NS_Deployment_Specfication_11", "ovf_url": "http://<server-FQDN/IP>/ovfs/nsxt/NorthSouth/v1/PA-VM-NST-8.1.3-c15.ovf", "host_type": "ESXI" }, { "name": "NS_Deployment_Specfication_12", "ovf_url": "http://<server-FQDN/IP>/ovfs/nsxt/NorthSouth/v1/PA-VM-NST-8.1.3-c15.ovf", "host_type": "ESXI" } ], "nic_metadata_list": [ { "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" }, { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT", "user_configurable": true }, { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" }, { "interface_label": "eth", "interface_index": 4, "interface_type": "HA2" }, { "interface_label": "eth", "interface_index": 3, "interface_type": "HA1" } ] }, "vendor_id": "ABC_Service", "resource_type": "ServiceDefinition", "id": "9ea92ea7-a6b0-4640-9c28-5b364713e8c0", "display_name": "NS Service_automation", "description": "This service is inserted at T0 & T1 router and it provides advanced security", "_create_user": "admin", "_create_time": 1614099580424, "_last_modified_user": "admin", "_last_modified_time": 1614099580424, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } - Update the Tier-0 service instance deployment specification name to NS_Deployment_Specfication_12 . To update the specification, use the response returned by the GET call (earlier step) and feed the same in the following PATCH call with deployment_spec_name: NS_Deployment_Specfication_12. NSX-T Data Center upgrades the Tier-0 Service VM.
PATCH https://<nsx-manager>/policy/api/v1/infra/tier-0s/<tier0_LR_id>/locale-services/<tier0_localeservice_id>/service-instances/<tier0_serviceinstance_id>
{ "context_id": "b75193d1-137c-45c2-83b3-8f9d7795ddca", "compute_id": "b75193d1-137c-45c2-83b3-8f9d7795ddca:domain-c16", "storage_id": "datastore-13", "primary_interface_network": "/infra/tier-1s/TIER-1-LR-1/segments/SI_SEGMENT", "primary_interface_mgmt_ip": "10.161.154.2", "secondary_interface_network": "/infra/tier-1s/TIER-1-LR-1/segments/SI_SEGMENT", "secondary_interface_mgmt_ip": "10.161.154.3", "deployment_spec_name": "NS_Deployment_Specfication_12", "failure_policy": "BLOCK", "deployment_template_name": "NS_DepTemp", "attributes": [ { "key": "LicenseKey", "display_name": "License", "value": "adklfjakldfjlkajfkl", "attribute_type": "STRING", "read_only": false } ], "resource_type": "PolicyServiceInstance", "id": "PAN-1", "display_name": "PAN-1", "path": "/infra/tier-0s/Tier0-LR-1/locale-services/tier0localservices/service-instances/PAN-1", "relative_path": "PAN-1", "parent_path": "/infra/tier-0s/Tier0-LR-1/locale-services/tier0localservices", "unique_id": "5500a8e4-255b-4131-9da2-9a9a2be21b32", "marked_for_delete": false, "overridden": false, "partner_service_name": "NS Service_automation", "deployment_mode": "ACTIVE_STANDBY", "transport_type": "L2_BRIDGE", "_create_user": "admin", "_create_time": 1614099590522, "_last_modified_user": "admin", "_last_modified_time": 1614099590527, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } - Update the service instance deployment specification of the Tier-1 Logical Router 1 to NS_Deployment_Specfication_12 . For this you can use the response returned by GET call and feed the same to PATCH call with deployment_spec_name: NS_Deployment_Specfication_12. NSX-T Data Center upgrades the Tier-1 gateway Service VM.
PATCH https://<nsx-manager>/policy/api/v1/infra/tier-1s/<tier1_LR_id>/locale-services/<tier1_LR1_localeservice_id>/service-instances/<tier1_LR1_serviceinstance_id>
{ "context_id": "b75193d1-137c-45c2-83b3-8f9d7795ddca", "compute_id": "b75193d1-137c-45c2-83b3-8f9d7795ddca:domain-c16", "storage_id": "datastore-13", "primary_interface_network": "/infra/tier-1s/TIER-1-LR-1/segments/SI_SEGMENT", "primary_interface_mgmt_ip": "10.161.154.4", "secondary_interface_network": "/infra/tier-1s/TIER-1-LR-1/segments/SI_SEGMENT", "secondary_interface_mgmt_ip": "10.161.154.5", "deployment_spec_name": "NS_Deployment_Specfication_12", "failure_policy": "BLOCK", "deployment_template_name": "NS_DepTemp", "attributes": [ { "key": "LicenseKey", "display_name": "License", "value": "adklfjakldfjlkajfkl", "attribute_type": "STRING", "read_only": false } ], "resource_type": "PolicyServiceInstance", "id": "PAN-1-tier-1", "display_name": "PAN-1-tier-1", "path": "/infra/tier-1s/TIER-1-LR-1/locale-services/1-policyconnectivity-1284/service-instances/PAN-1-tier-1", "relative_path": "PAN-1-tier-1", "parent_path": "/infra/tier-1s/TIER-1-LR-1/locale-services/1-policyconnectivity-1284", "unique_id": "4bd48611-3257-4895-8295-c49fdfa644b3", "marked_for_delete": false, "overridden": false, "partner_service_name": "NS Service_automation", "deployment_mode": "ACTIVE_STANDBY", "transport_type": "L2_BRIDGE", "_create_user": "admin", "_create_time": 1614099595487, "_last_modified_user": "admin", "_last_modified_time": 1614099595489, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } - Update the service instance deployment specification of Tier-1 Logical Route 2 to NS_Deployment_Specfication_12. To update the deployment specification, use the response returned by GET call (earlier step) and paste the same in the following PATCH call with deployment_spec_name: NS_Deployment_Specfication_12. NSX-T Data Center upgrades the Tier-1 Logical Router 2 Service VM.
PATCH https://<nsx-manager>/policy/api/v1/infra/tier-1s/<tier1_LR2_id>/locale-services/<tier1_LR2_localeservice_id>/service-instances/<tier1_LR2_serviceinstance_id>
{ "context_id": "b75193d1-137c-45c2-83b3-8f9d7795ddca", "compute_id": "b75193d1-137c-45c2-83b3-8f9d7795ddca:domain-c16", "storage_id": "datastore-13", "primary_interface_network": "/infra/tier-1s/TIER-1-LR-1/segments/SI_SEGMENT", "primary_interface_mgmt_ip": "10.161.154.6", "secondary_interface_network": "/infra/tier-1s/TIER-1-LR-1/segments/SI_SEGMENT", "secondary_interface_mgmt_ip": "10.161.154.7", "deployment_spec_name": "NS_Deployment_Specfication_12", "failure_policy": "BLOCK", "deployment_template_name": "NS_DepTemp", "attributes": [ { "key": "LicenseKey", "display_name": "License", "value": "adklfjakldfjlkajfkl", "attribute_type": "STRING", "read_only": false } ], "resource_type": "PolicyServiceInstance", "id": "PAN-2-tier-1", "display_name": "PAN-2-tier-1", "path": "/infra/tier-1s/TIER-1-LR-2/locale-services/2-policyconnectivity-1359/service-instances/PAN-2-tier-1", "relative_path": "PAN-2-tier-1", "parent_path": "/infra/tier-1s/TIER-1-LR-2/locale-services/2-policyconnectivity-1359", "unique_id": "eb9e61e7-edc3-4c29-93cc-d3c4eeb4a6c7", "marked_for_delete": false, "overridden": false, "partner_service_name": "NS Service_automation", "deployment_mode": "ACTIVE_STANDBY", "transport_type": "L2_BRIDGE", "_create_user": "admin", "_create_time": 1614099599703, "_last_modified_user": "admin", "_last_modified_time": 1614099599705, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }
