nvpnathan/Useful VIC

## Useful VIC
VIC cliff notes

Environment Overview

network		vlan	cidr	gw
vic-bridge	70	n/a	n/a
vic-public	71	192.168.71.0/24	192.168.71.1
vic-container	73	192.168.73.0/24	192.168.73.1
vic-mgmt	74	192.168.74.0/24	192.168.74.1

server	address
vcenter	192.168.64.10
dns	192.168.64.60
container dns	8.8.8.8

how to get vcenter thumbprint
./vic-machine-darwin ls --target 'administrator@vsphere.local:VMware1!'@192.168.64.10/vlab-dc

create vch
-vch only supports 3 vnics currently.
-bridge-network is required
-combined client and public networks
-separated mgmt network access to access vcenter only for isolation

##update firewall on esxi hosts in the cluster
./vic-machine-darwin update firewall \
--target vlab-vcsa.vballin.com/vlab-dc \
--user "administrator@vsphere.local" \
--password "VMware1\!" \
--compute-resource vlab-cna \
--thumbprint DD:C1:6A:75:79:6A:74:81:C6:98:FB:42:D2:0E:DB:DE:56:CF:B1:9F \
--allow

##create vch 1.3.1
./vic-machine-darwin create \
--target vlab-vcsa.vballin.com \
--user administrator@vsphere.local \
--compute-resource vlab-cna \
--image-store vlab-nfs-ds-04 \
--volume-store vlab-nfs-ds-04:default \
--public-network vic-public \
--public-network-ip 192.168.71.20/24 \
--public-network-gateway 192.168.71.1 \
--dns-server 192.168.64.60 \
--container-network vic-container:routable \
--container-network-firewall vic-container:open \
--bridge-network vic-bridge \
--name vlab-vch-01 \
--no-tls \
--insecure-registry harbor.vballin.com \
--whitelist-registry harbor.vballin.com \
--whitelist-registry registry.hub.docker.com \
--thumbprint=DD:C1:6A:75:79:6A:74:81:C6:98:FB:42:D2:0E:DB:DE:56:CF:B1:9F

##delete vch
./vic-machine-darwin delete --target 'administrator@vsphere.local:VMware1!'@192.168.64.10 \
    --compute-resource vlab-cna \
    --name vlab-vch-01  -f

vch ssh access
./vic-machine-darwin debug \
    --target 'administrator@vsphere.local:VMware1!'@192.168.64.10/vlab-dc \
    --name vlab-vch-01 \
    --enable-ssh \
    --thumbprint 'DD:C1:6A:75:79:6A:74:81:C6:98:FB:42:D2:0E:DB:DE:56:CF:B1:9F' \
    --rootpw 'VMware1!'

vch debug
./vic-machine-darwin debug --target 'administrator@vsphere.local:VMware1!'@192.168.64.10/vlab-dc \
	--name vlab-vch-01 \
	--thumbprint 'DD:C1:6A:75:79:6A:74:81:C6:98:FB:42:D2:0E:DB:DE:56:CF:B1:9F'
list vch
./vic-machine-darwin ls --target 'administrator@vsphere.local:VMware1!'@192.168.64.10/vlab-dc \
	--thumbprint 'DD:C1:6A:75:79:6A:74:81:C6:98:FB:42:D2:0E:DB:DE:56:CF:B1:9F'

vch admin portal:
https://vch-ip-address:2378
docker export requirements
export DOCKER_HOST=192.168.71.5:2375
	export DOCKER_API_VERSION=1.23
docker container deployment on docker bridge network
docker run -d -p 80:80 --name vmarecna vmwarecna/nginx
docker container deployment external network
docker network ls
	docker run -itd --net 8a42ddd5279d --name vmarecna vmwarecna/nginx
get the IP address of the container
docker network inspect vic-container
	VIC cliff notes

	Environment Overview

	network vlan cidr gw
	vic-bridge 70 n/a n/a
	vic-public 71 192.168.71.0/24 192.168.71.1
	vic-container 73 192.168.73.0/24 192.168.73.1
	vic-mgmt 74 192.168.74.0/24 192.168.74.1

	server address
	vcenter 192.168.64.10
	dns 192.168.64.60
	container dns 8.8.8.8

	how to get vcenter thumbprint
	./vic-machine-darwin ls --target 'administrator@vsphere.local:VMware1!'@192.168.64.10/vlab-dc

	create vch
	-vch only supports 3 vnics currently.
	-bridge-network is required
	-combined client and public networks
	-separated mgmt network access to access vcenter only for isolation

	##update firewall on esxi hosts in the cluster
	./vic-machine-darwin update firewall \
	--target vlab-vcsa.vballin.com/vlab-dc \
	--user "administrator@vsphere.local" \
	--password "VMware1\!" \
	--compute-resource vlab-cna \
	--thumbprint DD:C1:6A:75:79:6A:74:81:C6:98:FB:42:D2:0E:DB:DE:56:CF:B1:9F \
	--allow

	##create vch 1.3.1
	./vic-machine-darwin create \
	--target vlab-vcsa.vballin.com \
	--user administrator@vsphere.local \
	--compute-resource vlab-cna \
	--image-store vlab-nfs-ds-04 \
	--volume-store vlab-nfs-ds-04:default \
	--public-network vic-public \
	--public-network-ip 192.168.71.20/24 \
	--public-network-gateway 192.168.71.1 \
	--dns-server 192.168.64.60 \
	--container-network vic-container:routable \
	--container-network-firewall vic-container:open \
	--bridge-network vic-bridge \
	--name vlab-vch-01 \
	--no-tls \
	--insecure-registry harbor.vballin.com \
	--whitelist-registry harbor.vballin.com \
	--whitelist-registry registry.hub.docker.com \
	--thumbprint=DD:C1:6A:75:79:6A:74:81:C6:98:FB:42:D2:0E:DB:DE:56:CF:B1:9F

	##delete vch
	./vic-machine-darwin delete --target 'administrator@vsphere.local:VMware1!'@192.168.64.10 \
	--compute-resource vlab-cna \
	--name vlab-vch-01 -f

	vch ssh access
	./vic-machine-darwin debug \
	--target 'administrator@vsphere.local:VMware1!'@192.168.64.10/vlab-dc \
	--name vlab-vch-01 \
	--enable-ssh \
	--thumbprint 'DD:C1:6A:75:79:6A:74:81:C6:98:FB:42:D2:0E:DB:DE:56:CF:B1:9F' \
	--rootpw 'VMware1!'

	vch debug
	./vic-machine-darwin debug --target 'administrator@vsphere.local:VMware1!'@192.168.64.10/vlab-dc \
	--name vlab-vch-01 \
	--thumbprint 'DD:C1:6A:75:79:6A:74:81:C6:98:FB:42:D2:0E:DB:DE:56:CF:B1:9F'
	list vch
	./vic-machine-darwin ls --target 'administrator@vsphere.local:VMware1!'@192.168.64.10/vlab-dc \
	--thumbprint 'DD:C1:6A:75:79:6A:74:81:C6:98:FB:42:D2:0E:DB:DE:56:CF:B1:9F'

	vch admin portal:
	https://vch-ip-address:2378
	docker export requirements
	export DOCKER_HOST=192.168.71.5:2375
	export DOCKER_API_VERSION=1.23
	docker container deployment on docker bridge network
	docker run -d -p 80:80 --name vmarecna vmwarecna/nginx
	docker container deployment external network
	docker network ls
	docker run -itd --net 8a42ddd5279d --name vmarecna vmwarecna/nginx
	get the IP address of the container
	docker network inspect vic-container