Automate NSX-T with PowerCLI

While working on an NSX-T project I got the question from the customer to deliver some firewall and network automation based on PowerShell. This to help them ramp up the creation of networks and firewall rules. I pointed them to the PowerCLI Preview for NSX-T, but I wasn’t aware that this fling only was able to retrieve information from NSX-T and not create items/objects. So, how can we do this then? I knew we were able to manage NSX-T since PowerCLI version 6.5.3, but how does this work?


After some google-fu I came across a blog post of Kyle Ruddy named: Getting Started with the PowerCLI Module for VMware NSX-T. This article describes how the NSX-T PowerShell Module works and which cmdlets where available:

  • Connect-NsxtServer
  • Disconnect-NsxtServer
  • Get-NsxtService
    Only 3 commands? Yes, only 3 commands! Because of the simple reason that with the 3rd command you have full access to NSX-T’s public API! And therefore you’re able to retrieve and create items/objects. In the blog article Kyle also gives some examples on how to Retrieve Transport Zone Information or perform Logical Switch and IP Pool Management. But how do we create an NSGroup or a Distributed Firewall Section? This post contains some additional examples and I’ll update this post as new scripts will come along.

    The first thing we need to do is connect to the NSX-T Manager:


    Create a NSGroup based on a Security Tag

    Read More

    VMworld 2018

    VMworld 2018 US Day Three

    Today there was no General Session so it was straight to the VMVillage to catch up with all the people from the vCommunity. It is such a great please to meet the real people behind a twitter picture or other social media and have chat.

    VMworld 2018

    Especially the VMTN Community area in VMvillage is a hot spot and buzzing with activities like for example the vBrownBag TechTalk. If you’re not familiar with the vBrownBag TechTalks:

    vBrownBag is about community education, created by the community to help others in the community. The TechTalks allow community members and community-minded sponsors, to present content at VMworld that would not (or did not) get accepted to the main conference track.

    And believe me, all the sessions where jam-packed! All vBrownBag TechTalk the sessions are recorded as well and published on Youtube in this playlist: 2018 VMworld TechTalks.

    VMworld Party Fest!

    The well know VMworld Party was rebranded this year as the VMworld Fest, it was held at the Pavillions at World Market. The venue looked great but there were some issues with long lines at the food trucks and they even ran out of beer!?! Luckily we already enjoyed an awesome dinner and somehow @vHojan managed to find a waiter with a tray full of beer at the venue?!? So we could just watch the show while enjoying a beer.

    The headliner at the VMworld Fest was Royal Machines, the group is fronted by Mark McGrath (of Sugar Ray), Dave Navarro (of Jane’s Addiction), and Billy Morrison (of Billy Idol as well as The Cult). And they even brought some friends in the form of Robin Zander (of Cheap Trick), Sebastian Bach, Macy Gray, Fred Durst (of Limp Bizkit). For a bunch of old-timers, they still know how to throw a party!

    Some cool VMworld 2018 US numbers:

    • 21,000 Registrants
    • 86 Countries
    • 5,280 Companies Represented
    • 215 Exhibitors and Sponsors
    • ~200 Customers stories
    • 50K+ VMworld Mentions on Social Media
    • ~10k Hands On Labs

    Next year the VMworld 2019 US will move back to San Francisco! So mark your calendars for August 25-29 2019.

    Tomorrow is the last day of VMworld 2018 US, it will be the day where everyone is leaving for home and the venue will be so much quieter. So, for now, have a safe trip home for everyone who attended VMworld 2018 US and I hope to see you all again in Barcelona for VMworld 2018 EU!

    As I did for the last couple of days, I’ve gathered some announcements made on the third day which you can find below (only there were not that many…)! I’ll update the page as more and more information will be released.

    VMworld 2018 US Day Three Announcements

    VMworld 2018

    VMworld 2018 US Day Two

    Can’t believe I’m still alive after such an amazing day one at VMworld 2018… We closed off day one with an epic party from AWS and Rubrik at Hakkasan with performances by RUN-DMC and The Roots! Rubrik and AWS have again raised the bar for VMworld parties and I’m already looking forward to next year!

    VMworld 2018

    But back to business, VMworld Day Two!

    The General Session on Tuesday was led by Sanjay Poonen and he had an interesting guest namely Malala Yousafza. She is the youngest Nobel Prize winner and her story and message to support education for girls and women is inspiring. You can watch the replay of the General Session here, I’m not 100% sure if the whole interview with Malala was recorded.

    After the General Session, I was able to attend some breakout sessions I had scheduled. When all the recordings are online I’ll update this post with the links to the recordings of the sessions.

    Unfortunately, in the evening I was not able to attend the vExpert party due to some other engagements which was a shame because I heard some good stories!

    Again I’ve gathered some announcements made on the second day which you can find below! I’ll update the page as more and more information will be released.

    VMworld 2018 US Day Two Announcements

    VMworld 2018

    VMworld 2018 US Day One

    Oh yes, the time has come for the first official day of VMworld 2018 US!

    Yesterday we’ve already kicked off with a VCDX Town Hall session where even Pat Gelsinger and Michael Dell made a guest appearance! During this VCDX Town Hall session the latest announcements to the VCDX program where discussed. Unfortunately, I’m not able to share these announcements yet but they will be soon made public so stay tuned.

    VMworld 2018

    The first day started as usual with the General Session Keynote where CEO Pat Gelsinger took the stage, he started talking about 20 years of VMware and showed how far VMware has come. The keynote featured a number of previews and demonstrations like:

    • RDS on VMware: VMware demonstrated how Amazon Web Service’s RDS service will run on VMware in a private data center, thus offering developers a familiar RDS functionality available on VMware in a private data center or at the Edge.
    • Project Dimension: A VMware technology preview that will extend VMware Cloud to the data center, branch offices and the edge. Project Dimension will combine VMware Cloud Foundation, in a hyperconverged form factor, with VMware Cloud managed service to deliver an SDDC infrastructure as an end-to-end service, operated by VMware. Project Dimension will dramatically simplify operational complexity and cost and offers built-in security and isolation, allowing customers to focus on innovating and differentiating their businesses.
    • Project Magna: Project Magna will make possible a self-driving data center based on machine learning. It is focused on applying reinforcement learning to a data center environment to drive greater performance and efficiencies. The demonstration illustrated how Project Magna can learn and understand application behavior to the point that it can model, test, and then reconfigure the network to a make it more optimal to improve performance. Project Magna relies on artificial intelligence algorithms to help connect the dots across huge data sets and gain deep insights across applications and the stack from application code, to software to hardware infrastructure, to public cloud and the edge.
    • Virtualization on 64-bit ARM for Edge: VMware demonstrated ESXi on 64-bit ARM running on a windmill farm at the Edge. VMware sees an opportunity to work with selected embedded OEMs to scope and explore opportunities for focused, ARM-enabled offering at the edge.
    • Project Concord: VMware demonstrated a highly scalable, energy-efficient decentralized trust infrastructure for digital consensus and smart contract execution. Project Concord may be used to power distributed trust infrastructures, including blockchains. As a leader in enterprise-grade distributed management and security products, VMware is poised to help enterprises harness blockchain technology in a dramatically efficient manner to advance their business goals. Project Concord is available immediately as an open source project.

    I’ve gathered most of the major announcements made on the first day which you can find below! I’ll update the page as more and more information will be released.

    VMworld 2018 US Day One Announcements

    VMworld 2018 Las Vegas

    Here we go again! VMworld 2018 Las Vegas is starting in just a few days! Vegas Baby!

    VMworld 2018 Las Vegas

    VMworld is the tech conference everyone from customers to partners dealing with VMware technology. Team ITQ has a presence at VMworld in the form of Johan van Amersfoort, Laurens van Duijn and Wesley Geelhoed and yours truly. And we are bringing a bunch of cool stickers with us as well!

    Just find us lingering around at the VM Village or Bloggers Area or hit us up on twitter to collect yours!

    VMworld 2018 Las Vegas Sessions

    Here is a selection from the session I’m really looking forward to:

    [VIN2410BU] Nerds with Appliances: vCenter Server Migration

    William Lam & Emad Younis

    The VMware vCenter Server deprecation for Windows has been announced, and the vCenter Server Appliance is the future. Don’t fear: Migrating your management from a vCenter Server on Windows to a vCenter Server Appliance does not have be complicated. This session will cover native tools provided by VMware to help guide you toward a successful migration from a vCenter Server on Windows to a vCenter Server Appliance. You will learn about the migration process, get best practices, learn tips and tricks, and see some automation magic to guide you through your transition from Windows to the appliance.

    [VIN2256BU] Tech Preview: The Road to a Declarative Compute Control Plane

    Maarten Wiggers & Frank Denneman

    Declarative control planes are becoming increasingly popular in the industry. Instead of explicitly defining configurations, declarative control planes tell the architecture what the desired state should be. The desired state could be high priority, or keep particular VMs or containers separate. Within the software-defined data center (SDDC), VMware vSphere offers two declarative control planes: one for networking and one for storage. However, there is no declarative control plane for compute yet. Compute policy provides a framework to allow our customers the flexibility and control of VM placement and resourcing decisions based on the user’s encompassing application needs. In this session, you will learn about the capabilities introduced in the VMware Cloud SDDC as a path to achieve that goal.

    [CNA2755BU] Architecting PKS for Production: Lessons Learned from PKS Deployments

    Romain Decker & Suman Sharma

    Are you curious about how customers are leveraging Pivotal Container Service (PKS) and VMware NSX-T to design and deploy a Kubernetes solution on VMware vSphere? In this session, you will get a deep dive into PKS within the context of real-world customer deployment scenarios. The speakers will share the lessons learned from their successful PKS and NSX-T deployments, and show you how to architect PKS for a production environment. Come and learn about the do’s, don’ts, and best practices. After this session, you will be better equipped to deploy and manage enterprise-grade Kubernetes in your infrastructure and use NSX-T to bridge the gap in network and security for container workloads.

    [VIN2650BU] Designing for the Unexpected: Delivering IT on a Boat with VMware Horizon

    Mark Brookfield & Katarina Wagnerova

    This session will discuss some of the key requirements of delivering an IT infrastructure on a boat for a maritime expedition.
    You will find out how using VMware’s end-user computing solution enabled the science team to deliver complex applications that map the archeology of the Black Sea.
    Find out about the requirements, constraints, and risks, plus the decisions taken to overcome them, making it possible to conduct one of the largest multidisciplinary maritime archaeology projects ever attempted.

    [VIN1738BU] vSphere Host Resources Deep Dive: Part 3

    Frank Denneman & Niels Hagoort

    While this session focuses on upper levels/overlay services (software-defined data center, VMware NSX), proper host design and management still remain the foundation of success. With these new overlay services, we are presented with a new consumer of host resources. Ironically, it’s the attention to these abstraction layers that returns us to focusing on individual host components. This talk goes into details of CPU and memory configuration. It also zooms in on how virtual networking influences VM configuration and host design. Learn about a collection of forgotten or unknown command line tools that provide you unparalleled insight of the behavior of resource consumers (VMs) and providers (hosts). This info contributes to optimal scaling decisions and allows you to right-size your virtual data center to achieve consistent performance.

    VMworld 2018 Las Vegas Links

    Some must read blog posts about VMworld 2018:

    And finally some other handy links for VMworld 2018 Las Vegas:


    I hope to see you in Vegas to chat about whatever (even non-VMware related stuff 😉 ), just say hi if you see me or hit me up on twitter @vMBaggum.

    VMware EMPOWER 2018

    Well it’s over… The first “VMware’s elite technical event for Partners” aka VMware EMPOWER 2018 is behind us. For people who are not familiar with what VMware EMPOWER is:


    VMware EMPOWER has replaced the technical aspect of Partner Exchange (PEX) previously held at VMworld. EMPOWER 2018 is taking place at the Omni Atlanta Hotel at CNN Center in Atlanta. The event is only available for VMware partners and is the place to be to get in-depth, technical deep-dives into VMware products and solutions. The event is focussing on people with a technical background such as SEs and Architects.

    You can read the full story here

    During the event our hands where itching to blog and tweet about all the goodness that was presented during all the session, but unfortunately all the NDA disclaimers prohibited us to do so…

    EMPOWER 2018 Summary

    General Session

    Brandon Sweeney kicked-off the general session and explained how important partners are for VMware. It was nice to see the recognition by VMware for the VCDX certification, including the mention of the VCDXs attending VMware EMPOWER. After Brandon Robin Gunn and Matthew Stepanski took the stage and talked about the portfolio of technical training for partners and successful services delivery. Chris Wolf closed the General Session with some cloud-to-edge principles, VMware Cloud, Functions as a Service (Faas) and the importance of all partners on this journey.

    Partner Networking Reception

    The Partner Networking Reception was held at the College #Football Hall of Fame. Which was a really cool location with loads of stuff to see and to do. Then some good food, good music and an awesome atmosphere of people enjoying themselves kept us busy the whole evening.


    All sessions were recorded and a link will be send out to all registered attendees in about one or two weeks after the event.


  • The content delivered was GOOD! In my opinion the content was much better (more technical) than at VMworld
  • FREE EXAMS!! An awesome perk of attending the event is that there was a voucher for a free VCP or VCAP exam included
  • The timeframe of around 6 months after VMworld is in my opinion a perfect moment to plan this event and have a summary of what is happening with all things VMware related
  • No vendors!! I think keeping the vendors out is a positive thing, it really keeps the focus on the VMware and not the whole ecosystem
  • VMware really listened to the feedback of partners and the EMPOWER team really took a step in the right direction to empower the Partner Ecosystem
    The event was spot on, it is the ultimate technical training event of the year for partners. Would I recommend it to other partners? Most definitely!

    Room for improvement?

  • The 60-second “unrehearsed” questionnaire was not well received…
  • For my EUC focussed colleague Hans Jaspers it was quite difficult to fill his agenda with sessions from the EUC track
  • My company, ITQ, invests heavily in all the Solution Competencies available, but these Solution Competencies were never mentioned or explained during this partner event. As #1 leader of the Partner University Arie-Jan Bodde would like to see more information about the importance and necessity of the solution competencies and what benefit it could bring for the Partner Ecosystem
  • The LiveFire sessions looked really good, but they took the whole day, therefore planning these sessions with other shorter sessions was not possible
  • Include Partners in the sessions for their war stories and lessons learned from the trenches
  • WiFi… Yes, the WiFi was horrible the first day but luckily it was improved the next day. Because having a technical event without proper WiFi is asking for a riot

    Some fun facts

  • The event was put together in 90 days
  • Almost 1,000 attendees
  • 57 countries represented
  • 74 technical sessions completed on the first day
  • 802 backpacks distributed
  • 58 gallons of coffee consumed on the first morning
  • 350+ VMware Certification Exams booked

    All in all me and my colleagues had a blast and left Atlanta a little bit smarter then we arrived so mission accomplished!

    How to prepare for the AWS Certified Solutions Architect Associate exam

    Time does fly… It has been a couple of weeks since I took and passed the AWS Certified Solution Architect exam. But it was such a good experience and that’s why I want to share how I prepared and sat the exam.

    AWS Certified

    The Exam

    Having done all different kind of VMware exams, the whole AWS exam was refreshing! Instead of asking really specific questions what certain products could do, this AWS exam goes into more detail about how you would solve an issue for a customer. That is just a completely different approach and was quite interesting to say the least.

    For the exam itself you can follow the basic exam rules:

  • Read the question in full, no really read them in full!
  • For multiple choice use the eliminate process
  • Flag the question when in doubt and move on
  • Don’t stress, I’m serious just try keep your calm and take a deep breath you’ll be OK!

    Study Resources

    Exam Guide

    Download the latest version of the Exam Guide here and read it carefully. At the time of writing there are two options for the exam:

  • AWS Certified Solutions Architect – Associate
  • AWS Certified Solutions Architect – Associate (Released February 2018)
  • Please do read the Exam Guides carefully because the exams are quite different!

    AWS Free Tier

    When you don’t have a lot of real life experience under your belt with AWS, where do you get started then? Well my advice is that your first step is to sign up for the AWS Free Tier. The AWS Free Tier gives you free, hands-on experience with the AWS platform, products, and services!

    So what are you doing still here? Go sign up!

    A Cloud Guru

    And then? What to do next? I went for the video course approach and watched the whole A Cloud Guru – AWS Certified Solutions Architect Associate course within a week (luckily I had to travel a lot that week 😉 ). It is one of the best video courses I’ve done and I have the uttermost respect for all the work Ryan Kroonenburg and his team put in to it!

    AWS Certified Solutions Architect Official Study Guide

    What about a good old trustworthy book? I’m personally not a real fan of books (sorry I would rather see the movie 😉 ) but I did borrowed the AWS Certified Solutions Architect Official Study Guide from my colleague Jeffrey Kusters (thanks again Jeff for your help, otherwise it would have been a train wreck!). It contains some good practice questions that have a similar style as the questions in the exam.

    AWS FAQs

    Amazon has some superb FAQs containing tons and tons of information and also contains essential information for the exam!

    STUDY TIP: Focus on the following FAQs *wink wink nudge nudge*

  • Amazon EC2
  • Amazon S3
  • Amazon VPC
  • Amazon Route 53
  • Amazon RDS
  • Amazon SQS
  • So what’s next?

    For me the whole AWS Certified Solutions Architect Associate exam was just an awesome experience! It gave me a new boost in pursuing new and different kind of exams. At this moment I just want to get some more hands on experience first, with al the spiffy AWS services before sitting the AWS Certified Solutions Architect Professional exam. So next up I think it is the Cisco CCNA Routing and Switching exam, an exam I’ve been pushing back for years… To be continued!

    vSAN Memory Consumption Calculator

    The vSAN Memory Consumption Calculator has been updated on 19-01-2021 to reflect vSAN 7.x after the KB has been updated and I got some messages that the calculator was not up-to-date anymore.

    Disclaimer !! This calculator is officially not supported by VMware, please use this calculator for indications only. Please use the official vSAN sizer at for vSAN sizing.

    I ran into a strange issue today, a host was consuming way to much of RAM while running a single VM running on it. And that single VM was only configured with half of the RAM of the host?!? After some basic troubleshooting a colleague (thanks Satish) pointed me to the KB article KB2113954 which explained the issue.

    vSAN Memory

    The host in question was configured with 128GB of RAM and had 4 disk groups with 7 large capacity disks. If you do the math it required 48GB of RAM to run this vSAN configuration. In other words, it explained what we saw! vSAN was gobbling up more RAM than was anticipated!

    To calculate vSAN memory consumption you use this equation:

    vSANFootprint = HOST_FOOTPRINT + NumDiskGroups * DiskGroupFootprint


    Easy right? Well let me make it even easier for you:

    All Flash vSAN Memory Consumption Calculator


    Hybrid vSAN Memory Consumption Calculator

    * vSAN scales back on its memory usage when hosts have less than 32GB of memory. Source: Link

    VMworld 2017 EU Day Two

    *BEEP BEEP BEEP*… That moment your alarm goes off at 7am while it feels you just went to bed… But never mind, it’s time for VMworld 2017 EU Day Two! Let’s go!

    VMworld 2017 EU Day Two

    Queue the “General Session” for day two and again we (Johan van Amersfoort, Sam McGeown, Matthew Bunce, Niels Hagoort and Giuliano Bertello) were doing our thing on the CrowdChat which you can read here: #VMworldDayTwo

    If you missed the “General Session” you can find the replay here: General Sessions – VMworld Europe

    The rest of the day for me was filled with meetings, round tables and whisperer sessions so the day flew by before I knew it.

    In the evening my employers from ITQ organised an awesome trip to Mara Nostrum Supercomputer. So you would think OK supercomputer nice but not special… Well actually this is one of most cool supercomputers you will see, because it is located in a church!

    And it has some impressive numbers:

  • Speed 13,7 PFlops
  • Storage 14 PB
  • Power 1,3 Kw
  • OS SUSE Linux

    Unfortunately, there were not a lot of new announcements made on day two. But I found the following articles interesting, so I would like to share them with you.

  • Security in the Age of Internet Separation
  • VMware Continues to Drive Momentum for NFV in 2017
  • VMworld 2017 EU Day One

    No time to recover from VMworld US because it’s time for VMworld EU Day one again!

    VMworld 2017 EU Day One

    I flew in on Sunday afternoon which gave me some time to get settled and enjoy some proper tapas before the Partner Exchange began on Monday. Like every year my employers from ITQ organizes a good diner for all 30(!!!) employees that are attending VMworld EU. It’s amazing to work for a company that puts so much time and effort in getting people at VMworld, because they simply see the benefit of people attending this event. For example where else do you have the opportunity to meet up with peers from the IT industry and share knowledge. Or attend sessions led by the experts in their field.

    On Monday there was one meeting in my agenda that I was really looking forward to, a meeting with Pat Gelsinger. It was arranged by the NSBU as part of the NSX Partner Summit and it was something special, we could ask him anything we wanted! It was really interesting to listen him talk about all kind of topics and boy he know his stuff, in depth? No problem, High Level? No problem. Eirik Vada perfectly describes it in tweet:


    So now I’ll Fast forward to Tuesday morning and the general session. I’ve been asked to be one of the hosts on a VMworld 2017 EU Day One Crowdchat for VMware EMEA together with Matthew Bunce, Rebecca Fitzhugh and Sam McGeown which was pretty fun to do. You can find it here: #VMworldDayOne

    If you missed the keynote you can watch it here: General Sessions – VMworld Europe

    As I did in VMworld US, I’ve gathered some of the interesting announcements made on the first day, which you can find below.

  • VMware Speeds Customer Time to Value for SDDC and Multi-Cloud Management with New vRealize Suite 2017
  • VMware Unveils New Innovations to Cloud Provider Program
  • GDPR and Addressing Data Security Gaps with VMware
  • VMware Offers Communications Service Providers the Fastest Path to OpenStack for Network Functions Virtualization