Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Problem to import segment created by HCX in NSX in VMC #1110

Closed
gmoulard opened this issue Feb 12, 2024 · 4 comments · Fixed by #1118
Closed

Problem to import segment created by HCX in NSX in VMC #1110

gmoulard opened this issue Feb 12, 2024 · 4 comments · Fixed by #1118
Assignees
@annakhm
Labels
documentation Documentation

Comments

@gmoulard
Copy link

Describe the bug

hi,

When I create a segment in my VMC's NSX, I can import it into my tfstate.
Unfortunly when the segment is created by HCX, in my VMC's NSX, I can not import it on my tfstate.

The requeted API by provider « GET /policy/api/v1/infra/segments » don't find the segment !!!
And yet, the segement is visible in NSX consol and in NSX API "POST /policy/api/v1/search/aggregate?page_size=50&cursor=0&sort_by=display_name&sort_ascending=true"

In // I have an SR opened with vmware support on the same problem SR 24491732101

Best regard,
Guillaume

Reproduction steps

  1. terraform import nsxt_policy_segment.segments["rec-test"] rec-test

Expected behavior

import segment rec-test in nsxt_policy_segment.segments["rec-test"

Additional context

No response
@gmoulard gmoulard added the bug Bug label Feb 12, 2024
@salv-orlando
Copy link
Member

Hello,

The search aggregate API query you reported does not specify the resource_type.
I might be wrong but I think the segment created by HCX are tier-1 segments.

Which resource or data source did you use?
Did you try using nsxt_policy_fixed_segment as well?

@annakhm moving this into your queue.

@gmoulard
Copy link
Author

gmoulard commented Feb 13, 2024
edited
Loading

Hello,

I use nsxt_policy_segment in my case. I don't test nsxt_policy_fixed_segment.

My Code;
``resource "nsxt_policy_segment" "segments" {
lifecycle {
ignore_changes = [security_profile]
}

for_each = local.segments
display_name = each.key
description = each.value.description
connectivity_path = "/infra/tier-1s/cgw"
transport_zone_path = data.nsxt_policy_transport_zone.transport_zone.path

tag {
scope = each.value.env
tag = "env"
}
tag {
scope = each.value.app
tag = "app"
}
subnet {
cidr = each.value.subnet
}
advanced_config {
connectivity = "OFF"
}
}``

@gmoulard
Copy link
Author

gmoulard commented Feb 14, 2024
edited
Loading

Indeed my import works with an nsxt_policy_fixed_segment.
Many tanke for this info @salv-orlando

What are the differences between nsxt_policy_fixed_segment and nsxt_policy_segment?

@annakhm annakhm added documentation Documentation and removed bug Bug labels Feb 14, 2024
@annakhm
Copy link
Collaborator

annakhm commented Feb 14, 2024

Hi @gmoulard, segment and fixed segment are different API endpoints in NSX, fixed segment is always attached to a gateway, while regular segment can be detached. Other than that, those segments are very similar.

@annakhm annakhm linked a pull request Feb 15, 2024 that will close this issue
Improve docs around segments and fixed segments #1118
Merged
@annakhm annakhm linked a pull request Mar 6, 2024 that will close this issue
Fix empty QoS profile issue in segment #1139
Merged
@annakhm annakhm removed a link to a pull request Mar 6, 2024
Fix empty QoS profile issue in segment #1139
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@annakhm annakhm

Labels
documentation Documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Improve docs around segments and fixed segments vmware/terraform-provider-nsxt
3 participants
@salv-orlando @gmoulard @annakhm