Using the NSX API to Check the Status of a Firewall Rule Publish Action
Well, that title sure is a mouthful! But, it's also what this post is all about, so let's get to it! One of my customers was experiencing an issue where it was taking longer than expected for an NSX firewall rule publish to propagate to all of their ESXi hosts. While troubleshooting the core issue, they needed a way to get better visibility into the process so that they'd know when their publishes had succeeded. That data was not available in the GUI, but after asking a few friends at VMware, we learned that we could get to it through the API by a simple command: GET /api/4.0/firewall/globalroot-0/status . Those are the facts that we collected, so here's what we did with them! First, I knew that one of my customers had done some work with the NSX API, so I asked him for some advice. He pointed me at one of Mark Wahl's articles and gave me an excellent framework to build on. I used that NSX API framework to send the GET command that we'd collected,...