Network Service API Specification

What is the Network Service REST API?

The network service provides features that allow you to manage network and security settings. It acts as an abstraction layer over the networking and security features provided by the infrastructure (vSphere, NSX and VCNS).

The network service provides support for creating and configuring existing networks, on-demand NAT networks and on-demand routed networks, creating load balancers, and adding and configuring security groups and security tags for vSphere machines. IaaS is registered as a provider for all the networking domain objects.

There are five domain objects associated with the network service:

1. Network
2. Load Balancer
3. Security Group
4. Security Tag
5. Security Policy

Each object has its corresponding type. The provider registers the a domain object type with the service.

Typical Use Cases

You can use the network service REST API to:

• Allocate or deallocate a network or security component
• Validate a network or security component at authoring time
• Create, update, or delete load balancer types
• Create or delete on-demand network objects
• Request a network resource
• Create, update, or delete network types
• Return a list of on-demand networks
• Return a list of existing security groups
• Create, update or delete on-demand security groups
• Assign a security group (on-demand or existing) to a machine
• Create, update, or delete security group types
• Return a list of existing security tags
• Assign a security tag to a machine
• Return a list of existing security policies
• Create an on-demand security group with a list of selected security policies

For example, the composition service calls the network service for allocation, provisioning and day-2 operations, by using the converged blueprint format.

Key Concepts

Network

A collection of nodes interconnected via physical or virtual paths/links.

Load Balancer

A physical or logical device that distributes incoming requests evenly among multiple servers that can handle traffic so as to maximize throughput and avoid single points of failure. This allows cumulative network traffic to be split up into multiple paths before the traffic reaches the destination/target.

Security Group

Security groups are a mechanism that enables the network administrator to dynamically associate and group workloads or objects that belong to one's vSphere inventory. Users can assign machines to an existing security group or define an on-demand security group by selecting one or more existing security policies.

Security Tag

A security tag is a qualifier object or categorizing entry that is used as a grouping mechanism. Using NSX, administrators define the criteria that an object must meet to be added to a security group to configure security tags. Users can use the network component APIs to query and assign existing security tags to machines.

Security Policy

A security policy is a re-usable set of specific rules spanning network and security services that can be applied to a security group. Users can define an on-demand security group by selecting one or more of the existing security policies.

Additional Information

For additional information about the VRealize Automation REST API, see the VRealize Automation Programming Guide or the user documentation for VRealize Automation.