Skip to content

Latest commit

 

History

History
113 lines (73 loc) · 6 KB

README.md

File metadata and controls

113 lines (73 loc) · 6 KB

1-Click-Nutanix-Core

1-Click-Nutanix is a PowerShell based framework that uses Nutanix NCM as its UI. It seamlessly integrates with Nutanix and orchestrates its deployment and management. Its designed for larger retail environments, many clusters in many locations. It brings full autonomous deployment and management of the entire Nutanix stack.

Getting started.

The installation is complex, it requires integrations with customer IPAM systems and Vault. Many different products are available using PowerShell API libraries for integration capabilities. Other integrations are optional. The sample customer is designed to use HashiCorp Vault. Using Infoblox as the IPAM Solution. This is however just an example. Customer integrations dictate naming convention, behavior, source of truth and many more things. Hence each customer needs its own integrations written and settings applied.

To separate the shared code from the costumer code, the software library is separated into 2 repositories, this one, and https://github.com/nutanix/1-Click-Nutanix-SampleCustomer Both repositories combined create 1-click-nutanix. The core, this repo contains all the shared code. The customer repo contains all the customer specific process functions and their settings.

Hence this codebase can be shared across multiple teams and customers, sharing the same core. The customer repo needs to be modified for each customer implementation. The consumer repo can hold 2 types of installers, Full PC and Platform install. Or just the site installer. Full PC and Site installers are by definition customer specific. They need to be tailor made to the environment. For inquiries read below.

History

1CN was developed in its first generation in 2018, currently its running on generation 5 of its codebase. Each generation is a large overhaul improving the product. And its been serving customers ever since. The 5th generation is running all its commands against the latest and greatest Nutanix V4 APIs.

Features

100% Automation

The NCM Marketplace is fully generated by code, using JSON customer config driven, custom logos. Workloads, New Retail locations, New Appliances. 5 Different tiles templates can be auto generated into several tiles published as desired inside the NCM marketplace. New Site, New Metro Site, Dynamic Workload Tiles, Custom Workload tiles and Standard workload tiles. Allowing many different combinations of workloads separated with RBAC for global team consumption.

Each cluster gets its own Automation Control Panel inside NCM. Allowing manual triggers on locations e.g. Site Power Maintenance. Shutdown the retail location and start it up at a given time.

Desired State Configuration forces the Site and everything in scope to adhere to global config keeping into mind its deviations like its regions, this is done based on several input variables stored inside the Control Panel, making sure no local / manual site configuration should be applied for any site. Its all maintained automatically, CMDB and IPAM are always up to date and leading in deployments. OOB and Nutanix is kept up to par. Naming convention on hosts, Categories on VMs, anything is possible.

Multi Customer Config 1-Click-Nutanix is 100% multi customer, each customer can have its own integrations like Vault, PKI or IPAM. No customer process settings or handles are hardcoded.

CI/CD 1-click-Nutanix has its own CI/CD integrated. Standalone but also suitable for launch via GitLab runners, no special coding required.

100% Security

Certificate Rotation ILO/iDrac/IPMI Prism Element and Prism Central certificates are automatically rotated in a configurable frequency 1 week or longer. Integrating with customer PKI Systems, modern or legacy.

Password Rotation, never worry or manually change passwords on any of the retail infrastructure, this is all done on a weekly basis, securely for all accounts local or remote to the site. Password complexity configurable per secret.

AIDE Hardening Nutanix AIDE hardening is integrated into 1-click-Nutanix, simply select the option in the cluster profile and the retail location is completely hardened, all of its features including DARE.

Flow Micro segmentation, yet indispensable to keep retail locations safe from jumping from public systems to corporate systems. Flow Policies are automatically configured, corporate systems are secured.

Tripwire Retail locations often deal with credit card sensitive information and thus should be PCI DSS compliant, 1-click-Nutanix has extensive Nutanix ready Tripwire integrations as a customer integration.

0% Repetitive

Automated LCM Simply test the payload package in DTAP, once released to Production, all retail locations will automatically receive the update packages, no human intervention required. Weekly intervals or longer.

Automated Data Protection, Volume Metro Sync Rep, for high available locations or Async Backup replication is part of 1-click-Nutanix, no manual configuration required. Data is always protected inside its country, a nearby site or central locations if possible.

70 Minutes Location Popup, 1-Click-Nutanix validates tests, connectivity, firewalls and settings prior building a new retail location. Total runtime for a new retail location takes about 68 minutes prior being workload ready.

Automated Day 0,1 and 2 New Sites, New Workloads, Config changes are all 100% automated, no human intervention or administration required. Even code documentation is automatically generated into a help website.

Automating just Nutanix is not the whole solution for your business. Its integrating this automation into Customer Systems that adds the real value to the operations.

Existing Integrations:

Vault

  • Hashicorp Vault
  • AKeyLess
  • CyberArk

IPAM

  • Netbox
  • Solid IPAM
  • InfoBlox

PKI

  • Windows CA
  • Keyfactor
  • DNSSimple

OOB

  • NX
  • Dell
  • HP

Workloads

  • SCCM
  • Ansible

Security

  • Tripwire

Please ask your Nutanix Sales responsible person to request a Demo, POC or Pilot. Author: Michell Grauwmans