limit scope of finding VMs by MAC address to cluster level and not NetBox wide

[jhammond-git]

I am sync'ing multiple clusters that are very similar, just in different locations. Every now and then, I see a VM get renamed and moved around to different clusters such as this:

2022-04-06 14:46:17,662 - INFO: Virtual machine 'TEST_VM_LOC1' attribute 'name' changed from 'TEST_VM_LOC1' to 'TEST_VM_LOC2'

There are subsequent logs for updating the interfaces, IPs, etc... This happens on every run.

[bb-Ricardo]

Can you use -l DEBUG2 and see why the script tries to rename the VM. It must be finding a NetBox object due to some parameters. Do the VMs have the same MAC address?

[jhammond-git]

Oh man, that's a lot of spam.

Yes, the logs now show that it's matching on the MAC address. However, it's matching to a VM in a completely different cluster in a different location with a different name.

[jhammond-git]

Can the search for an existing VM be isolated the current cluster it's working on?

[bb-Ricardo]

mmhhhh, good point.

Will have a look into it to narrow it down to the same cluster.

[patschi]

I'm not sure if that's the best way. The MAC address is supposed to be unique within the entire vCenter system (based on the vCenter instance ID). Also, when using VRF/NSX to create independent virtualized networks, MAC addresses can be identical within the same cluster without any issues.

Maybe it might be more useful to isolate MAC address matching using Netbox VRF instances or so?

[bb-Ricardo]

Just curious how the scoping should work. Usually you would try to adapt the VMs which are already configured in your NetBox.

This would also result in a quite complex search strategy. Which implies that the existing NetBox configuration is already quite adequate.

• get the interface VRF from IP or VLAN
• get all interfaces which belong to this VRF
• find a VM with same matching multiple interface configuration and matching MAC addresses

Could also be that this is a way to complex approach.

I would assume 48 bit are enough to form a unique address within a vCenter instance.

[bb-Ricardo]

@patschi,

Would be interested in your input on this.

[patschi]

I think it's quite difficult to make it working right for everybody, as it might also depend on the use-case.

So within a vCenter instance, the MAC address should be unique (00:50:56:xx:yy) across the vCenter system - the 4th block will depend on the vCenter ID set. It should be unique even across clusters on different physical sites, connected to the same vCenter instance (which is not uncommon). [Just a small additional read: https://kb.vmware.com/s/article/1024025]

If you add standalone ESXi installations (without any vCenter), the VMs will have the MAC address 00:00c:29:xx. In this instance I'd say conflicting MAC addresses are fine, as long as they aren't on the same broadcast domain obviously.

But the ESXi hosts might be all added to netbox and cause MAC address conflicts. I'm new to netbox, so not sure how we this can be managed in the best possible way, to fit everybody.