I’m involved in a fair amount of migration work at the moment, moving customers between cloud platforms on vCloud Director. I’ve been using Zerto to do the replication/failover which works really well for the VMs inside the vApps being migrated, but doesn’t replicate any firewall rules configured on the vApp networks. With Zerto Replication, the vApp isn’t created in the target vCloud Director instance until you actually undertake the move, there is no opportunity to set the firewall rules up in advance. Scripting this allows us to automate the process, making the migration much less time consuming (the customer VMs are down, so the quicker it’s completed the better!) and eliminating the risk of “finger trouble” causing errors in rules.
So two scripts; one to export the firewall rules to a CSV file and another to import rules from a CSV file. It doesn’t switch the firewall on or set the default policy but that’s a minor thing to do manually once on the vApp.
Export Script
Download this to a file, fire up PowerCLI and log into the source vCloud Director instance and run the script passing the required parameters.
Import Script
The import script takes exactly the same parameters as the export script. In fact you could just change the script name and leave everything as it is and it would work.
UPDATE 22/01/2018: Changed the section that sets the protocol types. It seems that explicitly setting these to $false can cause problems. The solution is to just not set anything unless it is $true.