Prepare the OVF template

To deploy Mirantis Container Cloud on a vSphere-based environment, the OVF template for cluster machines must be prepared according to the following requirements:

  1. The VMware Tools package is installed.

  2. The cloud-init utility is installed and configured with the specific VMwareGuestInfo data source.

  3. For RHEL deployments, the virt-who service is enabled and configured to connect to the VMware vCenter Server to properly apply the RHEL subscriptions on the nodes. The virt-who service can run on a standalone machine or can be integrated into a VM template.

The following procedures describe how to meet the requirements above either using the Container Cloud script or manually.

To prepare the OVF template using the Container Cloud script:

  1. Prepare the Container Cloud bootstrap and modify templates/vsphere/vsphere-config.yaml.template and templates/vsphere/cluster.yaml.template as described in Bootstrap a management cluster, steps 1-9.

  2. Download the ISO image depending on the target OS:

  3. Export the following variables:

    • The path to the downloaded ISO file.

    • The vSphere cluster name.

    • The OS name: rhel or centos.

    • The OS version: 7.8 or 7.9 for RHEL, 7.9 for CentOS.

    • Optional. The virt-who user name and password for RHEL deployments.

    For example, for RHEL:

    export KAAS_VSPHERE_ENABLED=true
    export VSPHERE_RO_USER=virt-who-user
    export VSPHERE_RO_PASSWORD=virt-who-user-password
    export VSPHERE_PACKER_ISO_FILE=$(pwd)/iso-file.dvd.iso
    export VSPHERE_CLUSTER_NAME=vsphere-cluster-name
    export VSPHERE_PACKER_IMAGE_OS_NAME=rhel
    export VSPHERE_PACKER_IMAGE_OS_VERSION=7.9
    
    Optional variables

    Variable

    Description

    VSPHERE_VM_NETWORK_DEVICE

    Network interface name in a virtual machine. Defaults to eth0.

    VSPHERE_VM_TIMEZONE

    Time zone for virtual machines. Defaults to America/New_York.

  4. Optional. If you require all Internet access to go through a proxy server, in bootstrap.env, add the following environment variables:

    • HTTP_PROXY

    • HTTPS_PROXY

    • NO_PROXY

    Example snippet:

    export HTTP_PROXY=http://proxy.example.com:3128
    export HTTPS_PROXY=http://user:pass@proxy.example.com:3128
    export NO_PROXY=172.18.10.0,registry.internal.lan
    

    The following variables formats are accepted:

    Proxy configuration data

    Variable

    Format

    • HTTP_PROXY

    • HTTPS_PROXY

    • http://proxy.example.com:port - for anonymous access

    • http://user:password@proxy.example.com:port - for restricted access

    • NO_PROXY

    Comma-separated list of IP addresses or domain names

    For the list of Mirantis resources and IP addresses to be accessible from the Container Cloud clusters, see Requirements for a VMware vSphere-based cluster.

  5. Prepare the OVF template:

    ./bootstrap.sh vsphere_template
    
  6. After the template is prepared, set the SET_VSPHERE_TEMPLATE_PATH parameter in templates/vsphere/machines.yaml.template as described in Bootstrap a management cluster.

To prepare the OVF template manually:

  1. Run a virtual machine on the vSphere data center with the DVD ISO mounted to it. Specify the amount of resources that will be used in the Container Cloud setup. A minimal resources configuration must match the Requirements for a VMware vSphere-based cluster for a vSphere-based Container Cloud cluster.

  2. Bootstrap the OS using vSphere Web Console. Select a minimal setup in the VM installation configuration. Create a user with root or sudo permissions to access the machine.

  3. Log in to the VM when it starts.

  4. Optional. If you require all Internet access to go through a proxy server, in bootstrap.env, add the following environment variables:

    • HTTP_PROXY

    • HTTPS_PROXY

    • NO_PROXY

    Example snippet:

    export HTTP_PROXY=http://proxy.example.com:3128
    export HTTPS_PROXY=http://user:pass@proxy.example.com:3128
    export NO_PROXY=172.18.10.0,registry.internal.lan
    

    The following variables formats are accepted:

    Proxy configuration data

    Variable

    Format

    • HTTP_PROXY

    • HTTPS_PROXY

    • http://proxy.example.com:port - for anonymous access

    • http://user:password@proxy.example.com:port - for restricted access

    • NO_PROXY

    Comma-separated list of IP addresses or domain names

    For the list of Mirantis resources and IP addresses to be accessible from the Container Cloud clusters, see Requirements for a VMware vSphere-based cluster.

  5. For RHEL, attach your RHEL license for Virtual Datacenters to the VM:

    subscription-manager register
    # automatic subscription selection:
    subscription-manager attach --auto
    # or specify pool id:
    subscription-manager attach --pool=<POOL_ID>
    # verify subscription status
    subscription-manager status
    
  6. Select from the following options:

    • Prepare the operating system automatically:

      1. Download the automation script:

        curl https://gerrit.mcp.mirantis.com/plugins/gitiles/kubernetes/vmware-guestinfo/+/refs/tags/v1.1.3/install.sh?format=TEXT | \
        base64 -d > install.sh
        chmod +x install.sh
        
      2. Optional. For RHEL, export the vCenter Server credentials of the read-only user. For example:

        export VC_SERVER='vcenter1.example.com'
        export VC_USER='domain\vmware_read_only_username'
        export VC_PASSWORD='password!23'
        # optional parameters:
        export VC_HYPERVISOR_ID=hostname
        export VC_FILTER_HOSTS="esx1.example.com, esx2.example.com"
        export VCENTER_CONFIG_PATH="/etc/virt-who.d/vcenter.conf"
        
      3. Run the installation script:

        ./install.sh
        
    • Prepare the operating system manually:

      1. Install the open-vm-tools package version 11.0.5 or later with dependencies and verify its version:

        yum install open-vm-tools net-tools perl -y
        vmtoolsd --version
        vmware-toolbox-cmd --version
        
      2. Install and configure cloud-init:

        1. Install the cloud-init package version 19.4 or later and verify its version:

          yum install cloud-init -y
          cloud-init --version
          
        2. Download the VMwareGuestInfo data source files:

          curl https://gerrit.mcp.mirantis.com/plugins/gitiles/kubernetes/vmware-guestinfo/+/refs/tags/v1.1.3/DataSourceVMwareGuestInfo.py?format=TEXT | \
          base64 -d > DataSourceVMwareGuestInfo.py
          curl https://gerrit.mcp.mirantis.com/plugins/gitiles/kubernetes/vmware-guestinfo/+/refs/tags/v1.1.3/99-DataSourceVMwareGuestInfo.cfg?format=TEXT | \
          base64 -d > 99-DataSourceVMwareGuestInfo.cfg
          
        3. Add 99-DataSourceVMwareGuestInfo.cfg to /etc/cloud/cloud.cfg.d/.

        4. Depending on the Python version on the VM operating system, add DataSourceVMwareGuestInfo.py to the cloud-init sources folder. Obtain the cloud-init folder on the OS:

          python -c 'import os; from cloudinit import sources; print(os.path.dirname(sources.__file__));'
          
      3. Prepare the virt-who user configuration:

        Note

        For details about the virt-who user creation, see Prepare the VMware deployment user setup and permissions.

        1. Install virt-who:

          yum install virt-who -y
          cp /etc/virt-who.d/template.conf /etc/virt-who.d/vcenter.conf
          
        2. Set up the file content using the following example:

          [vcenter]
          type=esx
          server=vcenter1.example.com
          username=domain\vmware_read_only_username
          encrypted_password=bd257f93d@482B76e6390cc54aec1a4d
          owner=1234567
          hypervisor_id=hostname
          filter_hosts=esx1.example.com, esx2.example.com
          
          virt-who configuration parameters

          Parameter

          Description

          [vcenter]

          Name of the vCenter data center.

          type=esx

          Specifies the connection of the defined virt-who user to the vCenter Server.

          server

          The FQDN of the vCenter Server.

          username

          The virt-who user name on the vCenter Server with the read-only access.

          encrypted_password

          The virt-who password encrypted by the virt-who-password utility using the virt-who-password -p <password> command.

          owner

          The organization that the hypervisors belong to.

          hypervisor_id

          Specifies how to identify the hypervisors. Use a host name to provide meaningful host names to the Subscription Management. Alternatively, use uuid or hwuuid to avoid duplication in case of hypervisor renaming.

          filter_hosts

          List of hypervisors that never run RHEL VMs. Such hypervisors do not have to be reported by virt-who.

  7. For CentOS, verify that .yum mirrors are set to use only the *.centos.org URLs. Otherwise, access to other mirrors may be blocked by squid-proxy on managed clusters. For details, see Configure squid-proxy.

  8. For RHEL, remove the RHEL subscription from the node.

    subscription-manager remove --all
    subscription-manager unregister
    subscription-manager clean
    
  9. Shut down the VM.

  10. Create an OVF template from the VM.

Now, proceed to Bootstrap a management cluster.