vCenter Server Appliance(VCSA) 6.0 から、仮想アプライアンスを
vSphere Client / vSphere Web Clinet 経由ではなく専用のインストーラでデプロイするようになりました。
そして CLI ベースのインストーラも提供されています。
VCSA 6.5 でも、引き続き CLI デプロイができます。
vCenter Server Appliance および Platform Services Controller アプライアンスの CLI デプロイ
以前に VCSA 6.0 で、vCenter と Platform Services Controller(PSC) を
別サーバとして CLI デプロイする投稿をしましたが・・・
VCSA 6.0 を CLI Install してみる。(External PSC + vCenter)
同一サーバに配置することのほうが多いかなと思い今回は embedded PSC 構成です。
今回の構成。
今回は、VCSA 6.5 を CLI デプロイしてみました。
- VCSA 6.5 U1e を使用します。
- PSCは、vCenter と同じ VM に配置します。(embedded PSC)
- パスワードはデプロイ時に手入力するようにしてみました。
(しかし JSON に記載して、デプロイ後に変更したほうが楽かもしれません。) - デプロイは Windows 10 の PowerShell のウインドウから実行しています。
CLI デプロイの環境準備。
今回は MyVMware からダウンロードした下記のファイルを使用しました。
VMware-VCSA-all-6.5.0-7515524.iso
デプロイを実行する Windows にインストーラの ISO イメージファイルを
E: ドライブとしてマウントしています。
インストーラに含まれる下記のあたりのファイルをコピー&編集して、
実際にデプロイで使用する JSON ファイルを作成します。
PS C:\> ls E:\vcsa-cli-installer\templates\install | select Name
Name
----
PSC_first_instance_on_ESXi.json
PSC_first_instance_on_VC.json
PSC_replication_on_ESXi.json
PSC_replication_on_VC.json
embedded_vCSA_on_ESXi.json
embedded_vCSA_on_VC.json
vCSA_on_ESXi.json
vCSA_on_VC.json
JSON ファイルの作成では下記に注意します。
特に下記のあたりが要注意かなと思います。
- UTF-8 で保存する。
- JSON ファイルのパスは、ASCII 文字だけにする。(日本語や記号を使わないようにする)
JSON ファイルの内容。
今回は、下記のような JSON ファイル「C:\work\vc-sv02.json」を作成しました。
- vCenter 経由ではなく、ESXi に直接デプロイします。最初の 1台として ESXi にデプロイすることが多いかなと思ったため。
- デプロイ先として指定しているオブジェクトは構築ずみです。
- デプロイ先の ESXi「hv-d01.go-lab.jp」
- 標準ポートグループ「VM Network」
- データストア「ds_ssd-nvme_hv-d01_01」
- ESXi と vCenter の FQDN (~.go-lab.jp)は、DNS サーバに登録して、vCenter やデプロイ先のホストから名前解決できるようにしてあります。
- vCenter「vc-sv02」は、最小スペック(tiny)で、Thin プロビジョニングにしています。
- SSH のアクセスは有効化。
- CEIP は無効化。
{
"__version": "2.3.0",
"__comments": "vCSA65 with an Embedded-PSC on an ESXi host.",
"new.vcsa": {
"esxi": {
"hostname": "hv-d01.go-lab.jp",
"username": "root",
"password": "",
"deployment.network": "VM Network",
"datastore": "ds_ssd-nvme_hv-d01_01"
},
"appliance": {
"thin.disk.mode": true,
"deployment.option": "tiny",
"name": "vc-sv02"
},
"network": {
"ip.family": "ipv4",
"mode": "static",
"ip": "192.168.1.96",
"dns.servers": [
"192.168.1.254",
"192.168.1.253"
],
"prefix": "24",
"gateway": "192.168.1.1",
"system.name": "vc-sv02.go-lab.jp"
},
"os": {
"password": "",
"ssh.enable": true
},
"sso": {
"password": "",
"domain-name": "vsphere.local",
"site-name": "site-vc-sv02"
}
},
"ceip": {
"settings": {
"ceip.enabled": false
}
}
}
パラメータについては、下記に説明があります。
デプロイ。
vcsa-deploy.exe が配置されているフォルダに移動しておきます。
PS C:\> cd E:\vcsa-cli-installer\win32
PS E:\vcsa-cli-installer\win32>
まず、JSON ファイルの内容を確認しておきます。
タイムスタンプが表示されていますが、これは JST ではなく UTC になるようです。
PS E:\vcsa-cli-installer\win32> .\vcsa-deploy.exe install --verify-only C:\work\vc-sv02.json
Run the installer with "-v" or "--verbose" to log detailed information
Execution Details:
[1] Result and Log File Information
[2] Template Syntax Validation
[3] Template Verification
[4] Gather Requirements
[5] Prechecks
[6] OVF Tool Parameter Verification
=========== [1] Result and Log File Information started at 15:50:41 ===========
Following result and log files will be generated...
The vCenter Server Appliance installer result file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-50-eqkbbz\vcsa-cli-installer.json
The vCenter Server Appliance installer log file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-50-eqkbbz\vcsa-cli-installer.log
The vCenter Server Appliance installer metadata file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-50-eqkbbz\vcsa-cli-installer-metadata.json
The vCenter Server Appliance installer status file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-50-eqkbbz\vcsa-cli-installer-status.json
The generated template file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-50-eqkbbz\generated_install.json
============== [2] Template Syntax Validation started at 15:50:41 ==============
Validating json template syntax...
To escape the password prompt, keep pressing <Enter>.
Enter the value for 'new.vcsa', 'esxi', 'password': ★デプロイ先 ESXi のパスワードを入力。
To escape the password prompt, keep pressing <Enter>.
Enter the value for 'new.vcsa', 'os', 'password': ★VCSA の root ユーザに設定するパスワードを入力。
Confirm password: ★再入力。
To escape the password prompt, keep pressing <Enter>.
Enter the value for 'new.vcsa', 'sso', 'password': ★SSO(PSC)の Administrator ユーザに設定するパスワードを入力。
Confirm password:★再入力。
CEIP is not enabled because the template key 'ceip.enabled' in section 'ceip',
subsection 'settings' was set to 'false'.
Template syntax validation completed successfully.
================ [3] Template Verification started at 15:50:56 ================
Verifying template...
If an untrusted SSL certificate is installed on 'hv-d01.go-lab.jp', secure
communication cannot be guaranteed. Depending on your security policy, this
issue might not represent a security concern.
The SHA1 thumbprint of the certificate is
'9A:10:B0:B5:43:F6:A8:9D:CD:0E:95:AC:E0:A0:AB:8D:19:C2:76:B6'
Do you accept the thumbprint?
1: Accept and continue.
2: Do not accept and exit.
1 ★1を入力。
Template verification completed successfully.
=================================== 15:50:59 ===================================
Starting vCenter Server Appliance installer to deploy "vc-sv02"...
This appliance is a vCenter Server instance with an embedded Platform Services
Controller.
================= [4] Gather Requirements started at 15:50:59 =================
Gathering Requirements...
Gathering requirements completed successfully.
=================================== 15:50:59 ===================================
Generating template...
====================== [5] Prechecks started at 15:50:59 ======================
Performing prechecks...
Check target thumbprint: PASS
Check target credentials: PASS
Check Target vCenter Server appliance name: PASS
Check system type: PASS
Check target ESXi host or vCenter version: PASS
Check for OVA property availability: PASS
Check the host's configurations against the vCSA's CPU, memory and datastore
size requirements: PASS
Check VC management status of ESXi containers: PASS
Check target datastore free space: PASS
Check Single Sign-On Server identity: PASS
Check Single Sign-On Server credentials: PASS
Check whether the Platform Services Controller (PSC) is external: PASS
The following warnings were returned from the prechecks:
DRS Warning:
The target ESXi host 'hv-d01.go-lab.jp' is managed by vCenter Server
'192.168.1.95'.
If any of these hosts are in a cluster, and DRS is enabled, vMotion can take
effect and adversely impact the installation, upgrade, or migration processes.
It is recommended that you use the *_on_VC.json template file for the target
ESXi host if it is managed by a vCenter Server, and ensure the ESXi hosts you
have specified are not members of clusters with DRS set to Fully Automated
during the installation, upgrade, or migration processes.
Basic verification completed successfully.
=========== [6] OVF Tool Parameter Verification started at 15:51:04 ===========
Running OVF Tool parameter verification...
OVF Tool: Opening OVA source:
E:\vcsa-cli-installer\win32\..\..\vcsa\VMware-vCenter-Server-Appliance-6.5.0.14000-7515524_OVF10.ova
OVF Tool: The manifest does not validate
OVF Tool: Opening VI target: vi://root@hv-d01.go-lab.jp:443/
OVF Tool: Supported disk provisioning:
OVF Tool: monolithicSparse
OVF Tool: monolithicFlat
OVF Tool: thin
OVF Tool: thick
OVF Tool: flat
OVF Tool: seSparse
OVF Tool: eagerZeroedThick
OVF Tool: Connected networks:
OVF Tool: VM Network
OVF Tool: Deploying to VI: vi://root@hv-d01.go-lab.jp:443/
OVF Tool: Transfer Completed
OVF Tool: Completed successfully
OVF Tool verification completed successfully.
Verification completed successfully.
=================================== 15:51:07 ===================================
Result and Log File Information...
The vCenter Server Appliance installer result file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-50-eqkbbz\vcsa-cli-installer.json
The vCenter Server Appliance installer log file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-50-eqkbbz\vcsa-cli-installer.log
The vCenter Server Appliance installer metadata file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-50-eqkbbz\vcsa-cli-installer-metadata.json
The vCenter Server Appliance installer status file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-50-eqkbbz\vcsa-cli-installer-status.json
The generated template file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-50-eqkbbz\generated_install.json
PS E:\vcsa-cli-installer\win32>
特にエラーがなければ、デプロイを実行します。
実際にデプロイする場合は「--accept-eula」が必要です。
PS E:\vcsa-cli-installer\win32> .\vcsa-deploy.exe install --accept-eula C:\work\vc-sv02.json
Run the installer with "-v" or "--verbose" to log detailed information
Execution Details:
[1] Result and Log File Information
[2] Template Syntax Validation
[3] Template Verification
[4] Gather Requirements
[5] Prechecks
[6] OVF Tool Execution
[7] Service Installation
[8] vCenter Service Configuration
[9] vCenter Server Deployment Summary
=========== [1] Result and Log File Information started at 15:52:57 ===========
Following result and log files will be generated...
The vCenter Server Appliance installer result file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-52-o6hfv0\vcsa-cli-installer.json
The vCenter Server Appliance installer log file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-52-o6hfv0\vcsa-cli-installer.log
The vCenter Server Appliance installer metadata file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-52-o6hfv0\vcsa-cli-installer-metadata.json
The vCenter Server Appliance installer status file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-52-o6hfv0\vcsa-cli-installer-status.json
The generated template file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-52-o6hfv0\generated_install.json
============== [2] Template Syntax Validation started at 15:52:57 ==============
Validating json template syntax...
To escape the password prompt, keep pressing <Enter>.
Enter the value for 'new.vcsa', 'esxi', 'password': ★デプロイ先 ESXi のパスワードを入力。
To escape the password prompt, keep pressing <Enter>.
Enter the value for 'new.vcsa', 'os', 'password': ★VCSA の root ユーザに設定するパスワードを入力。
Confirm password: ★再入力。
To escape the password prompt, keep pressing <Enter>.
Enter the value for 'new.vcsa', 'sso', 'password': ★SSO(PSC)の Administrator ユーザに設定するパスワードを入力。
Confirm password: ★再入力。
CEIP is not enabled because the template key 'ceip.enabled' in section 'ceip',
subsection 'settings' was set to 'false'.
Template syntax validation completed successfully.
================ [3] Template Verification started at 15:53:12 ================
Verifying template...
If an untrusted SSL certificate is installed on 'hv-d01.go-lab.jp', secure
communication cannot be guaranteed. Depending on your security policy, this
issue might not represent a security concern.
The SHA1 thumbprint of the certificate is
'9A:10:B0:B5:43:F6:A8:9D:CD:0E:95:AC:E0:A0:AB:8D:19:C2:76:B6'
Do you accept the thumbprint?
1: Accept and continue.
2: Do not accept and exit.
1 ★1を入力。
Template verification completed successfully.
=================================== 15:53:15 ===================================
Starting vCenter Server Appliance installer to deploy "vc-sv02"...
This appliance is a vCenter Server instance with an embedded Platform Services
Controller.
================= [4] Gather Requirements started at 15:53:15 =================
Gathering Requirements...
Gathering requirements completed successfully.
=================================== 15:53:15 ===================================
Generating template...
====================== [5] Prechecks started at 15:53:15 ======================
Performing prechecks...
Check target thumbprint: PASS
Check target credentials: PASS
Check Target vCenter Server appliance name: PASS
Check system type: PASS
Check target ESXi host or vCenter version: PASS
Check for OVA property availability: PASS
Check the host's configurations against the vCSA's CPU, memory and datastore
size requirements: PASS
Check VC management status of ESXi containers: PASS
Check target datastore free space: PASS
Check Single Sign-On Server identity: PASS
Check Single Sign-On Server credentials: PASS
Check whether the Platform Services Controller (PSC) is external: PASS
The following warnings were returned from the prechecks:
DRS Warning:
The target ESXi host 'hv-d01.go-lab.jp' is managed by vCenter Server
'192.168.1.95'.
If any of these hosts are in a cluster, and DRS is enabled, vMotion can take
effect and adversely impact the installation, upgrade, or migration processes.
It is recommended that you use the *_on_VC.json template file for the target
ESXi host if it is managed by a vCenter Server, and ensure the ESXi hosts you
have specified are not members of clusters with DRS set to Fully Automated
during the installation, upgrade, or migration processes.
Basic verification completed successfully.
================== [6] OVF Tool Execution started at 15:53:19 ==================
Running OVF Tool to deploy the OVF...
OVF Tool: Opening OVA source:
E:\vcsa-cli-installer\win32\..\..\vcsa\VMware-vCenter-Server-Appliance-6.5.0.14000-7515524_OVF10.ova
OVF Tool: The manifest does not validate
OVF Tool: Opening VI target: vi://root@hv-d01.go-lab.jp:443/
OVF Tool: Deploying to VI: vi://root@hv-d01.go-lab.jp:443/
OVF Tool: Disk progress: 99%
OVF Tool: Transfer Completed
OVF Tool: Powering on VM: vc-sv02
OVF Tool: Task progress: 0%
OVF Tool: Task Completed
OVF Tool: Completed successfully
================= [7] Service Installation started at 15:57:28 =================
Installing services...
Service Installation: Progress: 5% Setting up storage
Service Installation: Progress: 50% Installing RPMs
Service Installation: Progress: 54% Installed
VMware-unixODBC-2.3.2.vmw.2-6.5.0.x86_64.rpm
Service Installation: Progress: 56% Installed
vmware-afd-6.5.0.2570-7130183.x86_64.rpm
Service Installation: Progress: 61% Installed
vmware-dns-server-1.0.0-7130192.x86_64.rpm
Service Installation: Progress: 78% Installed
VMware-mbcs-6.5.0-7515524.x86_64.rpm
Service Installation: Progress: 80% Installed
vmware-virgo-6.5.0-7515524.x86_64.rpm
Service Installation: Progress: 84% Installed
vmware-imagebuilder-6.5.0-7515524.x86_64.rpm
Service Installation: Progress: 90% Installed
vmware-vsm-6.5.0-7515524.x86_64.rpm
Service Installation: Progress: 95% Configuring the machine
vCenter Server Service installations succeeded.
============ [8] vCenter Service Configuration started at 16:08:02 ============
Configuring services for first time use...
vCenter Service Configuration: Progress: 2% Starting VMware Authentication
Framework...
vCenter Service Configuration: Progress: 5% Starting VMware Identity Management
Service...
vCenter Service Configuration: Progress: 8% Starting VMware Single Sign-On User
Creation...
vCenter Service Configuration: Progress: 17% Starting VMware Component
Manager...
vCenter Service Configuration: Progress: 20% Starting VMware License Service...
vCenter Service Configuration: Progress: 22% Starting VMware Platform Services
Controller Client...
vCenter Service Configuration: Progress: 25% Starting VMware Service Control
Agent...
vCenter Service Configuration: Progress: 28% Starting VMware vAPI Endpoint...
vCenter Service Configuration: Progress: 31% Starting VMware Service Lifecycle
Manager API...
vCenter Service Configuration: Progress: 34% Starting VMware Appliance
Management Service...
vCenter Service Configuration: Progress: 45% Starting VMware Postgres...
vCenter Service Configuration: Progress: 51% Starting VMware vCenter-Services...
vCenter Service Configuration: Progress: 54% Starting VMware Message Bus
Configuration Service...
vCenter Service Configuration: Progress: 58% Starting VMware vSphere Web
Client...
vCenter Service Configuration: Progress: 59% Starting VMware vSphere Web
Client...
vCenter Service Configuration: Progress: 61% Starting VMware vSphere Client...
vCenter Service Configuration: Progress: 62% Starting VMware vCenter Server...
vCenter Service Configuration: Progress: 65% Starting VMware Content Library
Service...
vCenter Service Configuration: Progress: 68% Starting VMware ESX Agent
Manager...
vCenter Service Configuration: Progress: 71% Starting VMware vSphere Auto Deploy
Waiter...
vCenter Service Configuration: Progress: 74% Starting VMware vSphere
Profile-Driven Storage Service...
vCenter Service Configuration: Progress: 77% Starting VMware Update Manager...
vCenter Service Configuration: Progress: 82% Starting VMware vSphere
Authentication Proxy...
vCenter Service Configuration: Progress: 85% Starting VMware VSAN Health
Service...
vCenter Service Configuration: Progress: 88% Starting VMware vService Manager...
vCenter Service Configuration: Progress: 91% Starting VMware Image Builder
Manager...
vCenter Service Configuration: Progress: 97% Starting VMware Performance
Charts...
First time configuration succeeded.
========== [9] vCenter Server Deployment Summary started at 16:16:27 ==========
Deployment Summary
=================================== 16:16:28 ===================================
vCenter Server Appliance installer finished deploying "vc-sv02".
This appliance is a vCenter Server instance with an embedded Platform Services
Controller.
System Name: vc-sv02.go-lab.jp
Log in as: Administrator@vsphere.local
Finished successfully.
=================================== 16:16:28 ===================================
Result and Log File Information...
The vCenter Server Appliance installer result file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-52-o6hfv0\vcsa-cli-installer.json
The vCenter Server Appliance installer log file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-52-o6hfv0\vcsa-cli-installer.log
The vCenter Server Appliance installer metadata file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-52-o6hfv0\vcsa-cli-installer-metadata.json
The vCenter Server Appliance installer status file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-52-o6hfv0\vcsa-cli-installer-status.json
The generated template file:
c:\users\gowatana\appdata\local\temp\vcsaCliInstaller-2018-03-06-15-52-o6hfv0\generated_install.json
PS E:\vcsa-cli-installer\win32>
ESXi に、VCSA の仮想アプライアンスがデプロイされました。
Web ブラウザで vCenter にアクセスできるようになります。
※URL は「https://vCenter のアドレス/ui」もしくは「https://vCenter のアドレス/vsphere-client」です。
沢山 vCenter をデプロイするようなときには便利ではないかなと思います。
ちなみに、何度も同じ名前で vCenter をデプロイしていると Chrome / Microsoft Edge で
証明書のエラーになり HTML5 Client / vSphere Web Client にアクセスできなくなることがありますが、
その場合はデプロイした VCSA の CA 証明書を(Firefox などアクセスできるブラウザで何とかダウンロードして)
インストールするとアクセス可能になります。
※その場合、証明書は「https://vCenterのアドレス/certs/download.zip」からダウンロードできます。
以上、VCSA 6.5 を CLI でデプロイしてみる話でした。