vCenter Server Appliance (vCSA) automated/unattended deployment

Installing the vCenter Server Aplliance (vCSA) automatically using an unattended deployment can be done by command line (CLI) in combination with a JSON config file.  In this example an embedded vCenter Server Appliance with the Platform Service Controller (PSC) and vCenter Server role will be deployed.

Prerequisites:

  • This example is based on a Windows Operating System. Using a Linux or MAC OS is also possible but not highlighted in this blog.
  • Make sure the FQDN of the vCSA is resolvable by a DNS server and check if reverse lookup works.

Steps to perform:

  • Download the vCenter Server Appiance (VCSA) ISO (version 6.5 or 6.7)
  • Mount the ISO
  • The CLI installer for Windows requires a Microsoft Visual C++ Redistributable version 14.0. This requirement can be checked with the following command:
\vcsa-cli-installer\win32\check_windows_vc_redist.bat
  • Navigate to the JSON templates. The vCSA ISO contains template JSON files that can be used for deploying the vCSA. The templates can be found on the ISO in the following map:
 \vcsa-cli-installer\templates\install

The types of templates are avalable:

           embedded_vCSA_on_*.json: Platform Services Controller (PSC) and vCSA
                                     together on one system
            PSC_on_*.json:           Only a PSC
            vCSA_on_*.json:          Only a vCSA
            *_on_ESXi.json:          Install onto the ESXi host specified in the JSON
                                     file
            *_on_VC.json:            Install onto a host managed by the vCenter
                                     instance specified in the JSON file
  • Edit a template “embedded_vCSA_on_ESXi.json or use the example below with you’re favorite editor (I use Notepad ++) and save it to a writable location (in the CLI syntax you need to point to this modified JSON file). The template contains the minimal parameters needed to deploy the embedded vCSA. The vCSA will deployed as tiny (2 vCPU, 10 GB memory, 300 GB storage). An overview of all parameters that can be used are found here, link.

Example JSON file to deploy an embedded vCenter Server Appliance with the PSC and vCenter components:

{
    "__version": "2.13.0",
    "__comments": "Sample template to deploy a vCenter Server Appliance with an embedded Platform Services Controller on an ESXi host.",
    "new_vcsa": {
        "esxi": {
            "hostname": "192.168.11.10",
            "username": "root",
            "password": "VMwaaare01!",
            "deployment_network": "vlan13-srv",
            "datastore": "SSD-M2-01"
        },
        "appliance": {
            "__comments": [
                "You must provide the 'deployment_option' key with a value, which will affect the VCSA's configuration parameters, such as the VCSA's number of vCPUs, the memory size, the storage size, and the maximum numbers of ESXi hosts and VMs which can be managed. For a list of acceptable values, run the supported deployment sizes help, i.e. vcsa-deploy --supported-deployment-sizes"
            ],
            "thin_disk_mode": true,
            "deployment_option": "tiny",
            "name": "vcsa03.lab.local"
        },
        "network": {
            "ip_family": "ipv4",
            "mode": "static",
            "ip": "192.168.13.13",
            "dns_servers": [
                "192.168.13.101"
            ],
            "prefix": "24",
            "gateway": "192.168.13.254",
            "system_name": "vcsa03.lab.local"
        },
        "os": {
            "password": "VMware01!",
            "ntp_servers": "pool.ntp.org",
            "ssh_enable": true
        },
        "sso": {
            "password": "VMware01!",
            "domain_name": "vsphere.local"
        }
    },
    "ceip": {
        "description": {
            "__comments": [
                "++++VMware Customer Experience Improvement Program (CEIP)++++",
                "VMware's Customer Experience Improvement Program (CEIP) ",
                "provides VMware with information that enables VMware to ",
                "improve its products and services, to fix problems, ",
                "and to advise you on how best to deploy and use our ",
                "products. As part of CEIP, VMware collects technical ",
                "information about your organization's use of VMware ",
                "products and services on a regular basis in association ",
                "with your organization's VMware license key(s). This ",
                "information does not personally identify any individual. ",
                "",
                "Additional information regarding the data collected ",
                "through CEIP and the purposes for which it is used by ",
                "VMware is set forth in the Trust & Assurance Center at ",
                "http://www.vmware.com/trustvmware/ceip.html . If you ",
                "prefer not to participate in VMware's CEIP for this ",
                "product, you should disable CEIP by setting ",
                "'ceip_enabled': false. You may join or leave VMware's ",
                "CEIP for this product at any time. Please confirm your ",
                "acknowledgement by passing in the parameter ",
                "--acknowledge-ceip in the command line.",
                "++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
            ]
        },
        "settings": {
            "ceip_enabled": true
        }
    }
}

The first deployments failed when using the FQDN ESXi hostname in the JSON file, with the following error:

OVF Tool: Transfer Failed

OVF Tool: Error: Failed to send http data

Deployment failed. OVF Tool return error code: 1

I checked the logs but didn’t find any clue. The FQDN of the ESXi host was revolvable by DNS but after changing the ESXi FQDN to the IP address of the ESXi  host in the JSON file the deployment finished without errors.

  • Perform a template JSON verification without installing:
vcsa-deploy install --accept-eula --verify-template-only <JSON file path>
  • Perform the actually deployment
vcsa-deploy.exe install --accept-eula --acknowledge-ceip --terse --no-ssl-certificate-verification <JSON file path>

When the unattended deployment finished, an embedded vCenter Server Appliance with the Platform Service Controller (PSC) and vCenter Server role is ready to rumble.

I created a GitHub repository for the deployment and parameters, link.

VMware documentation about the CLI deployment can be found here, link.

Quick Tip – PowerCLI Invalid server certificate

When trying to connect with PowerCLI to a vCenter Server Appliance the following error occurred:

Connect-vIServer : 18-7-2018 13:20:10 Connect-VIServer Error: Invalid server certificate. Use Set-PowerCLIConfiguration to set the value for the InvalidCertificateAction option to Prompt if you’d like to connect once or to add a permanent exception for this server.

As stated in the error, the Set-PowerCLIConfiguration command can be used to ignore the certificate check using the following syntax:

Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$false

After this command you’re able to connect to the vCenter without the certificate error.

Configure VM autostart in the ESXi Embedded Host Client

For a standalone ESXi host I manage the host with the ESXi Embedded Host Client (HTML client). So no vCenter Server is used to manage this host. The standalone ESXi host is 24×7 up and running and has some critical infrastructure VMs for my lab and home environment. The critical VMs are automatically powered-on when when the ESXi host is booted with the autostart option in the host client.

In the latest versions of the Host Client (In vSphere 6.7 version 1.25 is included that already contains the autostart improvements) the autostart configuration is greatly improved what result in an easier configuration of autostart. if you are on vSphere 6.0 or 6.5 I suggest to upgrade to the latest ESXi Embedded Host Client before configuring autostart.

The upgrade of the Host client is easy, no maintenance mode and reboot of the ESXi host is needed. The upgrade can be done by following these steps:

  • Download the latest VIB for here, link
  • Upload the VIB on a datastore on your ESXi host
  • SSH to the ESXi host
  • Enter the following command to update the host client
esxcli software vib update -v /vmfs/volumes/<datastore>/<vibname.vib>

  • Refesh the host client webpage (https://<esxihostname>/ui/)
  • Check the version information in the host client (Help -> About)

Configure autostart in the ESXi Embedded Host Client

  • Open the ESXi host client by using the following URL:  https://<esxihostname>/ui/
  • Go to: Manage -> System -> Autostart->Edit Settings
    • Enable: Yes
    • Start delay: 60 seconds
    • Stop delay: 60 seconds
    • Stop action: shut down
    • Wait for heartbeat: yes
    • Save

  • Below the screen are the VMs listed. First enable autostart per VM by using the “Enable  autostart for this VM” button.
  • Once the autostart is enabled per VM, the order can be configured by increase or decrease the start order. The autostart order is displayed in the “autostart order” field.
  • Configure the autostart and order for the VMs you want to automatically start when the ESXi server is booted.
  • Reboot the ESXi host to test the autostart

With older versions of the ESXi Embedded Host Client it is “more complicated” to set the start order per VM. To set the autostart order with older versions:

  • Enable autostart as described above

  • In the Virtual Machines section, right click on the  field row and “Select columns”. Select the following columns:
    • Autostart order
    • Start delay
    • Stop delay

  • Right click on the VM with the “Autostart order” status on Unset and select “increase” to enable autostart and set the order

  • Configure the autostart and order for the VMs you want to automatically start when the ESXi server is booted.
  • Reboot the ESXi host to test the autostart