Deploy vCenter Server using Ansible

Fresh off an amazing week at VMworld, I got right back into the lab to finish up a few things to complete the SDDC deployment roles I have been working on the past few months. I wanted to get this particular role published prior to VMworld, but alas the time flew by too quickly!

One of the most critical components of the SDDC is the vCenter Server, and deploying it through the OVA provided in the ISO by VMware can be challenging if you want to automate it. The ISO provides the ovftool, which can be leveraged to perform a command-line installation of the vCenter Server appliance. A team of consultants inside VMware published an Ansible role a bit ago to help them automate their SDDC installations, which was the basis for the role I have here.

The original role can be found on GitHub here.

The use-case for the above role did not match what I was trying to do, or what I think most customers would be deploying within their own production environments. So I forked the code, and re-wrote it to deploy either a VCSA with embedded PSC, standalone VCSA, and/or an external PSC appliance.

I removed many of the templates for in-band and out-of-band deployments the Chaperone project used for their configurations, and aligned the new role to match up with a typical vCenter Server deployment.

How the role works

The Ansible role vcsa-deploy is essentially a wrapper for ovftool. The role takes a specific set of variables based on the deployment configuration you’ve chosen — VCSA with embedded PSC, standalone VCSA, and/or an external PSC appliance. From there it uses the corresponding template to generate the proper set of command-line parameters ovftool leverages for the deployment, writes the newly created task to a file, and executes it.

The role also expects the vCenter Server ISO to be accessible, with the location being defined by the repo_dir and vcsa_iso variables respectively. I also modified the role to leverage the ovftool binary that is included inside the vCenter Server ISO — this makes it more portable to other environments that may not be leveraging the virtualelephant/ubuntu-ansible Docker container.

But you are right?

The role can be downloaded from GitHub as part of the vsphere-sddc repository under the Virtual Elephant space. There is also a playbook that can be leveraged to perform the deployment of a vCenter Server Appliance to your environment within the repository as well.

vcenter-sddc-deploy.yml

  1 # Licensed under the Apache License, Version 2.0 (the "License");
  2 # you may not use this file except in compliance with the License.
  3 #
  4 # You may obtain a copy of the License at
  5 #   http://www.apache.org/licenses/LICENSE-2.0
  6 #
  7 # Unless required by applicable law or agreed to in writing, software
  8 # distributed under the License is distributed on an "AS IS" BASIS,
  9 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 10 # See the License for the specific language governing permissions and
 11 # limitations under the License.
 12 #
 13 # Author: Chris Mutchler (chris@virtualelephant.com)
 14 #
 15 # Description:
 16 #   Playbook will deploy and configure a vCenter Server
 17 #
 18 # Note:
 19 #   Use of the virtualelephant/ubuntu-ansible Docker container will include
 20 #   all of necessary Ansible modules and libraries necessary to execute the
 21 #   playbook.
 22 ---
 23 - hosts: all
 24   connection: local
 25   gather_facts: false
 26 
 27   vars:
 28     repo_dir: '/opt/repo'
 29     vcsa_iso: 'VMware-VCSA-all-6.7.0-9451876.iso'
 30     vcsa_task_directory: '/opt/ansible/roles/vcsa-deploy/tasks'
 31 
 32     ovftool: '/mnt/vcsa/ovftool/lin64/ovftool'
 33     vcsa_ova: 'vcsa/VMware-vCenter-Server-Appliance-6.7.0.14000-9451876_OVF10.ova'
 34     mount_dir_path: '/mnt'
 35 
 36     appliance_type: 'embedded'
 37 
 38     net_addr_family: 'ipv4'
 39     network_ip_scheme: 'static'
 40     disk_mode: 'thin'
 41     ssh_enable: true
 42 
 43     vcenter_appliance_name: 'vcenter'
 44     vcenter_appliance_size: 'medium'
 45 
 46     target_esxi_username: '{{ vault_esxi_username }}'
 47     target_esxi_password: '{{ vault_esxi_password }}'
 48     target_esx_datastore: 'local-t410-3TB'
 49     target_esx_portgroup: 'Management'
 50 
 51     time_sync_tools: false
 52 
 53     vcenter_password: '{{ vault_vcenter_password }}'
 54     vcenter_fqdn: 'vcenter.local.domain'
 55     vcenter_ip_address: '192.168.0.25'
 56     vcenter_netmask: '255.255.0.0'
 57     vcenter_gateway: '192.168.0.1'
 58     vcenter_net_prefix: '16'
 59 
 60     dns_servers: '192.168.0.1,192.168.0.2'
 61     ntp_servers: '132.163.96.1,132.163.97.1'
 62 
 63     sso_password: '{{ vault_vcenter_password }}'
 64     sso_site_name: 'Default-Site'
 65     sso_domain_name: 'vsphere.local'
 66 
 67   roles:
 68     - vcsa-deploy

The inclusion of the role completes the foundational parts of deploying a complete VMware vSphere SDDC with ESXi, vCenter Server and NSX-v. I hope to add functionality to the role for deploying a highly-available vCenter Server cluster in the future.

Until then, I hope this helps you find success with your Ansible automation efforts. Enjoy!