VCP 6 – DCV Study Guide: Section 8 – Objective 8.1

Section 8: Deploy and Consolidate vSphere Data Center
Objective 8.1: Deploy ESXi Hosts Using Autodeploy. In this objective we should be covering these topics:
  • Identify ESXi Autodeploy requirements
  • Configure Autodeploy
  • Explain PowerCLI cmdlets for Autodeploy
  • Deploy/Manage multiple ESXi hosts using Autodeploy

Installing ESXi Using vSphere Auto Deploy
vSphere Auto Deploy lets you provision hundreds of physical hosts with ESXi software.

Using Auto Deploy, experienced system administrators can manage large deployments efficiently. Hosts are network-booted from a central Auto Deploy server. Optionally, hosts are configured with a host profile of a reference host. The host profile can be set up to prompt the user for input. After boot up and configuration complete, the hosts are managed by vCenter Server just like other ESXi hosts. Auto Deploy can also be used for stateless caching or stateful installs.

Auto Deploy requires a secure separation between the production network and the management or deployment networks as discussed in Auto Deploy Security Considerations. Using Auto Deploy without this separation is insecure.

Stateless caching
By default, Auto Deploy does not store ESXi configuration or state on the host disk. Instead, an image profile defines the image that the host is provisioned with, and other host attributes are managed through host profiles. A host that uses Auto Deploy for stateless caching still needs to connect to the Auto Deploy server and the vCenter Server.
Stateful installs
You can provision a host with Auto Deploy and set up the host to store the image to disk. On subsequent boots, the host boots from disk.

Preparing for vSphere Auto Deploy
Before you can start to use vSphere Auto Deploy, you must prepare your environment. You start with server setup and hardware preparation. You must register the Auto Deploy software with the vCenter Server system that you plan to use for managing the hosts you provision, and install the VMware PowerCLI.

Prepare Your System and Install the Auto Deploy Server
Before you can PXE boot an ESXi host with vSphere Auto Deploy, you must install prerequisite software and set up the DHCP and TFTP servers that Auto Deploy interacts with.

■ Verify that the hosts that you plan to provision with Auto Deploy meet the hardware requirements for ESXi. See ESXi Hardware Requirements.

You cannot provision EFI hosts with Auto Deploy unless you switch the EFI system to BIOS compatibility mode.

■ Verify that the ESXi hosts have network connectivity to vCenter Server and that all port requirements are met. See vCenter Server Required Ports.
■ If you want to use VLANs in your Auto Deploy environment, you must set up the end to end networking properly. When the host is PXE booting, the UNDI driver must be set up to tag the frames with proper VLAN IDs. You must do this set up manually by making the correct changes in the BIOS. You must also correctly configure the ESXi port groups with the correct VLAN IDs. Ask your network administrator how VLAN IDs are used in your environment.
■ Verify that you have enough storage for the Auto Deploy repository. The Auto Deploy server uses the repository to store data it needs, including the rules and rule sets you create and the VIBs and image profiles that you specify in your rules.

Best practice is to allocate 2 GB to have enough room for four image profiles and some extra space. Each image profile requires approximately 350 MB. Determine how much space to reserve for the Auto Deploy repository by considering how many image profiles you expect to use.
■ Obtain administrative privileges to the DHCP server that manages the network segment you want to boot from. You can use a DHCP server already in your environment, or install a DHCP server. For your Auto Deploy setup, replace the gpxelinux.0 file name with undionly.kpxe.vmw-hardwired.
■ Secure your network as you would for any other PXE-based deployment method. Auto Deploy transfers data over SSL to prevent casual interference and snooping. However, the authenticity of the client or the Auto Deploy server is not checked during a PXE boot.
■ Set up a remote Syslog server. See the vCenter Server and Host Management documentation for Syslog server configuration information. Configure the first host you boot to use the remote Syslog server and apply that host’s host profile to all other target hosts. Optionally, install and use the vSphere Syslog Collector, a vCenter Server support tool that provides a unified architecture for system logging and enables network logging and combining of logs from multiple hosts.

Install ESXi Dump Collector, set up your first host so that all core dumps are directed to ESXi Dump Collector, and apply the host profile from that host to all other hosts. See Configure ESXi Dump Collector with ESXCLI.
■ Verify that the Auto Deploy server has an IPv4 address. Auto Deploy does not support a pure IPv6 environment end-to-end. The PXE boot infrastructure does not support IPv6. After the deployment you can manually reconfigure the hosts to use IPv6 and add them to vCenter Server over IPv6. However, when you reboot a stateless host, its IPv6 configuration is lost.
1. Install vCenter Server or deploy the vCenter Server Appliance.

The Auto Deploy server is included with the management node.
2. Configure the Auto Deploy service startup type.

a. Log in to your vCenter Server system by using the vSphere Web Client.
b. On the vSphere Web Client Home page, click Administration.
c. Under System Configuration click Services.
d. Select Auto Deploy, click the Actions menu, and select Edit Startup Type.

■ On Windows, the Auto Deploy service is disabled. In the Edit Startup Type window, select Manual or Automatic to enable Auto Deploy.
■ On the vCenter Server Appliance, the Auto Deploy service by default is set to Manual. If you want the Auto Deploy service to start automatically upon OS startup, select Automatic.

3. Configure the TFTP server.

a. In a vSphere Web Client connected to the vCenter Server system, go to the inventory list and select the vCenter Server system.
b. Click the Manage tab, select Settings, and click Auto Deploy.
c. Click Download TFTP Boot Zip to download the TFTP configuration file and unzip the file to the directory in which your TFTP server stores files.

4. Set up your DHCP server to point to the TFTP server on which the TFTP ZIP file is located.

a. Specify the TFTP Server’s IP address in DHCP option 66, frequently called next-server.
b. Specify the boot file name, which is undionly.kpxe.vmw-hardwired in the DHCP option 67, frequently called boot-filename.

5. Set each host you want to provision with Auto Deploy to network boot or PXE boot, following the manufacturer’s instructions.
6. Locate the image profile that you want to use and the depot in which it is located.

In most cases, you point to an image profile that VMware makes available in a public depot. If you want to include custom VIBs with the base image, you can use the vSphere ESXi Image Builder to create an image profile and use that image profile.
7. Write a rule that assigns an image profile to hosts.
8. (Optional) If you set up your environment to use Thumbprint mode, you can use your own Certificate Authority (CA) by replacing the OpenSSL certificate rbd-ca.crt and the OpenSSL private key rbd-ca.key with your own certificate and key file.

■ On Windows, the files are in the SSL subfolder of the Auto Deploy installation directory. For example, on Windows 7 the default is C:\ProgramData\VMware\VMware vSphere Auto Deploy\ssl.
■ On the vCenter Server Appliance, the files are in /etc/vmware-rbd/ssl/.

By default, vCenter Server 6.0 and later uses vSphere Certificate Authority.
When you start a host that is set up for Auto Deploy, the host contacts the DHCP server and is directed to the Auto Deploy server, which provisions the host with the image profile specified in the active rule set.
What to do next
■ Install vSphere PowerCLI. See Install vSphere PowerCLI and Prerequisite Software.
■ Use the vSphere PowerCLI cmdlets to define a rule that assigns an image profile and optional host profile to the host.
■ (Optional) Configure the first host that you provision as a reference host. Use the storage, networking, and other settings you want for your target hosts to share. Create a host profile for the reference host and write a rule that assigns both the already tested image profile and the host profile to target hosts.
■ If you want to have Auto Deploy overwrite existing partitions, set up a reference host to do auto partitioning and apply the host profile of the reference host to other hosts. See Consider and Implement Your Partitioning Strategy.
■ If you have to configure host-specific information, set up the host profile of the reference host to prompt for user input. See Host Customization in the vSphere Web Client.

Auto Deploy PowerCLI Cmdlet Overview
You specify the rules that assign image profiles and host profiles to hosts using a set of PowerCLI cmdlets that are included in VMware PowerCLI.

If you are new to PowerCLI, read the PowerCLI documentation and review Using Auto Deploy Cmdlets. You can get help for any command at the PowerShell prompt.

■ Basic help: Get-Help cmdlet_name
■ Detailed help: Get-Help cmdlet_name -Detailed
When you run Auto Deploy cmdlets, provide all parameters on the command line when you invoke the cmdlet. Supplying parameters in interactive mode is not recommended.
Rule Engine PowerCLI Cmdlets


Using Auto Deploy Cmdlets
Auto Deploy cmdlets are implemented as Microsoft PowerShell cmdlets and included in vSphere PowerCLI. Users of Auto Deploy cmdlets can take advantage of all vSphere PowerCLI features.

Experienced PowerShell users can use Auto Deploy cmdlets just like other PowerShell cmdlets. If you are new to PowerShell and vSphere PowerCLI, the following tips might be helpful.

You can type cmdlets, parameters, and parameter values in the vSphere PowerCLI shell.

■ Get help for any cmdlet by running Get-Helpcmdlet_name.
■ Remember that PowerShell is not case sensitive.
■ Use tab completion for cmdlet names and parameter names.
■ Format any variable and cmdlet output by using Format-List or Format-Table, or their short forms flfl or ft. For more information, run the Get-Help Format-List cmdlet.
Passing Parameters by Name
You can pass in parameters by name in most cases and surround parameter values that contain spaces or special characters with double quotes.

Copy-DeployRule -DeployRule testrule -ReplaceItem MyNewProfile
Most examples in the vSphere Installation and Setup documentation pass in parameters by name.
Passing Parameters as Objects
You can pass parameters as objects if you want to perform scripting and automation. Passing in parameters as objects is useful with cmdlets that return multiple objects and with cmdlets that return a single object. Consider the following example.

1. Bind the object that encapsulates rule set compliance information for a host to a variable.

$tr = Test-DeployRuleSetCompliance MyEsxi42

2. View the itemlist property of the object to see the difference between what is in the rule set and what the host is currently using.


3. Remediate the host to use the revised rule set by using the Repair-DeployRuleSetCompliance cmdlet with the variable.

Repair-DeployRuleSetCompliance $tr

The example remediates the host the next time you boot the host.

Provisioning ESXi Systems with vSphere Auto Deploy
vSphere Auto Deploy can provision hundreds of physical hosts with ESXi software. You can provision hosts that did not previously run ESXi software (first boot), reboot hosts, or reprovision hosts with a different image profile, host profile, or folder or cluster location.

The Auto Deploy process differs depending on the state of the host and on the changes that you want to make.

Provision a Host (First Boot)
Provisioning a host that has never been provisioned with Auto Deploy (first boot) differs from subsequent boot processes. You must prepare the host and fulfill all other prerequisites before you can provision the host. You can optionally define a custom image profile with Image Builder PowerCLI cmdlets.

■ Make sure your host meets the hardware requirements for ESXi hosts.

See ESXi Hardware Requirements.
■ Prepare the system for vSphere Auto Deploy (see Preparing for vSphere Auto Deploy).
■ Write rules that assign an image profile to the host and optionally assign a host profile and a vCenter Server location to the host. See Managing Auto Deploy with PowerCLI Cmdlets.

When setup is complete, the Auto Deploy server and PowerCLI are installed, DHCP setup is complete, and rules for the host that you want to provision are in the active rule set.
1. Turn on the host.

The host contacts the DHCP server and downloads iPXE from the location the server points it to. Next, the Auto Deploy server provisions the host with the image specified by the rule engine. The Auto Deploy server might also apply a host profile to the host if one is specified in the rule set. Finally, Auto Deploy adds the host to the vCenter Server system that is specified in the rule set.
2. (Optional) If Auto Deploy applies a host profile that requires user input such as an IP address, the host is placed in maintenance mode. Reapply the host profile with the vSphere Web Client and provide the user input when prompted.
After the first boot process, the host is running and managed by a vCenter Server system. The vCenter Server stores the host’s image profile, host profile, and location information.

You can now reboot the host as needed. Each time you reboot, the host is reprovisioned by the vCenter Server system.
What to do next
Reprovision hosts as needed. See Reprovisioning Hosts.

If you want to change the image profile, host profile, or location of the host, update the rules and perform a test and repair compliance operation. See Test and Repair Rule Compliance.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.