ESXi Node Ready¶
Overview¶
This guide is intended to provide a higher-level overview of what is possible using DRP to create ESXi, node-ready, baremetal systems. This is intended for Architects and others that are looking for an understanding of how DRP can help discover, configure, provision and stage baremetal systems including the requisite setup for firmware, bios, storage, network and OS configuration. Detailed howtos, reference documentation and other pertinent documentation will be included to help disseminate to other roles.
Prerequisites¶
This is a general list for this document. Please refer to specific howtos and reference documentation for any other prerequisites that may not be discussed in this section.
This document assumes a physical system that matches typical, production ESXi systems and a DRP instance configured with universal and is correctly configured to communicate with the system and it's BMC. It is highly recommended that the system should meet The VMware Compatibility Guide.
Note
While you can use a virtual machine for a demo or a quick PoC, this approach does not fully show the depth and breadth of the capabilites DRP provides. We do not recommend this for anything other than a quick glance at certain parts of the process.
At a minimum the vmware content pack should be installed.
You will need to have a ESXi ISO available from VMware. We install two VIBs as part of the legacy install path. You can create a custom ISO that includes the VIBs. (TODO: Make sure we discuss SOMEWHERE where the VIBs are located)
It is important to be familiar with the architecture of the universal workflow system.
Pipeline¶
The benefit to using DRP is that you can drive a system to node ready using declarative language. The end state you desire will be driven through a pipeline to make sure the parameters given are met.
This section will walk through a typical ESXi node-ready pipeline.
TODO: Diagram of this
universal-discover¶
The system is booted into sledgehammer, where a basic system inventory is performed to help identify if the system is already discovered. More discovery is performed on the system's raid, bmc, bios, flash, and optionally the attached network-ports will be discovered using lldp. There are opportunities to iject tasks and/or external service calls before, during and after discovery using flexiflow. After the inventory, there is an opportunity to classify the system based on what is currently discovered. Validation is also possible after classification. The pipeline then chain-maps to the universal-hardware workflow.
universal-hardware¶
The system is run through BMC discovery, flash, raid and bios discovery. Raid is configured. BIOS current config is recorded and custom configuration is applied. Classification of the system occurs if desired. Tasks and external service call can be injected before, during and after each discovery. The pipeline then chain-maps to the desired esxi installation method based on machine profiles/parameters.
universal-esxi-kickstart¶
The kickstart installation method boots to the ESXi ISO to install using the standard kickstart method. By default a custom ISO must be created that includes two VIBs that provide firewall rules and our agent.
Note
Setting esxi/legacy-install to true will inject VIB installs for firewall rules and DRP agent during first-boot, eliminating the need for a custom ISO with the VIBs included.
Prior to booting into the ESXi ISO environment, some prep work occurs. Drives are wiped, passwords and the appropriate bootenv is selected. Once booted to the correct bootenv, the kickstart install occurs. After installation, the system is booted again. The appropriate VIB acceptance level is set. If a patchlist is applied, ESXi will be set to maintenance-mode long enough to apply the patches. Another opportunity for classification is available before chain-mapping to universal-esxi-config.
Workflow Diagram¶
universal-esxi-config¶
The following represents a consolidated list of "important" stages and tasks that occur during universal-esxi-config. This is typically chain-mapped from universal-esxi-kickstart or universal-esxi-image workflows.
After installing and first-boot, the VIB acceptance level can be adjusted, default datastore name is configured if it hasn't been already. Hostname, network, remote shells, nesting, password policy, users, welcome screen, and setting SSL certificates is performed. As with classification, task injection and external service calls are available throughout the workflow before chain-mapping to universal-runbook.
universal-runbook¶
This workflow merges universal-discover and universal-start. It provides a post-install/start path to finalize any other tasks. As with other workflows, there are opportunities for classification, task injection and external service calls.