Vibless Install Discussion¶

This document outlines why we removed the need for a VIB (VMware Installation Bundle) in our ESXi installation process, and how the new in-memory agent approach works.

Why We Removed the VIB Requirement¶

There were several key drivers behind the decision to eliminate the use of VIBs:

VMware policy and API changes made it increasingly difficult to continue using our agent code in a VIB.
Signed VIBs required custom ISO creation, a process that was both time-consuming and fragile.
Customer feedback consistently pointed to custom ISO creation as one of the most frustrating aspects of using our tooling.
VIB signing and maintenance introduced delays and complexity in our release pipeline.

How We Achieved a Vibless Install¶

We transitioned to a two-phase, in-memory agent strategy that avoids permanent modifications to the host and requires no VIB or custom ISO.

Phase 1: Kickstart Agent¶

During the %post section of the ESXi kickstart:

We temporarily open the firewall.
The installer fetches our agent code as a .tar.gz archive.
The agent is unpacked and loaded into memory.
Initial provisioning tasks are executed from memory.
The system is rebooted.

Phase 2: Post-Boot Agent¶

After reboot:

A task context watches for the vSphere API to come online.
Once available, SSH is enabled on the ESXi host.
We reopen the firewall, download the agent .tar.gz again, and install it into memory.
Additional tasks are performed, such as:
- Applying patches
- Advanced configuration
- Validation and finalization steps

This approach allows us to complete the full provisioning cycle using only an in-memory agent, with no persistent modifications to the host.

Summary¶

By removing the VIB requirement:

We simplified the provisioning process
Eliminated the need for custom ISO images
Increased reliability across ESXi versions
Addressed a major pain point for operators

The in-memory agent model provides flexibility, minimizes risk, and keeps the host clean, all while enabling full lifecycle task execution.