In studying for the VCAP-DCD exam (objective 2.2 – Map Service Dependencies in the VDCD550 exam blueprint), I noticed a few comments on the Google+ community about what exactly is the dependency mapping of VMware Auto Deploy. Specifically, Active Directory, DNS and PowerCLI.
Yes, it is true, you can have an environment with no Active Directory by using the VMware built in accounts like “administrator@vSphere.local”. And, you could forgo DNS by using host files. No where in the Auto Deploy setup guide does it mention a requirement for Active Directory, only that administrative rights are given to Auto Deploy. DNS is mentioned in the Auto Deploy “proof of concept” setup. Nearly all setup guides include DNS configurations. The configuration calls for you to make a static DNS record (to avoid DNS scavenging I assume) and a DHCP reservation for the IP address of the host. DHCP is required, but DNS could still be replaced by host files (yuk).
You will be hard pressed to find any VMware document on Auto Deploy that says “this is required” and “this is optional”. There is no product map for dependencies.
Think of it like this. If I gave you a task to get a car running and I laid out some parts for you. An engine, windshield wipers, transmission, starter, battery, wheels, ignition and some bucket seats. If you were in a hurry and you see all of these parts, you would put everything together. All I tasked you with was to get the car running, I didn’t say it was going anywhere. What would be required? Most likely the engine, battery, starter and ignition. Windshield wipers, wheels, transmission and bucket seats are not required to start the car. If I start listing crazy stuff like truck nuts, ejection seats or flame paint job, you would know to disregard those because they are not relevant to a car going anywhere. I know it is a timed exam, but slow down and read what is being asked.
Sitting at an exam, who really thinks in terms of non-enterprise environments? You need to think in the realm of any possibility. I guess in any situation there could be the very most complex, administrative overhead process for deploying a product. And there could be the simplest, least management option. You could be designing something for a small dentist office or a global data center for PayPal. Even in those small offices, it is now possible for them to purchase ROBO advanced edition licenses to get host profiles instead of purchasing Enterprise Plus licenses.
I myself do not know of any environments utilizing VMware Auto Deploy, I would think there are even less using host files. But then, I am not a consultant and have not seen everything. I supposed if it is possible for an environment to use host files on every server it might be possible the environment is full of Wal-Mart Lindows machines and Windows 95.
The only way to get truly familiar with Auto Deploy dependencies is to deploy it. I am by no means the “Auto Deploy Master”. I do not use it. I’m a fan of SD cards (not usb sticks) in production. Below is the setup I will go through in order to map the required dependencies for Auto Deploy in vSphere 5.5. We will see the items “required” and “not required”. This is not meant to be a step by step procedure to install Auto Deploy, I am just going over dependencies. The lab I will be working with is bare bones for what is “required”. If you would like to see the setup and configuration procedure, please visit this link.
A few things that are “required” to get started with the the Auto Deploy setup will be vCenter, a TFTP server and DHCP (options 66 and 67). We will also need to configure the hosts to PXE boot. For this lab, I will be using nested ESXi servers to boot.
I have to say, this is the first time I have ever deployed vCenter on a non domain joined server. I will be setting up DHCP on a Windows 2012 R2 server and TFTP with Win agents TFTP server.
You will get a warning during the setup of vCenter that you are not joined to the domain.
The “firstname.lastname@example.org” can be used for all logins.
In my lab, I will be using host files on 3 servers.
on my Windows 2012 TFTP server I had I had to unblock all of the files in the TFTP root.
So far we know that TFTP will depend on DHCP. The host will first depend on DHCP to get an ip address. With options 66 and 67 the host will then pull the “undionly.kpxe.vmw-hardwired” file form the TFPT server. This file contains instructions for the host to get an image profile (not a “host profile” from vCenter) and what VIBs to pull from the image depot/repository on the Auto Deploy server.
Once vCenter is up, you need to download the TFTP boot Zip from vCenter (after auto deploy is setup with vCenter). So, we know now that TFTP depends on the Auto Deploy server because it must get a configuration file “undionly.kpxe.vmw-hardwired” to boot remote hosts from.
PowerCLI is now needed to import VIBs or offline bundles to the image depot / repository. So the Auto Deploy server is dependent on image profiles and the image depot. PowerCLI is used to create the deployment rules (image profile) for each ESXi host (or group of hosts), then that rule must be added to the active set so that it will take effect.
Here is a question. If there is no DNS, how will the newly provisioned hosts resolve hostnames without a hostfile? The image is brand new and does not carry a host file. When the host is added to vCenter, it will actually use the IP of vCenter. So we still do not need DNS.
After the host is connected, we then create the host profile from the newly attached host. This host profile will be applied to all the clusters. But, this is not a requirement. We were able to successfully add a host to vCenter. The requirements of the product do not call for you to make custom changes to any hosts. As far as Auto Deploy is concerned, it’s job is done. It is possible to include the vCenter host profile as a part of the deployment rule, but that is not a requirement to get Auto Deploy running.
So what do we know so far? Thou shalt have: vCenter, TFTP, DHCP, a host to boot, an image depot, image profiles (for the active working set), Auto Deploy server and PowerCLI. Can the PowerCLI part be argued? Maybe. Perhaps there is some way to manipulate the vCenter database to create an image profile and upload the VIBs to the depot or someone has some third party tool to create image profiles. As far as I can tell, the image profiles and VIBs uploaded to the image depot must be done via PowerCLI. Removing PowerCLI from the equation would seem far outside of the normal operations of Auto Deploy. But then again I thought Active Directory and DNS were a part of the normal operation. The image builder itself would not be considered a requirement in the dependency map either. You have the option to download the offline bundles from VMware and include your vendors hardware VIBs with the deployment.
To examine each dependency, think about if each compenent was not available.
vCenter: With no vCenter, how would you install the Auto Deploy server? It would not be possible. Where would hosts go?
TFTP: Without a TFTP server, how would the host PXE boot receive the undionly.kpxe.vmw-hardwired file and then get configuration information from Auto Deploy?
DHCP: Without DHCP, how would a stateless host get an IP address and know what to do from there? DHCP would be the first link in the chain for the host to boot from PXE and do anything.
Host: Without a host, what good is all that Auto Deploy configuration?
Image depot: Without an image depot, where would the host get an ESXi image or hardware vendor VIBs?
Image profile: Without an image profile, how would the host get deployment rules from the Auto Deploy server?
PowerCLI: Without PowerCLI, how would you create the image profiles and image depot?
Auto Deploy server: Without the Auto Deploy server itself, where would the image profiles live and the image depot. The Auto deploy server is the traffic cop directing hosts to the vCenter server via the image profiles and image depot.
So after all of this, what would a VMware Auto Deploy “requirements” dependency map look like?