Create a vSphere Virtual Machine Template

Create a vSphere template for your cluster from a base OS image

You must have at least one image before creating a new cluster. As long as you have an image, this step in your configuration is not required each time since that image can be used to spin up a new cluster. However, if you need different images for different environments or providers, you will need to create a new custom image.

The Konvoy Image Builder (KIB) uses the values in image.yaml and the input base OS image to create a vSphere template directly on the vCenter server. Using KIB, you can build an image without requiring access to the internet by providing an additional offline --override flag. You can use these overrides files to customize some of the components installed on your machine image. For example, you could tell KIB to install the FIPS versions of the Kubernetes components.

Prerequisites

Users need to create a base OS image in their vSphere client before starting this procedure.
Konvoy Image Builder (KIB) downloaded and extracted
Air-gapped Only
- In previous DKP releases, the distro package bundles were included in the downloaded air-gapped bundle. Currently, that air-gapped bundle contains the following artifacts with the exception of the distro packages:
  - DKP Kubernetes packages
  - Python packages (provided by upstream)
  - Containerd tarball
  1. Download dkp-air-gapped-bundle_v2.8.1_linux_amd64.tar.gz , and extract the tarball to a local directory:
    CODE
```
tar -xzvf dkp-air-gapped-bundle_v2.8.1_linux_amd64.tar.gz && cd dkp-v2.8.1/kib
```
  2. You will need to fetch the distro packages as well as other artifacts. By fetching the distro packages from distro repositories, you get the latest security fixes available at machine image build time.
  3. In your download location, there is a bundles directory with all the steps to create an OS package bundle for a particular OS. To create it, run the new DKP command create-package-bundle. This builds an OS bundle using the Kubernetes version defined in ansible/group_vars/all/defaults.yaml. Example command:
    CODE
```
./konvoy-image create-package-bundle --os redhat-8.4 --output-directory=artifacts
```
    Other supported air-gapped Operating Systems (OSs) can be specified in place of --os redhat-8.4 using the flag and corresonding OS name:
    - centos-7.9
    - redhat-7.9
    - redhat-8.6
    - redhat-8.8
    - rocky-9.1
    - ubuntu-20.04
    NOTE: For FIPS, pass the flag: --fips
    NOTE: For RHEL OS, pass your RedHat subscription manager credentials: export RMS_ACTIVATION_KEY. Example command:
    CODE
```
export RHSM_ACTIVATION_KEY="-ci"
export RHSM_ORG_ID="1232131"
```
- Follow the instructions to build a vSphere template below and set the override --overrides overrides/offline.yaml flag.

Create a vSphere Template for Your Cluster from a Base OS Image

Using the base OS image created in a previous procedure, DKP creates the new vSphere template directly on the vCenter server.

Set the following vSphere environment variables on the bastion VM host:

CODE

export VSPHERE_SERVER=your_vCenter_APIserver_URL
export VSPHERE_USERNAME=your_vCenter_user_name
export VSPHERE_PASSWORD=your_vCenter_password

Copy the base OS image file created in the vSphere Client to your desired location on the bastion VM host and make a note of the path and file name.

Create an image.yaml file and add the following variables for vSphere. DKP uses this file and these variables as inputs in the next step. To customize your image.yaml file, refer to this section: Customize your Image.
⚠️ NOTE: This example is Ubuntu 20.04. You will need to replace OS name below based on your OS. See other default YAML examples for copy and paste below last step.

CODE

---
download_images: true
build_name: "ubuntu-2004"
packer_builder_type: "vsphere" 
guestinfo_datasource_slug: "https://raw.githubusercontent.com/vmware/cloud-init-vmware-guestinfo"
guestinfo_datasource_ref: "v1.4.0"
guestinfo_datasource_script: "{{guestinfo_datasource_slug}}/{{guestinfo_datasource_ref}}/install.sh"
packer:
  cluster: "<VSPHERE_CLUSTER_NAME>"
  datacenter: "<VSPHERE_DATACENTER_NAME>"
  datastore: "<VSPHERE_DATASTORE_NAME>"
  folder: "<VSPHERE_FOLDER>"
  insecure_connection: "false"
  network: "<VSPHERE_NETWORK>"
  resource_pool: "<VSPHERE_RESOURCE_POOL>"
  template: "os-qualification-templates/d2iq-base-Ubuntu-20.04" # change default value with your base template name
  vsphere_guest_os_type: "other4xLinux64Guest"
  guest_os_type: "ubuntu2004-64"
  # goss params
  distribution: "ubuntu"
  distribution_version: "20.04"
# Use following overrides to select the authentication method that can be used with base template
# ssh_username: ""  # can be exported as environment variable 'SSH_USERNAME'
# ssh_password: "" # can be exported as environment variable 'SSH_PASSWORD'
# ssh_private_key_file = "" # can be exported as environment variable 'SSH_PRIVATE_KEY_FILE'
# ssh_agent_auth: false  # is set to true, ssh_password and ssh_private_key will be ignored

Create a vSphere VM template with your variation of the following command:
CODE
```
konvoy-image build images/ova/<image.yaml>
```
Any additional configurations can be added to this command using --overrides flags as shown below:
1. Any credential overrides: --overrides overrides.yaml
2. for FIPS, add this flag: --overrides overrides/fips.yaml
3. for air-gapped, add this flag: --overrides overrides/offline-fips.yaml
The Konvoy Image Builder (KIB) uses the values in image.yaml and the input base OS image to create a vSphere template directly on the vCenter server. This template contains the required artifacts needed to create a Kubernetes cluster.
When KIB provisions the OS image successfully, it creates a manifest file. The artifact_id field of this file contains the name of the AMI ID (AWS), template name (vSphere), or image name (GCP/Azure), for example:
CODE
```
{
      "name": "vsphere-clone",
      "builder_type": "vsphere-clone",
      "build_time": 1644985039,
      "files": null,
      "artifact_id": "konvoy-ova-vsphere-rhel-84-1.21.6-1644983717",
      "packer_run_uuid": "260e8110-77f8-ca94-e29e-ac7a2ae779c8",
      "custom_data": {
        "build_date": "2022-02-16T03:55:17Z",
        "build_name": "vsphere-rhel-84",
        "build_timestamp": "1644983717",
        [...]
      }
    }
```
Recommendation: Now we can now see the template created in our vCenter, it is best to rename it to dkp-<DKP_VERSION>-k8s-<K8S_VERSION>-<DISTRO>, like dkp-2.4.0-k8s-1.24.6-ubuntu to keep templates organized.
Next steps are to deploy a DKP cluster using your vSphere template.

Additional OS YAML files for copy/paste below or can be found in GitHub:

RHEL 8.6

CODE

---
download_images: true
build_name: "rhel-86"
packer_builder_type: "vsphere" 
guestinfo_datasource_slug: "https://raw.githubusercontent.com/vmware/cloud-init-vmware-guestinfo"
guestinfo_datasource_ref: "v1.4.0"
guestinfo_datasource_script: "{{guestinfo_datasource_slug}}/{{guestinfo_datasource_ref}}/install.sh"
packer:
  cluster: ""
  datacenter: ""
  datastore: ""
  folder: ""
  insecure_connection: "false"
  network: ""
  resource_pool: ""
  template: "os-qualification-templates/d2iq-base-RHEL-86" # change default value with your base template name
  vsphere_guest_os_type: "rhel8_64Guest"
  guest_os_type: "rhel8-64"
  # goss params
  distribution: "RHEL"
  distribution_version: "8.6"
# Use following overrides to select the authentication method that can be used with base template
# ssh_username: ""  # can be exported as environment variable 'SSH_USERNAME'
# ssh_password: "" # can be exported as environment variable 'SSH_PASSWORD'
# ssh_private_key_file = "" # can be exported as environment variable 'SSH_PRIVATE_KEY_FILE'
# ssh_agent_auth: false  # is set to true, ssh_password and ssh_private_key will be ignored

Rocky Linux 9.1

CODE

---
download_images: true
build_name: "rocky-91"
packer_builder_type: "vsphere" 
guestinfo_datasource_slug: "https://raw.githubusercontent.com/vmware/cloud-init-vmware-guestinfo"
guestinfo_datasource_ref: "v1.4.0"
guestinfo_datasource_script: "{{guestinfo_datasource_slug}}/{{guestinfo_datasource_ref}}/install.sh"
packer:
  cluster: ""
  datacenter: ""
  datastore: ""
  folder: ""
  insecure_connection: "false"
  network: ""
  resource_pool: ""
  template: "os-qualification-templates/d2iq-base-RockyLinux-9.1" # change default value with your base template name
  vsphere_guest_os_type: "other4xLinux64Guest"
  guest_os_type: "rocky9-64"
  # goss params
  distribution: "rocky"
  distribution_version: "9.1"
# Use following overrides to select the authentication method that can be used with base template
# ssh_username: ""  # can be exported as environment variable 'SSH_USERNAME'
# ssh_password: "" # can be exported as environment variable 'SSH_PASSWORD'
# ssh_private_key_file = "" # can be exported as environment variable 'SSH_PRIVATE_KEY_FILE'
# ssh_agent_auth: false  # is set to true, ssh_password and ssh_private_key will be ignored

Flatcar

CODE

---
download_images: true
build_name: "flatcar-3033.3.16"
packer_builder_type: "vsphere"
guestinfo_datasource_slug: "https://raw.githubusercontent.com/vmware/cloud-init-vmware-guestinfo"
guestinfo_datasource_ref: "v1.4.0"
guestinfo_datasource_script: "{{guestinfo_datasource_slug}}/{{guestinfo_datasource_ref}}/install.sh"
packer:
  cluster: ""
  datacenter: ""
  datastore: ""
  folder: ""
  insecure_connection: "false"
  network: ""
  resource_pool: ""
  template: "d2iq-base-templates/d2iq-base-Flatcar-3033.3.16"
  vsphere_guest_os_type: "flatcar_64Guest"
  guest_os_type: "flatcar-64"
  # goss params
  distribution: "flatcar"
  distribution_version: "3033.3.16"
# Use following overrides to select the authentication method that can be used with base template
# ssh_username: ""  # can be exported as environment variable 'SSH_USERNAME'
# ssh_password: "" # can be exported as environment variable 'SSH_PASSWORD'
# ssh_private_key_file = "" # can be exported as environment variable 'SSH_PRIVATE_KEY_FILE'
# ssh_agent_auth: true  # is set to true, ssh_password and ssh_private_key will be ignored