doing OpenShift on VMware

I want some servers!

I have started working on OpenShift on VMware, and therefore need to stand up and tear down many hosts (VMs) for testing. Being a Linux guy, I sometimes have a hard time clicking and dragging and dropping through the vCenter User Interface.

The natural reaction is to use Ansible to talk to vCenter to provision my RHEL instances (so that the openshift-ansible installer can use them later on).

Ansible and vCenter

Starting with 1.6 Ansible provides a module to use VMware vCenter, it has a few prerequisites (python >= 2.6, pysphere) which I needed to package. Why? Because my workstation runs on Fedora 23 and I wanted to use Pyhton 2.7.6. As a container guy, how do I package this kind of a software stack? Right, a docker containers:

FROM fedora:20

RUN yum install -y --setopt=tsflags=nodocs ansible python-pip && \
    yum clean all && \
    pip install pysphere

LABEL RUN="docker run --rm -ti -v /home/goern/ose-on-vmware/ansible:/ansible goern/ansible-pysphere"

VOLUME [ "/ansible" ]
WORKDIR "/ansible"

CMD [ "ansible-playbook", "-i", "devel", "create-hosts.yml" ]

When build with docker build --rm --tag goern/ansibly-pysphere . it will give us an autorun.bat container erm… a container that automatically executes Ansible while the configuration lives within a directory on the host. And /home/goern/ose-on-vmware/ansible is just a hint.

Note
Oh yes, I could have investigated the SSL behavior of Python > 2.6, but…

Provisioning hosts

Provisioning a few hosts via vCenter is a matter of configuring the container. This is done by providing the inventory file devel and the playbook create-hosts.yml.

devel
[vcenter]
ose3-vcsa6.boston.example.com ansible_host=10.11.12.13
create-hosts.yml
---
- hosts: vcenter
  connection: local
  user: root
  sudo: false
  gather_facts: false
  serial: 1

  vars:
    - vcenter_host: '10.19.0.82'
    - vcenter_username: 'administrator@vsphere.local'
    - datacenter: 'Boston'
    - cluster: 'devel'
    - resource_pool: 'ose'
    - datastore: 'OSE3-vmware'
    - folder: 'ose3-testing'
    - template_name: 'master-1.0.0'
  vars_prompt:
    - name: "vcenter_password"
      prompt: "Enter vVenter password"
      private: yes

  tasks:
  - name: create test hosts
    vsphere_guest:
      vcenter_hostname: {{ vcenter_hostname }}
      username: {{ vcenter_username }}
      password: {{ vcenter_password }}
      guest: "{{ item }}"
      from_template: yes
      template_src: {{ template_name }}
      cluster: {{ cluster}}
      resource_pool: "/Resources/{{ resource_pool }}"
      vm_extra_config:
        folder: {{ folder }}
    with_items:
    - "test-node-primary-2"

Let’s do it!

Given these to files and the container image, I can run docker run --rm -ti -v $(pwd)/ansible:/ansible goern/ansible-pysphere and watch how ansible is creating new VMs…

Conclusion

This is all in the flux, with Ansible 2.1 most of the containerization will go away, as we can configure that SSL Certs should not be checked during establishing the connection to vCenter.

Never the less, containerizing this utility is a good idea: do not pollute you workstation with crap aka. decouple software stacks and their dependencies.