You can use VMware with the Cloud-init and Userdata templates to insert user data into the new virtual machine, to make further VMware customization, and to enable the VMware-hosted virtual machine to call back to {Project}.
You can use the same procedures to set up a VMware compute resource within {Project}, with a few modifications to the workflow.
When you set up the compute resource and images for VMware provisioning in {Project}, the following sequence of provisioning events occurs:
-
The user provisions one or more virtual machines using the {ProjectWebUI}, API, or hammer
-
{Project} calls the VMware vCenter to clone the virtual machine template
-
{Project}
userdataprovisioning template adds customized identity information -
When provisioning completes, the
Cloud-initprovisioning template instructs the virtual machine to call back to {SmartProxy} whencloud-initruns -
VMware vCenter clones the template to the virtual machine
-
VMware vCenter applies customization for the virtual machine’s identity, including the host name, IP, and DNS
-
The virtual machine builds,
cloud-initis invoked and calls back {Project} on port80, which then redirects to443
-
Configure port and firewall settings to open any necessary connections. Because of the
cloud-initservice, the virtual machine always calls back to {Project} even if you register the virtual machine to {SmartProxy}. For more information about port and firewall requirements, see {InstallingServerDocURL}Ports_and_Firewalls_Requirements_{project-context}[Port and Firewall Requirements] in {InstallingServerDocTitle} and {InstallingSmartProxyDocURL}capsule-ports-and-firewalls-requirements_{smart-proxy-context}[Ports and Firewalls Requirements] in {InstallingSmartProxyDocTitle}. snip_prerequisite-configured-smart-proxy-registration-provisioning.adoc
Userdata and Cloud-init Templates with the Operating System-
In the {ProjectWebUI}, navigate to Hosts > Templates > Provisioning Templates.
-
Search for the CloudInit default template and click its name.
-
Click the Association tab.
-
Select all operating systems to which the template applies and click Submit.
-
Repeat the steps above for the UserData open-vm-tools template.
-
Navigate to Hosts > Provisioning Setup > Operating Systems.
-
Select the operating system that you want to use for provisioning.
-
Click the Templates tab.
-
From the Cloud-init template list, select CloudInit default.
-
From the User data template list, select UserData open-vm-tools.
-
Click Submit to save the changes.
To prepare an image, you must first configure the settings that you require on a virtual machine that you can then save as an image to use in {Project}.
To use the cloud-init template for provisioning, you must configure a virtual machine so that cloud-init is installed, enabled, and configured to call back to {ProjectServer}.
For security purposes, you must install a CA certificate to use HTTPS for all communication. This procedure includes steps to clean the virtual machine so that no unwanted information transfers to the image you use for provisioning.
If you have an image with cloud-init, you must still follow this procedure to enable cloud-init to communicate with {Project} because cloud-init is disabled by default.
These instructions are for {EL} or Fedora, follow similar steps for other Linux distributions.
-
On the virtual machine that you use to create the image, install the required packages:
# {client-package-install-el8} cloud-init open-vm-tools perl-interpreter perl-File-Temp -
Disable network configuration by
cloud-init:# cat << EOM > /etc/cloud/cloud.cfg.d/01_network.cfg network: config: disabled EOM
-
Configure
cloud-initto fetch data from {Project}:# cat << EOM > /etc/cloud/cloud.cfg.d/10_datasource.cfg datasource_list: [NoCloud] datasource: NoCloud: seedfrom: https://{foreman-example-com}/userdata/ EOMIf you intend to provision through {SmartProxyServer}, use the URL of your {SmartProxyServer} in the
seedfromoption, such ashttps://{smartproxy-example-com}:{smartproxy_port}/userdata/. -
Configure modules to use in
cloud-init:# cat << EOM > /etc/cloud/cloud.cfg cloud_init_modules: - bootcmd - ssh cloud_config_modules: - runcmd cloud_final_modules: - scripts-per-once - scripts-per-boot - scripts-per-instance - scripts-user - phone-home system_info: distro: rhel paths: cloud_dir: /var/lib/cloud templates_dir: /etc/cloud/templates ssh_svcname: sshd EOM -
Enable the CA certificates for the image:
# update-ca-trust enable
-
Copy the CA certificate from the Apache configuration to
/etc/pki/ca-trust/source/anchors/cloud-init-ca.crt. -
Update the record of certificates:
# update-ca-trust extract
-
Clean the image:
# systemctl stop rsyslog # systemctl stop auditd # package-cleanup --oldkernels --count=1 # dnf clean all
-
Reduce logspace, remove old logs, and truncate logs:
# logrotate -f /etc/logrotate.conf # rm -f /var/log/*-???????? /var/log/*.gz # rm -f /var/log/dmesg.old # rm -rf /var/log/anaconda # cat /dev/null > /var/log/audit/audit.log # cat /dev/null > /var/log/wtmp # cat /dev/null > /var/log/lastlog # cat /dev/null > /var/log/grubby
-
Remove
udevhardware rules:# rm -f /etc/udev/rules.d/70*
-
Remove the
ifcfgscripts related to existing network configurations:# rm -f /etc/sysconfig/network-scripts/ifcfg-ens* # rm -f /etc/sysconfig/network-scripts/ifcfg-eth*
-
Remove the SSH host keys:
# rm -f /etc/ssh/ssh_host_*
-
Remove root user’s SSH history:
# rm -rf ~root/.ssh/known_hosts
-
Remove root user’s shell history:
# rm -f ~root/.bash_history # unset HISTFILE
-
Create an image from this virtual machine.