Please use https://github.com/cloudfoundry-community/windows-stemcell-concourse
A collection of tasks that implement stembuild cli.
This is a Concourse pipeline with tasks to create a Windows stemcell for Cloud Foundry, using the stembuild cli. The stemcell can be used with Pivotal Application Service for Windows (PASW) and the windows cluster feature of Pivotal Container Service (PKS) as well.
The Concourse worker that runs these tasks needs to have access to https://github.com and https://network.pivotal.io. If your workers aren't allowed public access, you can modify the pipeline to "feed" the assets that are normally downloaded.
The stembuild cli expects the VM to be in a specific state. To get there, follow the documentation for creating vsphere stemcell with stembuild through Step 3. Once you have the cloned VM and it is powered on, use this pipeline to convert the VM to a stemcell.
-
You'll need 2 files from this repo,
pipeline.ymlandvars.yml. You can either clone the repogit clone https://github.com/cloudfoundry-community/stembuild-concourseor just grab the raw content. -
The pipeline has options of where things can be stored. Specifically S3 compatible, Google Cloud, or Azure store. The default is S3 compatible. If you would like to use a different store just comment/uncomment things in
pipeline.yml. -
The
vars.ymlfile will feed variables to the pipeline. Fill in the values appropriatly.Vcenter certificate
The CA certs for vcenter are not optional. You can retrieve the cert by following this vmware doc.
-
Using the fly cli, login to concourse, and set the pipeline with variables filled.
Powershell Set Pipeline
fly -t <MY-TARGET> set-pipeline ` --pipeline create-windows-stemcell ` --config .\pipeline.yml ` --load-vars-from .\vars.ymlBash Set Pipeline
fly -t <MY-TARGET> set-pipeline \ --pipeline create-windows-stemcell \ --config ./pipeline.yml \ --load-vars-from ./vars.yml
-
Looking at the prerequisites for running stembuild, you'll notice that LGPO needs to be downloaded and put in the same working folder. The pipeline has provisions for holding the zip using either S3 compatible, Google Cloud, or Azure store. Place the downloaded zip in the chosen store and the pipeline will manage the rest.
-
Start the construct task to see the magic happen.
-
Once both tasks have successfully run, the stemcell file will be uploaded to the chosen
stemcell-storestore. The pipeline has provisions for storing the stemcell using either S3 compatible, Google Cloud, or Azure store. You can use this store to trigger another Concourse pipeline that deploys to Cloud Foundry, or manually upload the stemcell into the library and deploy.
Every month Microsoft releases patches (updates) for it's operating systems. Known as patch Tuesday. The stembuild team tests the cli against these new patches each month and releases a new minor version of the tool.
As a best practice, try to follow this pattern:
- Update the base stemcell VM on patch tuesday.
- Once all updates are finished, shutdown and clone the base VM. Name the clone to reflect the stembuild version that will be used, ie: 2019.3.41.
- When the new minor version of stembuild is released, start* this pipeline to create the stemcell.
Details about monthly stemcell upgrade can be found in the creating vsphere stemcell with stembuild documentation.
*If you would like to make the pipeline run automatically when a new release it posted, add trigger: true to get: stembuild-release in the construct job.