New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Don't touch vapp properties (ovf) where ovf:userConfigurable="false" #394
Comments
@dhekimian can you send along the Terraform configuration that is causing this error? Just double checking that you the value was not specified in your configuration. Thanks! |
@vancluever I've confirmed the value above was not in the .tf. "vapp": {
"properties": {
"guestinfo.cis.vmdir.site-name": "default-first-site",
"guestinfo.cis.appliance.net.addr": "172.16.3.130",
"guestinfo.cis.deployment.autoconfig": "true",
"guestinfo.cis.appliance.net.prefix": "24",
"guestinfo.cis.appliance.net.addr.family": "ipv4",
"guestinfo.cis.appliance.net.mode": "static",
"guestinfo.cis.vmdir.password": "password",
"guestinfo.cis.appliance.root.passwd": "password",
"guestinfo.cis.vmdir.domain-name": "vsphere.local",
"guestinfo.cis.appliance.ssh.enabled": "true",
"guestinfo.cis.appliance.net.gateway": "172.16.3.1",
"guestinfo.cis.appliance.net.pnid": "172.16.3.130",
"guestinfo.cis.deployment.node.type": "embedded",
"guestinfo.cis.appliance.net.dns.servers": "8.8.8.8",
"guestinfo.cis.ceip_enabled": "false",
"guestinfo.cis.appliance.ntp.servers": "0.ntp.pool.org"
}
} The OVF has 60 OVF properties and 47 of them are set to https://gist.github.com/dhekimian/8061aaee65e9389c2f09cf3d6924c421 As you can see in the gist, the first |
Great to know @dhekimian (and am really liking the fact you are trying to TF the VCSA deploy)! Hoping that we can get to this soon as I don't necessarily think it should be a hard fix. |
We've been following this guide: virtuallGhetto: How to deploy the vCenter Server Appliance (VCSA) 6.5 running on VMware Fusion & Workstation? To work around the issue, we ended up doing the following:
$VM = Get-VM -Name "VMware vCenter Server Appliance v6.5.0 b7119157"
$spec = New-Object VMware.Vim.VirtualMachineConfigSpec
$spec.changeVersion = $VM.ExtensionData.Config.ChangeVersion
$spec.vAppConfig = New-Object VMware.Vim.VmConfigSpec
$properties = $vm.ExtensionData.Config.VAppConfig.Property
foreach ($prop in $properties) {
$p = New-Object VMware.Vim.VAppPropertySpec
$p.operation = "edit"
$p.info = $prop
$p.info.UserConfigurable = $True
$spec.vAppConfig.property += $p
}
$VM.ExtensionData.ReconfigVM_Task($spec)
# should add a place to convert passwords to strings...
# get all the id's and values
$vm.ExtensionData.Config.VAppConfig.Property | Select {$_.id,$_.Value}
"vapp": {
"properties": {
"domain": "corp.local",
"guestinfo.cis.ad.domain-name": "",
"guestinfo.cis.ad.domain.password": "",
"guestinfo.cis.ad.domain.username": "",
"guestinfo.cis.appliance.net.addr": "172.16.3.130",
"guestinfo.cis.appliance.net.addr.family": "ipv4",
"guestinfo.cis.appliance.net.dns.servers": "8.8.8.8",
"guestinfo.cis.appliance.net.gateway": "172.16.3.1",
"guestinfo.cis.appliance.net.mode": "static",
"guestinfo.cis.appliance.net.pnid": "vcenter-01.corp.local",
"guestinfo.cis.appliance.net.ports": "",
"guestinfo.cis.appliance.net.prefix": "24",
"guestinfo.cis.appliance.ntp.servers": "0.pool.ntp.org",
"guestinfo.cis.appliance.root.passwd": "Password1!",
"guestinfo.cis.appliance.root.shell": "",
"guestinfo.cis.appliance.ssh.enabled": "True",
"guestinfo.cis.appliance.time.tools-sync": "False",
"guestinfo.cis.ceip_enabled": "False",
"guestinfo.cis.clientlocale": "",
"guestinfo.cis.db.instance": "",
"guestinfo.cis.db.password": "",
"guestinfo.cis.db.provider": "",
"guestinfo.cis.db.servername": "",
"guestinfo.cis.db.serverport": "",
"guestinfo.cis.db.type": "embedded",
"guestinfo.cis.db.user": "",
"guestinfo.cis.deployment.autoconfig": "True",
"guestinfo.cis.deployment.node.type": "embedded",
"guestinfo.cis.feature.states": "",
"guestinfo.cis.lookup.hidessltrust": "",
"guestinfo.cis.netdump.enabled": "",
"guestinfo.cis.silentinstall": "",
"guestinfo.cis.system.vm0.hostname": "vcenter-01.corp.local",
"guestinfo.cis.system.vm0.port": "",
"guestinfo.cis.upgrade.import.directory": "",
"guestinfo.cis.upgrade.silent": "",
"guestinfo.cis.upgrade.source.export.directory": "",
"guestinfo.cis.upgrade.source.guest.password": "",
"guestinfo.cis.upgrade.source.guest.user": "",
"guestinfo.cis.upgrade.source.guestops.host.addr": "",
"guestinfo.cis.upgrade.source.guestops.host.password": "",
"guestinfo.cis.upgrade.source.guestops.host.user": "",
"guestinfo.cis.upgrade.source.ma.port": "",
"guestinfo.cis.upgrade.source.platform": "",
"guestinfo.cis.upgrade.source.ssl.thumbprint": "",
"guestinfo.cis.upgrade.source.vpxd.ip": "",
"guestinfo.cis.upgrade.source.vpxd.password": "",
"guestinfo.cis.upgrade.source.vpxd.user": "",
"guestinfo.cis.upgrade.user.options": "",
"guestinfo.cis.vmdir.domain-name": "vsphere.local",
"guestinfo.cis.vmdir.first-instance": "True",
"guestinfo.cis.vmdir.password": "Password1!",
"guestinfo.cis.vmdir.replication-partner-hostname": "",
"guestinfo.cis.vmdir.site-name": "default-first-site",
"guestinfo.cis.vmdir.username": "administrator@vsphere.local",
"guestinfo.cis.vpxd.mac-allocation-scheme.prefix": "",
"guestinfo.cis.vpxd.mac-allocation-scheme.prefix-length": "",
"guestinfo.cis.vpxd.mac-allocation-scheme.ranges": "",
"searchpath": "corp.local",
"vmname": "vcenter-server-applaince"
}
} We've been importing VCSA with ovftool and would really like to incorporate it into our Terraform workflow. Do you have access to the VMware VCSA to test with? |
@dhekimian we do have the VCSA OVA - I don't really do any VCSA deploys these days without the OVA and this is personally something that I want to look at as a use case so that we can work towards self-hosting our lab deployment with Terraform. Although I might OOB-test this with something a bit simpler than the VCSA just due to the complexity of the configuration. |
@vancluever If you do use a different VM, may I suggest you make sure to add the following parameter as we are also running into issues with <Property ovf:key="guestinfo.cis.appliance.root.passwd" ovf:password="true" ovf:type="string" ovf:userConfigurable="true">
<Label>Root Password</Label>
<Description>Password to assign to root account. If blank, password can be set on the console.</Description>
</Property> |
William Lam's Nested ESXi Virtual Appliances can also be used for testing since they have a 'guestinfo.debug' property that has userConfigurable set to false. They can be found here: |
@dhekimian, any chance you could elborate on what was done for step 3 "Manually change all the password fields to strings (Couldn't get it to work without this step...)". I've able to reproduce your work so far. I'm curious if you are modifying the VCSA ovf and re-packaging the ova? Or is it possible to change the "ovf:password" attribute over powershell? Thanks. UPDATE: This is now working. It turns out the VCSA ova in the iso file has an embedded password that expires. This manifests itself as an RPM install failure. After I got the latest(VMware-VCSA-all-6.5.0-8815520), the terarform deploy worked. I did not need to make any changes to password field outside of the script provided. |
I just submitted a PR for this, but I'd love any feedback on if it works for someone else as well. |
Terraform Version
0.11.3
vSphere Provider Version
terraform-provider-vsphere_v1.3.2_x4
Affected Resource(s)
vsphere_virtual_machine
Expected Behavior
When a vapp has a mix of
ovf:userConfigurable="true"
andovf:userConfigurable="false"
values, only modify the values whereovf:userConfigurable="true"
Don't touch the values for
ovf:userConfigurable="false"
Actual Behavior
When Terraform runs, it tries to edit/change/remove all
ovf:userConfigurable
values and errors with:vsphere_virtual_machine.vcenter-01: error reconfiguring virtual machine: error reconfiguring virtual machine: Property guestinfo.cis.appliance.net.ports is not user configurable.
Snippet from the .ovf
It should be a simple check to see if
userConfigurable
is false and don't touch.The text was updated successfully, but these errors were encountered: