Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Documentation: Provisioning Fedora CoreOS on VMware: Improvement Suggestions to GOVC Instructions #1158

Closed
fifofonix opened this issue Apr 7, 2022 · 5 comments
Closed

Documentation: Provisioning Fedora CoreOS on VMware: Improvement Suggestions to GOVC Instructions #1158

fifofonix opened this issue Apr 7, 2022 · 5 comments

Comments

@fifofonix
Copy link

Summary

As part of test day activities I followed these instructions and had some observations principally regarding the use of govc for deploying to vSphere 6.7:

I used an ad-hoc Fedora:35 container to deploy govc using the dnf based instructions in link #1.

Detail

Specifying vSphere Credentials

Consider using the GOVC_USERNAME etc environment variables instead of govc -u user:password@host.

In an environment where vSphere access is via Active Directory credentials may require to be expressed as AD\user or [email protected] format to successfully authenticate. Both of these require careful escaping if used in the govc session.login -u user:password@host format. However, even when I achieved apparent successful logins with escaping I experienced subsequent errors on simple govc commands, e.g:

[root@2c1032aa1ee9 /]# govc session.login -u user:password@host
[root@2c1032aa1ee9 /]# govc ls
govc: specify an ESX or vCenter URL

This issue was resolved by moving to the environment variables method.

Directly Deploying an OVA vs Deploying via Library Template

Consider whether the example should deploy directly from an OVA as opposed to via a Library Template. Yes, having a pre-loaded template in a library is probably a good thing to do if you're deploying lots of VMs but perhaps the hello-world example should keep it simpler. This would mean replacing the library-related lines (other instructions remain as-is):

govc  import.ova -name ${VM_NAME} ${FCOS_OVA}

In my case I found a couple of issues with the library approach which eventually led me to deploy directly:

  • Creating library templates actually required additional privileges to my CICD tooling credentials.
  • Even with escalated credentials I was unable to create the library resources due to likely site-specific vSphere configuration issues.
@dustymabe
Copy link
Member

@lucab @fifofonix - did we ever figure out if there are docs updates we wanted to make as part of this?

@fifofonix
Copy link
Author

@lucab, @dustymabe I think it is your team's call but if you do want to proceed I'd be more than happy to submit a pull request with suggested changes. I just didn't want to spend the time figuring out how to build/test the docs etc without your buy-in.

Okeanos added a commit to Okeanos/fedora-coreos-docs that referenced this issue Apr 1, 2023
@Okeanos
provisioning/vmware: simplify example, provide authentication tip
fd65467 
As discussed in coreos/fedora-coreos-tracker#1158 the examples for VMware
vSphere now:

- tell users about alternative authentication methods
- give simpler instructions for a hello-world run
  - reuse of library items is relegated to an optional section
@Okeanos Okeanos mentioned this issue Apr 1, 2023
Merged
@Okeanos
Copy link

Okeanos commented Apr 1, 2023

I recently noticed this issue and decided to provide a PR to address your findings (as nothing happened the past year to invalidate them in my opinion). Feel free to chime in.

Okeanos added a commit to Okeanos/fedora-coreos-docs that referenced this issue Dec 13, 2023
@Okeanos
provisioning/vmware: simplify example, provide authentication tip
d84e4b7 
As discussed in coreos/fedora-coreos-tracker#1158 the examples for VMware
vSphere now:

- tell users about alternative authentication methods
- give simpler instructions for a hello-world run
  - reuse of library items is relegated to an optional section
jlebon pushed a commit to coreos/fedora-coreos-docs that referenced this issue Feb 1, 2024
@Okeanos @jlebon
provisioning/vmware: simplify example, provide authentication tip
cd11326 
As discussed in coreos/fedora-coreos-tracker#1158 the examples for VMware
vSphere now:

- tell users about alternative authentication methods
- give simpler instructions for a hello-world run
  - reuse of library items is relegated to an optional section
@Okeanos
Copy link

Okeanos commented Feb 1, 2024

@dustymabe with docs#526 having been merged I wonder whether this issue here can also be closed?

@dustymabe
Copy link
Member

SGTM Will Close.

@fifofonix feel free to re-open if you disagree.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Okeanos @dustymabe @fifofonix