Short tip: Deploy OVA/OVF templates using OVF Tool
Recently I had massive problems with deploying some VMware appliances under vSphere 6.5. Independently of the frontend (Host Client, HTML 5 Client, Web Client, C# Client) I was unable to deploy templates in a clean way at all - mostly aborts and "generic system failures" occured.
Mark Brookfield gave me the tip to use OVF Tool instead of a graphical interface. The console utility focusses at importing/exporting OVA/OVF templates between multiple VMware products and is available for Microsoft Windows, Linux und App macOS erhältlich. The tool can be downloaded for free.
Basically, it is executed like this:
1$ ovftool [parameter] source target
Major parameters (some are optional) are:
| Parameter | Function |
| -n / --name | Target VM name |
| -vf / --vmFolder | Folder for storing the VM |
| --acceptAllEulas | Automatically accept EULA |
| -ds / --datastore | Target datastore |
| -dm / --diskMode | Disk provisioning mode (for vSphere: thin, thick or eagerZeroedThick) |
| --net:NIC-name:portgroup | Network binding (portgroup is mapped to NIC name) |
| --ipProtocol | IP protocoll: IPv4, IPv6 |
| --prop | Assigning an OVA/OVF parameter (e.g. Root password) |
| --deploymentOption | Selecting a vApp configuration (if supported by template) |
| --powerOn | Turning on VM after provisioning |
The target locator needs to have a specific schema I was not aware of at first sight. Some examples for vSphere:
| Locator | Description |
| vi://myvcenter/mydatacenter/host/mycluster | Arbitrary host of a dedicated datacenter and cluster |
| vi://admin:admin@myvcenter/mydatacenter/host/mycluster | like above, but with fixed login information |
| vi://myvcenter/mydatacenter/vm/myfolder/myvm | Arbitrary datacenter, VM folder and name |
| vi://myvcenter/mydatacenter/host/myesx | Arbitrary ESXi host of a datacenter |
| vi://myvcenter/mydatacenter/host/myesx/Resources/myresource | like above, but with arbitrary resource pool |
Additional examples can be found in the utility online help:
1$ ovftool -h | less
2$ ovftool -h locators | less
3$ ovftool -h examples | less
The OVA/OVF source does not need to be stored on the local hard drive, it can also be downloaded from a web server (http://path, https://path) or FTP server (ftp://pfad).
Before deploying a template, it is a good idea to have a look at the available options. For example, this is required to get information about required network interfaces:
1$ ovftool --hideEula VMware-vSAN-Witness-201704001-5310538.ova
2...
3Networks:
4 Name: Management Network
5 Description: Management Network will be used to drive witness vm traffic
6
7 Name: Witness Network
8 Description: Witness Network will be used to drive witness vm traffic
In this case, valid assignments for the Management Network and Witness Network need to be made. Afterwards, check-out the available properties:
1...
2Properties:
3 ClassId: vsan
4 Key: witness.root.passwd
5 Label: Root password
6 Type: password(7..)
7 Description: Set password for root account.
8...
Some are required - like the root password in this example - some are optional. Some OVA/OVF templates also offer deployment options; also called "t-shirt sizes":
1Deployment Options:
2 Id: tiny
3 Label: Tiny (10 VMs or fewer)
4 Description: Configuration for Tiny vSAN Deployments with 10 VMs or fewer
5
6 * 2 vCPUs
7 * 8GB vRAM
8 * 1x 12GB ESXi Boot Disk
9 * 1x 15GB Magnetic Disk
10 * 1x 10GB Solid-State Disk
11 * Maximum of 750 Components
12
13 Id: normal (default)
14 Label: Medium (up to 500 VMs)
15 Description: Configuration for Medium vSAN Deployments of up to 500 VMs
16
17 * 2 vCPUs
18 * 16GB vRAM
19 * 1x 12GB ESXi Boot Disk
20 * 1x 350GB Magnetic Disk
21 * 1x 10GB Solid-State Disk
22 * Maximum of 22K Components
23
24 Id: large
25 Label: Large (more than 500 VMs)
26 Description: Configuration for Large vSAN Deployments of more than 500 VMs
27
28 * 2 vCPUs
29 * 32GB vRAM
30 * 1x 12GB ESXi Boot Disk
31 * 3x 350GB Magnetic Disks
32 * 1x 10GB Solid-State Disk
33 * Maximum of 45K Components
This template offers three fixed configuration sizes - the requirements and use-cases are explained.
The completed commands can look like this:
1$ ovftool --acceptAllEulas -ds=NFS-Backup --net:"Management Network"="DPortGroup-MGMT" --net:"Witness Network"="DPortGroup-VSAN" --prop:witness.root.passwd=... --deploymentOption=tiny VMware-vSAN-Witness-201704001-5310538.ova vi://st-vcsa03.stankowic.loc/Stankowic/host/Darmstadt/
2Opening OVA source: VMware-vSAN-Witness-201704001-5310538.ova
3The manifest validates
4Source is signed and the certificate validates
5Enter login information for target vi://st-vcsa03.stankowic.loc/
6Username: administrator@vsphere.local
7Password: ...
8Opening VI target: vi://administrator%40vsphere.local@st-vcsa03.stankowic.loc:443/Stankowic/host/Darmstadt/
9Deploying to VI: vi://administrator%40vsphere.local@st-vcsa03.stankowic.loc:443/Stankowic/host/Darmstadt/
10Transfer Completed
If you are receiving an warning such as:
1Warning:
2- OVF property with key: 'witness.root.passwd' does not exists.
You might want to have a look at the vApp options pane in the VM configuration. There might be a missing parameter you want to fix before turning on the appliance.
Using the tool I was finally able to deploy additional vApps in my home lab - too bad, that this did not work using one of the plenty frontends. I don't know whether the root cause for this issue is based in my lab or if it is just an generic issue (bug?). Really need to dig deeper regarding this...