@hashicorp
The vSphere plugin is able to create vSphere virtual machines for use with any VMware product.
- Official
- HCP Ready
Updated 2 years ago
- GitHub(opens in new tab)
vSphere Template
Type: vsphere-template
Artifact BuilderId: packer.post-processor.vsphere
This post-processor uses an artifact from the vmware-iso
builder with an ESXi host or an artifact
from the vSphere post-processor. It then marks
the virtual machine as a template and moves it to your specified path.
Configuration
The following configuration options are available for the post-processor.
Required:
host
(string) - Specifies the fully qualified domain name or IP address of the vSphere endpoint.username
(string) - Specifies the username to use to authenticate to the vSphere endpoint.password
(string) - Specifies the password to use to authenticate to the vSphere endpoint.
Optional:
insecure
(bool) - Specifies whether to skip the verification of the server certificate. Defaults tofalse
.datacenter
(string) - Specifies the name of the datacenter to use. Required when the vCenter Server instance endpoint has more than one datacenter.folder
(string) - Specifies the name of the virtual machine folder path where the template will be created.snapshot_enable
(bool) - Specifies whether to create a snapshot before marking as a template. Defaults tofalse
.\snapshot_name
(string) - Specifies the name of the snapshot. Required whensnapshot_enable
istrue
.snapshot_description
(string) - Specifies a description for the snapshot. Required whensnapshot_enable
istrue
.reregister_vm
(boolean) - Specifies to keep the virtual machine registered after marking as a template.
keep_input_artifact
(boolean) - This option is not applicable tovsphere-template
. For a template to function, the original virtual machine from which it was generated cannot be deleted. Therefore, the vSphere Template post-processor always preserves the original virtual machine.Note: If you are getting permission denied errors when trying to mark as a template, but it works in the vSphere UI, set this to
false
. Default istrue
.
Example Usage
An example is shown below, showing only the post-processor configuration:
In HCL2:
source "null" "example" { communicator = "none"} build { sources = [ "source.null.example" ] post-processors { post-processor "vsphere-template"{ host = "vcenter.example.com" insecure = false username = "administrator@vsphere.local" password = "VMw@re1!" datacenter = "dc-01" folder = "/templates/os/distro" } }}
In JSON:
{ "builders": [ { "type": "null", "communicator": "none" } ], "post-processors": [ [ { "type": "vsphere-template", "host": "vcenter.example.com", "insecure": true, "username": "administrator@vsphere.local", "password": "VMw@re1!", "datacenter": "dc-01", "folder": "/templates/os/distro" } ] ]}
Using the vSphere Template with Local Builders
Once the vSphere post-processor takes an artifact from the builder and uploads it to a vSphere endpoint, you may want the virtual machine to be marked as a template.
In HCL2:
build { sources = [ "source.null.example" ] post-processors { post-processor "vsphere" { # ... } post-processor "vsphere-template" { # ... } }}
In JSON:
{ "builders": [ { "type": "null", "communicator": "none" } ], "post-processors": [ [ { "type": "vsphere", ... }, { "type": "vsphere-template", ... } ], { "type": "...", ... } ]}
In the example above, the result of each builder is passed through the defined sequence of
post-processors starting with the vsphere
post-processor which will upload the artifact to a
vSphere endpoint. The resulting artifact is then passed on to the vsphere-template
post-processor
which handles marking a VM as a template. In JSON, note that the vsphere
and vsphere-template
post-processors can be paired together in their own array.
Permissions
The post processor needs several privileges to be able to mark the virtual as a template.
Rather than giving full administrator access, you can create a role to give the post-processor the privileges necessary to run.
Below is an example role that will work. Please note that this is a user-supplied list so there may be a few extraneous privileges that are not strictly required.
For vSphere, the role needs the following privileges:
Datastore.AllocateSpace
Host.Config.AdvancedConfig
Host.Config.NetService
Host.Config.Network
Network.Assign
System.Anonymous
System.Read
System.View
VApp.Import
VirtualMachine.Config.AddNewDisk
VirtualMachine.Config.AdvancedConfig
VirtualMachine.Inventory.Delete
and either (if
reregister_vm
isfalse
):VirtualMachine.Provisioning.MarkAsTemplate
or (if
reregister_vm
istrue
or unset):VirtualMachine.Inventory.Register
VirtualMachine.Inventory.Unregister
The role must be authorized on the:
- Cluster of the host.
- The destination folder.
- The destination datastore.
- The network to be assigned.
Troubleshooting
Some users have reported that vSphere templates created from local vSphere builds get their boot
order reset to CD-ROM only instead of the original boot order defined by the template. If this issue
affects you, the solution is to set "bios.hddOrder": "scsi0:0"
in your builder's vmx_data
.