In this post, I am going to explain how to quickly deploy a nested ESXi lab using OVFTool as the primary tool with the help of some additional bash scripting. Instead of deploying a full working lab, I put this together as small building blocks to easily deploy and/or re-deploy the minimum necessary components like an ESXi server, vCenter Server Appliance and a Ubuntu cloud image virtual machine so later if desired I could install any other evaluation software components like vSAN, NSX, TKG or vSphere with Tanzu.
To start using the scripts available on my GitHub repository first, you will need as a minimum of (1) bare-metal installation of ESXi server with at least 64 gigabytes of memory, 1 terabyte of storage capacity, and two network adapters. 32 gigabytes of memory and 500 gigabytes of storage will work but your mileage will vary depending which software you want to install and evaluate eventually. The initial two steps will include the ESXi bare-metal server installation and the first VCSA which will be the persistent part of the lab infrastructure. To deploy the ESXi server quickly and easily on bare-metal using a USB flash drive you can check this previous post.
After deploying your bare metal ESXi server is important to check some networking configuration settings required for nested environments. For a single bare-metal server deployment and to keep things as simple as possible I decide to use regular virtual switches (vSwitch) that required the following Security policy settings. On your ESXi Embedded Host Client under Networking look for your primary vSwitch0, select Edit settings and under the Security section change Promiscuous mode, MAC address changes, and Forged transmits all to Accept. If you decide to use VMware Distributed Virtual Switch (VDS) this won’t be necessary cause the MAC Learning functionality is a native feature of this type of switch.
Before starting with the deployment of the nested ESXi server instances lets review some additional requirements:
DHCP server properly configured and running, DNS & NTP server optional but highly recommended.
Download the latest version of OVFTool 4.4.1 from here.
Download the 7.0u1 ESXi nested appliace OVA file from virtuallyGhetto website.
Download the vCenter Server Appliance ISO from here.
Finally, you will need to extract the OVA file under the vcsa folder on the root of the ISO and copy all required OVA files to a single location for easy reference.
Next, we will need to clone the content of the GitHub repository using git.
$ git clone https://github.com/fuakata/demo-lab.gitNow with a working copy of the bash scripts on your local system, you will need to edit some variables for your environment. The first logical step is the deployment of the VCSA directly to ESXi bare metal server to enable standard management of the physical ESXi instance. Let’s take a look at deploy-vcsa.sh and modify all declared variables with your particular information.
# Set variables to declare LAB specific resources.
# ESXi administrator and password, host IP address & path to OVA/OFV file.
ADMIN="root"
PASSWORD="Password123!"
TARGET="192.168.0.x"
OVA="$HOME/<path-to-ova>/VMware-vCenter-Server-Appliance-7.0.1.00100-17004997_OVF10.ova"
# Assign VCSA VM name, VCSA size, host Fully Qualified Domain Name (FQDN) or IP address, IP address networking, SSO user password and root password to VCSA.
VCSA_NAME="vcsa-lab"
VCSA_SIZE="tiny"
VCSA_IP="192.168.0.x"
VCSA_HOSTNAME="192.168.0.x"
VCSA_GW="192.168.0.x"
VCSA_CIDR="24"
VCSA_DNS="192.168.0.x"
VCSA_NTP="pool.ntp.org"
VCSA_SSO_DOMAIN="vsphere.local"
VCSA_SSO_PASSWORD="Password123!"
VCSA_PASSWORD="Password123!"
VCSA_NETWORK="VM Network"
VCSA_DATASTORE="datastore"
VCSA_ALLSTAGES="True"
To start the VCSA deployment just run the following command.
$ ./deploy-vcsa.shInstalling the vCenter Server usually is a two-stage process but the script will take care of that, but it will take about 30 minutes to complete so be patient. You can check the status of the VCSA deployment using the ESXi Embedded Host Client. When the installation finishes you could open a browser at https://your-hostname-or-ip-address:5480 to access the vCenter Server Management and then add the ESXi bare-metal host to the vCenter Server using the vSphere Client.
The second deployment is the (3) nested ESXi servers. Let’s take a look at deploy-esxi.sh and again modify all declared variables with your particular information. If you have a single host and no cluster resource on vCenter you can replace <your-cluster-name> with <your-esxi-hostname>.
# Set variables to declare LAB specific resources.
# ESXi user name and password, ESXi host Fully Qualified Domain Name (FQDN) or IP address.
# Path to OVA/OFV file.
ADMIN="root"
PASSWORD="Password123!"
TARGET="<your-esxi-ipaddress>>"
OVA="$HOME/<path-to-ova>/Nested_ESXi7.0u1_Appliance_Template_v1.ova"
# Assing names, IP addresses and password to ESXi servers.
ESXI_NODE1_HOSTNAME="esxi-node-1"
ESXI_NODE2_HOSTNAME="esxi-node-2"
ESXI_NODE3_HOSTNAME="esxi-node-3"
ESXI_NODE1_IP="192.168.1.x"
ESXI_NODE2_IP="192.168.1.x"
ESXI_NODE3_IP="192.168.1.x"
ESXI_NETMASK="255.255.255.0"
ESXI_GATEWAY="192.168.1.x"
ESXI_DNS="192.168.1.x"
ESXI_DOMAIN="<your-domain.local>"
ESXI_PASSWD="Password123!"
ESXI_DATASTORE="datastore"
ESXI_NETWORK="VM Network"
To start the ESXi deployment just run the following command.
$ ./deploy-esxi.shThe next step will be the deployment of an additional VCSA to manage and build the cluster using the nested ESXi instances. Using the same deploy-vcsa.sh script you can choose to deploy the new VCSA in the ESXi bare-metal instance as previously done or in one of the ESXi nested instances. REMEMBER to modify all declared variables with the new VCSA information or your previous VCSA will be destroyed. After finishing the new VCSA deployment, now you could add the (3) ESXi host to the vSphere client and build your cluster. I won’t get into the details of how to build a vSphere cluster in this post.
The final step is to add the Ubuntu cloud image as a template or as a running VM to the vSphere cluster. Let’s take a look at deploy-ubuntu-template.sh and again modify all declared variables with your particular information.
# Set variables to declare LAB specific resources.
## vCenter administrator user name and password, vCenter and ESXi host Fully Qualified Domain Name (FQDN) or IP address.
# Path to OVA/OFV file, destination datastore and target network.
ADMIN="administrator@vsphere.local"
PASSWORD='Password123!'
TARGET="vcsa.mylab.local/LAB/host/esxi.myhome.local"
OVA="$HOME/path/to/ova/focal-server-cloudimg-amd64.ova"
DATASTORE="datastore"
NETWORK="VM Network"
# Assing names, IP addresses, public key and one time password to Ubuntu Cloud Image VM.
VM_NAME="ubuntu-focal-20.04-template"
VM_HOSTNAME="ubuntu-cloud"
VM_FOLDER="Templates"
VM_KEY="copy-your-public-ssh-key-here"
VM_PASSWORD="Password123!"
To start the template deployment just run the following command.
$ ./deploy-ubuntu-template.shWhere done, now you should have a working sandbox build out of (3) nested ESXi servers, (1) vCenter Server Appliance and, (1) Ubuntu cloud image template for fast deployment of Linux VM instances.
The Ad-Hoc Lab 