This post is part 3 of a small series of articles about how to use pyVMomi to build, configure and manage vmware vsphere environments.
You will recall that the strategy for our sample program is to encapsulate the configuration we want to achieve in a simple YAML file.
In this section we will extend that YAML file structure such that Clusters with member Hosts can be represented.
We will now extend our previous YAMl definition by adding member ESXi hosts to the Cluster.
As you can see, a simple change has been made to add a members and ip section to the YAML file.
Additionally, a section has been added to contain host details. This section is cross-referenced with the member ip’s so that we can access the required userid and password details for the new hosts. The structure exists this way as it’s simpler to change the topology without having to shuffle around all the host details and keeps that information in one place.
Now, let’s look at the code side of things. The YAML parser will take care of capturing our configuration from the labconfig.yaml file. We need to use that information to make the correct calls to the vSphere SDK via pyVmomi.
A quick browse shows us that we have documentation on Clusters and that there is a method on that class called AddHost. AddHost in turn utilises a vim.host.ConnectSpec to define the characteristics of the host we’re adding. The important thing to note here is that the method returns a vim.Task
vSphere allows us to submit multiple long running tasks. Each task is represented by a vim.Task that can be queried to determine the status, success or otherwise of the requested action.
To manage this a simple helper method is added to out Vcenter class to allow us to track a task till completion. In our application we don’t run tasks in parallel so it’s a simple case of waiting for a launched task to either succeed or fail.
As you can see we basically spin in a sleep(2) loop until the task succeeds or fails.
Firstly, our add_host() method checks to see if there is already a host object with the name we’re trying to add. If it does exist we simply return with the pointer to that Host object. In theory we could move the host to the cluster selected but that is left as an exercise to the reader. ie. The use case is that Hosts have already been added to the vCenter but the task is to move them into an existing Cluster definition.
If the host doesn’t exist we get a pointer the the desired cluster and add the Host to the cluster using a HostSpec that contains the credentials for the Host.
Hmm, what happened? Our AddHost task has failed with a SSLVerifyFault.
The documentation shows us that for the vim.host.ConnectSpec that we pass through to our AddHost() method has an optional attribute called sslThumprint. This attribute is only ‘optional’ if you have certificates that have been signed by a valid CA. In this case we’re using self-signed certificates so we need to supply the sslThumbprint.
A quick google leads us to this article which gives us two options.
- Execute an openssl command on the ESXi host
- Remotely connect to port 443 on the ESXi host using openssl and extract the thumbprint.
Option 2 is a relatively simple option as it doesn’t require credentials for the host
From a bash perspective the following command can extract the sslThumbprint.
To perform this we use python subprocesses and pipes to reflect the above command in a python construct.
Here is the complete program :
Here is what the VCSA looked like before the job executed.
and this is what it looks like after execution.
Other parts in the series can be found below :