Packer
VMware vSphere
@hashicorp
The vSphere plugin is able to create vSphere virtual machines for use with any VMware product.
- Official
- HCP Ready
Updated 2 years ago
- GitHub(opens in new tab)
vSphere Template
Type: vsphere-template
Artifact BuilderId: packer.post-processor.vsphere
This post-processor uses an artifact from the vmware-iso
builder with an ESXi host or an artifact
from the vSphere post-processor. It then marks
the virtual machine as a template and moves it to your specified path.
Note: This post-processor is developed to maintain compatibility with VMware vSphere versions until their respective End of General Support dates. For detailed information, refer to the Broadcom Product Lifecycle.
Examples
Examples are available in the examples directory of the GitHub repository.
Configuration Reference
The following configuration options are available for the post-processor.
Required:
host
(string) - The fully qualified domain name or IP address of the vSphere endpoint.username
(string) - The username to use to authenticate to the vSphere endpoint.password
(string) - The password to use to authenticate to the vSphere endpoint.
Optional:
insecure
(bool) - Skip the verification of the server certificate. Defaults tofalse
.datacenter
(string) - The name of the datacenter to use. Required when the vCenter Server instance endpoint has more than one datacenter.template_name
(string) - The name of the template. If not specified, the name of the virtual machine will be used.folder
(string) - The name of the virtual machine folder path where the template will be created.snapshot_enable
(bool) - Create a snapshot before marking as a template. Defaults tofalse
.snapshot_name
(string) - The name of the snapshot. Required whensnapshot_enable
istrue
.snapshot_description
(string) - A description for the snapshot. Required whensnapshot_enable
istrue
.reregister_vm
(boolean) - Keepe the virtual machine registered after marking as a template.
keep_input_artifact
(boolean) - This option is not applicable tovsphere-template
. For a template to function, the original virtual machine from which it was generated cannot be deleted. Therefore, the vSphere Template post-processor always preserves the original virtual machine.Note: If you are getting permission denied errors when trying to mark as a template, but it works in the vSphere UI, set this to
false
. Default istrue
.
Example Usage
An example is shown below, showing only the post-processor configuration:
HCL Example:
source "null" "example" {
communicator = "none"
}
build {
sources = [
"source.null.example"
]
post-processors {
post-processor "vsphere-template"{
host = "vcenter.example.com"
insecure = false
username = "administrator@vsphere.local"
password = "VMw@re1!"
datacenter = "dc-01"
folder = "/templates/os/distro"
}
}
}
JSON Example:
{
"builders": [
{
"type": "null",
"communicator": "none"
}
],
"post-processors": [
[
{
"type": "vsphere-template",
"host": "vcenter.example.com",
"insecure": true,
"username": "administrator@vsphere.local",
"password": "VMw@re1!",
"datacenter": "dc-01",
"folder": "/templates/os/distro"
}
]
]
}
Using the vSphere Template with Local Builders
Once the vSphere post-processor takes an artifact from the builder and uploads it to a vSphere endpoint, you may want the virtual machine to be marked as a template.
HCL Example:
build {
sources = [
"source.null.example"
]
post-processors {
post-processor "vsphere" {
# ...
}
post-processor "vsphere-template" {
# ...
}
}
}
JSON Example:
{
"builders": [
{
"type": "null",
"communicator": "none"
}
],
"post-processors": [
[
{
"type": "vsphere",
...
},
{
"type": "vsphere-template",
...
}
],
{
"type": "...",
...
}
]
}
In the example above, the result of each builder is passed through the defined sequence of
post-processors starting with the vsphere
post-processor which will upload the artifact to a
vSphere endpoint. The resulting artifact is then passed on to the vsphere-template
post-processor
which handles marking a virtual machine as a template.
In JSON, note that the vsphere
and vsphere-template
post-processors can be paired together in
their own array.
Privileges
The post processor needs several privileges to be able to mark the virtual as a template.
Rather than giving full administrator access, you can create a role to give the post-processor the privileges necessary to run.
Below is an example role that will work. Please note that this is a user-supplied list so there may be a few extraneous privileges that are not strictly required.
For vSphere, the role needs the following privileges:
Datastore.AllocateSpace
Host.Config.AdvancedConfig
Host.Config.NetService
Host.Config.Network
Network.Assign
System.Anonymous
System.Read
System.View
VApp.Import
VirtualMachine.Config.AddNewDisk
VirtualMachine.Config.AdvancedConfig
VirtualMachine.Inventory.Delete
and either (if
reregister_vm
isfalse
):VirtualMachine.Provisioning.MarkAsTemplate
or (if
reregister_vm
istrue
or unset):VirtualMachine.Inventory.Register
VirtualMachine.Inventory.Unregister
The role must be authorized on the:
- Cluster of the host.
- The destination folder.
- The destination datastore.
- The network to be assigned.
Troubleshooting
Some users have reported that vSphere templates created from local vSphere builds get their boot
order reset to CD-ROM only instead of the original boot order defined by the template. If this issue
affects you, the solution is to set "bios.hddOrder": "scsi0:0"
in your builder's vmx_data
.