|
|
Line 1: |
Line 1: |
| The control center VM will have different functions within the nested labs.
| | == Summary == |
| The main purpose will be that this VM will be the stepstone to perform management inside the nested lab and access all the internal lab resources and services.
| | Uplaoding files from nsx.ninja and iwan.wiki |
| Because all traffic will not be routed outside the nested lab we need to have a control point.
| |
| The control center VM will also offer AD, DNS and NTP services.
| |
| | |
| This VM is also pre-prepared with a Windows 2019 Server installation and various services are configured and different software is pre-installed.
| |
| | |
| This is the list of the services I have installed and configured together with the software installs:
| |
| | |
| * Enable Remote Desktop
| |
| ** [https://computingforgeeks.com/how-to-enable-remote-desktop-protocol-rdp-on-windows-server-2019/ Enable RDP on Windows 2019 Server]
| |
| * Turn off all Personal Firewalls
| |
| ** [https://www.faqforge.com/windows-server-2016/turn-off-firewall-windows-server-2016/ How to Turn Off Firewall in Windows Server 2016]
| |
| * Install Windows Updates
| |
| ** [https://medium.com/@tkolber/patching-windows-server-2019-core-with-windows-update-e22aef78b8c9 Patching Windows Server 2019 Core with Windows Update]
| |
| * Install VMware Tools
| |
| ** [https://kb.vmware.com/s/article/1018377 VMware Knowledge Base]
| |
| * Change the hostname to “control”
| |
| ** [https://www.server-world.info/en/note?os=Windows_Server_2019&p=initial_conf&f=3 Windows Server 2019 : Initial Settings : Change Computer Name]
| |
| * Configure AD
| |
| ** [https://www.youtube.com/watch?v=h3sxduUt5a8 Setting up Active Directory in Windows Server 2019 (Step By Step Guide)]
| |
| * Configure DNS for domain “lab.local”
| |
| ** [https://computingforgeeks.com/install-and-configure-dns-server-in-windows-server/ Install and Configure DNS Server on Windows Server 2019]
| |
| ** Also make sure you configure an “A” record for vcsa.lab.local -> 192.168.11.10
| |
| * Configure NTP Server
| |
| ** [https://docs.microsoft.com/en-us/windows-server/networking/windows-time-service/windows-time-service-tools-and-settings Windows Time service tools and settings]
| |
| * Install RoyalTSX
| |
| ** [https://www.royalapps.com/ts/mac/download Royal Apps]
| |
| * Install Google Chrome
| |
| ** [https://www.google.com/chrome/ Google Chrome]
| |
| * Install Putty
| |
| ** [https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html Download PuTTY]
| |
| * Install Notepad ++
| |
| ** [https://notepad-plus-plus.org/downloads/ Notepad++]
| |
| * Install Visual Studio Code
| |
| ** [https://code.visualstudio.com/download Download Visual Studio Code - Mac, Linux, Windows]
| |
| * Install Gitkraken
| |
| ** [https://www.gitkraken.com/download/mac GitKraken]
| |
| * Install PowerCLI
| |
| ** [https://www.vladan.fr/how-to-install-vmware-powercli-via-powershell/ How To Install VMware PowerCLI via PowerShell]
| |
| * Install WinSCP
| |
| ** [https://winscp.net/eng/download.php WinSCP Download]
| |
| * Install DeamonTools
| |
| ** [https://www.daemon-tools.cc/downloads Download DAEMON Tools]
| |
| * Install Postman
| |
| ** [https://www.postman.com/downloads/ Download Postman App]
| |
| * Install RVTools
| |
| ** [https://www.robware.net/rvtools/download/ RVTools - Download]
| |
| * Install Chocolatey (Windows Package Manager)
| |
| ** [https://chocolatey.org/](https://chocolatey.org/ Chocolatey Install]
| |
| * Install Terraform through the Chocolatey windows package manager
| |
| ** [https://chocolatey.org/packages/terraform/0.11.14 Chocolatey Software | Terraform 0.11.14]
| |
| ** [https://chocolatey.org/packages/terraform Chocolatey Software | Terraform 0.12.21]
| |
| * Change password policies and make sure passwords never expire or need to be changed
| |
| ** [http://dalaris.com/how-to-change-password-complexity-policy-on-a-windows-server/ Change password policies windows server]
| |
| | |
| After the Windows 2019 Server VM is fully installed and the services are preconfigured and the software is pre-installed we can start cloning it using the below Terraform script:
| |
| | |
| {{console|body=
| |
| \❯ tree
| |
| ├── main.tf
| |
| ├── terraform.tfvars
| |
| ├── variables.tf
| |
| }}
| |
| | |
| '''terraform.tfvars'''
| |
| <div class="toccolours mw-collapsible mw-collapsed">
| |
| '''CLICK ON EXPAND ===> ON THE RIGHT ===> TO SEE THE OUTPUT (terraform.tfvars code) ===>''' :
| |
| <div class="mw-collapsible-content">{{console|body=
| |
| vsphere_user = “administrator@vsphere.local”
| |
| vsphere_password = “<my vCenter Server Password>”
| |
| vsphere_server = "vcsa-01.home.local"
| |
| vsphere_datacenter = “HOME”
| |
| vsphere_datastore = “vsanDatastore”
| |
| vsphere_resource_pool = “Lab1”
| |
| vsphere_network = “L1-APP-MGMT11”
| |
| vsphere_virtual_machine_template = “control-template”
| |
| vsphere_virtual_machine_name = “l1-control”
| |
| }}</div>
| |
| </div>
| |
| | |
| '''variables.tf'''
| |
| <div class="toccolours mw-collapsible mw-collapsed">
| |
| '''CLICK ON EXPAND ===> ON THE RIGHT ===> TO SEE THE OUTPUT (variables.tf code) ===>''' :
| |
| <div class="mw-collapsible-content">{{console|body=
| |
| # vsphere login account. defaults to admin account
| |
| variable “vsphere_user" {
| |
| default = "administrator@vsphere.local"
| |
| }
| |
| | |
| # vsphere account password. empty by default.
| |
| variable “vsphere_password” {
| |
| default = “<my vCenter Server Password>”
| |
| }
| |
| | |
| # vsphere server, defaults to localhost
| |
| variable “vsphere_server” {
| |
| default = “vcsa-01.home.local”
| |
| }
| |
| | |
| # vsphere datacenter the virtual machine will be deployed to. empty by default.
| |
| variable “vsphere_datacenter” {}
| |
| | |
| # vsphere resource pool the virtual machine will be deployed to. empty by default.
| |
| variable “vsphere_resource_pool” {}
| |
| | |
| # vsphere datastore the virtual machine will be deployed to. empty by default.
| |
| variable “vsphere_datastore” {}
| |
| | |
| # vsphere network the virtual machine will be connected to. empty by default.
| |
| variable “vsphere_network” {}
| |
| | |
| # vsphere virtual machine template that the virtual machine will be cloned from. empty by default.
| |
| variable “vsphere_virtual_machine_template” {}
| |
| | |
| # the name of the vsphere virtual machine that is created. empty by default.
| |
| variable “vsphere_virtual_machine_name” {}
| |
| }}</div>
| |
| </div>
| |
| | |
| '''main.tf'''
| |
| <div class="toccolours mw-collapsible mw-collapsed">
| |
| '''CLICK ON EXPAND ===> ON THE RIGHT ===> TO SEE THE OUTPUT (main.tf code) ===>''' :
| |
| <div class="mw-collapsible-content">{{console|body=
| |
| provider “vsphere” {
| |
| user = “${var.vsphere_user}”
| |
| password = "${var.vsphere_password}"
| |
| vsphere_server = "${var.vsphere_server}”
| |
| allow_unverified_ssl = true
| |
| }
| |
| | |
| data “vsphere_datacenter” “dc” {
| |
| name = “${var.vsphere_datacenter}”
| |
| }
| |
| | |
| data “vsphere_datastore” “datastore” {
| |
| name = “${var.vsphere_datastore}”
| |
| datacenter_id = “${data.vsphere_datacenter.dc.id}”
| |
| }
| |
| | |
| data “vsphere_resource_pool” “pool” {
| |
| name = “${var.vsphere_resource_pool}”
| |
| datacenter_id = “${data.vsphere_datacenter.dc.id}”
| |
| }
| |
| | |
| data “vsphere_network” “network” {
| |
| name = “${var.vsphere_network}”
| |
| datacenter_id = “${data.vsphere_datacenter.dc.id}”
| |
| }
| |
| | |
| data “vsphere_virtual_machine” “template” {
| |
| name = “${var.vsphere_virtual_machine_template}”
| |
| datacenter_id = “${data.vsphere_datacenter.dc.id}”
| |
| }
| |
| | |
| resource “vsphere_virtual_machine” “cloned_virtual_machine” {
| |
| name = “${var.vsphere_virtual_machine_name}”
| |
| | |
| wait_for_guest_net_routable = false
| |
| wait_for_guest_net_timeout = 0
| |
| | |
| # Important of Terraform will set BIOS by default - Fix below
| |
| firmware = “efi”
| |
| | |
| resource_pool_id = “${data.vsphere_resource_pool.pool.id}”
| |
| datastore_id = “${data.vsphere_datastore.datastore.id}”
| |
| num_cpus = 2
| |
| memory = 8192
| |
| | |
| #num_cpus = “${data.vsphere_virtual_machine.template.num_cpus}”
| |
| #memory = “${data.vsphere_virtual_machine.template.memory}”
| |
| | |
| guest_id = “${data.vsphere_virtual_machine.template.guest_id}”
| |
| | |
| scsi_type = “${data.vsphere_virtual_machine.template.scsi_type}”
| |
| | |
| network_interface {
| |
| network_id = “${data.vsphere_network.network.id}”
| |
| adapter_type = “${data.vsphere_virtual_machine.template.network_interface_types[0]}”
| |
| }
| |
| | |
| disk {
| |
| label = “disk0”
| |
| size = “80”
| |
| # unit_number = 0
| |
| }
| |
| clone {
| |
| template_uuid = “${data.vsphere_virtual_machine.template.id}”
| |
| }
| |
| }
| |
| }}</div>
| |
| </div>
| |
| | |
| So we are ready to execute the terraform code on a per-directory basis.
| |
| | |
| Validate your code:
| |
| {{console|body=
| |
| ihoogendoor-a01:#Test iwanhoogendoorn$ tfenv use 0.11.14
| |
| [INFO] Switching to v0.11.14
| |
| [INFO] Switching completed
| |
| ihoogendoor-a01:Test iwanhoogendoorn$ terraform validate
| |
| }}
| |
| | |
| Plan your code:
| |
| {{console|body=
| |
| ihoogendoor-a01:Test iwanhoogendoorn$ terraform plan
| |
| }}
| |
| | |
| Execute your code to implement the Segments:
| |
| {{console|body=
| |
| ihoogendoor-a01:Test iwanhoogendoorn$ terraform apply
| |
| }}
| |
| | |
| When the segments need to be removed again you can revert the implementation:
| |
| {{console|body=
| |
| ihoogendoor-a01:Test iwanhoogendoorn$ terraform destroy
| |
| }}
| |
| | |
| [[Category:Articles]]
| |
| [[Category:VMware]]
| |
| [[Category:NSX-T]]
| |
| [[Category:Networking]]
| |
| [[Category:Terraform]]
| |