vSphere Air-gapped: Create a CAPI VM Template

You must have at least one image before creating a new cluster. As long as you have an image, this step in your configuration is not required each time since that image can be used to spin up a new cluster. However, if you need different images for different environments or providers, you will need to create a new custom image.

Using KIB, you can create your VM template without requiring access to the internet by providing an additional --override flag.

Assuming you have downloaded dkp-air-gapped-bundle_v2.6.2_linux_amd64.tar.gz, extract the tarball to a local directory:
CODE
```
tar -xzvf dkp-air-gapped-bundle_v2.6.2_linux_amd64.tar.gz && cd dkp-v2.6.2/kib
```
Follow the instructions to build a vSphere template below and set the override --overrides overrides/offline.yaml flag.

Create a vSphere Template for Your Cluster from a Base OS Image

Using the base OS image created in a previous procedure, DKP creates the new vSphere template directly on the vCenter server.

Set the following vSphere environment variables on the bastion VM host:

CODE

export VSPHERE_SERVER=your_vCenter_APIserver_URL
export VSPHERE_USERNAME=your_vCenter_user_name
export VSPHERE_PASSWORD=your_vCenter_password

Copy the base OS image file created in the vSphere Client to your desired location on the bastion VM host, and make a note of the path and file name.

Create an image.yaml file and add the following variables for vSphere. DKP uses this file and these variables as inputs in the next step.
⚠️ NOTE: This example is Ubuntu 20.04. You will need to replace OS name below based on your OS. See other YAML examples for copy and paste below last step.

CODE

---
download_images: true
build_name: "ubuntu-2004"
packer_builder_type: "vsphere" 
guestinfo_datasource_slug: "https://raw.githubusercontent.com/vmware/cloud-init-vmware-guestinfo"
guestinfo_datasource_ref: "v1.4.0"
guestinfo_datasource_script: "{{guestinfo_datasource_slug}}/{{guestinfo_datasource_ref}}/install.sh"
packer:
  cluster: "<VSPHERE_CLUSTER_NAME>"
  datacenter: "<VSPHERE_DATACENTER_NAME>"
  datastore: "<VSPHERE_DATASTORE_NAME>"
  folder: "<VSPHERE_FOLDER>"
  insecure_connection: "false"
  network: "<VSPHERE_NETWORK>"
  resource_pool: "<VSPHERE_RESOURCE_POOL>"
  template: "os-qualification-templates/d2iq-base-Ubuntu-20.04" # change default value with your base template name
  vsphere_guest_os_type: "other4xLinux64Guest"
  guest_os_type: "ubuntu2004-64"
  # goss params
  distribution: "ubuntu"
  distribution_version: "20.04"
# Use following overrides to select the authentication method that can be used with base template
# ssh_username: ""  # can be exported as environment variable 'SSH_USERNAME'
# ssh_password: "" # can be exported as environment variable 'SSH_PASSWORD'
# ssh_private_key_file = "" # can be exported as environment variable 'SSH_PRIVATE_KEY_FILE'
# ssh_agent_auth: false  # is set to true, ssh_password and ssh_private_key will be ignored

Create a vSphere VM template with your variation of the following command:
CODE
```
konvoy-image build images/ova/<image.yaml>
```
Any additional configurations can be added to this command using --overrides flags as shown below:
1. Any credential overrides: --overrides overrides.yaml
2. for FIPS, add this flag: --overrides overrides/fips.yaml
3. for air-gapped, add this flag: --overrides overrides/offline-fips.yaml
The Konvoy Image Builder (KIB) uses the values in image.yaml and the input base OS image to create a vSphere template directly on the vCenter server. This template contains the required artifacts needed to create a Kubernetes cluster.
When KIB provisions the OS image successfully, it creates a manifest file. The artifact_id field of this file contains the name of the AMI ID (AWS), template name (vSphere), or image name (GCP/Azure), for example:
CODE
```
{
      "name": "vsphere-clone",
      "builder_type": "vsphere-clone",
      "build_time": 1644985039,
      "files": null,
      "artifact_id": "konvoy-ova-vsphere-rhel-84-1.21.6-1644983717",
      "packer_run_uuid": "260e8110-77f8-ca94-e29e-ac7a2ae779c8",
      "custom_data": {
        "build_date": "2022-02-16T03:55:17Z",
        "build_name": "vsphere-rhel-84",
        "build_timestamp": "1644983717",
        [...]
      }
    }
```
Recommendation: Now we can now see the template created in our vCenter, it is best to rename it to dkp-<DKP_VERSION>-k8s-<K8S_VERSION>-<DISTRO>, like dkp-2.6.2-k8s-1.26.14-ubuntu to keep templates organized.
Next steps are to deploy a DKP cluster using your vSphere template.

Additional OS YAML files for copy/paste:

RHEL 8.6

CODE

---
download_images: true
build_name: "rhel-86"
packer_builder_type: "vsphere" 
guestinfo_datasource_slug: "https://raw.githubusercontent.com/vmware/cloud-init-vmware-guestinfo"
guestinfo_datasource_ref: "v1.4.0"
guestinfo_datasource_script: "{{guestinfo_datasource_slug}}/{{guestinfo_datasource_ref}}/install.sh"
packer:
  cluster: ""
  datacenter: ""
  datastore: ""
  folder: ""
  insecure_connection: "false"
  network: ""
  resource_pool: ""
  template: "base-rhel-8.6" # change default value with your base template name
  vsphere_guest_os_type: "rhel8_64Guest"
  guest_os_type: "rhel8-64"
  # goss params
  distribution: "RHEL"
  distribution_version: "8.6"
# Use following overrides to select the authentication method that can be used with base template
# ssh_username: ""  # can be exported as environment variable 'SSH_USERNAME'
# ssh_password: "" # can be exported as environment variable 'SSH_PASSWORD'
# ssh_private_key_file = "" # can be exported as environment variable 'SSH_PRIVATE_KEY_FILE'
# ssh_agent_auth: false  # is set to true, ssh_password and ssh_private_key will be ignored

Ubuntu 20.04

CODE

---
download_images: true
build_name: "ubuntu-2004"
packer_builder_type: "vsphere" 
guestinfo_datasource_slug: "https://raw.githubusercontent.com/vmware/cloud-init-vmware-guestinfo"
guestinfo_datasource_ref: "v1.4.0"
guestinfo_datasource_script: "{{guestinfo_datasource_slug}}/{{guestinfo_datasource_ref}}/install.sh"
packer:
  cluster: ""
  datacenter: ""
  datastore: ""
  folder: ""
  insecure_connection: "false"
  network: ""
  resource_pool: ""
  template: "base-ubuntu-20.04" # change default value with your base template name
  vsphere_guest_os_type: "other4xLinux64Guest"
  guest_os_type: "ubuntu2004-64"
  # goss params
  distribution: "ubuntu"
  distribution_version: "20.04"
# Use following overrides to select the authentication method that can be used with base template
# ssh_username: ""  # can be exported as environment variable 'SSH_USERNAME'
# ssh_password: "" # can be exported as environment variable 'SSH_PASSWORD'
# ssh_private_key_file = "" # can be exported as environment variable 'SSH_PRIVATE_KEY_FILE'
# ssh_agent_auth: false  # is set to true, ssh_password and ssh_private_key will be ignored

Rocky Linux 9.1

CODE

---
download_images: true
build_name: "rocky-91"
packer_builder_type: "vsphere" 
guestinfo_datasource_slug: "https://raw.githubusercontent.com/vmware/cloud-init-vmware-guestinfo"
guestinfo_datasource_ref: "v1.4.0"
guestinfo_datasource_script: "{{guestinfo_datasource_slug}}/{{guestinfo_datasource_ref}}/install.sh"
packer:
  cluster: ""
  datacenter: ""
  datastore: ""
  folder: ""
  insecure_connection: "false"
  network: ""
  resource_pool: ""
  template: "base-rocky-9.1" # change default value with your base template name
  vsphere_guest_os_type: "other4xLinux64Guest"
  guest_os_type: "rocky9-64"
  # goss params
  distribution: "rocky"
  distribution_version: "9.1"
# Use following overrides to select the authentication method that can be used with base template
# ssh_username: ""  # can be exported as environment variable 'SSH_USERNAME'
# ssh_password: "" # can be exported as environment variable 'SSH_PASSWORD'
# ssh_private_key_file = "" # can be exported as environment variable 'SSH_PRIVATE_KEY_FILE'
# ssh_agent_auth: false  # is set to true, ssh_password and ssh_private_key will be ignored

Next Step:

vSphere Air-gapped: Create the Management Cluster