Skip to content

Latest commit

 

History

History
48 lines (27 loc) · 4.64 KB

README.md

File metadata and controls

48 lines (27 loc) · 4.64 KB

Windows Stemcell Automation

Provides tasks to create a Windows stemcell for Cloud Foundry, in VSphere. The tasks are intended to be open and extensible as bash scripts. While life becomes a little more managable using concourse for automation of these tasks, everything is arranged in a way that you could manually run them or plug them in to some other automation tool. The job of each task follows Pivotal's recommended way of creating a base image, cloning it, and running their stembuild tool on it. Read more about "Creating a Windows Stemcell for vSphere Using stembuild" in their docs.

One notable design choice of this approach is the use of the Windows answer file (also known as the autounattend file). An alternate option to this would be to use packer cli made by Hashicorp. This project is focused on the Winodws operating system solely and wants to follow Microsoft's recommended approach to automating Windows installs. There are many many customizations that one could want to do to a Windows install and the autounattend approach is a guarantee to offer all possibilities.

That said, the autounattend xml is complex and confusing. So attempts are made to abstract most of that away by pulling out specific settings as pipeline variables and templatizing the XML.

Concourse screenshot

Documentation

For your reading pleasure we have moved documentation of the project to wiki. Have a look.

Best practice for patching the base operating system

Naturally you would think patch tuesday is the trigger to update the base VM and run stembuild to create a patched stemcell. But doing this would leave compatability between OS patches and the stembuild tool up to you. The Cloud Foundry windows team does this validation for the community each month and releases a patched version of stembuild, signifying compatability with everything.

The new release of stembuild is the trigger of the pipeline. Specifically the update-base task. The flow should be to update the base VM's operating system, clone it with a name of the intended stembuild version, and run the latest version of stembuild on it. The output is an up to date stemcell that can trigger other pipelines for deployment and repaving of the Windows cells.

There are two ways to watch for a new stembuild release. Pivotal customers can have concourse watch Pivotal Stemcells product page for a new version, or non-Pivotal customers can have concourse watch the GitHub> releases for a new version. If you would like to make the pipeline run automatically when a new release is posted, uncomment trigger: true in the update-base task.

More details about monthly stemcell upgrade can be found in the creating vsphere stemcell with stembuild documentation.

Change Log

2/27/2020

  • Updated cfcommunity/windows-stemcell-concourse image with latest Ubuntu, added unzip package, and updated govc to 0.22.1.
  • Made vcenter-ca-certs optional and added ability to download certificate from vCenter as a part of initializing govc.

2/25/2020

  • Added timeout var to apply to certain VM functions that could run wild.
  • Added windows-install-timeout var to apply to windows install that could run forever if the install gets in a bad state.

2/24/2020

  • Added vmware-tools-status var to allow for 2 different vmware tools state - current and supported. Look at the vars for more explaination.
  • Added validateToolsVersionStatus function in govc.sh to do a deeper lookup into the current state of the tools.
  • Built out waitForToolStatus in govc.sh to be patient and wait/timeout for a proper tools status.
  • Added support in all VM startup/shutdown/restart functions for waitForToolStatus

2/20/2020

  • Added vmware tools validation in create-base task. The pipeline should not continue if tools are not in an acceptable state.

For even more info have a look at commit history