Using vSphere Datasets in Salt

Published by Christian Mohn · Read in about 4 min (664 words)

vSphere 8 introduced the new vSphere Datasets feature. In short, Datasets provides a way to exchange information (metadata) between vCenter and a VM, read/writeable through VMware Tools, which is a pretty powerful option.

vSphere Datasets

vSphere Datasets architecture diagram

Note

William Lam has written a great introduction to the concept vSphere Datasets - New Virtual Machine Metadata Service in vSphere 8, see that for details, including some great code examples on how to create and use DataSets.

The official documentation is a good resource: What are vSphere DataSets?

I thought this might be a nice way to pass information from vCenter, or a VM, to Salt in order to use this metadata information on a Salt minion. Thankfully, this was fairly easy to accomplish.

1. Create a Dataset via PowerShell #

First we need a Dataset to store metadate in. By creating a Dataset called salt-ds, I created a location to store data that I want to access from the Salt minion in a VM. This dataset is writeable by vCenter (HostAccess) and readable (GuestAccess) from the VM. Replace the value for vm-id in $vm_moref with a valid ID for a VM.

Powershell Code #

$vm_moref = "vm-id"
$adminDataSetParam = @{
    Name = "salt-ds";
    Description = "Dataset for Salt";
    VMMoref = $vm_moref;
    GuestAccess = "READ_ONLY";
    HostAccess = "READ_WRITE";
    OmitFromSnapshotClone = $false;
}
New-VMDataset @adminDataSetParam

Set AppID value for salt-ds DataSet #

This creates a Dataset entry called AppID which has the value of pihole, for a given VM. In this example, I use pihole as the value, as I have automated installation of Pi-Hole through Salt already.

Powershell Code #

$sharedDataSetEntry1Param = @{
    Name = "AppID";
    VMMoref = "vm-id";
    Dataset = "salt-ds";
    Value = "pihole";
}
New-VMDatasetEntry @sharedDataSetEntry1Param

Reading and formatting DataSet entries from VMware Tools #

Once the DataSet is created, and populated with data, this can be accessed and read through VMware Tools inside the VM (example is for a Linux VM).

Bash commands #

sudo vmtoolsd --cmd 'datasets-get-entry {"keys": ["AppID"], "dataset":"salt-ds"}'
{ "result": true, "entries": [
{ "AppID" : "pihole" }]  }

This returns the json output from VMware Tools, but in order to use this data in an easy way, I piped it through jq, extracting only the entries for .AppID, in the salt-ds dataset:¨

sudo vmtoolsd --cmd 'datasets-get-entry {"keys": ["AppID"], "dataset":"salt-ds"}' | jq -r '.entries[].AppID'
pihole

This command only returns the value for the AppID entry, and nothing else, perfect for picking it up somewhere else.

Tying it together with Salt #

In order to use this from Salt, I created a state file, that copies my script from the Salt master to the minion. It then executes the script locally, and sets a grain based on the output, and deletes the script when done.

This means that the value in AppID, returned from VMware Tools, gets set as a targetable object in Salt, making it possible to do futher actions based on the grain itself, like automatically installing Pi-Hole based on the grain being present and set with a given value.

vSphere Datasets state file (init.sls) #

copy-script:
  file.managed:
    - name: /tmp/script.sh
    - source: salt://{{ slspath }}/script.sh
    
roles:   
   {% set AppID = salt['cmd.run']('/bin/sh -c "/tmp/script.sh"') %}
   grains.present:
    - value: {{ AppID }}
    
delete-script:
 file.absent:
    - name: /tmp/script.sh

Tip

These files, along with other Salt state files etc., can be found in my GitHub repository. The state file, and script, for utilizing vSphere Datasets is found here.

This is just an example on how vSphere Datasets can be used in conjuntion with other products, like Salt (or Aria Automation Config). By utilizing vSphere Datasets to exchange data between the vCenter and the VM, this can be accomplished without having to provide credentials any of the solutions used. The vCenter administrator does not need to have permissions to login to the VM to be able to set the metadata, and the VM administrator does not require vCenter credentials to be able to read it.

vSphere Datasets also follow cloned VMs, so this can also be utilized on templates as well.

Post last updated on January 2, 2024: Add author

About

vNinja.net is the online hub of Christian Mohn and Stine Elise Larsen.

The site primarily focuses on IT architecture and data center technologies, with a strong emphasis on virtualization and related topics.
While the main content revolves around these areas, you'll also find a range of other subjects covered from time to time, reflecting the interests of authors.

Sponsors