vSphere 8 introduced the new vSphere Datasets feature. In short, Datasets provides a way to exchange information (metadata) between vCenter and a VM, read/writeable through VMware Tools, which is a pretty powerful option.
Note
William Lam has written a great introduction to the concept vSphere Datasets - New Virtual Machine Metadata Service in vSphere 8, see that for details, including some great code examples on how to create and use DataSets.
The official documentation is a good resource: What are vSphere DataSets?
I thought this might be a nice way to pass information from vCenter, or a VM, to Salt in order to use this metadata information on a Salt minion. Thankfully, this was fairly easy to accomplish.
1. Create a Dataset via PowerShell #
First we need a Dataset to store metadate in. By creating a Dataset called salt-ds
, I created a location to store data that I want to access from the Salt minion in a VM. This dataset is writeable by vCenter (HostAccess) and readable (GuestAccess) from the VM. Replace the value for vm-id
in $vm_moref
with a valid ID for a VM.
Powershell Code #
$vm_moref = "vm-id"
$adminDataSetParam = @{
Name = "salt-ds";
Description = "Dataset for Salt";
VMMoref = $vm_moref;
GuestAccess = "READ_ONLY";
HostAccess = "READ_WRITE";
OmitFromSnapshotClone = $false;
}
New-VMDataset @adminDataSetParam
Set AppID value for salt-ds DataSet #
This creates a Dataset entry called AppID
which has the value of pihole
, for a given VM. In this example, I use pihole as the value, as I have automated installation of Pi-Hole through Salt already.
Powershell Code #
$sharedDataSetEntry1Param = @{
Name = "AppID";
VMMoref = "vm-id";
Dataset = "salt-ds";
Value = "pihole";
}
New-VMDatasetEntry @sharedDataSetEntry1Param
Reading and formatting DataSet entries from VMware Tools #
Once the DataSet is created, and populated with data, this can be accessed and read through VMware Tools inside the VM (example is for a Linux VM).
Bash commands #
sudo vmtoolsd --cmd 'datasets-get-entry {"keys": ["AppID"], "dataset":"salt-ds"}'
{ "result": true, "entries": [
{ "AppID" : "pihole" }] }
This returns the json output from VMware Tools, but in order to use this data in an easy way, I piped it through jq, extracting only the entries for .AppID
, in the salt-ds
dataset:¨
sudo vmtoolsd --cmd 'datasets-get-entry {"keys": ["AppID"], "dataset":"salt-ds"}' | jq -r '.entries[].AppID'
pihole
This command only returns the value for the AppID
entry, and nothing else, perfect for picking it up somewhere else.
Tying it together with Salt #
In order to use this from Salt, I created a state file, that copies my script from the Salt master to the minion. It then executes the script locally, and sets a grain based on the output, and deletes the script when done.
This means that the value in AppID
, returned from VMware Tools, gets set as a targetable object in Salt, making it possible to do futher actions based on the grain itself, like automatically installing Pi-Hole based on the grain being present and set with a given value.
vSphere Datasets state file (init.sls) #
copy-script:
file.managed:
- name: /tmp/script.sh
- source: salt://{{ slspath }}/script.sh
roles:
{% set AppID = salt['cmd.run']('/bin/sh -c "/tmp/script.sh"') %}
grains.present:
- value: {{ AppID }}
delete-script:
file.absent:
- name: /tmp/script.sh
Tip
These files, along with other Salt state files etc., can be found in my GitHub repository. The state file, and script, for utilizing vSphere Datasets is found here.
This is just an example on how vSphere Datasets can be used in conjuntion with other products, like Salt (or Aria Automation Config). By utilizing vSphere Datasets to exchange data between the vCenter and the VM, this can be accomplished without having to provide credentials any of the solutions used. The vCenter administrator does not need to have permissions to login to the VM to be able to set the metadata, and the VM administrator does not require vCenter credentials to be able to read it.
vSphere Datasets also follow cloned VMs, so this can also be utilized on templates as well.
Related Posts
- Upgrading to vCenter 8 Update 1: Invalid Type, expected String, instead got NoneType — Published
- Beware Of The Rogue VMs! — Published
- VMware by Broadcom Promises Free Security Updates for vSphere — Published
- VMware vCenter CVE-2022-31697 — Published
- ESXi5.5 to 6.0 Upgrade From Local HTTP Daemon — Published