vSphere Auto Deploy uses PXE boot infrastructure with host profiles, a desired image, or configuration on a cluster level to provision ESXi hosts.
State Information for ESXi Hosts
Information Type | Description | Source of Information |
---|---|---|
Image state | The executable software to run on an ESXi host. | Image profile, created with vSphere ESXi Image Builder or a vSphere Lifecycle Manager image. |
Configuration state | The configurable settings that determine how the host is configured, for example, virtual switches and their settings, driver settings, boot parameters, and so on. | Host profile, created by using the host profile UI, or a configuration that you create when setting up a cluster that manages all ESXi host settings at a cluster level in the Inventory UI. |
Dynamic state | The runtime state that is generated by the running software, for example, generated private keys or runtime databases. | Host memory, lost during reboot. |
Virtual machine state | The virtual machines stored on a host and virtual machine autostart information (subsequent boots only). | Virtual machine information sent by vCenter Server to vSphere Auto Deploy must be available to supply virtual machine information to vSphere Auto Deploy. |
User input | State that is based on user input, for example, an IP address that the user provides when the system starts up, cannot automatically be included in the host profile. | Host customization information, stored by vCenter Server during first boot. You can create a host profile that requires user input for certain values. When vSphere Auto Deploy applies a host profile that requires user provided information, the host is placed in maintenance mode. Use the host profile UI to check the host profile compliance, and respond to the prompt to customize the host. |
vSphere Auto Deploy Architecture
The vSphere Auto Deploy infrastructure consists of several components.
For more information, watch the video "Auto Deploy Architecture":
- vSphere Auto Deploy server
- Serves images and host profiles to ESXi hosts.
- vSphere Auto Deploy rules engine
- Sends information to the vSphere Auto Deploy server which image profile and which host profile to serve to which host. Administrators use vSphere Auto Deploy to define the rules that assign image profiles and host profiles to hosts.
- Image profiles
-
Define the set of VIBs to boot
ESXi hosts with.
- VMware and VMware partners make image profiles and VIBs available in public depots. Use vSphere ESXi Image Builder to examine the depot and use the vSphere Auto Deploy rules engine to specify which image profile to assign to which host.
- You use vSphere Lifecycle Manager images to apply software and firmware updates to the ESXi hosts in a cluster. Using a single image to manage all hosts in a cluster ensures cluster-wide host image homogeneity.
- With ESXi 8.0, you can set up a cluster that manages all ESXi host settings at a cluster level.
- VMware customers can create a custom image profile based on the public image profiles and VIBs in the depot and apply that image profile to the host.
- Host profiles
-
Define machine-specific configuration such as networking or storage setup. Use the host profile UI to create host profiles. You can create a host profile for a reference host and apply that host profile to other hosts in your environment for a consistent configuration.
Note: With ESXi 8.0, if you set up a cluster that manages all ESXi host settings at a cluster level, you cannot use host profiles.
- Host customization
-
Stores information that the user provides when host profiles are applied to the host. Host customization might contain an IP address or other information that the user supplied for that host. For more information about host customizations, see the
vSphere Host Profiles documentation.
Host customization was called answer file in earlier releases of vSphere Auto Deploy.
Auto Deploy Certificates
By default, the Auto Deploy server provisions each host with certificates that are signed by the VMware Certificate Authority (VMware CA). For more information, see Managing Certificates for ESXi Hosts.
Alternatively, if your corporate policy requires that you use custom certificates, you can set up the Auto Deploy server to provision all hosts with custom certificates that are not signed by VMware CA. The Auto Deploy server becomes a subordinate certificate authority of your third-party CA. In the Custom Certificate Authority mode, you are responsible for managing the certificates. You cannot refresh and renew certificates from the vSphere Client. In this mode, you also cannot select only a set of hosts to provision with custom certificates, and you can manually sign custom certificates only for stateful hosts. For more information, see Use Custom Certificates with Auto Deploy.
With ESXi 8.0, Auto Deploy provides a third option that allows you to generate a certificate outside vSphere and become independent of the certificate management in vCenter Server. For example, you can generate a custom certificate by using a custom script or by using a provider of domain name registry services such as Verisign. You can use custom certificates for only a set of ESXi hosts. You can provide custom certificates for stateless hosts as well. ESXi hosts are identified by the MAC address of the NIC used for network booting, or the BIOS UUID of the ESXi host. You update the VMware Endpoint Certificate Store (VECS) with the custom certificate by using PowerCLI. For more information on the new PowerCLI cmdlets, see vSphere Auto Deploy PowerCLI Cmdlet Overview. The VMware CA must trust the custom ESXi certificates so you must add the CA public certificate for the custom certificates to the TRUSTED_ROOTS store in VECS. Auto Deploy also stores the custom certificates and when it recognizes a booting host with the respective MAC address of the NIC used for network booting, or the BIOS UUID of the ESXi host, it automatically provides the custom certificate. You do not need to stop or restart Auto Deploy or vCenter Server when you add a custom certificate to VECS, only restart the host for which you upload a custom certificate. For more information, see Use Custom Certificates with Auto Deploy.