Housekeeping; Adding to documentation
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Danny Bessems 2021-02-11 16:56:19 +01:00
parent 744734e76e
commit 221e17a4de
4 changed files with 59 additions and 15 deletions

View File

Before

Width:  |  Height:  |  Size: 107 KiB

After

Width:  |  Height:  |  Size: 107 KiB

View File

@ -2,6 +2,49 @@
This OVA appliance allows deploying an Active Directory Domain Controller fully automated: This OVA appliance allows deploying an Active Directory Domain Controller fully automated:
The included `.ovf` file has the following XML contents (simplified for clarity) to facilitate the different `DeploymentOption`s:
```xml
<Envelope [...]>
[...]
<DeploymentOptionSection>
<Info>Deployment Type</Info>
<Configuration ovf:id="primary">
<Label>Primary (redundant deployment)</Label>
<Description>Initial Domain Controller with 'PDC Emulator'-role</Description>
</Configuration>
<Configuration ovf:id="secondary">
<Label>Secondary (redundant deployment)</Label>
<Description>Additional Domain Controller</Description>
</Configuration>
<Configuration ovf:id="standalone">
<Label>Stand-alone (non-redundant deployment)</Label>
<Description>Single Domain Controller</Description>
</Configuration>
</DeploymentOptionSection>
<VirtualSystem ovf:id="[...]">
[...]
<ProductSection>
[...]
<Category>1) Operating System</Category>
<Property ovf:configuration="primary secondary standalone" ovf:key="guestinfo.hostname" [...]>
<Label>Hostname*</Label>
</Property>
[...]
<Category>2) Networking</Category>
<Property ovf:configuration="secondary" ovf:key="guestinfo.dnsserver" [...]>
<Label>DNS server*</Label>
</Property>
[...]
<Category>3) Active Directory Domain Services</Category>
<Property ovf:configuration="primary standalone" ovf:key="addsconfig.ntpserver" [...]>
<Label>NTP Server*</Label>
[...]
</Property>
</ProductSection>
</VirtualSystem>
</Envelope>
```
When **provisioning** the appliance through the vCenter 'Deploy OVF template...' wizard, or through vApp-compatible *Infrastructure as code* tooling (e.g. HashiCorp Terraform), it is possible to provide all relevant configuration through vApp properties. When **provisioning** the appliance through the vCenter 'Deploy OVF template...' wizard, or through vApp-compatible *Infrastructure as code* tooling (e.g. HashiCorp Terraform), it is possible to provide all relevant configuration through vApp properties.
<table> <table>
@ -9,29 +52,31 @@ When **provisioning** the appliance through the vCenter 'Deploy OVF template...'
<td><em>vSphere 'Deploy OVF template...' wizard</em></td> <td> <a href="https://registry.terraform.io/providers/hashicorp/vsphere/latest/docs/resources/virtual_machine#deploying-vm-from-an-ovfova-template">HashiCorp Terraform vSphere provider</a> </td> <td><em>vSphere 'Deploy OVF template...' wizard</em></td> <td> <a href="https://registry.terraform.io/providers/hashicorp/vsphere/latest/docs/resources/virtual_machine#deploying-vm-from-an-ovfova-template">HashiCorp Terraform vSphere provider</a> </td>
</tr> </tr>
<tr> <tr>
<td><img src=".assets/vAppProperties-example.png" alt="vApp properties" width="400" /></td> <td><img src=".assets/vAppConfigurations-ADDS-example.png" alt="vApp properties" width="400" /><br/><img src=".assets/vAppProperties-ADDS-example.png" alt="vApp properties" width="400" /></td>
<td> <td>
```hcl ```hcl
vapp { vapp {
properties = { properties = {
# "deployment.typ" = "primary"
"guestinfo.hostname" = "DC01" "guestinfo.hostname" = "DC01"
"guestinfo.ipaddress" = "10.0.0.21" "guestinfo.ipaddress" = "10.0.0.21"
"guestinfo.prefixlength" = "24" "guestinfo.prefixlength" = "24"
"guestinfo.dnsserver" = "0.0.0.0" # "guestinfo.dnsserver" = "0.0.0.0"
"guestinfo.gateway" = "10.0.0.1" "guestinfo.gateway" = "10.0.0.1"
"addsconfig.domainname" = "contoso.com" "addsconfig.domainname" = "contoso.com"
"addsconfig.netbiosname" = "CONTOSO" "addsconfig.netbiosname" = "CONTOSO"
"addsconfig.administratorpw" = var.adds_adminpassword "addsconfig.administratorpw" = var.adds_adminpassword
"addsconfig.safemodepw" = var.adds_safemodepassword "addsconfig.safemodepw" = var.adds_safemodepassword
"addsconfig.ntpserver" = "0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org" # "addsconfig.ntpserver" = "0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org"
"dhcpconfig.startip" = "10.0.0.50" # "dhcpconfig.startip" = "10.0.0.50"
"dhcpconfig.endip" = "10.0.0.250" # "dhcpconfig.endip" = "10.0.0.250"
"dhcpconfig.subnetmask" = "255.255.255.0" # "dhcpconfig.subnetmask" = "255.255.255.0"
"dhcpconfig.gateway" = "10.0.0.1" # "dhcpconfig.gateway" = "10.0.0.1"
"dhcpconfig.leaseduration" = "01:00:00.00" # "dhcpconfig.leaseduration" = "01:00:00.00"
} }
} }
``` ```

View File

@ -27,7 +27,6 @@ If ($Parameter['deployment.type'] -eq 'secondary') {
$NewCimSessionSplat = @{ $NewCimSessionSplat = @{
Credential = New-Object System.Management.Automation.PSCredential( Credential = New-Object System.Management.Automation.PSCredential(
###! TODO: Replace this with code to automagically find required accountname (this hardcoded value might not be correct due to GPO's)
(Get-ADUser -Filter * | Where-Object {$_.SID -match '-500'}).SamAccountName, (Get-ADUser -Filter * | Where-Object {$_.SID -match '-500'}).SamAccountName,
(ConvertTo-SecureString $Parameter['addsconfig.administratorpw'] -AsPlainText -Force) (ConvertTo-SecureString $Parameter['addsconfig.administratorpw'] -AsPlainText -Force)
) )

View File

@ -1,13 +1,13 @@
DeploymentConfigurations: DeploymentConfigurations:
- Id: primary - Id: primary
Label: Primary Label: Primary (redundant deployment)
Description: Initial Domain Controller with 'PDC Emulator'-role (redundant deployment) Description: Initial Domain Controller with 'PDC Emulator'-role
- Id: secondary - Id: secondary
Label: Secondary Label: Secondary (redundant deployment)
Description: Additional Domain Controller (redundant deployment) Description: Additional Domain Controller
- Id: standalone - Id: standalone
Label: Stand-alone Label: Stand-alone (non-redundant deployment)
Description: Single Domain Controller (non-redundant deployment) Description: Single Domain Controller
PropertyCategories: PropertyCategories:
- Name: '' - Name: ''
ProductProperties: ProductProperties: