Add support for pulling OVF/OVA directly from remote_ovf_url to ESXI Host

[cbascom]

Community Guidelines

• I have read and agree to the HashiCorp Community Guidelines .
• Vote on this issue by adding a 👍 reaction to the original issue initial description to help the maintainers prioritize.
• Do not leave "+1" or other comments that do not add relevant information or questions.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.

Description

Starting with the vSphere 6.7 API, there is an option to upgrade the current NfcLease from push to pull mode which allows the ESXi host to pull file(s) directly from the remote URL.

This would allow for getting rid of the download being proxied through the host that is running terraform. This would be a big win in cases where the machine running terraform has a slow connection to either the remote URL or the vSphere server.

Use Case(s)

When the ESXi host has direct connectivity to the remote URL, this option would allow for must faster file transfer speeds especially when the host running terraform has a slow connection to the remote URL, the ESXi host, or both.

Potential Terraform Provider Configuration

The following new parameters would be added to the vsphere_virtual_machine resource:

• pull_upload_mode - Set to true to have the ESXi host pull directly from the remote URL(s)
• pull_ssl_thumbprint - The SSL thumbprint needed to verify the remote URL

resource "vsphere_virtual_machine" "vmFromRemoteOvf" {
  name                 = "remote-foo"
  datacenter_id        = data.vsphere_datacenter.datacenter.id
  datastore_id         = data.vsphere_datastore.datastore.id
  host_system_id       = data.vsphere_host.host.id
  resource_pool_id     = data.vsphere_resource_pool.default.id

  wait_for_guest_net_timeout = 0
  wait_for_guest_ip_timeout  = 0

  ovf_deploy {
    allow_unverified_ssl_cert = false
    remote_ovf_url                  = "https://example.com/foo.ova"
    pull_upload_mode            = true
    pull_ssl_thumbprint          = "BA:C6:4E:D9:AD:D4:53:B5:86:5A:5D:70:36:CF:89:93:D1:6C:F9:63"
    disk_provisioning              = "thin"
    ip_protocol                        = "IPV4"
    ip_allocation_policy         = "STATIC_MANUAL"
    ovf_network_map = {
      "Network 1" = data.vsphere_network.network.id
      "Network 2" = data.vsphere_network.network.id
    }
  }
  vapp {
    properties = {
      "guestinfo.hostname"     = "remote-foo.example.com",
      "guestinfo.ipaddress"    = "172.16.11.101",
      "guestinfo.netmask"      = "255.255.255.0",
      "guestinfo.gateway"      = "172.16.11.1",
      "guestinfo.dns"          = "172.16.11.4",
      "guestinfo.domain"       = "example.com",
      "guestinfo.ntp"          = "ntp.example.com",
      "guestinfo.password"     = "VMware1!",
      "guestinfo.ssh"          = "True"
    }
  }
}

References

• This describes the feature as implemented in ovftool: https://developer.vmware.com/docs/19275/GUID-484DB931-0E45-4563-81D4-8015B61F1DBF.html
• API object indicating whether the lease capabilities allow for use of pull mode: https://vdc-repo.vmware.com/vmwb-repository/dcr-public/dce91b06-cc93-42d6-b277-78fb13a16d6e/7d3494a5-bca7-400f-a18f-f539787ec798/vim.HttpNfcLease.Capabilities.html
• API object used to configure pull mode for a file: https://vdc-download.vmware.com/vmwb-repository/dcr-public/c476b64b-c93c-4b21-9d76-be14da0148f9/04ca12ad-59b9-4e1c-8232-fd3d4276e52c/SDK/vsphere-ws/docs/ReferenceGuide/vim.HttpNfcLease.SourceFile.html
• API method to upgrade the NfcLease to use pull mode: https://vdc-download.vmware.com/vmwb-repository/dcr-public/c476b64b-c93c-4b21-9d76-be14da0148f9/04ca12ad-59b9-4e1c-8232-fd3d4276e52c/SDK/vsphere-ws/docs/ReferenceGuide/vim.HttpNfcLease.html

[github-actions]

Hello, cbascom! 🖐

Thank you for submitting an issue for this provider. The issue will now enter into the issue lifecycle.

If you want to contribute to this project, please review the contributing guidelines and information on submitting pull requests.