Page MenuHomeVyOS Platform

Provide VMware OVF and OVA
Closed, ResolvedPublicENHANCEMENT

Description

  • Install open-vm-tools.
  • Convert qemu image to vmdk.
  • Generate OVF.
  • Generate manifest file.
  • Sign OVF and OVA with ovftool.

Details

Version
-
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Unspecified (please specify)

Revisions and Commits

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes

can we add signing to build process?(we most probably will need to use ovftool for that)
ovftool will be useful also for ova generation.
Also it looks like that VMWare Fusion produce more slim image

ls -lah vyos-1.1.7-1a/
total 505696
drwxr-xr-x+ 5 syncer  staff   170B  7 mar 05:09 .
drwxr-xr-x+ 5 syncer  staff   170B  7 mar 06:03 ..
-rw-r--r--+ 1 syncer  staff   247M  7 mar 05:09 vyos-1.1.7-1a-disk1.vmdk
-rw-r--r--+ 1 syncer  staff   139B  7 mar 05:09 vyos-1.1.7-1a.mf
-rw-r--r--+ 1 syncer  staff   6,7K  7 mar 05:09 vyos-1.1.7-1a.ovf
ls -lah vyos_vmware_image/
total 656888
drwxr-xr-x@ 4 syncer  staff   136B  7 mar  2016 .
drwxr-xr-x+ 5 syncer  staff   170B  7 mar 06:03 ..
-rwxr-xr-x@ 1 syncer  staff   6,6K  7 mar  2016 vyos_vmware_image.ovf
-rwxr-xr-x@ 1 syncer  staff   321M  7 mar  2016 vyos_vmware_image.vmdk

Yes, we can add it to build process with ovfool.
How about "current" image from http://dev.packages.vyos.net/iso/current/amd64/ ?

higebu renamed this task from Provide VMware OVF to Provide VMware OVF and OVA.Mar 8 2016, 4:00 AM
higebu updated the task description. (Show Details)

@higebu i think we need to add also signed ovf
ova is great for offline distribution and ovf can be deployed online from within vSphere Client or vCloud Director web

@syncer Sorry, I already added support for signed ovf to current branch, but didn't upload my ovf.
And we should rebuild open-vm-tools for VyOS kernel header as T16. I'll tryed to add the rebuild step to OVF build process.

higebu added a commit: Restricted Diffusion Commit.Mar 20 2016, 1:27 AM
higebu added a commit: Restricted Diffusion Commit.
higebu added a commit: Restricted Diffusion Commit.
higebu added a commit: Restricted Diffusion Commit.
higebu added a commit: Restricted Diffusion Commit.
higebu added a commit: Restricted Diffusion Commit.
higebu added a commit: Restricted Diffusion Commit.
higebu added a commit: Restricted Diffusion Commit.

@syncer UnicronNL added open-vm-tools into iso with this commit: https://github.com/vyos/vyos-world/commit/ecae4cb98704f86b16a5a9935f94fcb6a996326f.
So I removed installing open-vm-tools process from 'build-vmware-image'.
My testing images are here: https://github.com/higebu/vyos-build/releases/tag/1.2.0-higebu5.

higebu added a commit: Restricted Diffusion Commit.Mar 31 2016, 5:12 AM

@higebu after tests it seems that better to use Debian 6 as OS for appliance.
Since for Other it locks some things in vsphere interface(and in vcloud director too)

With "other" operation system it's impossible to add VMXNET3 interface(seems there are filters)
so Debian 6 solve this perfectly

syncer changed the edit policy from "Public (No Login Required)" to "Custom Policy".Aug 21 2017, 12:51 AM
syncer edited projects, added VyOS 1.1.x (1.1.8); removed VyOS 1.1.x.
syncer set Version to -.
syncer moved this task from Needs Triage to Backlog on the VyOS 1.1.x (1.1.8) board.
syncer edited subscribers, added: Maintainers; removed: dmbaturin, syncer, higebu.

@higebu lets change OS to Debian6 (so we can assign VMXNET3)
and set VMXNET3 adapter by default

Moving this to 1.2 branch
lets implement changes proposed earlier

Hi,

VyOS version 1.1.7 works very well with vmware and with network card vmxnet3, but for high performance on that platform you need do some system tunning.
Have you got any plan to add that performance tunning to default vmware image?

High performance tunning needs:

  • enable multi queue on vmxnet3 card ( multipule vcpu needded),
  • enable large buffers on vmxnet3,
  • enable large buffers at linux,
  • disable gro tso gso at linux

regards
TomekC.

Thank you for the effort. I always liked the VMWare template installation. I also tried it for VyOS 1.2.x on ESXi 6.5. I followed the WiKi instructions which worked like a charm!

Hello @TomekC
you can provide some references?
or even commands?
Thanks!

I'm upgrading my vmware cluster with vyos routers and are doing some tests. My production environment is running on 1.1.7.

enable gro tso gso at linux makes the performance drop to half of the troughput testing with iperf3 using two hardware machines with 10GE.

I can't see the point of having large buffers in routers, then you will introduce jitter and thats bad.

Modern vmxnet3 have default enabled multi queue, but the ethtool in 1.1.7 is to old to support fiddeling with it.

But disable of flowcontrol in the hypervisor is probably a good thing, but cant be done in the guest so this is not applicable.

For the record: I'm using "old" hp dl380 G8 with two E5-2670 and 128GB RAM 1600 MHz for hypervisors and a vyos with 2 vCPU is giving a throughput on 8-9 gigabit on vmware 6.5.

In T14#8787, @aopdal wrote:

I'm upgrading my vmware cluster with vyos routers and are doing some tests. My production environment is running on 1.1.7.

As vell you can perform test on beta version of vyos. This vyos is on modern debian version.

enable gro tso gso at linux makes the performance drop to half of the troughput testing with iperf3 using two hardware machines with 10GE.

you should disable it.
/sbin/ethtool -K eth0 tso off gro off gso off
/sbin/ethtool -K eth1 tso off gro off gso off

I can't see the point of having large buffers in routers, then you will introduce jitter and thats bad.

When you use vyos as VPN concentrator. :)

To enable large buffers you can use ethtool and ifcomand, for voice traffic it can be not a good idea as you said.

/sbin/ifconfig eth0 txqueuelen 16000
/sbin/ethtool -G eth0 rx 4096
/sbin/ethtool -G eth0 tx 4096

Modern vmxnet3 have default enabled multi queue, but the ethtool in 1.1.7 is to old to support fiddeling with it.

Yes to do that I use a bash script witch you can find it at google.
/usr/local/sbin/set_irq_affinity.sh eth0

But disable of flowcontrol in the hypervisor is probably a good thing, but cant be done in the guest so this is not applicable.

Yes it is a good thing.

For the record: I'm using "old" hp dl380 G8 with two E5-2670 and 128GB RAM 1600 MHz for hypervisors and a vyos with 2 vCPU is giving a throughput on 8-9 gigabit on vmware 6.5.

@TomekC @syncer just wondering ... should we maybe add those commands to VyOS CLI?

Optimize a routers defaults should be targeted to the usecase of a router and not for some special use.
If you want to use a vyos as a VPN concentrator - well then configure if for this case. If the defaults are not optimized for general purpose, then you must tweak it for the "main usecase" as a router.

This testing is for verification of my VMWare upgrade, so you will not get any results for the beta version of vyos in my production environment.

@higebu here is latest ovf that i used for official ova -


basically i stick with debian6 as OS and HW9 version of virtual hardware
1 vCPU and 512mb of RAM but hotplug enabled for both.
i also set 10gb of disk (safe enough for all cases)
2 nics (VMXNET3)
ssh enabled by default
serial console removed (generating noise in logs and console)

@higebu have a time to chat on this.
i think we need to add several changes to image specific to vmware (we want use custom config there)

syncer changed the task status from Open to In progress.Jun 10 2018, 4:22 AM
syncer moved this task from Need Triage to In Progress on the VyOS 1.2 Crux board.

@syncer we can put the changes into the image after T650. I'll work for T650 tomorrow.

@robinelfrink I'm sorry but I deleted the task for open-vmdk. I fixed it.

syncer raised the priority of this task from Normal to High.
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc4); removed VyOS 1.2 Crux.
syncer moved this task from Needs Triage to In Progress on the VyOS 1.2 Crux (VyOS 1.2.0-rc4) board.
syncer added a subscriber: higebu.
syncer renamed this task from Provide VMware OVF and OVA to .Oct 18 2018, 6:05 AM
syncer changed the subtype of this task from "Task" to "Enhancement".Oct 19 2018, 9:11 AM

@syncer @UnicronNL sorry. I did it right now on https://github.com/vyos/vyos-vm-images/commit/00a5684ba31ed5c68d168290fb45a35bf5d58177
And it seems there are two styles of VM image build. ansible playbooks in vyos-vm-images and shell scripts in vyos-build.

ovf/ova must be with properly configured ovf environment and cloud-init package @UnicronNL made into vyos repository

I tested with only NoCloud.
I understand ovf/ova must include ProductSection with some properties like this https://github.com/cloud-init/cloud-init/blob/master/doc/sources/ovf/example/ubuntu-server.ovf
Where is the ovf @UnicronNL made?

In T14#23659, @higebu wrote:

I tested with only NoCloud.
I understand ovf/ova must include ProductSection with some properties like this https://github.com/cloud-init/cloud-init/blob/master/doc/sources/ovf/example/ubuntu-server.ovf

yes, exactly

Where is the ovf @UnicronNL made?

it does not exist yet :)

It seems the ovf I made works good.

Screenshot from 2018-10-25 18-20-38.png (680×727 px, 57 KB)

vmtoolsd --cmd 'info-get guestinfo.ovfEnv' returns "No value found"...

syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.
syncer moved this task from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.1) board.
dmbaturin edited a custom field.
dmbaturin set Is it a breaking change? to Unspecified (possibly destroys the router).
dmbaturin set Issue type to Unspecified (please specify).