Being able to deploy a virtual version of Rubrik (EDGE/AIR) is certainly useful for remote satellite offices where a physical brik/cluster wouldn’t make sense. But, what if you have to deploy 50, 100, or even 2000? I certainly wouldn’t want to sit there and do it by hand, that would take weeks! So there’s only 1 solution; automate.
I was recently approached by a Rubrik customer with this exact use case, but I struggled to find an example script that automated the entire process soup to nuts.
So in this post I’m going give you a script that does exactly that. The script auto selects EDGE or AIR depending on the data disk size required, deploys the appliance, customizes the VM, bootstraps the cluster, registers it with support, then configures default cluster settings like SMTP, removing default SLAs, setting a banner etc. This means you’ll be able to fully automate deploying anywhere from 20-2000+ appliances! Interested? Read on..
The first thing you need to do is prepare your baseline images. Start by download the EGDE and AIR OVAs from the Rubrik support portal. Import both into your vCenter, but don’t turn them on, simply configure your preferred default VM settings. I.E set to thin provisioned, remove the CPU/RAM reservations (I recommend all 3), or change nothing (that’s ok too).
Now you need to export both from vCenter in an .OVF format by right clicking on each, selecting template then export OVF template. Select enable advanced options and include extra configuration like this:
Why? Because we need to remove the EULA to fully automate deployment (Import-vApp has no method to bypass it). While it is possible to use the VMware ovftool to work around this, I prefer to stay within PowerCLI and use Import-vApp despite its foibles. Once both have been downloaded you should see the following files:
Edit the .ovf file using a text editor (I.E notepad) and remove the entire EULA section. Just search and remove everything from and including <EulaSection> to </EulaSection>. Now run the below command in PowerShell with the path to the .OVF:
Get-FileHash “C:\ RubrikOVFDeployerv1\RubrikAirExport.ovf” -Algorithm SHA256
You should see an output like the below:
Take the hash and paste it into the .mf file overwriting the existing value for the .OVF file as per the below example (this prevents a file hash error on ovf deployment).
Repeat the process for the other appliance VM. It is possible to just do this for one or the other, but the script presumes both and auto selects based on the resource required. But if all VMs are going to be under 4TB you can just do EDGE. 4TB and above I recommend AIR.
Now you have both EDGE and AIR OVFs ready to deploy let’s get down to some scripting. We are going to use PowerShell, PowerCLI, Invoke-RestMethod, and a very cool function from William Lam called Set-VMKeystrokes for the bootstrap. Thanks Lam! Start by downloading the zip file below:
Note: this was tested as working on vSphere 6.7 with Rubrik CDM 5.2.x using PowerShell 5.1 on Windows 10 and Server 2019. Set-VMKeystrokes will only work on vSphere 6.7+ and the script expects to be run on Windows with an internet connection to download PowerCLI if not already installed.
The zip file contains 2 files, the .ps1 script and RubrikOVFsToDeploy.csv. The CSV is what you’re going to use to list all the appliances to deploy, with the unique settings required for each bootstrap. I’ve pre-completed a couple examples so you can see the data required with the fields in the order required by the bootstrap etc:
Edit the CSV to your own environment settings and configure 1 or 2 appliances as a first test run. Make sure you don’t specify a data disk size lower than the default you exported, otherwise it will fail to reconfigure.
Now let’s edit the .ps1 script. Configure all the variables at the top so the script knows where to find the ovfs. I recommend leaving the time delays as default for the first run, then set your preferred global cluster configurations.
Double check everything then give it a run! You’ll be prompted for your vSphere credentials and Rubrik support login which are encrypted for subsequent headless runs. It supports one or multiple vCenters, but if using multiple vCenters I recommend using deployment servers closest to the majority of the target ESXi hosts to minimize data transfer over your WAN links (as the image is ~4GB).
Don’t be too worried if the Import-vApp progress bar stays around the ~12% region, it seems to be a VMware bug, and it runs pretty slow even if the bandwidth is there but I figure this isn’t a big issue if its fully automated. I’d rather it take 20 minutes to deploy and be low impact than 5 minutes and kill a WAN link to a remote satellite office. If it never gets past 10% make sure you removed the EULA!
Using the default settings you should expect it to take around 40 minutes per appliance. You can drive it harder by reducing the time delays, but be warned, you need to give it a decent amount of time for bootstrap. Why? Because there is no way that I can see to accurately tell if a bootstrap has completed, so just give it time. An alternative might be to run multiple scripts/CSVs if you want to parallelize and run faster, or just let it take its time because its automated.
Once finished the script will export a CSV containing the settings of all the appliances deployed. It will auto generate the default admin password (and encryption if enabled), both saved in the CSV. I recommend storing these in a vault and securely deleting the file for obvious reasons.
I hope you found this useful. Read through the post again, check you’re not missing a step, and go automate! Happy scripting,