Last week I published an article that demonstrated for the first time on how to netboot an ESXi installation onto Apple Mac Hardware. As you can imagine, this was very exciting news for our VMware/Apple customers, who historically have not had this capability before. Customers can now automate and install ESXi over the network onto their Apple Mac Hardware just like you would for other non-Apple hardware.
With the ability to boot ESXi over the network for Apple Mac Hardware, it is now also possible for customers to take advantage of the vSphere Auto Deploy feature. Auto Deploy allows customers to easily and quickly provision ESXi hosts at scale and integrates directly with vCenter Server to automatically join and apply specific defined host configuration policies. This is a great time to check out Auto Deploy, especially with all the new enhancements that were introduced in vSphere 6.5 like custom script bundles for example.
Below are the instructions on how to setup Auto Deploy to work with Apple Mac Hardware.
Pre-requisite:
- Ubuntu 16.04.1 already deployed (used for DHCP/TFTP server or equivalent supporting ISC DHCP)
- vCenter Server 6.5 (UI and Windows CLI) or 6.0 (Windows CLI only)
- ESXi offline bundle or use VMware's online repository
- Apple Mac Hardware to test with
Step 1 - Login into the vCenter Server using the vSphere Web Client and start both the Auto Deploy and Image Builder service. To do so, navigate to Administration->System Configuration->Services and select each of service and click on the "Start" button located at the top. Once enabled, you will need to logout and log back in for the UI to take effect. For more detailed instructions, please have a look at the documentation here and follow Step 2 and 3 only.
Step 2 - Once logged back into the vSphere Web Client, you should now see an Auto Deploy icon on the main home page. Go ahead and click on the icon and then navigate to the "Software Depots" tab.
This is where we will specify the ESXi image that we want to use with Auto Deploy. You can either upload a specific ESXi offline bundle which you will need to obtain from VMware's download site or you can just point it directly to VMware's online software repository. The latter option is beneficial as you will be able to see all available ESXi images and only when you create a deployment rule, will it go ahead and download the content locally. In this demo, we will be using the VMware online software repository.
Click on the first icon "Add Software Depot", provide a name and the following URL: https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml For more detailed instructions, please refer to the documentation here.
Step 3 - Now we need to create a deployment rule which will associate a specific ESXi Image Profile, Host Profile as well as the inventory location for the ESXi host to be added to vCenter Server. You can also provide specific filter patterns on which hosts would be applicable to the deployment rule such as vendor ID, IP Address or MAC Address as some examples. For more detailed instructions, please have a look at the documentation here.
Click on the "Deploy Rules" tab and create a new Deploy Rule. As mentioned earlier, you can specify which hosts the Deploy Rule would apply to such as vendor ID. If you are not sure about the exact string, my recommendation is to leave the default to "All hosts", allow the system to boot which will then register itself with Auto Deploy and then you can then inspect the properties that are returned by the physical ESXi host.
Once an ESXi hosts is booted up from Auto Deploy, you can visit the following URL: https://[IP-OF-VC]:6501/vmw/rbd/host/ on the vCenter Server hosting the Auto Deploy service to view the properties as shown in the screenshot below. Here I have my Apple Mac Mini booted up and we can see the vendor ID string is "Apple Inc." which I can then use to create my real Deploy Rule.
Step 4 - Next, we will select our ESXi Image Profile. In this example, I am using the latest ESXi 6.5 release that does not include VMware Tools. You can of course choose any version that works with your Mac hardware.
Note: If you are trying to use ESXi 6.5 and Mac Pro 6,1, please have a look at this article as there are some known issues.
Step 5 - We are going to skip the Host Profile section and go to host location, but you can create one which will define the configurations the ESXi host will automatically apply when joined to the vCenter Server. For more information about configuration Host Profile, please refer to the documentation here.
The final step in creating a Deploy Rule is specifying the inventory location of where the ESXi host will be attached to. As you can see in the screenshot below, I have a vSphere Cluster called "Mac Cluster" which I would like the ESXi host to automatically join. You will need to pre-create the inventory objects before you can select them in this wizard.
Step 6 - The final step in configuring Auto Deploy is to now activate the new Deploy Rule we just created. To do so, just click on the "Activate/Deactivate ruleset" and enable the Deploy Rule and ensure the Status tab shows "Active" once you are done.
Step 7 - Now, we need to configure our DHCP/TFTP server to include the necessary changes to support booting Apple Mac Hardware and re-directing the requests to the Auto Deploy Server. Start by installing the following packages on the Ubuntu system:
apt-get update && apt-get -y install isc-dhcp-server tftpd-hpa grub2-common grub-imageboot grub-pc-bin grub-efi wget net-tools build-essential liblzma-dev git apache2 unzip
Step 8 - Login to Ubuntu system and run the following command to download the required TFTP package from the Auto Deploy Server which is located at https://[IP-OF-VC]:6501/vmw/rbd/deploy-tftp.zip:
wget --no-check-certificate https://192.168.1.51:6501/vmw/rbd/deploy-tftp.zip -O /var/lib/tftpboot/deploy-tftp.zip
Step 9 - Unzip the contents of the deploy-tftp.zip and we just need to retain the following two files which will need to go into /var/lib/tftpboot:
- snponly64.efi.vmw-hardwired - VMware iPXE image hardwired to go to "next-server" from DHCP but ignores the filename and downloads the hosted tramp file
- tramp - This is short for "trampoline" which is nothing more than an iPXE script that points iPXE to the Auto Deploy Server
Step 10 - Verify the tramp file contains the correct IP Address of your Auto Deploy Server, which should be the vCenter Server if you are using the vCenter Server Appliance. You can simply cat the file to view its contents which should look like the example below:
#!gpxe
set filename https://192.168.1.51:6501/vmw/rbd/tramp
chain https://192.168.1.51:6501/vmw/rbd/tramp
Step 11 - Next, we move onto the DHCP configuration. I have a working version that you can just download and adjust as needed. Run the following two commands which will clone my Github repository and copy the sample DHCP configuration for Auto Deploy to /etc/dhcp/dhcpd.conf:
git clone https://github.com/lamw/netboot-esxi
cp netboot-esxi/sample-dhcpd-auto-deploy.conf /etc/dhcp/dhcpd.conf
The only changes that you will need to make to the file is the networking section to reflect your own environment which is located in Lines 1-2, 64-69 and 106. Note Line 107 should be the IP Address of your Ubuntu (TFTP) server.
Step 12 - Finally, the last step is to start both the DHCP and TFTP services by running the following commands. It is recommended that you run the status command to ensure there are no errors in your DHCP configuration file before proceeding to the TFTP service.
/etc/init.d/isc-dhcp-server start
/etc/init.d/isc-dhcp-server status
/etc/init.d/tftpd-hpa start
At this point, you are now ready to boot your Mac system! You will need a keyboard connected to your Mac as you will need to hold down the "n" character to perform a Netboot. You should see a globe icon for a few seconds and then see the VMware iPXE image get booted up. Once that happens, it will download the tramp file via TFTP which then point the system to our Auto Deploy Server for further processing.
If your Deploy Rule was configured correctly, it should start booting the specific ESXi Image Profile that you had configured earlier along with the other configurations in your Deploy Rule.
Once a host has been deployed with a specific Deploy Rule, you can see it under the "Deployed Hosts" tab in Auto Deploy as shown in the screenshot below. If you do not have a specific Deploy Rule, then it may be under the "Discovered Hosts" tab waiting for a Deploy Rule.
If we now have a look at vCenter Server Inventory, we can see that the Mac Mini has been successfully booted from Auto Deployed and joined to the specific vSphere Cluster that we had specified earlier. Pretty cool huh?!
So there you have it, vSphere Auto Deploy Netboot'ing ESXi onto Apple Mac Hardware! This article only scratches the surface on what can be done with both vSphere Auto Deploy and Host Profiles. For more detailed information, please refer to the official VMware documentation which can be found here. Big thanks to Suresh Sundriyal, one of our Auto Deploy/Host Profile Engineers who helped me get this solution working.
Ryan says
I'm having difficulty getting my Mac Pro to autodeploy, more specifically even boot off of iPXE. When booted into MacOS 10.14, I see the proper DHCP and BSDP requests from the mac and acks using tcpdump/wireshark (although no netboot option is presented in system preferences > Startup Disk). When I try to option boot the mac, i see no dhcp requests being made or broadcasted on my dhcp server. Is there a new setting that prevents netboot on newer macs?
Ryan says
Figured it out. Had to enable portfast on the Cisco switches. There are also a few other things to do on Cisco branded switches to speed up the initialization of the port. (https://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/10553-12.html)
Virtual cloud says
Is it possible to do this on the 2018 mac mini (Macmini8,1) with ESXi 6.7 Patch 03? And how do we persist the netboot option if the mac mini is rebooted without having physical access to the mac mini to press the "n" key while booting?
William Lam says
No, Netboot is no longer supported from Apple with introduction of T2 chip