When vSphere 7.0 GA'ed earlier this year, one of the changes that I had noticed while going through the release notes was the removal of the VNC Server on ESXi. By default, this is disabled but users could enable it on a per-VM basis and connect to a specific VM using VNC. Not many customers used this feature and it made sense on why it was removed.
However, one implication is that if you use HashiCorp Packer and the vmware-iso builder to created automated images with ESXi, it will no longer work after upgrading to ESXi 7.0 as Packer relies on this VNC interface to send automated keystrokes to a VM as part of its automation. After learning about this change with vSphere 7.0, I filed a Packer Github Enhanacement to see if someone would be open to re-implementing the keystrokes functionality by leveraging the vSphere HTML5 Console SDK which would then allow for the use of VNC over websockets. The PR was closed about a month ago and while recently working on the vCenter Event Broker Appliance (VEBA) project, I finally got a chance to verify the feature after upgrading my physical ESXi host to latest 7.0 Update 1 and happy to share that the vmware-iso builder now functions as before.
The following two lines should be added to your Packer template:
"vnc_over_websocket": true
"insecure_connection": true
For reference, you can also refer to the VEBA Packer template
An alternative workaround is to use the vsphere-iso builder which leverages the vSphere USB scan codes API to send keystrokes into a VM without having to rely on the VNC interface. One downside is that you do need have a vCenter Server as the vsphere-iso builder interacts with the vSphere API on vCenter Server rather than directly going to ESXi and this would also impact anyone using Free ESXi to build their Packer images.
The primary reason that I had not switched over to the vsphere-iso builder was that I had quite a few Packer templates using the vmware-iso builder and the syntax was not portable between the two. For this reason alone, I decided to hold off upgrading my physical ESXi host to 7.0 until now.
Johnny says
Is there any new overview on the how to used the vnc with esxi ? Not any relation with vsphere.
William Lam says
As mentioned in article, the VNC Server has been removed as of vSphere 7.0. For Console interaction, you should be using the vSphere Console SDK which provides you with an HTML5-based UI interface for interacting and integrating VM Console into your own systems
Max says
Hi William,
I'm currently running vCenter Server 7.0 Update 2d (7.0.2.00500) and this appears to have now broken for me since this upgrade ( Was working fine in update 1)
Have always specified both
"vnc_over_websocket": true
"insecure_connection": true
But now the following is being returned:
unknown configuration key: "insecure_connection"
unknown configuration key: "vnc_over_websocket"
Not sure if this has been deprecated in the latest version of vCenter?