I'll second @abhijeet and the use of the "vmware_guest" and "vmware_guest_sendkey" modules. It permits you to completely build your templates from a known ISO from your vendor (validated with a SHA256 checksum), using a kickstart file of your own, and no human interaction. And if the checksum, kickstart, and "sendkeys" strings are all part of your code commit, then you're getting well into "infrastructure as code".
The "immutable" usually refers to container images brought in from an image repository, but the VMware template is a close analog to that. And if you can re-produce the same image (as you could with a base docker image), then it's both immutable (at that level) and reproducable. On Sunday, October 25, 2020 at 11:14:21 PM UTC-5 Abhijeet Kasurde wrote: > Hi all, > > I wrote two articles about creating base images > > 1. Automated installation of Windows Server 2012 r2 using Ansible - > https://medium.com/@AbhijeetKasurde/ansible-automating-windows-server-2012-r2-installation-in-vcenter-227577f5917c > 2. Automated installation of CentOS 7 using Ansible - > https://medium.com/@AbhijeetKasurde/automating-centos-7-installation-using-ansible-and-kickstart-483807a3774c > > once installation is complete, you can mark the VMs as "Template". These > templates or golden images can be used to create new VMs. > > > On Sun, Oct 25, 2020 at 3:06 PM Robert Brockway <rob...@timetraveller.org> > wrote: > >> On Fri, 23 Oct 2020, SP wrote: >> >> > Hi, >> > >> > Advice on build Immutable VM's ( VMware ) and is that possible using >> > Ansible ? >> > What is the best way to do? >> >> Sounds like you're referring to a 'golden image'. A golden image is a >> static bootable image that is deployed when running up any VMs. I prefer >> this approach over the alternatives. >> >> The golden image boots up but doesn't do anything useful. If you're >> using >> SSH for Ansible the golden image would have accounts and keys setup so >> that the Ansible server can login, became superuser and install what is >> needed to make the system useful. >> >> Thus each class of host needed is built from a single image. The golden >> image can be periodically updated but some people deploy them in isolated >> networks and run security updates before moving them in to live networks. >> >> A lot has been written about this online. >> >> Rob >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to ansible-proje...@googlegroups.com. >> > To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/alpine.DEB.2.21.2010251841050.18666%40mira.opentrend.net >> . >> >> > > -- > Thanks, > Abhijeet Kasurde > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/3d561775-0612-4570-8840-4867255064adn%40googlegroups.com.
