Deploying vSphere Integrated Containers using the PowerCli

The following was carried out on Windows 10, PowerShell 5 against vCenter 6.5 and VIC 1.1.1

To deploy VIC from either PowerShell or the PowerCli, the following steps needs to be carried out.


If you are using PowerShell like I did, rather than the PowerCli, you will need to install the PowerCli module. To do this just run the following command from within PowerShell while running as administrator:

Install-Module -Name VMware.PowerCLI

Once that is installed, you should set the execution policy to allow remote signed. If you have not already done so, this can be done with the following command:

Set-ExecutionPolicy RemoteSigned

At this point you can then import the VMWare.Automation.Core module:

Install-Module -Name VMWare.Automation.Core

Changing the SHA type

The VIC ova needs to be converted to SHA1 from SHA256 before it can be deployed otherwise you will get this error:

PowerCLI doesn't support SHA256 hash codes in OVF manifest. Use Force parameter to ignore hash validation on the imported 

To do this you will need VMWare’s OVA Tool which can be downloaded and installed from here. Once you have downloaded and installed the OVATool you execute the following command:

'C:\Program Files\VMware\VMware OVF Tool\ovftool.exe' --shaAlgorithm=SHA1 vic-v1.1.1_56a309fb.ova vic-v1.1.1_56a309fb-SHA1.ova

You should see the following as its executing:

Installing PowerCli Module

Determining the OVA parameters

Once this has been completed, you are ready to proceed with the installation of the  ova file. The first step is determining what parameters it will require. You will need to connect to your vCenter server and query the downloaded file by running the following commands:


$ovaconfig = Get-OvfConfiguration -ovf vic-v1.1.1_56a309fb-SHA1.ova
$ovaconfig.ToHashTable()|ft -AutoSize

Assuming its version 1.1.1 of VIC like I have used here, you will get the following output:

Ova Parameters

Now that we know what parameters it requires, we can prepare the statements to be executed to deploy the ova file. There are some parameters that may or may not be required depending on your use case. I have included them all in the code below but commented out the lines I don’t need.

connect-viserver "dartagnan.home.lab"

$ovfPath = "D:\Software\VMWare\vic-v1.1.1_56a309fb-SHA1.ova"
$password = "VICPassword"
$vmhost = "athos.home.lab"
$ds =  "vsanDataStore"

$ovfconfig = @{
"appliance.root_pwd" = $password;
"appliance.permit_root_login" = $true;
"IpAssignment.IpProtocol" = "IPv4";
"network.fqdn" = "vic.home.lab";
"network.ip0" = "";
"network.gateway" = "";
"network.netmask0" = "";
"network.DNS" = ",";
"network.searchpath" = "home.lab";
"registry.deploy" = $true;
"registry.port" = "443";
"registry.notary_port" = "4443";
"registry.admin_password" = $password;
"registry.db_password" = $password;
"registry.gc_enabled" = $true;
"management_portal.deploy" = $true;
"management_portal.port" = "8282";
"fileserver.port" = "9443";
"NetworkMapping.Network" = "VMNetwork";

Import-VApp -Source $ovfPath -Datastore $ds -DiskStorageFormat Thin -Name "vSphere Integrated Containers" -OvfConfiguration $ovfconfig -VMHost $vmhost

Set-VM -MemoryGB 2 -VM "vSphere Integrated Containers" -Confirm:$false

get-vm -name "vSphere Integrated Containers" | Start-VM

As you can see in the second last line above, I have changed the memory size from 8gb to 2gb as I am building this in my own lab in which memory is a premium. This should be left at 8gb for production installs but set it to a value that works for you for non-production installs.

The following should be the output if the command is successful

VIC Deployed

At this stage we can connect to vSphere and connect to the console of our newly deployed VM.

VIC Console

We can see from the console that the VM has been correctly deployed. Harbor registry is  is available at which is what we set in the command : “registry.port” = “443” and the management portal is on port 8282 which is what we also set: “management_portal.port” = “8282”. We can now connect to the registry and portal.


  1. Hi, I’d like to let you know that as of PowerCLI 10.1 you can now import appliances with SHA-256 and SHA-512 manifest file digests. The ovftool workaround is no longer required.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s