Once you have the VIC virtual machine deployed you can create a container host. for information on deploying the VIC VM see either of these posts:
I already have a VIC VM deployed on 192.168.0.26 with the registry listening on port 443 and admiral listening on port 8282.
Download VIC tools
The first step is to download the vic-machine tools from the VM that is deployed. This is done by accessing you VM on port 9443 which is the default port if you did not select some thing different when deploying it.
Download and untar the vic_1.1.1.tar.gz file to a location where you want to run the commands from.
Get vCenter SSL cert thumbprint
While executing the commands to deploy the container host we will be asked for the thumbprint of vCenter’s SSL cert for security reasons. To get the thumbprint we need to inspect the SSL cert from a browser. There are other ways but the easiest I find is via the browser.
I am using chrome and to access the cert details you need to open the developer tools. This can be done by clicking on the 3 dots to the right of the address bar while on the vCenter webpage. Select More Tools then Developer Tools like below.
This in turn opens a sidebar that has chromes developer tools.
Click on Security and then View Certificate.
If you click on the Details tab and scroll down to the thumbprint parameter. Copy this value as we will need it later.
Download Harbor’s Root CA
If you intend on using the Harbor container registry, you will also need to download the root CA from our previously deployed registry.
Access the registry and log in as admin with the password you specified while creating it.
On the top right, click on the drop down beside the admin username and you select Download Root Cert.
Save this file to a location where you can access it later.
To make things easy, I have saved this file to the same folder where I extracted our VIC files earlier.
Create a bridge Network
For each and every Virtual Container Host you deploy you will need a bridge network. It is one of the mandatory networks that are required within each VCH. I will discuss networking in greater detail in a later post but for now we will create the bridge network.
Within vCenter, navigate to the networking section and click on your distributed switch.
Right click and add new distributed port group.
Give your new port group a name that is recognisable as the bridge network for that VCH. In this case I named mine VCH01-Bridge.
I left these values at their default but change any of these as you see necessary. Proceed to the next page and confirm.
This can also be achieved with a simple command using the PowerCli.
New-VDPortgroup -Name VCH01-Bridge -VDSwitch LabDistSwitch
Creating the container host
There are different executables depending on your OS but in my case I am using windows so I will use the vic-machine-windows executable to deploy my VCH. Open powershell or a command prompt and navigate to the root directory that contains these executables.
To deploy the Virtual container host, I executed the following command:
$password = Read-Host 'What is your Password?' c:\vic\vic-machine-windows.exe create ` --target "https://dartagnan.home.lab/home.lab" ` --user "email@example.com" ` --password $password ` --no-tlsverify ` --tls-cname "vch01.home.lab" ` --organization "Home Lab" ` --name "VCH01" ` --image-store "vsanDatastore" ` --bridge-network "VCH01-Bridge" ` --public-network "Management" ` --public-network-ip "192.168.0.27/24" ` --public-network-gateway "192.168.0.1" ` --dns-server "192.168.0.20" ` --dns-server "22.214.171.124" ` --timeout 60m ` --registry-ca="c:\vic\ca.crt" ` --thumbprint="00:6C:D2:B1:A2:0E:53:BD:26:91:DA:08:7F:ED:91:3C:1E:E5:2A:23"
This should result in the following output:
You can now execute docker commands against the VCH.