chef/kitchen-vcenter

Authentication via the REST API for vCenter >= 6.5, instead of WSDL SSO in < 6.5.

Closed this issue · 4 comments

gsreynolds commented

Versions:

  • Version of kitchen-vcenter: 1.2.1
  • Version of test-kitchen: 1.21.2
  • Version of chef: 14.1.12

Platform Details

  • Version of vCenter: 6.5
  • Version of ESXi: 6.5

Scenario:

Using the vcenter driver for Test Kitchen, unable to authenticate against vCenter 6.5 as authentication is now done via the REST API, instead of WSDL. The URLs here

kitchen-vcenter/lib/lookup_service_helper.rb

Lines 20 to 21 in 7287099

@soap_url = format("https://%s/lookupservice/sdk", host)
@wsdl_url = format("https://%s/lookupservice/wsdl/lookup.wsdl", host)
now 404.

Spoke to @russellseymour about this who confirmed that the driver was developed against an earlier version of vSphere when authentication was not possible via the REST API.

Steps to Reproduce:

Using the Postman samples in the VMware vSphere Automation SDK for REST repo, https://github.com/vmware/vsphere-automation-sdk-rest/tree/master/samples/postman and following
https://blogs.vmware.com/code/2017/02/02/getting-started-vsphere-automation-sdk-rest/
able to successfully authenticate against the vSphere 6.5 instance via the URL: https://{{vc}}/rest/com/vmware/cis/session

We will now need to support both >= 6.5 and < 6.5 REST APIs in the driver.

kitforbes commented

I just tried setting this up against one of our 6.5 instances and I'm having the same issue.

gsreynolds commented

Hi @kitforbes, sorry for not feeding back here. There we a lot of off-GitHub discussions around this. To feedback:
the kitchen-vcenter drive should work as-is and the issue seemed to be specific to some VMware clusters where the required components for the SOAP endpoint for the vCenter Lookup Service is not present as it should be by default. We were unable to repro against reference clusters using 6.5 or later.

The solution at the time was to move to the kitchen-vra or kitchen-vro drivers and attempt to further diagnose why vCenter itself was not behaving as expected on-site with the customer, but to no avail.

thheinen commented

Most probably this issue is related to #30.

I have used the driver with vCenter versions 6.5 and 6.7 successfully. The error here ("missing vCenter Lookup Service") is just a different cluster configuration known as "external PSC" (the Lookup Service is present on a different host in that case). The code of kitchen-vcenter so far assumes that lookup service + vcenter are on the same machine. Thus, in external PSC setups it is not functional.

I scheduled some work for this/next week to isolate the issue and already made some progress.

  • 👍2
tas50 commented

Closing this since @tecracer-theinen's PR fixes it.