I believe it was last year when I first heard about Project Keswick and how VMware wanted to streamline and change how ESXi hosts are deployed at the edge. It sounded cool and exciting, and I made a note to keep an eye out for it.
We fast forward to this year’s VMware Explore and Project Keswick is announced as a VMware Showcase. This allows users to try out the product and tinker all they like. With Project Keswick specifically geared towards edge usage, I knew it was a product I had to test in my homelab.
Let’s get started with a basic Keswick deployment.
Once in the Keswick portal you are greeted with this screen which pretty clearly lists out the steps one needs to take to setup Keswick.
However, there are a few prereqs we need to complete before we can walk through the steps in the portal.
GitHub Configuration
Following this process let’s start with the Git Repository. Once logged into github, I proceed to my profile page, the repositories tab, and then select New.
Choose a name for the repository, set it to private, and it doesn’t hurt to initialize it with a readme file.
Next, we need to create a yaml file for our host. This can be done with a text editor and using git commands. For this simple file howerer, I am just going to use the github UI.
Inside the repository, Add file-Create new file. Copy the contents from here
apiVersion: esx.vmware.com/v1alpha1
kind: HostConfiguration
metadata:
name: keswick-host-config
namespace: esx-system
spec:
layertype: Incremental
profile: |
{
"esx": {
"system": {
"system_time": {
"enabled": true,
"protocol": "NTP",
"ntp_config": {
"server": [{
"hostname": "0.pool.ntp.org",
"command": "SERVER"
},
{
"hostname": "1.pool.ntp.org",
"command": "SERVER"
}
]
}
}
}
}
}
This file was found on the Project Keswick documentation site.
Make sure the filename ends in yaml, and commit the changes.
Commit the changes to the main branch
Because this repository is private, we need to provide a way for Project Keswick to access this repository. Go to your picture in the top right of github, and select Settings.
At the very bottom, we want to select Developer Settings.
Creating and providing a Personal Access token will allow Keswick and the host to pull the newly created yaml file. Under Personal Access Token-Fine-grained token- Generate New Token.
The token name doesn’t matter, but we do want to make sure this token only has access to the private repository that was just created. By choosing “Only select repositories” and selecting the private repository, we can limit the token’s access.
Furthermore, under permissions we want this token to have Read-only access for the Contents permission.
Once created, github provides the token. You will never see this token again, so make sure to save it somewhere as you need it for the Project Keswick portion of this configuration.
Installing ESXi
I am installing my Project Keswick ESXi host on VMware Workstation which is located on an Ubuntu server I have here at home.
After downloading the “ova” file from the Keswick site, I first needed to extract the ova file as it came as a compressed file. After the extraction, open the file through Workstation.
Name the VM and select the location of the vmdk.
There are some firstboot and configuration files in the extracted files you can pre-configure for the ESXi host. I wasn’t doing that this time, so I left those fields blank.
On the other hand, I definitely wanted to set the root password and have SSH enabled from the start.
Funny thing, despite the multiple times I tried this deployment, my root password was never applied. The root password was always configured as empty or null. Basically, I would enter root as the user, then just hit enter again on the password field without typing anything.
You will need to note the Vendor/Model/Serial on your device in order to configure Keswick
Project Keswick
Start by getting logged into the Keswick site. From here it will present you with steps to get Keswick setup.
Let’s start at the beginning with Git Repository
Enter the basic details about the git repository. The access token we created will be used later.
That’s it for Git. Now we need to add a host. We use the the Vendor/Model/Serial earlier for the details.
Any Keswick host will attempt to check in with the Keswick service. Entering these details informs VMware/Keswick this host is yours.
After a minute or two you will see the host check in.
Choosing “Activate Host” will require the github access token we created earlier.
Once activated the host will be able to check the git repository and configure itself per the specification yaml.
If you are using the standard config I listed earlier, you probably won’t see much change to your host. To kick the tires a little more, we will add a basic nginx website.
MetalLB/Nginx
Fortunately for all of us, Alan Renouf has built and shared exactly what we need to quickly set up a simple Nginx page. Check out his repo here.
We need to copy his hello-keswick.yaml file to our own git hub repo. Then we also need to copy and edit the metallb.yaml file to our repo. The metallb.yaml is very long, but we only need to change some IP addresses at the end.
Adjust this IP range to conform to your own subnet, and you should be good to go.
After the change and placing the file in your own repo you should soon have your own test nginx page running on Keswick.
This has been fun getting to know Keswick a bit and its capabilities and limitations. I plan to put out a few more posts in the near future.
Enjoy!!