Search code examples
terraformprivilegesvsphere

Terraform - VSphere - Cannot find OS family for guest ID “otherGuest”: No Permission

I’ve been trying to script a clone operation in VSphere using Terraform. I am able to perform this clone manually when using VSphere UI.

When running terraform plan, the executions fails with this error:

Error: cannot find OS family for guest ID “otherGuest”: NoPermission

As seen on Terraform source code for VSphere module, this is only happening because I’m customizing the cloned VM (customize {} section)… When skipping customization, terraform plan succeeds

I am not full administrator of the VSphere environment but I have quite some privileges enabled.

  • What would be the privileges I need to get in order to avoid this error?

main.tf

provider "vsphere" {
  user           = "${var.vsphere_user}"
  password       = "${var.vsphere_password}"
  vsphere_server = "${var.vsphere_server}"

  # if you have a self-signed cert
  allow_unverified_ssl = true
}

data "vsphere_datacenter" "dc" {
  name = "${var.vsphere_datacenter}"
}

data "vsphere_datastore" "src_datastore" {
  name          = "${var.vsphere_src_datastore}"
  datacenter_id = "${data.vsphere_datacenter.dc.id}"
}

data "vsphere_datastore" "dst_datastore" {
  name          = "${var.vsphere_dst_datastore}"
  datacenter_id = "${data.vsphere_datacenter.dc.id}"
}

data "vsphere_resource_pool" "pool" {
  name          = "${var.vsphere_resource_pool}"
  datacenter_id = "${data.vsphere_datacenter.dc.id}"
}

#data "vsphere_compute_cluster" "cluster" {
#  name          = "${var.vsphere_compute_cluster_name}"
#  datacenter_id = "${data.vsphere_datacenter.dc.id}"
#}

resource "vsphere_folder" "src_folder" {
  datacenter_id = "${data.vsphere_datacenter.dc.id}"
  path          = "${var.vsphere_src_folder}"
  type          = "vm"
}

resource "vsphere_folder" "dst_folder" {
  datacenter_id = "${data.vsphere_datacenter.dc.id}"
  path          = "${var.vsphere_dst_folder}"
  type          = "vm"
}

data "vsphere_network" "network" {
  name          = "${var.vsphere_network}"
  datacenter_id = "${data.vsphere_datacenter.dc.id}"
}

data "vsphere_virtual_machine" "vm_clone" {
  name          = "${var.vsphere_virtual_machine_name_src}"
  datacenter_id = "${data.vsphere_datacenter.dc.id}"
}

resource "vsphere_virtual_machine" "cloned_vm" {
  name             = "${var.vsphere_virtual_machine_name_dst}"
  resource_pool_id = "${data.vsphere_resource_pool.pool.id}"
  datastore_id     = "${data.vsphere_datastore.dst_datastore.id}"

  num_cpus = "${var.guest_vcpu}"
  memory   = "${var.guest_memory}"
  guest_id = "otherGuest" //${data.vsphere_virtual_machine.vm_clone.guest_id}"

  scsi_type = "${data.vsphere_virtual_machine.vm_clone.scsi_type}"

  network_interface {
    network_id   = "${data.vsphere_network.network.id}"
    adapter_type = "${data.vsphere_virtual_machine.vm_clone.network_interface_types[0]}"
  }

  disk {
    label = "disk0"
    size = "${data.vsphere_virtual_machine.vm_clone.disks.0.size}"
    eagerly_scrub    = "${data.vsphere_virtual_machine.vm_clone.disks.0.eagerly_scrub}"
    thin_provisioned = "${data.vsphere_virtual_machine.vm_clone.disks.0.thin_provisioned}"
  }

  clone {
    template_uuid = "${data.vsphere_virtual_machine.vm_clone.id}"

    customize {

      linux_options {
        host_name = "${var.guest_host_name}"
        domain    = "${var.guest_domain}"
      }
    }
  }
}

terraform.tfvars

# Provider Vcenter
vsphere_user = "user"
vsphere_password = "pass"
vsphere_server = "vsphere.mydomain.com"

# Infrastructure
vsphere_datacenter = "Palo Alto"
vsphere_src_datastore = "MyDatastore"
vsphere_dst_datastore = "MyDatastore"
vsphere_resource_pool = "MyResourcePool"
vsphere_network = "192.168.1.x_NET"
vsphere_compute_cluster_name = "Testing Cluster"
vsphere_src_folder = "Test"
vsphere_dst_folder = "Prod"

# Infor VMware clone
# Escapes with "\\" are mandatory
vsphere_virtual_machine_name_src = "vm-to-clone"
vsphere_virtual_machine_name_dst = "cloned-vm"

# Infor VMware
guest_vcpu = "4"
guest_memory = "8192"
guest_ipv4_address = "192.168.1.15"
guest_ipv4_netmask = "24"
guest_ipv4_gateway = "192.168.1.1"
guest_dns_servers = "192.168.1.254"
guest_host_name = "test-01"

# Edit
guest_domain = "mydomain.com"
Solution

  • After some digging, the issue was coming from VSphere privileges. The host VM (the one to clone) was hosted on a machine for which I didn't have access and wasn't shown in the Hosts list on VCenter.

    This access was not required when manually cloning the VM from the UI but it was required when using the API.

    Thus, the solution was to edit my user privileges and select "Propagate to children" at the Datacenter level to ensure I had access to all the hosts and clusters.

    No specific privileges was required to be added, just the basic ones applied to the correct level.