Merge pull request #4 from zdc/fix-qemu-01

Multiple fixes and improvements in QEMU image building

38 files changed, 503 insertions, 190 deletions

diff --git a/roles/cleanup-ending/tasks/main.yml b/roles/cleanup-ending/tasks/main.yml
new file mode 100644
index 0000000..3a84b98
--- /dev/null
+++ b/roles/cleanup-ending/tasks/main.yml
@@ -0,0 +1,17 @@
+- name: Delete RAW image
+  file:
+    path: "{{ vyos_raw_img }}"
+    state: absent
+
+- name: Delete PXE folder
+  file:
+    path: "/tmp/vyos-pxe-{{ vyos_version }}{{ ci_tag  | default() }}"
+    state: absent
+  when:
+    - pxe is defined
+    - pxe == "true"
+
+- name: Delete Release key
+  file:
+    path: "{{ vyos_key_local }}"
+    state: absent
diff --git a/roles/create-pxe-archive/tasks/main.yml b/roles/create-pxe-archive/tasks/main.yml
new file mode 100644
index 0000000..147dd45
--- /dev/null
+++ b/roles/create-pxe-archive/tasks/main.yml
@@ -0,0 +1,46 @@
+# Create an archive with files, required for PXE
+- name: Create directory for PXE files
+  become: true
+  file:
+    path: "/tmp/vyos-pxe-{{ vyos_version }}{{ ci_tag  | default() }}"
+    state: directory
+  when:
+    - pxe is defined
+    - pxe == "true"
+
+- name: Save files required for PXE boot
+  become: true
+  copy:
+    src: "{{ vyos_write_root }}/boot/{{ vyos_version }}/{{ item }}"
+    dest: "/tmp/vyos-pxe-{{ vyos_version }}{{ ci_tag  | default() }}/{{ item }}"
+  with_items:
+    - initrd.img
+    - vmlinuz
+  when:
+    - pxe is defined
+    - pxe == "true"
+
+# We need to skip boot directory (it contain too much unneeded items) and cc_vyos.py (optionally - may conflict with User-Data handler)
+- name: Create new squashfs image
+  become: true
+  command: "mksquashfs {{ vyos_install_root }} /tmp/vyos-pxe-{{ vyos_version }}{{ ci_tag  | default() }}/filesystem.squashfs -comp gzip -no-progress -Xcompression-level 9 -e {{ vyos_install_root }}/boot"
+  when:
+    - pxe is defined
+    - pxe == "true"
+
+- name: Add the /boot directory
+  become: true
+  command: "mksquashfs {{ vyos_read_root }}/boot /tmp/vyos-pxe-{{ vyos_version }}{{ ci_tag  | default() }}/filesystem.squashfs -keep-as-directory -comp gzip -no-progress -Xcompression-level 9"
+  when:
+    - pxe is defined
+    - pxe == "true"
+
+- name: Create an archive with files for PXE
+  become: true
+  archive:
+    path: "/tmp/vyos-pxe-{{ vyos_version }}{{ ci_tag  | default() }}"
+    format: gz
+    dest: "/tmp/vyos-pxe-{{ vyos_version }}{{ ci_tag  | default() }}.tgz"
+  when:
+    - pxe is defined
+    - pxe == "true"
diff --git a/roles/fstrim/tasks/main.yml b/roles/fstrim/tasks/main.yml
new file mode 100644
index 0000000..e7230a7
--- /dev/null
+++ b/roles/fstrim/tasks/main.yml
@@ -0,0 +1,8 @@
+# Trim filesystems to minimize resulted image
+- name: Trim {{ vyos_install_root }}/boot
+  become: true
+  command: fstrim {{ vyos_install_root }}/boot
+
+- name: Trim {{ vyos_write_root }}
+  become: true
+  command: fstrim {{ vyos_write_root }}
diff --git a/roles/install-cloud-init-wrapper/tasks/main.yml b/roles/install-cloud-init-wrapper/tasks/main.yml
new file mode 100644
index 0000000..7ab9705
--- /dev/null
+++ b/roles/install-cloud-init-wrapper/tasks/main.yml
@@ -0,0 +1,12 @@
+- name: Check if we need to install Cloud-Init
+  include_role:
+    name: install-cloud-init
+  when: cloud_init == "true"
+- name: Set Cloud-Init tag for image file name
+  set_fact:
+    ci_tag: "-cloud-init"
+  when: cloud_init == "true"
+# - name: Set empty Cloud-Init tag for image file name
+#   set_fact:
+#     ci_tag: ""
+#   when: cloud_init == "false"
diff --git a/roles/install-cloud-init-wrapper/tests/inventory b/roles/install-cloud-init-wrapper/tests/inventory
new file mode 100644
index 0000000..878877b
--- /dev/null
+++ b/roles/install-cloud-init-wrapper/tests/inventory
@@ -0,0 +1,2 @@
+localhost
+
diff --git a/roles/install-cloud-init-wrapper/tests/test.yml b/roles/install-cloud-init-wrapper/tests/test.yml
new file mode 100644
index 0000000..6002afa
--- /dev/null
+++ b/roles/install-cloud-init-wrapper/tests/test.yml
@@ -0,0 +1,4 @@
+---
+- hosts: localhost
+  roles:
+    - install-cloud-init-wrapper
diff --git a/roles/install-cloud-init/files/90_disable_config_stage.cfg b/roles/install-cloud-init/files/90_disable_config_stage.cfg
new file mode 100644
index 0000000..867621d
--- /dev/null
+++ b/roles/install-cloud-init/files/90_disable_config_stage.cfg
@@ -0,0 +1,2 @@
+# Disable all config-stage modules
+cloud_config_modules:
diff --git a/roles/install-cloud-init/files/debian.list.buster b/roles/install-cloud-init/files/debian.list.buster
new file mode 100644
index 0000000..fd5a770
--- /dev/null
+++ b/roles/install-cloud-init/files/debian.list.buster
@@ -0,0 +1,7 @@
+deb http://deb.debian.org/debian buster main contrib non-free
+deb-src http://deb.debian.org/debian buster main contrib non-free
+deb http://security.debian.org/debian-security/ buster/updates main contrib non-free
+deb-src http://security.debian.org/debian-security/ buster/updates main contrib non-free
+deb http://deb.debian.org/debian buster-updates main contrib non-free
+deb-src http://deb.debian.org/debian buster-updates main contrib non-free
+deb http://dev.packages.vyos.net/repositories/current current main
diff --git a/roles/install-cloud-init/files/debian.list b/roles/install-cloud-init/files/debian.list.jessie
index f657759..0750699 100644
--- a/roles/install-cloud-init/files/debian.list
+++ b/roles/install-cloud-init/files/debian.list.jessie
@@ -4,4 +4,5 @@ deb http://security.debian.org/debian-security/ jessie/updates main contrib non-
 deb-src http://security.debian.org/debian-security/ jessie/updates main contrib non-free
 deb http://deb.debian.org/debian jessie-updates main contrib non-free
 deb-src http://deb.debian.org/debian jessie-updates main contrib non-free
-deb http://deb.debian.org/debian jessie-backports main
+deb http://dev.packages.vyos.net/repositories/crux/vyos crux main
+deb http://dev.packages.vyos.net/repositories/crux/debian crux main
diff --git a/roles/install-cloud-init/files/hyper-v.cfg b/roles/install-cloud-init/files/hyper-v.cfg
deleted file mode 100644
index f66d7c0..0000000
--- a/roles/install-cloud-init/files/hyper-v.cfg
+++ /dev/null
@@ -1 +0,0 @@
-datasource_list: [ NoCloud, ConfigDrive, None ]
diff --git a/roles/install-cloud-init/files/qemu.cfg b/roles/install-cloud-init/files/qemu.cfg
deleted file mode 100644
index f66d7c0..0000000
--- a/roles/install-cloud-init/files/qemu.cfg
+++ /dev/null
@@ -1 +0,0 @@
-datasource_list: [ NoCloud, ConfigDrive, None ]
diff --git a/roles/install-cloud-init/files/resolv.conf b/roles/install-cloud-init/files/resolv.conf
new file mode 100644
index 0000000..81027f8
--- /dev/null
+++ b/roles/install-cloud-init/files/resolv.conf
@@ -0,0 +1 @@
+nameserver 1.1.1.1
\ No newline at end of file
diff --git a/roles/install-cloud-init/files/vmware.cfg b/roles/install-cloud-init/files/vmware.cfg
deleted file mode 100644
index 76a5efd..0000000
--- a/roles/install-cloud-init/files/vmware.cfg
+++ /dev/null
@@ -1 +0,0 @@
-datasource_list: [ NoCloud, ConfigDrive, OVF, None ]
diff --git a/roles/install-cloud-init/tasks/main.yml b/roles/install-cloud-init/tasks/main.yml
index c9d5d07..2ae314b 100644
--- a/roles/install-cloud-init/tasks/main.yml
+++ b/roles/install-cloud-init/tasks/main.yml
@@ -1,17 +1,36 @@
+- name: Get Debian version
+  become: true
+  command: chroot {{ vyos_install_root }} awk 'match($0, /VERSION=.*\((\w+)\)/, version) { print version[1] }' /etc/os-release
+  register: debian_version
+- name: Set VyOS branch name crux
+  set_fact:
+    vyos_branch: "crux"
+  when: vyos_version is regex("^1\.2.*$")
 - name: Put debian.list
   become: true
   copy:
-    src: files/debian.list
+    src: "files/debian.list.{{ debian_version.stdout }}"
     dest: "{{ vyos_install_root }}/etc/apt/sources.list.d/debian.list"
+- name: backup resolv.conf
+  become: true
+  command: mv {{ vyos_install_root }}/etc/resolv.conf /tmp/resolv.conf
+- name: add nameserver settings to chroot
+  become: true
+  copy:
+    src: "files/resolv.conf"
+    dest: "{{ vyos_install_root }}/etc/resolv.conf"
 - name: apt-get update
   become: true
   command: chroot {{ vyos_install_root }} apt-get update
 - name: Install cloud-init
   become: true
-  command: chroot {{ vyos_install_root }} apt-get install -y cloud-init cloud-utils
+  command: chroot {{ vyos_install_root }} apt-get -t {{ vyos_branch | default('current') }} install -y cloud-init cloud-utils
 - name: apt-get clean
   become: true
   command: chroot {{ vyos_install_root }} apt-get clean
+- name: delete apt lists from cache
+  become: true
+  command: chroot {{ vyos_install_root }} rm -rf /var/lib/apt/lists/
 - name: Delete debian.list
   become: true
   file:
@@ -25,9 +44,24 @@
     mode: 0755
 - name: Put datasource_list.cfg
   become: true
-  copy:
-    src: "files/{{ vyos_platform | lower }}.cfg"
+  template:
+    src: 90_dpkg.cfg.j2
     dest: "{{ vyos_install_root }}/etc/cloud/cloud.cfg.d/90_dpkg.cfg"
 - name: run dpkg-reconfigure cloud-init
   become: true
   command: chroot {{ vyos_install_root }} dpkg-reconfigure -f noninteractive cloud-init
+- name: Disable config-stage modules
+  become: true
+  copy:
+    src: "files/90_disable_config_stage.cfg"
+    dest: "{{ vyos_install_root }}/etc/cloud/cloud.cfg.d/90_disable_config_stage.cfg"
+  when:
+    - cloud_init_disable_config is defined
+    - cloud_init_disable_config == "true"
+- name: restore original resolv.conf
+  become: true
+  command: mv /tmp/resolv.conf {{ vyos_install_root }}/etc/resolv.conf
+- name: change /etc/network/interfaces to include config from Cloud-Init
+  become: true
+  command: chroot {{ vyos_install_root }} sed -i 's/source-directory \/etc\/network\/interfaces.d/source \/etc\/network\/interfaces.d\/*/g' /etc/network/interfaces
+  when: vyos_version is regex("^1\.2.*$")
diff --git a/roles/install-cloud-init/templates/90_dpkg.cfg.j2 b/roles/install-cloud-init/templates/90_dpkg.cfg.j2
new file mode 100644
index 0000000..69d2461
--- /dev/null
+++ b/roles/install-cloud-init/templates/90_dpkg.cfg.j2
@@ -0,0 +1 @@
+datasource_list: [ {{ cloud_init_ds_list|join(', ') }} ]
diff --git a/roles/install-config/tasks/main.yml b/roles/install-config/tasks/main.yml
index 4447f87..0715fa1 100644
--- a/roles/install-config/tasks/main.yml
+++ b/roles/install-config/tasks/main.yml
@@ -4,9 +4,9 @@
     path: "{{ vyos_install_root }}/opt/vyatta/etc/config/.vyatta_config"
     state: touch
 
-- name: Copy the default config for QEMU to the installed image
+- name: Copy config to the installed image
   become: true
-  copy:
-    src: files/config.boot
+  template:
+    src: config.boot.j2
     dest: "{{ vyos_install_root }}/opt/vyatta/etc/config/config.boot"
     mode: 0755
diff --git a/roles/install-config/files/config.boot b/roles/install-config/templates/config.boot.j2
index f1ec4f5..30506f8 100644
--- a/roles/install-config/files/config.boot
+++ b/roles/install-config/templates/config.boot.j2
@@ -1,14 +1,13 @@
-service {
-    ssh {
-        port 22
-    }
-}
 system {
     host-name vyos
     login {
         user vyos {
             authentication {
+{% if cloud_init == "true" and not ( keep_user is defined and keep_user == "true" ) %}
+                encrypted-password "*"
+{% else %}
                 encrypted-password "$6$MjV2YvKQ56q$QbL562qhRoyUu8OaqrXagicvcsNpF1HssCY06ZxxghDJkBCfSfTE/4FlFB41xZcd/HqYyVBuRt8Zyq3ozJ0dc."
+{% endif %}
                 plaintext-password ""
             }
             level admin
@@ -34,8 +33,18 @@ system {
     }
 }
 interfaces {
+{% if cloud_init == "true" and not ( empty_config is defined and empty_config == "true" ) %}
     ethernet eth0 {
         address dhcp
     }
-    loopback lo
+{% endif %}
+    loopback lo {
+    }
+}
+{% if cloud_init == "true" and not ( empty_config is defined and empty_config == "true" ) %}
+service {
+    ssh {
+        port 22
+    }
 }
+{% endif %}
diff --git a/roles/install-grub/tasks/main.yml b/roles/install-grub/tasks/main.yml
index 2a20271..33a1049 100644
--- a/roles/install-grub/tasks/main.yml
+++ b/roles/install-grub/tasks/main.yml
@@ -20,7 +20,7 @@
 
 - name: Install GRUB in the boot sector of {{ vyos_target_drive }}
   become: true
-  command: chroot {{ vyos_install_root }} grub-install --no-floppy --root-directory=/boot {{ vyos_target_drive }} --force
+  command: chroot {{ vyos_install_root }} grub-install --no-floppy --root-directory=/boot {{ vyos_target_drive }} --force --target=i386-pc
   args:
     creates: "{{ vyos_install_root }}/boot/grub/grubenv"
 
diff --git a/roles/install-grub/templates/boot/grub/grub.cfg.j2 b/roles/install-grub/templates/boot/grub/grub.cfg.j2
index 45f48ab..6cfea8f 100644
--- a/roles/install-grub/templates/boot/grub/grub.cfg.j2
+++ b/roles/install-grub/templates/boot/grub/grub.cfg.j2
@@ -1,7 +1,29 @@
+{% if grub_console == "kvm" %}
 set default=0
-set timeout=0
+{% elif grub_console == "serial" %}
+set default=1
+{% endif %}
+set timeout=5
+serial --unit=0
+terminal_output --append serial
+terminal_input serial console
 
-menuentry "VyOS {{ vyos_platform }} Image {{ vyos_version }}" {
-  linux /boot/{{ vyos_version }}/vmlinuz boot=live selinux=0 vyos-union=/boot/{{ vyos_version }} console=tty1
+menuentry "VyOS {{ vyos_version }} for {{ vyos_platform }} (KVM console)" {
+  linux /boot/{{ vyos_version }}/vmlinuz boot=live rootdelay=5 noautologin net.ifnames=0 biosdevname=0 vyos-union=/boot/{{ vyos_version }} console=ttyS0 console=tty0
+  initrd /boot/{{ vyos_version }}/initrd.img
+}
+
+menuentry "VyOS {{ vyos_version }} for {{ vyos_platform }} (Serial console)" {
+  linux /boot/{{ vyos_version }}/vmlinuz boot=live rootdelay=5 noautologin net.ifnames=0 biosdevname=0 vyos-union=/boot/{{ vyos_version }} console=tty0 console=ttyS0
+  initrd /boot/{{ vyos_version }}/initrd.img
+}
+
+menuentry "VyOS {{ vyos_version }} for {{ vyos_platform }} - password reset (KVM console)" {
+  linux /boot/{{ vyos_version }}/vmlinuz boot=live rootdelay=5 noautologin net.ifnames=0 biosdevname=0 vyos-union=/boot/{{ vyos_version }} console=ttyS0 console=tty0 init=/opt/vyatta/sbin/standalone_root_pw_reset
+  initrd /boot/{{ vyos_version }}/initrd.img
+}
+
+menuentry "VyOS {{ vyos_version }} for {{ vyos_platform }} - password reset (Serial console)" {
+  linux /boot/{{ vyos_version }}/vmlinuz boot=live rootdelay=5 noautologin net.ifnames=0 biosdevname=0 vyos-union=/boot/{{ vyos_version }} console=tty0 console=ttyS0 init=/opt/vyatta/sbin/standalone_root_pw_reset
   initrd /boot/{{ vyos_version }}/initrd.img
 }
diff --git a/roles/install-guest-agent-wrapper/tasks/main.yml b/roles/install-guest-agent-wrapper/tasks/main.yml
new file mode 100644
index 0000000..f41e111
--- /dev/null
+++ b/roles/install-guest-agent-wrapper/tasks/main.yml
@@ -0,0 +1,4 @@
+- name: Check if we need to install VM guest agents
+  include_role:
+    name: install-guest-agent
+  when: guest_agent is defined
diff --git a/roles/install-guest-agent-wrapper/tests/inventory b/roles/install-guest-agent-wrapper/tests/inventory
new file mode 100644
index 0000000..878877b
--- /dev/null
+++ b/roles/install-guest-agent-wrapper/tests/inventory
@@ -0,0 +1,2 @@
+localhost
+
diff --git a/roles/install-guest-agent-wrapper/tests/test.yml b/roles/install-guest-agent-wrapper/tests/test.yml
new file mode 100644
index 0000000..1c75a3b
--- /dev/null
+++ b/roles/install-guest-agent-wrapper/tests/test.yml
@@ -0,0 +1,4 @@
+---
+- hosts: localhost
+  roles:
+    - install-guest-agent-wrapper
diff --git a/roles/install-guest-agent/files/debian.list.buster b/roles/install-guest-agent/files/debian.list.buster
new file mode 100644
index 0000000..4950c4e
--- /dev/null
+++ b/roles/install-guest-agent/files/debian.list.buster
@@ -0,0 +1,4 @@
+deb http://deb.debian.org/debian buster main contrib non-free
+deb http://security.debian.org/debian-security/ buster/updates main contrib non-free
+deb http://deb.debian.org/debian buster-updates main contrib non-free
+deb http://dev.packages.vyos.net/repositories/current current main
diff --git a/roles/install-guest-agent/files/debian.list.jessie b/roles/install-guest-agent/files/debian.list.jessie
new file mode 100644
index 0000000..885e26b
--- /dev/null
+++ b/roles/install-guest-agent/files/debian.list.jessie
@@ -0,0 +1,5 @@
+deb http://deb.debian.org/debian jessie main contrib non-free
+deb http://security.debian.org/debian-security/ jessie/updates main contrib non-free
+deb http://deb.debian.org/debian jessie-updates main contrib non-free
+deb http://dev.packages.vyos.net/repositories/crux/vyos crux main
+deb http://dev.packages.vyos.net/repositories/crux/debian crux main
diff --git a/roles/install-guest-agent/files/resolv.conf b/roles/install-guest-agent/files/resolv.conf
new file mode 100644
index 0000000..81027f8
--- /dev/null
+++ b/roles/install-guest-agent/files/resolv.conf
@@ -0,0 +1 @@
+nameserver 1.1.1.1
\ No newline at end of file
diff --git a/roles/install-guest-agent/tasks/main.yml b/roles/install-guest-agent/tasks/main.yml
new file mode 100644
index 0000000..f636f53
--- /dev/null
+++ b/roles/install-guest-agent/tasks/main.yml
@@ -0,0 +1,46 @@
+- name: Get Debian version
+  become: true
+  command: chroot {{ vyos_install_root }} awk 'match($0, /VERSION=.*\((\w+)\)/, version) { print version[1] }' /etc/os-release
+  register: debian_version
+- name: Set VyOS branch name crux
+  set_fact:
+    vyos_branch: "crux"
+  when: vyos_version is regex("^1\.2.*$")
+- name: Put debian.list
+  become: true
+  copy:
+    src: "files/debian.list.{{ debian_version.stdout }}"
+    dest: "{{ vyos_install_root }}/etc/apt/sources.list.d/debian.list"
+- name: backup resolv.conf
+  become: true
+  command: mv {{ vyos_install_root }}/etc/resolv.conf /tmp/resolv.conf
+- name: add nameserver settings to chroot
+  become: true
+  copy:
+    src: "files/resolv.conf"
+    dest: "{{ vyos_install_root }}/etc/resolv.conf"
+- name: apt-get update
+  become: true
+  command: chroot {{ vyos_install_root }} apt-get update
+- name: Install qemu-guest-agent
+  become: true
+  command: chroot {{ vyos_install_root }} apt-get -t {{ vyos_branch | default('current') }} install -y qemu-guest-agent
+  when: guest_agent == "qemu"
+- name: Install open-vm-tools
+  become: true
+  command: chroot {{ vyos_install_root }} apt-get -t {{ vyos_branch | default('current') }} install -y open-vm-tools
+  when: guest_agent == "vmware"
+- name: apt-get clean
+  become: true
+  command: chroot {{ vyos_install_root }} apt-get clean
+- name: delete apt lists from cache
+  become: true
+  command: chroot {{ vyos_install_root }} rm -rf /var/lib/apt/lists/
+- name: Delete debian.list
+  become: true
+  file:
+    path: "{{ vyos_install_root }}/etc/apt/sources.list.d/debian.list"
+    state: absent
+- name: restore original resolv.conf
+  become: true
+  command: mv /tmp/resolv.conf {{ vyos_install_root }}/etc/resolv.conf
diff --git a/roles/install-guest-agent/tests/inventory b/roles/install-guest-agent/tests/inventory
new file mode 100644
index 0000000..878877b
--- /dev/null
+++ b/roles/install-guest-agent/tests/inventory
@@ -0,0 +1,2 @@
+localhost
+
diff --git a/roles/install-guest-agent/tests/test.yml b/roles/install-guest-agent/tests/test.yml
new file mode 100644
index 0000000..79b8c2d
--- /dev/null
+++ b/roles/install-guest-agent/tests/test.yml
@@ -0,0 +1,4 @@
+---
+- hosts: localhost
+  roles:
+    - install-guest-agent
diff --git a/roles/install-open-vmdk/tasks/main.yml b/roles/install-open-vmdk/tasks/main.yml
index dedece0..8d19da4 100644
--- a/roles/install-open-vmdk/tasks/main.yml
+++ b/roles/install-open-vmdk/tasks/main.yml
@@ -7,14 +7,27 @@
     url: https://github.com/vmware/open-vmdk/archive/master.zip
     dest: /tmp/master.zip
   when: stat_result.stat.exists == False
-- name: Extract master.zip into /var/lib/foo
+- name: Extract master.zip into /tmp
   unarchive:
     src: /tmp/master.zip
     dest: /tmp
   when: stat_result.stat.exists == False
+- name: Build open-vmdk
+  become: true
+  make:
+    chdir: /tmp/open-vmdk-master/vmdk
+  when: stat_result.stat.exists == False
 - name: Install open-vmdk
   become: true
   make:
-    chdir: /tmp/open-vmdk-master
+    chdir: /tmp/open-vmdk-master/vmdk
     target: install
   when: stat_result.stat.exists == False
+- name: Delete installation directory and archive
+  file:
+    path: "{{ item }}"
+    state: absent
+  loop:
+    - "/tmp/open-vmdk-master"
+    - "/tmp/master.zip"
+  when: stat_result.stat.exists == False
diff --git a/roles/install-packages/tasks/main.yml b/roles/install-packages/tasks/main.yml
index ffb0bbf..8d526b5 100644
--- a/roles/install-packages/tasks/main.yml
+++ b/roles/install-packages/tasks/main.yml
@@ -9,4 +9,9 @@
       - qemu-utils
       - python-lxml
       - aufs-tools
+      - grub2
+      - python-requests
+      - unzip
+      - zlib1g-dev
+      - squashfs-tools
     state: present
diff --git a/roles/qemu-qcow2/tasks/main.yml b/roles/qemu-qcow2/tasks/main.yml
index c91c75b..c3893ef 100644
--- a/roles/qemu-qcow2/tasks/main.yml
+++ b/roles/qemu-qcow2/tasks/main.yml
@@ -1,2 +1,2 @@
 - name: Convert raw to qcow2
-  command: qemu-img convert -f raw "{{ vyos_raw_img }}" -O qcow2 "{{ vyos_qemu_img }}"
+  command: qemu-img convert -f raw "{{ vyos_raw_img }}" -O qcow2 -c "{{ vyos_qemu_img }}"
diff --git a/roles/unmount-all/tasks/main.yml b/roles/unmount-all/tasks/main.yml
index 1ff6daa..253ffe9 100644
--- a/roles/unmount-all/tasks/main.yml
+++ b/roles/unmount-all/tasks/main.yml
@@ -16,24 +16,6 @@
     fstype: none
     state: absent
 
-- name: Unmount {{ vyos_install_root }}/sys, {{ vyos_install_root }}/proc, {{ vyos_install_root }}/dev
-  become: true
-  mount:
-    name: "{{ vyos_install_root }}/{{ item }}"
-    src: "/{{ item }}"
-    fstype: none
-    state: unmounted
-  with_items: [ 'sys', 'proc', 'dev' ]
-
-- name: Unmount {{ vyos_install_root }}/sys, {{ vyos_install_root }}/proc, {{ vyos_install_root }}/dev
-  become: true
-  mount:
-    name: "{{ vyos_install_root }}/{{ item }}"
-    src: "/{{ item }}"
-    fstype: none
-    state: absent
-  with_items: [ 'sys', 'proc', 'dev' ]
-
 - name: Unmount {{ vyos_install_root }}
   become: true
   mount:
@@ -58,6 +40,10 @@
     fstype: "{{ vyos_root_fstype }}"
     state: absent
 
+- name: Detach {{ vyos_target_drive }}
+  become: true
+  command: "losetup -d {{ vyos_target_drive }}"
+
 - name: Unmount {{ vyos_cd_squash_root }}
   become: true
   mount:
diff --git a/roles/unmount-pre/tasks/main.yml b/roles/unmount-pre/tasks/main.yml
new file mode 100644
index 0000000..12c9ae7
--- /dev/null
+++ b/roles/unmount-pre/tasks/main.yml
@@ -0,0 +1,18 @@
+# Unmount /sys /proc /dev
+- name: Unmount {{ vyos_install_root }}/sys, {{ vyos_install_root }}/proc, {{ vyos_install_root }}/dev
+  become: true
+  mount:
+    name: "{{ vyos_install_root }}/{{ item }}"
+    src: "/{{ item }}"
+    fstype: none
+    state: unmounted
+  with_items: [ 'sys', 'proc', 'dev' ]
+
+- name: Unmount {{ vyos_install_root }}/sys, {{ vyos_install_root }}/proc, {{ vyos_install_root }}/dev
+  become: true
+  mount:
+    name: "{{ vyos_install_root }}/{{ item }}"
+    src: "/{{ item }}"
+    fstype: none
+    state: absent
+  with_items: [ 'sys', 'proc', 'dev' ]
diff --git a/roles/unmount-pre/tests/inventory b/roles/unmount-pre/tests/inventory
new file mode 100644
index 0000000..878877b
--- /dev/null
+++ b/roles/unmount-pre/tests/inventory
@@ -0,0 +1,2 @@
+localhost
+
diff --git a/roles/unmount-pre/tests/test.yml b/roles/unmount-pre/tests/test.yml
new file mode 100644
index 0000000..105c5e6
--- /dev/null
+++ b/roles/unmount-pre/tests/test.yml
@@ -0,0 +1,4 @@
+---
+- hosts: localhost
+  roles:
+    - unmount-pre
diff --git a/roles/vmware-ova/tasks/main.yml b/roles/vmware-ova/tasks/main.yml
index 53c4989..0146a15 100644
--- a/roles/vmware-ova/tasks/main.yml
+++ b/roles/vmware-ova/tasks/main.yml
@@ -2,6 +2,10 @@
   command: qemu-img convert -f raw "{{ vyos_raw_img }}" -O vmdk -o adapter_type=lsilogic "{{ vyos_vmware_tmp_vmdk }}"
 - name: Fix vmdk with open-vmdk
   command: vmdk-convert "{{ vyos_vmware_tmp_vmdk }}" "{{ vyos_vmware_vmdk }}"
+- name: Delete temporary image
+  file:
+    path: "{{ vyos_vmware_tmp_vmdk }}"
+    state: absent
 - name: Get vmdk_file_size
   shell: du --bytes "{{ vyos_vmware_vmdk }}" | cut -f1
   register: vmdk_file_size
@@ -26,42 +30,14 @@
   copy:
     dest: "{{ vyos_vmware_mf }}"
     content: "{{ result.stdout }}"
-- name: Create OVA without private key
+- name: Converting the OVF to signed OVA
   become: false
-  archive:
-    path:
-      - "{{ vyos_vmware_ovf }}"
-      - "{{ vyos_vmware_mf }}"
-      - "{{ vyos_vmware_vmdk }}"
-    dest: "{{ vyos_vmware_ova }}"
-    format: tar
-  when: vyos_vmware_private_key_path is not defined
-- name: Sign MF
-  shell: openssl dgst -sha256 -sign "{{ vyos_vmware_private_key_path }}" -hex "{{ vyos_vmware_mf | basename }}" | sed 's/^RSA-//'
-  args:
-    chdir: /tmp
-  register: signature
-  when: vyos_vmware_private_key_path is defined
-- name: Get certificate
-  shell: openssl x509 -in "{{ vyos_vmware_private_key_path }}"
-  register: certificate
-  when: vyos_vmware_private_key_path is defined
-- name: Create cert file for OVA
-  become: false
-  copy:
-    dest: "{{ vyos_vmware_cert }}"
-    content: |
-      {{ signature.stdout }}
-      {{ certificate.stdout }}
-  when: vyos_vmware_private_key_path is defined
-- name: Create OVA with private key
-  become: false
-  archive:
-    path:
-      - "{{ vyos_vmware_ovf }}"
-      - "{{ vyos_vmware_mf }}"
-      - "{{ vyos_vmware_cert }}"
-      - "{{ vyos_vmware_vmdk }}"
-    dest: "{{ vyos_vmware_ova }}"
-    format: tar
-  when: vyos_vmware_private_key_path is defined
+  command: "ovftool --compress=9 --privateKey={{ vyos_vmware_private_key_path }} {{ vyos_vmware_ovf }} {{ vyos_vmware_ova }}"
+- name: Delete temporary files for VMware
+  file:
+    path: "{{ item }}"
+    state: absent
+  loop:
+    - "{{ vyos_vmware_ovf }}"
+    - "{{ vyos_vmware_mf }}"
+    - "{{ vyos_vmware_vmdk }}"
diff --git a/roles/vmware-ova/templates/vyos_vmware_image.ovf.j2 b/roles/vmware-ova/templates/vyos_vmware_image.ovf.j2
index c3d6145..7f58678 100644
--- a/roles/vmware-ova/templates/vyos_vmware_image.ovf.j2
+++ b/roles/vmware-ova/templates/vyos_vmware_image.ovf.j2
@@ -1,148 +1,223 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<Envelope vmw:buildId="build-3018522" xmlns="http://schemas.dmtf.org/ovf/envelope/1" xmlns:cim="http://schemas.dmtf.org/wbem/wscim/1/common" xmlns:ovf="http://schemas.dmtf.org/ovf/envelope/1" xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData" xmlns:vmw="http://www.vmware.com/schema/ovf" xmlns:vssd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_VirtualSystemSettingData" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+<ovf:Envelope xmlns="http://schemas.dmtf.org/ovf/envelope/1" xmlns:ovf="http://schemas.dmtf.org/ovf/envelope/1" xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData" xmlns:vmw="http://www.vmware.com/schema/ovf" xmlns:vssd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_VirtualSystemSettingData" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <References>
     <File ovf:href="vyos_vmware_image.vmdk" ovf:id="file1" ovf:size="{{ vmdk_file_size.stdout }}"/>
   </References>
+  <ovf:NetworkSection>
+    <ovf:Info>The list of logical networks</ovf:Info>
+    <ovf:Network ovf:name="WAN">
+      <ovf:Description>WAN network</ovf:Description>
+    </ovf:Network>
+    <ovf:Network ovf:name="LAN">
+      <ovf:Description>LAN network</ovf:Description>
+    </ovf:Network>
+  </ovf:NetworkSection>
+  <DeploymentOptionSection>
+    <Info>List of profiles</Info>
+    <Configuration ovf:default="true" ovf:id="1CPU-512MB">
+      <Label ovf:msgid="Small.label">Small</Label>
+      <Description ovf:msgid="Small.description">Minimal hardware profile - 1 vCPU, 512 MB RAM</Description>
+    </Configuration>
+    <Configuration ovf:id="4CPU-16GB">
+      <Label ovf:msgid="Medium.label">Medium</Label>
+      <Description ovf:msgid="Medium.description">Medium hardware profile - 4 vCPUs, 16 GB RAM</Description>
+    </Configuration>
+    <Configuration ovf:id="8CPU-32GB">
+      <Label ovf:msgid="Large.label">Large</Label>
+      <Description ovf:msgid="Large.description">Large hardware profile - 8 vCPUs, 32 GB RAM</Description>
+    </Configuration>
+  </DeploymentOptionSection>
+  <vmw:IpAssignmentSection ovf:required="false" vmw:protocols="IPv4 IPv6" vmw:schemes="ovfenv dhcp">
+    <Info>Supported IP assignment schemes</Info>
+  </vmw:IpAssignmentSection>
   <DiskSection>
     <Info>Virtual disk information</Info>
-	<Disk ovf:capacity="{{ vyos_vmdk_size }}" ovf:capacityAllocationUnits="byte * 2^30" ovf:diskId="vmdisk1" ovf:fileRef="file1" ovf:format="http://www.vmware.com/interfaces/specifications/vmdk.html#streamOptimized" ovf:populatedSize="{{ vmdk_populated_size }}"/>
+    <Disk ovf:capacity="10" ovf:capacityAllocationUnits="byte * 2^30" ovf:diskId="vmdisk1" ovf:fileRef="file1" ovf:format="http://www.vmware.com/interfaces/specifications/vmdk.html#streamOptimized" ovf:populatedSize="{{ vmdk_populated_size }}"/>
   </DiskSection>
-  <NetworkSection>
-    <Info>The list of logical networks</Info>
-    <Network ovf:name="VM Network">
-      <Description>The VM Network network</Description>
-    </Network>
-  </NetworkSection>
-  <VirtualSystem ovf:id="vm">
+  <VirtualSystem ovf:id="VyOS">
     <Info>A virtual machine</Info>
-    <Name>vyos</Name>
-    <OperatingSystemSection ovf:id="1" vmw:osType="other26xLinux64Guest">
-      <Info>The kind of installed guest operating system</Info>
+    <ProductSection ovf:required="false">
+      <Info>VyOS is a Linux-based network operating system that provides software-based network routing, firewall, and VPN functionality.</Info>
+      <Product>VyOS</Product>
+      <Vendor>Sentrium S.L.</Vendor>
+      <Version>{{ vyos_version }}</Version>
+      <ProductUrl>https://www.vyos.io</ProductUrl>
+      <VendorUrl>https://sentrium.io/</VendorUrl>
+      <AppUrl/>
+      <Category>Appliance user Settings</Category>
+      <Property ovf:key="password" ovf:password="true" ovf:qualifiers="MinLen(8)" ovf:type="string" ovf:userConfigurable="true" ovf:value="">
+        <Label ovf:msgid="Password.label">Password</Label>
+        <Description ovf:msgid="Password.description">The password for the appliance &apos;vyos&apos; account. Passwords must be at least 8 characters in length.</Description>
+      </Property>
+      <Property ovf:key="public-keys" ovf:type="string" ovf:userConfigurable="true" ovf:value="">
+        <Label>Public key</Label>
+        <Description>The public ssh key for the appliance &apos;vyos&apos; account.</Description>
+      </Property>
+      <Category>Appliance IPv4 Network Settings (WAN interface)</Category>
+      <Property ovf:key="local-hostname" ovf:qualifiers="MinLen(0),MaxLen(65535)" ovf:type="string" ovf:userConfigurable="true" ovf:value="">
+        <Label>Hostname</Label>
+        <Description>The host name for this virtual machine.</Description>
+      </Property>
+      <Property ovf:key="ip0" ovf:type="string" ovf:userConfigurable="true">
+        <Label>Network IPv4 Address</Label>
+        <Description>The IPv4 address. Leave blank if DHCP is desired.</Description>
+      </Property>
+      <Property ovf:key="netmask0" ovf:type="string" ovf:userConfigurable="true">
+        <Label>Network IPv4 Netmask</Label>
+        <Description>The IPv4 netmask or prefix for this interface. Leave blank if DHCP is desired.</Description>
+      </Property>
+      <Property ovf:key="gateway" ovf:type="string" ovf:userConfigurable="true">
+        <Label>Default Gateway v4</Label>
+        <Description>Default gateway address. Leave blank if DHCP is desired.</Description>
+      </Property>
+      <Property ovf:key="DNS" ovf:type="string" ovf:userConfigurable="true">
+        <Label>Domain Name Servers</Label>
+        <Description>The domain name server IP Addresses for this VM (comma separated). Leave blank if DHCP is desired.</Description>
+      </Property>
+      <Property ovf:key="NTP" ovf:type="string" ovf:userConfigurable="true">
+        <Label>Domain Time Servers</Label>
+        <Description>NTP servers for this VM (comma separated). Leave blank if DHCP is desired.</Description>
+      </Property>
+      <Category>Appliance API Settings</Category>
+      <Property ovf:key="APIKEY" ovf:type="string" ovf:userConfigurable="true">
+        <Label>API key</Label>
+        <Description>API key to access the VyOS api. If left blank the api wil not be enabled.</Description>
+      </Property>
+      <Property ovf:key="APIPORT" ovf:value="443" ovf:type="int" ovf:userConfigurable="true">
+        <Label>API listening port</Label>
+        <Description>API port to listen on for calls. Leave blank to keep it default '443'.</Description>
+      </Property>
+      <Property ovf:key="APIDEBUG" ovf:value="false" ovf:type="boolean" ovf:userConfigurable="true">
+        <Label>API debug logging</Label>
+        <Description>Enable API debug logging</Description>
+      </Property>
+      <Property ovf:key="user-data" ovf:type="string" ovf:userConfigurable="true" ovf:value="">
+        <Label>Cloud-init User-Data</Label>
+        <Description>User-Data, encoded with base64.</Description>
+      </Property>
+    </ProductSection>
+    <ProductSection ovf:class="vm" ovf:required="false">
+      <Info>VM specific properties</Info>
+      <Property ovf:key="vmname" ovf:type="string" ovf:value="VyOS"/>
+    </ProductSection>
+    <AnnotationSection>
+      <Info/>
+      <Annotation>VyOS</Annotation>
+    </AnnotationSection>
+    <OperatingSystemSection ovf:id="96" ovf:version="6" vmw:osType="debian8_64Guest">
+      <Info>The operating system installed</Info>
+      <Description>Debian GNU/Linux 8 (64-bit)</Description>
     </OperatingSystemSection>
-    <VirtualHardwareSection ovf:transport="com.vmware.guestInfo" ovf:required="false">
-      <Info>Virtual hardware requirements</Info>
+    <VirtualHardwareSection ovf:required="false" ovf:transport="com.vmware.guestInfo">
+      <Info>Virtual Hardware Requirements</Info>
       <System>
         <vssd:ElementName>Virtual Hardware Family</vssd:ElementName>
         <vssd:InstanceID>0</vssd:InstanceID>
-        <vssd:VirtualSystemIdentifier>vyos</vssd:VirtualSystemIdentifier>
-        <vssd:VirtualSystemType>vmx-09</vssd:VirtualSystemType>
+        <vssd:VirtualSystemType>vmx-11</vssd:VirtualSystemType>
       </System>
-      <Item>
+      <Item configuration="1CPU-512MB">
         <rasd:AllocationUnits>hertz * 10^6</rasd:AllocationUnits>
-        <rasd:Description>Number of Virtual CPUs</rasd:Description>
-        <rasd:ElementName>1 virtual CPU(s)</rasd:ElementName>
-        <rasd:InstanceID>1</rasd:InstanceID>
+        <rasd:Description>Number of virtual CPUs</rasd:Description>
+        <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">1 virtual CPU</rasd:ElementName>
+        <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">1</rasd:InstanceID>
         <rasd:ResourceType>3</rasd:ResourceType>
         <rasd:VirtualQuantity>1</rasd:VirtualQuantity>
       </Item>
-      <Item>
-        <rasd:AllocationUnits>byte * 2^30</rasd:AllocationUnits>
+      <Item configuration="4CPU-16GB">
+        <rasd:AllocationUnits>hertz * 10^6</rasd:AllocationUnits>
+        <rasd:Description>Number of virtual CPUs</rasd:Description>
+        <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">4 virtual CPUs</rasd:ElementName>
+        <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">1</rasd:InstanceID>
+        <rasd:ResourceType>3</rasd:ResourceType>
+        <rasd:VirtualQuantity>4</rasd:VirtualQuantity>
+      </Item>
+      <Item configuration="8CPU-32GB">
+        <rasd:AllocationUnits>hertz * 10^6</rasd:AllocationUnits>
+        <rasd:Description>Number of virtual CPUs</rasd:Description>
+        <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">8 virtual CPUs</rasd:ElementName>
+        <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">1</rasd:InstanceID>
+        <rasd:ResourceType>3</rasd:ResourceType>
+        <rasd:VirtualQuantity>8</rasd:VirtualQuantity>
+      </Item>
+      <Item configuration="1CPU-512MB">
+        <rasd:AllocationUnits>byte * 2^20</rasd:AllocationUnits>
         <rasd:Description>Memory Size</rasd:Description>
-        <rasd:ElementName>1GB of memory</rasd:ElementName>
-        <rasd:InstanceID>2</rasd:InstanceID>
+        <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">512 MB of memory</rasd:ElementName>
+        <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">2</rasd:InstanceID>
         <rasd:ResourceType>4</rasd:ResourceType>
-        <rasd:VirtualQuantity>1</rasd:VirtualQuantity>
+        <rasd:VirtualQuantity>512</rasd:VirtualQuantity>
+        <rasd:Reservation>512</rasd:Reservation>
+      </Item>
+      <Item configuration="4CPU-16GB">
+        <rasd:AllocationUnits>byte * 2^20</rasd:AllocationUnits>
+        <rasd:Description>Memory Size</rasd:Description>
+        <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">16 GB of memory</rasd:ElementName>
+        <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">2</rasd:InstanceID>
+        <rasd:ResourceType>4</rasd:ResourceType>
+        <rasd:VirtualQuantity>16384</rasd:VirtualQuantity>
+        <rasd:Reservation>16384</rasd:Reservation>
+      </Item>
+      <Item configuration="8CPU-32GB">
+        <rasd:AllocationUnits>byte * 2^20</rasd:AllocationUnits>
+        <rasd:Description>Memory Size</rasd:Description>
+        <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">32 GB of memory</rasd:ElementName>
+        <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">2</rasd:InstanceID>
+        <rasd:ResourceType>4</rasd:ResourceType>
+        <rasd:VirtualQuantity>32768</rasd:VirtualQuantity>
+        <rasd:Reservation>32768</rasd:Reservation>
       </Item>
       <Item>
-        <rasd:Address>0</rasd:Address>
-        <rasd:Description>SCSI Controller</rasd:Description>
-        <rasd:ElementName>scsiController0</rasd:ElementName>
-        <rasd:InstanceID>3</rasd:InstanceID>
-        <rasd:ResourceSubType>lsilogic</rasd:ResourceSubType>
+        <rasd:Address xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">0</rasd:Address>
+        <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">SCSI Controller 0 - VMware Paravirtual SCSI</rasd:ElementName>
+        <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">3</rasd:InstanceID>
+        <rasd:ResourceSubType>VirtualSCSI</rasd:ResourceSubType>
         <rasd:ResourceType>6</rasd:ResourceType>
       </Item>
       <Item>
-        <rasd:Address>1</rasd:Address>
-        <rasd:Description>IDE Controller</rasd:Description>
-        <rasd:ElementName>ideController1</rasd:ElementName>
-        <rasd:InstanceID>4</rasd:InstanceID>
-        <rasd:ResourceType>5</rasd:ResourceType>
+        <rasd:AddressOnParent>0</rasd:AddressOnParent>
+        <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">disk0</rasd:ElementName>
+        <rasd:HostResource>ovf:/disk/vmdisk1</rasd:HostResource>
+        <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">4</rasd:InstanceID>
+        <rasd:Parent>3</rasd:Parent>
+        <rasd:ResourceType>17</rasd:ResourceType>
       </Item>
-      <Item ovf:required="false">
-        <rasd:AutomaticAllocation>true</rasd:AutomaticAllocation>
-        <rasd:ElementName>serial0</rasd:ElementName>
-        <rasd:InstanceID>5</rasd:InstanceID>
-        <rasd:ResourceType>21</rasd:ResourceType>
-        <vmw:Config ovf:required="false" vmw:key="yieldOnPoll" vmw:value="false"/>
+      <Item>
+        <rasd:Address>0</rasd:Address>
+        <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">IDE Controller 0</rasd:ElementName>
+        <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">5</rasd:InstanceID>
+        <rasd:ResourceType>5</rasd:ResourceType>
       </Item>
-      <Item ovf:required="false">
+      <Item>
         <rasd:AddressOnParent>0</rasd:AddressOnParent>
         <rasd:AutomaticAllocation>false</rasd:AutomaticAllocation>
-        <rasd:ElementName>cdrom0</rasd:ElementName>
-        <rasd:InstanceID>6</rasd:InstanceID>
+        <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">CD/DVD Drive 1</rasd:ElementName>
+        <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">6</rasd:InstanceID>
         <rasd:Parent>5</rasd:Parent>
         <rasd:ResourceType>15</rasd:ResourceType>
       </Item>
-      <Item>
-        <rasd:AddressOnParent>0</rasd:AddressOnParent>
-        <rasd:ElementName>disk0</rasd:ElementName>
-        <rasd:HostResource>ovf:/disk/vmdisk1</rasd:HostResource>
+      <ovf:Item>
+        <rasd:AddressOnParent>7</rasd:AddressOnParent>
+        <rasd:AutomaticAllocation>true</rasd:AutomaticAllocation>
+        <rasd:Connection>WAN</rasd:Connection>
+        <rasd:Description>NIC representing WAN</rasd:Description>
+        <rasd:ElementName>WAN</rasd:ElementName>
         <rasd:InstanceID>7</rasd:InstanceID>
-        <rasd:Parent>3</rasd:Parent>
-        <rasd:ResourceType>17</rasd:ResourceType>
-      </Item>
-      <Item>
-        <rasd:AddressOnParent>2</rasd:AddressOnParent>
+        <rasd:ResourceSubType>vmxnet3</rasd:ResourceSubType>
+        <rasd:ResourceType>10</rasd:ResourceType>
+      </ovf:Item>
+      <ovf:Item>
+        <rasd:AddressOnParent>8</rasd:AddressOnParent>
         <rasd:AutomaticAllocation>true</rasd:AutomaticAllocation>
-        <rasd:Connection>VM Network</rasd:Connection>
-        <rasd:Description>VmxNet3 ethernet adapter on &quot;VM Network&quot;</rasd:Description>
-        <rasd:ElementName>ethernet0</rasd:ElementName>
+        <rasd:Connection>LAN</rasd:Connection>
+        <rasd:Description>NIC representing LAN</rasd:Description>
+        <rasd:ElementName>LAN</rasd:ElementName>
         <rasd:InstanceID>8</rasd:InstanceID>
-        <rasd:ResourceSubType>VmxNet3</rasd:ResourceSubType>
+        <rasd:ResourceSubType>vmxnet3</rasd:ResourceSubType>
         <rasd:ResourceType>10</rasd:ResourceType>
-        <vmw:Config ovf:required="false" vmw:key="wakeOnLanEnabled" vmw:value="false"/>
-      </Item>
-      <Item ovf:required="false">
-        <rasd:AutomaticAllocation>false</rasd:AutomaticAllocation>
-        <rasd:ElementName>video</rasd:ElementName>
-        <rasd:InstanceID>9</rasd:InstanceID>
-        <rasd:ResourceType>24</rasd:ResourceType>
-      </Item>
-      <Item ovf:required="false">
-        <rasd:AutomaticAllocation>false</rasd:AutomaticAllocation>
-        <rasd:ElementName>vmci</rasd:ElementName>
-        <rasd:InstanceID>10</rasd:InstanceID>
-        <rasd:ResourceSubType>vmware.vmci</rasd:ResourceSubType>
-        <rasd:ResourceType>1</rasd:ResourceType>
-      </Item>
+      </ovf:Item>
       <vmw:Config ovf:required="false" vmw:key="cpuHotAddEnabled" vmw:value="true"/>
       <vmw:Config ovf:required="false" vmw:key="memoryHotAddEnabled" vmw:value="true"/>
-      <vmw:Config ovf:required="false" vmw:key="cpuHotRemoveEnabled" vmw:value="false"/>
-      <vmw:Config ovf:required="false" vmw:key="powerOpInfo.powerOffType" vmw:value="soft"/>
-      <vmw:Config ovf:required="false" vmw:key="powerOpInfo.resetType" vmw:value="soft"/>
-      <vmw:Config ovf:required="false" vmw:key="powerOpInfo.suspendType" vmw:value="soft"/>
+      <vmw:ExtraConfig ovf:required="false" vmw:key="sched.mem.pin" vmw:value="TRUE"/>
     </VirtualHardwareSection>
-    <ProductSection>
-      <Info>VyOS is a Linux-based network operating system that provides software-based network routing, firewall, and VPN functionality.</Info>
-      <Product>VyOS</Product>
-      <Vendor>VyOS maintainers and contributors</Vendor>
-      <Version>{{ vyos_version }}</Version>
-      <Property ovf:key="instance-id" ovf:type="string" ovf:userConfigurable="true" ovf:value="id-ovf">
-          <Label>A Unique Instance ID for this instance</Label>
-          <Description>Specifies the instance id.  This is required and used to determine if the machine should take "first boot" actions</Description>
-      </Property>
-      <Property ovf:key="hostname" ovf:type="string" ovf:userConfigurable="true" ovf:value="vyos">
-          <Description>Specifies the hostname for the appliance</Description>
-      </Property>
-      <Property ovf:key="seedfrom" ovf:type="string" ovf:userConfigurable="true"> 
-          <Label>Url to seed instance data from</Label>
-          <Description>This field is optional, but indicates that the instance should 'seed' user-data and meta-data from the given url.  If set to 'http://tinyurl.com/sm-' is given, meta-data will be pulled from http://tinyurl.com/sm-meta-data and user-data from http://tinyurl.com/sm-user-data.  Leave this empty if you do not want to seed from a url.</Description>
-      </Property>
-      <Property ovf:key="public-keys" ovf:type="string" ovf:userConfigurable="true" ovf:value="">
-          <Label>ssh public keys</Label>
-          <Description>This field is optional, but indicates that the instance should populate the default user's 'authorized_keys' with this value</Description>
-      </Property>
-      <Property ovf:key="user-data" ovf:type="string" ovf:userConfigurable="true" ovf:value="">
-          <Label>Encoded user-data</Label>
-          <Description>In order to fit into a xml attribute, this value is base64 encoded . It will be decoded, and then processed normally as user-data.</Description>
-          <!--  The following represents '#!/bin/sh\necho "hi world"'
-          ovf:value="IyEvYmluL3NoCmVjaG8gImhpIHdvcmxkIgo="
-          -->
-      </Property>
-      <Property ovf:key="password" ovf:type="string" ovf:userConfigurable="true" ovf:value="">
-          <Label>Default User's password</Label>
-          <Description>If set, the default user's password will be set to this value to allow password based login.  The password will be good for only a single login.  If set to the string 'RANDOM' then a random password will be generated, and written to the console.</Description>
-      </Property>
-    </ProductSection>
   </VirtualSystem>
-</Envelope>
+</ovf:Envelope>
\ No newline at end of file
diff --git a/roles/vmware-ova/vars/main.yml b/roles/vmware-ova/vars/main.yml
index 176f25c..598f592 100644
--- a/roles/vmware-ova/vars/main.yml
+++ b/roles/vmware-ova/vars/main.yml
@@ -2,5 +2,4 @@ vyos_vmware_ovf: /tmp/vyos_vmware_image.ovf
 vyos_vmware_tmp_vmdk: /tmp/vyos_vmware_image_tmp.vmdk
 vyos_vmware_mf: /tmp/vyos_vmware_image.mf
 vyos_vmware_vmdk: /tmp/vyos_vmware_image.vmdk
-vyos_vmware_ova: /tmp/vyos_vmware_image.ova
 vyos_vmware_cert: /tmp/vyos_vmware_image.cert