TKG Series-Part 4: Deploy Sample Workload/Application

26-08-2020 Manish Jha

In last post I completed the workload cluster deployment. The deployed cluster is now ready to be consumed. In this post I will show how we can deploy a sample application/workload in the newly provisioned kubernetes cluster.

If you have missed earlier post of this series, you can read them from below links:

1: TKG Infrastructure Setup

2: TKG Management Cluster Deployment

3: TKG Workload Cluster Deployment

To deploy any application in the kubernetes cluster, we first have to connect to the workload cluster context.

Below command shows that I am currently connected to cluster “mj-tkgc01”, which is my workload cluster.

root@tkg-client:~# kubectl config get-contexts

CURRENT   NAME                        CLUSTER     AUTHINFO          NAMESPACE
          mj-tkgc01-admin@mj-tkgc01   mj-tkgc01   mj-tkgc01-admin
*         mj-tkgm01-admin@mj-tkgm01   mj-tkgm01   mj-tkgm01-admin

root@tkg-client:~# kubectl config get-contexts

CURRENT NAME CLUSTER AUTHINFO NAMESPACE

mj-tkgc01-admin@mj-tkgc01 mj-tkgc01 mj-tkgc01-admin

* mj-tkgm01-admin@mj-tkgm01 mj-tkgm01 mj-tkgm01-admin

Note: We can use command kubectl config use-context <cluster-context-name> to switch between the clusters.… Read More

TKG Series-Part 3: Deploy TKG Workload (Kubernetes) Cluster

26-08-2020 Manish Jha

In last post of this series, I covered TKG management cluster setup. In this post we will learn how to deploy TKG workload/compute/kubernetes cluster.

If you have missed earlier post of this series, you can read them from below links:

1: TKG Infrastructure Setup

2: TKG Management Cluster Deployment

Before attempting to deploy TKG workload cluster, ensure you are connected to management cluster context. If you are not already connected to the context, you can use command kubectl config use-context <mgmt-cluster-context-name> to connect to the same.

Step 1: Create a new namespace

An example json file is located in kubernetes official website which I have used to create a test namespace for me. You can create your own json if you want.

# kubectl create -f https://kubernetes.io/examples/admin/namespace-dev.json

Step 2: Create yaml file for workload cluster deployment.

# tkg config cluster mj-tkgc01 –plan dev –controlplane-machine-count 1 –worker-machine-count 3 –namespace development –controlplane-size small –worker-size small > dev.yaml… Read More

TKG Series-Part 2: Deploy TKG Management Cluster

26-08-2020 Manish Jha

In first post of this series, I discussed about prerequisites that you should meet before attempting to install TKG on vSphere. In this post I will demonstrate TKG management cluster deployment. We can create TKG Management cluster using both UI & CLI. Since I am a fan of cli method, I have used the same in my deployment.

Step 1: Prepare config.yaml file

When TKG cli is installed and tkg command is invoked for first time, it creates a hidden folder .tkg under home directory of user. This folder contains config.yaml file which TKG leverages to deploy management cluster.

Default yaml file don’t have details of infrastructure such as VC details, VC credentials, IP address etc to be used in TKG deployment. We have to populate infrastructure details in config.yaml file manually.

Below is the yaml file which I used in my environment.

cert-manager-timeout: 30m0s
overridesFolder: /root/.tkg/overrides
BASTION_HOST_ENABLED: "true"
NODE_STARTUP_TIMEOUT: 20m
providers:
  - name: cluster-api
    url: /root/.tkg/providers/cluster-api/v0.3.6/core-components.yaml

TKG Series-Part 1: Lab Setup

26-08-2020 Manish Jha

This blog series will cover how to deploy Tanzu Kubernetes Grid on vSphere and get your management and workload clusters provisioned. In part 1 of this series, I will cover the prerequisites that need to be met before attempting to install & configure TKG on vSphere.

Before you start with TKG deployment, make yourself familiar with the components that make up the TKG cluster.

Hardware & Software Requirements

A vSphere environment with vSphere 6.7 U3 or 7.0 installed.
A dedicated resource pool to accommodate TKG Management & Workload cluster components.
A VM folder where TKG VM’s will be provisioned.
One DHCP enabled network segment. TKG VM’s get IP from dhcp pool.
TKG Ova’s & TKG CLI downloaded from here
A linux vm (ubuntu preferred) created in vSphere with docker & kubectl installed. This vm act as bootstrap vm on which we will install TKG CLI and other dependencies.

My Lab Walkthrough

I have a 4 node vSphere cluster with vSphere 6.7 U3 installed and licensed with Enterprise plus license
Build numbers used for ESXi & vCenter are 16316930 & 16616668 respectively.

VMware Cloud Director-What’s New-NSX-T UI Enhancements

11-04-2020 Manish Jha

With the release of VMware Cloud Director (Previously vCloud Director), a lot of NSX-T related UI enhancements are added. In this post I will walk through some of them.

Dedicated External Networks

With Cloud Director 10.1, an edge gateway can be provisioned with a dedicated external network. In this configuration, there is a one-to-one relationship between the external network and the edge gateway, and no other edge gateways can connect to this external network.

Note: Provider creates a T0 gateway within NSX-T and add it to Cloud Director as an external network. Once T0 is added, provider could convert an existing org gateway (T1) to this new dedicated T0, or create a new org gateway with Dedicated External Network option selected.

BGP and Route Advertisement

BGP peering & Route Advertisement functionalities are added on Edge Gateway UI.

Route Advertisement

You can decide which of the network subnets that are attached to org gateway will be advertised to the dedicated external network.… Read More

Upgrading vCSA 6.7 to 7.0 via CLI

17-03-2020 Manish Jha

In my current project I have been tasked with identifying the process of VCSA upgrade via CLI so that same can be automated via code and eventually enabling customers to upgrade vCenter server in one click.

During my research I came to know that unfortunately there are no API calls as of now to upgrade vcsa and we have to rely on the CLI installer method.

vCenter Upgrade Process Overview

Those who have worked on VCSA upgrade in past, VCSA upgrade is not an in-place upgrade and it is a 2 step process.

Stage1 is where you gather all the necessary information such as source and target appliance details, target Esxi host/vCenter to deploy appliance and vCenter credentials etc. A new appliance with target version is deployed during the process.
In Stage2 data (configuration, historical, and performance metrics) migration is performed from source VCSA to newly deployed VCSA.

During upgrade, the newly deployed appliance is deployed via a temporary IP and once all data is migrated from source appliance, it is shut down and the new appliance is reconfigured with same IP which was configured in source. … Read More

Configuring vCenter Adapter in vROPs via API

01-03-2020 Manish Jha

In this post we will learn how to install Management Packs in vROPs via API.

For vCenter we don’t have to install any management pack as its shipped with vROPs by default and we just have to create vCenter credentials and configure adapter. Below steps can be followed to configure VC adapter.

1: Obtain Session Token: vROPs session token is obtained via POST call.

Method: POST 

URL: https://<vrops-fqdn>/suite-api/api/auth/token/acquire 

Headers: 

Content-Type : application\json 
Accept       : application\json 

Auth: No Auth 

Body:
 
{ 
"username" : "vROPs-User",
 "password" : "Password" 
}

Method: POST

URL: https://<vrops-fqdn>/suite-api/api/auth/token/acquire

Headers:

Content-Type : application\json

Accept : application\json

Auth: No Auth

Body:

{

"username" : "vROPs-User",

"password" : "Password"

}

Sample Output:

The token id obtained in output is passed as “Authorization: vRealizeOpsToken token_value” header in all subsequent GET and POST calls.… Read More

vRLI Distributed Install/Upgrade via vRSLCM API

29-02-2020 Manish Jha

In my last Post I demonstrated how to install and upgrade a distributed vROPs via vRSLCM API. In this post I will walk through how to perform install/upgrade a distributed vRLI environment.

Steps for deploying/upgrading any vRealize product via vRSLCM API are pretty much same, only the json payload varies.

vRLI Deployment Procedure

Step 1: Pre-Validate Environment Creation

Method: POST

URL: https://<vrslcm-fqdn>/lcm/lcops/api/environments/import/prevalidate

Sample Payload:

{
   "requestId":"null",
   "requestType":"VALIDATE_CREATE_ENVIRONMENT",
   "environmentRequestDTO":{
      "environmentId":"vRLI-4.8-Distributed",
      "environmentName":"vRLI-4.8-Distributed",
      "infrastructure":{
         "properties":{
            "dataCenterName":"SDDC-MAAS",
            "regionName":"default",
            "zoneName":"default",
            "vCenterName":"vcenter.mgmt.vmw",
            "vCenterHost":"vcenter.mgmt.vmw",
            "vcUsername":"administrator@vsphere.local",
            "vcPassword":"locker:password:e1dfebff-4600-4439-afb5-851e1830a71e:VC-Password",
            "acceptEULA":"true",
            "enableTelemetry":"false",
            "adminEmail":"xyz@vmware.com",
            "defaultPassword":"locker:password:26c77689-e7a8-4f27-8c85-c9a51a77689c:Default-Password",
            "certificate":"locker:certificate:f2558190-2002-46e2-847f-eb83c6c110be:vRLI-Certs",
            "cluster":"MGMT_DC#MGMT_CLU",
            "storage":"vsanDatastore",
            "folderName":"group-v50(MGMT_VMs)",
            "resourcePool":"resgroup-43(MGMT-ResourcePool)",
            "diskMode":"thin",
            "network":"VM_MGMT",
            "masterVidmEnabled":"true",
            "dns":"x.x.x.5",
            "domain":"mgmt.vmw",
            "gateway":"x.x.x.1",
            "netmask":"255.255.255.0",
            "searchpath":"mgmt.vmw",
            "timeSyncMode":"ntp",
            "ntp":"x.x.x.x",
            "isDhcp":"false"
         }
      },
      "products":[
         {
            "id":"vrli",
            "version":"4.8.0",
            "properties":{
               "certificate":"locker:certificate:f2558190-2002-46e2-847f-eb83c6c110be:vRLI-Certs",
               "productPassword":"locker:password:26c77689-e7a8-4f27-8c85-c9a51a77689c:Default-Password",
               "licenseRef":"locker:license:84727216-1e61-4694-bea9-4b19a5969e20:vRLI-4.x",
               "nodeSize":"small",
               "configureClusterVIP":"true",
               "affinityRule":true,
               "configureAffinitySeparateAll":"true",
               "ntp":"x.x.x.x",
               "timeSyncMode":"ntp"
            },
            "clusterVIP":{
               "clusterVips":[
                  {
                     "type":"vrli-cluster-1",
                     "properties":{
                        "hostName":"vrli.mgmt.vmw",
                        "ip":"x.x.x.110"
                     }
                  }
               ]
            },
            "nodes":[
               {
                  "type":"vrli-master",
                  "properties":{
                     "vmName":"vrli-master",
                     "hostName":"vrli01.mgmt.vmw",
                     "ip":"x.x.x.111"
                  }
               },
               {
                  "type":"vrli-worker",
                  "properties":{
                     "vmName":"vrli-worker-1",
                     "hostName":"vrli02.mgmt.vmw",
                     "ip":"x.x.x.112"
                  }
               },
               {
                  "type":"vrli-worker",
                  "properties":{
                     "vmName":"vrli-worker-2",
                     "hostName":"vrli03.mgmt.vmw",
                     "ip":"x.x.x.113"
                  }
               }
            ]
         }
      ]
   }
}

Method: POST

URL: https://<vrslcm-fqdn>/lcm/lcops/api/environments/import/prevalidate

Sample Payload:

{

"requestId":"null",

"requestType":"VALIDATE_CREATE_ENVIRONMENT",

"environmentRequestDTO":{

"environmentId":"vRLI-4.8-Distributed",

"environmentName":"vRLI-4.8-Distributed",

"infrastructure":{

"properties":{

"dataCenterName":"SDDC-MAAS",

"regionName":"default",

"zoneName":"default",

"vCenterName":"vcenter.mgmt.vmw"

vROPs Distributed Install/Upgrade via vRSLCM API

27-02-2020 Manish Jha

vRSLCM is such a great tool that it lifts all the complexity of deploying vRealize suite in just few clicks. Whether you are looking for standalone deployment or a distributed one, you are shielded from all the complexity that goes behind in setting up an environment.

Recently while working on my new project, I was tasked to find out a way where all the UI operations related to vRSLCM can be automated. In my last post I listed all the API’s that are needed to perform end to end vRSLCM configuration. We need to fetch few details before starting install/upgrade of any vRealize product.

This post is extension to my last post and I will be demonstrating how to deploy/upgrade various vRealize products using vRSLCM API. The first in this list will be vROPs. So lets get started.

At this point, I assume you have already fetched details about:

Certificate Name/UUID (From Locker)
Default Password Name/UUID (From Locker)
License Name/UUID (From Locker)
Infra details (DNS, NTP, Datacenter name, cluster name etc)
Local Repo configured and all product install/upgrade binaries uploaded there.

Automating vRSLCM 8.x End to End Configuration via API

23-02-2020 Manish Jha

In this post we will learn how to leverage vRealize Suite Life Cycle Manager (vRSLCM) API to automated deployment & configuration.

With release of vRSLCM 8.x, VMware introduced simple installer (similar to vCSA) for deployment of vRSLCM. Below is screenshot of how the simple installer looks like.

As of now we don’t have any API which can be leveraged to automate appliance deployment, so we will perform this task via ovftool.

Deploying vRSLCM via ovftool

ovftool --name=vrslcm2.mgmt.vmw --X:injectOvfEnv --X:logFile=ovftool.log --allowExtraConfig --noSSLVerify --datastore=vsanDatastore --network=VM_MGMT --acceptAllEulas --diskMode=thin --powerOn --prop:vami.hostname=vrslcm2.mgmt.vmw --prop:varoot-password=XXXXX --prop:va-ssh-enabled=True --prop:va-firstboot-enabled=True --prop:va-telemetry-enabled=True --prop:va-ntp-servers=x.x.x.x --prop:vami.gateway.VMware_vRealize_Suite_Life_Cycle_Manager_Appliance=x.x.x.x --prop:vami.domain.VMware_vRealize_Suite_Life_Cycle_Manager_Appliance=mgmt.vmw --prop:vami.searchpath.VMware_vRealize_Suite_Life_Cycle_Manager_Appliance=mgmt.vmw --prop:vami.DNS.VMware_vRealize_Suite_Life_Cycle_Manager_Appliance=x.x.x.x --prop:vami.ip0.VMware_vRealize_Suite_Life_Cycle_Manager_Appliance=x.x.x.x --prop:vami.netmask0.VMware_vRealize_Suite_Life_Cycle_Manager_Appliance=255.255.255.0 C:UsersAdministratorDownloadsvra-lcm-installer-14878991vrlcmVMware-vLCM-Appliance-8.0.0.16-14878959_OVF10.ova vi://root@esxmb4.mgmt.vmw/

1	ovftool --name=vrslcm2.mgmt.vmw --X:injectOvfEnv --X:logFile=ovftool.log --allowExtraConfig --noSSLVerify --datastore=vsanDatastore --network=VM_MGMT --acceptAllEulas --diskMode=thin --powerOn --prop:vami.hostname=vrslcm2.

vSphere

TKG Series-Part 4: Deploy Sample Workload/Application

Like this:

TKG Series-Part 3: Deploy TKG Workload (Kubernetes) Cluster

Like this:

TKG Series-Part 2: Deploy TKG Management Cluster

Like this:

TKG Series-Part 1: Lab Setup

Hardware & Software Requirements

My Lab Walkthrough

Like this:

VMware Cloud Director-What’s New-NSX-T UI Enhancements

Like this:

Upgrading vCSA 6.7 to 7.0 via CLI

Like this:

Configuring vCenter Adapter in vROPs via API

Like this:

vRLI Distributed Install/Upgrade via vRSLCM API

Like this:

vROPs Distributed Install/Upgrade via vRSLCM API

Like this:

Automating vRSLCM 8.x End to End Configuration via API

Like this:

Spread the Love

Like this:

Spread the Love

Like this:

Spread the Love

Like this:

Hardware & Software Requirements

My Lab Walkthrough

Spread the Love

Like this:

Spread the Love

Like this:

Spread the Love

Like this:

Spread the Love

Like this:

Spread the Love

Like this:

Spread the Love

Like this:

Spread the Love

Like this: