Resizing TKGm Cluster in VCD

Posted on 28-12-2021 by Manish Jha

This blog post explains how to resize (horizontal scale) a CSE provisioned TKGm cluster in VCD.

In my lab, I deployed a TKGm cluster with one control plane and one worker node.

[root@cse ~]# kubectl get nodes
NAME        STATUS   ROLES                  AGE   VERSION
mstr-4fxl   Ready    control-plane,master   21h   v1.21.2+vmware.1
node-cstl   Ready    <none>                 21h   v1.21.2+vmware.1

[root@cse ~]# kubectl get nodes

NAME STATUS ROLES AGE VERSION

mstr-4fxl Ready control-plane,master 21h v1.21.2+vmware.1

node-cstl Ready <none> 21h v1.21.2+vmware.1

To resize the cluster through the VCD UI, go to the Kubernetes Container Clusters page and select the TKGm cluster to resize. Click on the Resize option.

Select the number of worker nodes you want in your TKGm cluster and click the Resize button.… Read More

NSX ALB Integration with VCD-Part 1: Design Patterns

Posted on 28-11-2021 by Manish Jha

Overview

NSX Advanced Load Balancer provides multi-cloud load balancing, web application firewall, application analytics, and container ingress services from the data center to the cloud. It is an Intent-based software load balancer that provides scalable application delivery across any infrastructure. NSX ALB provides 100% software load balancing to ensure a fast, scalable and secure application experience. It delivers elasticity and intelligence across any environment.

With the release of VCD 10.2, NSX Advanced Load Balancer integration is available for use by the tenants. Service Provider configured NSX ALB and exposes load balancing functionality to the tenants so that tenants can deploy load balancers in a self-service fashion.

The latest release of VCD (10.3.1) supports NSX ALB versions up to 21.1.2. Please check the VMware product interop matrix before planning your deployment.

In this blog post, I will be talking about the NSX ALB design patterns for VCD and the ALB integration steps with VCD.… Read More

Tanzu Kubernetes Grid Ingress With NSX Advanced Load Balancer

Posted on 08-09-2021 by Manish Jha

NSX ALB delivers scalable, enterprise-class container ingress for containerized workloads running in Kubernetes clusters. The biggest advantage of using NSX ALB in a Kubernetes environment is that it is agnostic to the underlying Kubernetes cluster implementations. The NSX ALB controller integrates with the Kubernetes ecosystem via REST API and thus can be used for ingress & L4-L7 load balancing solution for a wide variety of Kubernetes implementation including VMware Tanzu Kubernetes Grid.

NSX ALB provides ingress and load balancing functionality for TKG using AKO which is a Kubernetes operator that runs as a pod in the Tanzu Kubernetes clusters and translates the required Kubernetes objects to Avi objects and automates the implementation of ingresses/routes/services on the Service Engines (SE) via the NSX ALB Controller.

The diagram below shows a high-level architecture of AKO interaction with NSX ALB.

AKO interacts with the Controller & Service Engines via API to automate the provisioning of Virtual Service/VIP etc.… Read More

Monitor Tanzu Kubernetes Cluster with Prometheus & Grafana

Posted on 24-08-2021 by Manish Jha

Introduction

Monitoring is the most important part of any infrastructure. Day-2 operations are heavily dependent on the monitoring/alerting/logging aspects. Containerized applications are now part of almost every environment and monitoring Kubernetes cluster eases the management of containerized infrastructure by tracking utilization of cluster resources.

As a Kubernetes operator, you would want to receive alerts if the desired number of pods are not running, if the resource utilization is approaching critical limits, or when failures or misconfiguration cause pods or nodes to become unable to participate in the cluster.

Why Kubernetes monitoring is a challenge?

Kubernetes abstracts away a lot of complexity to speed up application deployment; but in the process, it leaves you blind as to what is actually happening behind the scenes, what resources are being utilized, and even the cost implications of the actions being taken. In a Kubernetes world, the number of components is typically more than traditional infrastructure, which makes root cause analysis more difficult when things go wrong.… Read More

Centralized Logging For TKG using Fluentbit and vRealize Log Insight

Posted on 20-08-2021 by Manish Jha

Monitoring is one of the most important aspects of a production deployment. Logs are the savior when things go haywire in the environment, so capturing event logs from the infrastructure pieces is very critical. Day-2 operations become easy if you have comprehensive logging and alerting mechanism in place as it allows for a quick response to failures in infrastructure.

With the increasing footprint of K8 workloads in the datacenter, centralized monitoring for K8 is a must configure thing. The application developers who are focused on developing and deploying containerized applications are usually not well versed with backend infrastructure.

So if a developer finds any errors in the application logs, they might not find out that the issue is causing because of an infrastructure event in the backend, because centralized logging is not in place and infrastructure logs are stored in a different location than the application logs.

The application and infrastructure logs should be aggregated so that it’s easier to identify the real problem that’s affecting the application. … Read More

Deploying Harbor Registry for Tanzu Kubernetes Grid

Posted on 25-07-2021 by Manish Jha

Introduction

Harbor is an open-source registry that is used to store the containerized images that will be consumed by the Docker/Kubernetes platform. The images stored in the Harbor registry are secured using policies and role-based access control. Harbor, delivers compliance, performance, and interoperability to help you consistently and securely manage artifacts across cloud-native compute platforms like Kubernetes and Docker.

Why harbor

Harbor not only provides a container registry but also can do vulnerability scanning and trust signing of your docker images. It also has a really smooth web interface that allows you to do things like RBAC, project creation, user management, and more.

Harbor supports the replication of images between registries and also offers advanced security features such as user management, access control, and activity auditing.

Harbor Deployment Model

Harbor can be deployed both as a regular workload or as a K8 instance. Deploying as a K8 instance is very handy if you already have a Kubernetes management cluster.… Read More

Tanzu Kubernetes Grid 1.3 Deployment with NSX ALB in VMC

Posted on 27-06-2021 by Manish Jha

Tanzu Kubernetes Grid 1.3 brought many enhancements with it and one of them was the support for NSX Advanced Load Balancer for load balancing the Kubernetes based workloads. TKG with NSX ALB is fully supported in VMC on AWS. In this post, I will talk about the deployment of TKG v1.3 in VMC.

In this post, I will not cover the steps of NSX ALB deployment as I have already documented it here

Prerequisites

Before starting the TKG deployment in VMC, make sure you have met the following prerequisites:

SDDC is deployed in VMC and outbound access to vCenter is configured.
Segments for NSX ALB (Mgmt & VIP) are created.
NSX ALB Controllers and Service Engines are deployed and controllers’ initial configuration is completed.

Deployment Steps

Create Logical Segments & Configure DHCP

Create 2 DHCP enabled logical segments, (one for the TKG Management and one for the TKG Workload) in your SDDC by navigating to Networking & Security > Network > Segments.… Read More

vSphere with Tanzu Integration in VCD

Posted on 15-06-2021 by Manish Jha

Overview

Prior to v10.2, VMware Cloud Director supported K8 cluster deployment natively and integrated with ENT-PKS. With the release of v10.2, K8 integration is extended to vSphere with Tanzu. This integration enables Service Providers to create a self-service platform for Kubernetes Clusters that are backed by the vSphere 7.0 and NSX-T 3.0. By using Kubernetes with VMware Cloud Director, you can provide a multi-tenant Kubernetes service to your tenants.

In this article, I will walk through the steps of integrating vSphere with Tanzu with VCD.

Pre-requisites for Tanzu Integration with VCD

Before using vSphere With Tanzu with VCD, you have to meet the following pre-requisites:

VMware Cloud Director appliance deployed & initial configuration completed. Please see VMware’s official documentation on how to install & configure VCD.
vCenter 7.0 (or later version) with an enabled vSphere with VMware Tanzu functionality added to VMware Cloud Director. This is done under Resources > Infrastructure Resources > vCenter Server Instances.

Getting Started With NSX ALB: Part-1- Introduction & Architecture

Posted on 19-11-2020 by Manish Jha

NSX Advanced Load Balancer (Formerly Avi Vantage) is a multi-cloud Software Defined Load Balancer which provides scalable application delivery across any infrastructure. NSX ALB is 100% software-defined and provides:

Multi-cloud: Consistent experience across on-premises and cloud environments through central management and orchestration.
Intelligence: Built-in analytics drive actionable insights that make autoscaling seamless, automation intelligent and decision making easy.
Automation: 100% RESTful APIs enable self-service provisioning and integration into the CI/CD pipeline for application delivery.

Note: NSX ALB solution came through VMware acquisition of Avi Networks in 2019.

Some of the key features of NSX ALB are:

Autoscaling of Load Balancers and Applications.
Web Application Analytics & Performance Insights.
Automation for IT, Self-Service for Developers.

To know more about these features, please visit Avi Networks website.

NSX ALB Architecture

NSX-ALB Consists of two main components,

Avi Controller.
Service Engines (SE).

Controllers are deployed by platform administrator and Service Engines are automatically deployed by the controller when we create Virtual Services.… Read More

VMware Cloud Marketplace Integration with VCD App Launchpad

Posted on 27-05-2020 by Manish Jha

In this post I will walk through steps of integrating VMware Cloud Marketplace with App LaunchPad in VCD. If you are new to App launchPad, then feel free to read my previous Article on this topic to have some background about this product.

What is VMware Cloud MarketPlace?

As per VMware Documentation

VMware Cloud Marketplace is a new service that will allow VMware partners to easily publish their solutions in a variety of formats (Ova’s, Container images or as SaaS offering).

VMware Cloud Marketplace offers customers a way to discover and consume third-party solutions in the same way that they discover and consume other VMware cloud services. The engineered and curated experience of VMware Cloud Marketplace also delivers to our customers the peace of mind that these solutions are validated to work on their target VMware platforms.

Advantage of Using VMware Cloud MarketPlace?

Customers can search for, filter through, and select the third-party solution that’s just right for them.… Read More