TKG v1.4 LDAP (Active Directory) integration with Pinniped and Dex

LDAP integration with Pinniped and Dex is a topic that I have written about before, particularly with TKG v1.3. However, recently I had reason to deploy TKG v1.4 and noticed some nice new enhancements around LDAP integration that I thought it worthwhile highlighting. One is the fact that you no longer need to have a web browser available in the environment where you are configuring LDAP credentials which was a requirement is the previous version. In this post, I will deploy a TKG v1.4 management cluster on vSphere. This environment uses the NSX ALB to provide IP addresses for both…

TKG v1.4 Prometheus + Grafana Package Deployment: package reconciliation failed

I was recently running through the exercise of deploying Cert Manager, Contour (+ Envoy Ingress), Prometheus and Grafana packages available with TKG v1.4, just to see what steps were involved in setting up a full monitoring stack for my TKG cluster. This was a TKG deployment to vSphere, using the NSX Advanced Load Balancer for Load Balancer functionality. You can read about the new enhancements around the NSX ALB and TKG v1.4 here.  Honestly, it is pretty straight-forward, with some detailed documentation on the topic available here. Everything was plain sailing until I tried to deploy the Grafana package with,…

Cleaning up NSX ALB (Avi) Pool when referred to by L4PolicySet

I’ve been using the NSX Advanced Load Balancer for many of my experiments in the lab. Sometimes I build configurations that do not work correctly, especially around TKG. From time to time, I find that my TKG management cluster does not stand up successfully, and so I have to manually clear it down and start over. From time to time, this has left my NSX ALB with some objects that also need to be manually cleaned up. While I can delete Virtual Services and Virtual IP Addresses with ease in the NSX ALB portal/UI, I am sometimes left in a…

TKG v1.4 & NSX ALB – Ingress Health Monitor Anomaly

As I continue to look at TKG version 1.4, I wanted to start using VMware NSX Advanced Load Balancer integrated with the Project Contour (Envoy Ingress) package. Project Contour is a control plane for the Envoy Ingress that is included with the package, but which also has the ability to dynamically change the Ingress configuration. It is included as an add-on package to TKG v1.4. To use it, I deployed a TKG management cluster and a TKG workload cluster using an NSX ALB (v 20.1.5) for the Load Balancing Service. I then proceeded to deploy the Contour package. While the…

TKG v1.4 – Some nice new features

Over the last week or so, VMware recently announced the release of TKG version 1.4. On reading through the release notes, there were a few features that caught my eye, so I thought I would deploy a cluster and take a closer look. In particular, two features were of interest. The first of these is support for the NSX Advanced Load Balancer (ALB) service in workload clusters, which is available through the Avi Kubernetes Operator (AKO). This is applicable when TKG is deployed on vSphere. There is also new support for the NSX ALB as a control plane endpoint provider.…

TKG v1.3 and the NSX Advanced Load Balancer

In my most recent post, we took a look at how Cluster API is utilized in TKG. Note that this post refers to the Tanzu Kubernetes Grid (TKG) multi-cloud version, sometimes referred to as TKGm. I will use this naming convention to refer to the multi-cloud TKG in this post, so that it is differentiated from other TKG products in the Tanzu portfolio. In this post, we will take a closer look at a new feature in TKG v1.3, namely the fact that it now supports the NSX ALB – Advanced Load Balancer (formerly known as AVI Vantage) – to…

First steps with the NSX Advanced Load Balancer (NSX ALB)

As part of the vSphere 7.0 Update 2 (U2) launch, VMware now provides another Load Balancer option for vSphere with Tanzu. This new Load Balancer, built on Avi Networks technology (and previously known as Avi Vantage), provides another production-ready load balancer option for your vSphere with Tanzu deployments. This Load Balancer, now called the NSX Advanced Load balancer, or NSX ALB for short, will provide Virtual IP addresses (VIPs) for the Supervisor Control Plane API server, the TKG (guest) clusters API server and any Kubernetes applications that require a service of type Load Balancer. In this post, I will go…