Encrypting Kubernetes Persistent Volumes on vSphere (Video)

In this video, we look at how to create a Storage Policy Based Management (SPBM) with the VM Encryption feature which can be used with vSphere CSI/CNS to create a Kubernetes Storage Class that encrypts Persistent Volumes. This feature is only available with the CSI 2.0 driver for native, upstream Kubernetes deployed on vSphere 7.0 (at the time of writing). You will also need to have a Key Management Server available to the vSphere host to create a policy that allows encryption. Finally, encrypted Persistent Volumes can only be attached to encrypted virtual machines, meaning that at least one of…

Getting started with the TKG (standalone) Command Line (Videos)

In this post, I have two short videos demonstrating how to (1) deploy the Tanzu Kubernetes Grid (standalone) management cluster using the “tkg” command line tool, and then once the TKG management cluster has been deployed, I show how to (2) very simply deploy a subsequent TKG workload cluster using the same “tkg” command. If you wish to know more detail, check out my full post on how to deploy TKG (standalone) step-by-step using the command line “tkg”. Here is the video (4m 27s) demonstrating how to deploy the TKG (standalone) management cluster. And this video (3m 57s) demonstrates how…

vRSLCM – Binary Mapping from Local are not listed – Solved

As mentioned in a previous post this week, I am looking at vRealize Suite Life Cycle Manager (vRSLCM). I’m coming at this as a newbie, and I am trying to use it in much the same way as one of our customers would use it. I previously stood up vRSLCM, so now I am at the point of where I would like to deploy another vRealize application, namely vRealize Operations. Rather than pulling the OVA image from My VMware, I wanted to see the behaviour when I manually download the latest vROps OVA, version 8.1.1, and store it directly on…

vRSLCM deployment – Failed to send http data – Solved

Yesterday I spun my wheels a bit on an issue I encountered whilst trying to deploy vRealize Suite Life Cycle Manager (vRSLCM) via the vRealize Easy Installer. I downloaded the ISO, opened it up, navigated to the vrlcm-ui-installer folder and clicked on the installer.exe. I selected the Install option, then went through the steps to roll-out the vRSLCM product, as shown below. Almost immediately on completing the deployment I hit this error: “Failed to send http data”: I examined the logs and this is what I found: 2020-07-13T13:49:45.201Z – info: output:PROGRESS 2020-07-13T13:49:50.307Z – info: output: 2020-07-13T13:49:50.310Z – info: output: ERROR…

A closer look at vSphere with Kubernetes Permissions

In many of my recent posts about vSphere with Kubernetes, I use a single user (administrator@vsphere.local) to do all of my work. This allows me to carry out a range of activities without worrying about permissions. This vSphere Single Sign-On (SSO) administrator has “edit” permissions on all of the vK8s namespaces. In this post, I want to look at how to assign some different vSphere SSO users and permissions to different namespaces, and also how these permissions are implemented in the vK8s platform (through the Kubernetes ClusterRole and RoleBinding constructs). Let’s start with a view of what a namespace looks…

vSphere with Kubernetes on VCF 4.0.1 Consolidated Architecture

VMware recently announced that availability of VMware Cloud Foundation (VCF) 4.0.1. I was particularly interested in this release as it introduced some enhancements around vSphere with Kubernetes deployments on the VCF Management Domain. We refer to the deployment of an application onto the management domain as a VCF consolidated architecture. Whilst we were able to deploy vSphere with Kubernetes on the management domain in VCF version 4.0, it was not seamlessly integrated. In particular, it was not possible to select the management domain to do the necessary vSphere for Kubernetes validation tests. In VCF 4.0.1, it is now possible to…

Tanzu Kubernetes Grid from the tkg Command Line Interface

After spending quite a bit of time looking at vSphere with Kubernetes, and how one could deploy a Tanzu Kubernetes Grid (TKG) “guest” cluster in a namespace with a simple manifest file, I thought it was time to look at other ways in which customers could deploy TKG clusters on top of vSphere infrastructure. In other words, deploy TKG without vSphere with Kubernetes, or VMware Cloud Foundation (VCF) for that matter.  This post will look at the tkg command line tool to first deploy a TKG management cluster, and once that is stood up, we will see how simple it…