Kubernetes Storage on vSphere 101 – NFS revisited

In my most recent 101 post on ReadWriteMany volumes, I shared an example whereby we created an NFS server in a Pod which automatically exported a File Share. We then mounted the File Share to multiple NFS client Pods deployed in the same namespace. We saw how multiple Pods were able to write to the same ReadWriteMany volume, which was the purpose of the exercise. I received a few questions on the back on that post relating to the use of Services. In particular, could an external NFS client, even one outside of the K8s cluster, access a volume from…

Kubernetes Storage on vSphere 101 – ReadWriteMany NFS

Over the last number of posts, we have spent a lot of time looking at persistent volumes (PVs) instantiated on some vSphere back-end block storage. These PVs were always ReadWriteOnce, meaning they could only be accessed by a single Pod at any one time.  In this post, we will take a look at how to create a ReadWriteMany volume, based on an NFS share, which can be accessed by multiple Pods. To begin, we will use a useful NFS server image running in a Pod, and show how to mount the exported file share to another Pod, simply to get…

Gathering core dump files when encryption is enabled

One of the key new features of vSphere 6.5 is vSphere VM Encryption, a mechanism to encrypt all virtual machine files. This mechanism not only encrypts the VMDK, but also the metadata files and core dumps associated with a VM. Now, there would not be much point in sending an encrypted core dump file to VMware for analysis, so a mechanism has been put in place to allow these files to be recrypted using a password before sending them to VMware. The password can then be shared with VMware to allow us to examine the core dumps.  This is how…