As many readers are now aware, databases provisioned from DSM via VCF Automation have the option to create a vSphere Kubernetes Service cluster to host the database. The decision to use a VKS cluster or whether to use DSM’s own Kubernetes cluster is based on the Infrastructure Policy. If the Infrastructure Policy is built on traditional vSphere resources, then DSM’s own K8s is used. If the Infrastructure Policy points to a Supervisor Namespace, then VKS is used. In this post, I wanted to provide some tips and tricks on accessing and troubleshooting the DSM database and VKS cluster backing the…
Security is top of mind for most, if not all, of our customers these days. Many years ago, I wrote a blog post on how customers could encrypt Kubernetes Persistent Volumes with an external Key Provider. One of our customers recently reached out to me to ask if we had any plans to provide similar support with the Native Key Provider. As my focus has been in other areas recently, I reached out to our CSI engineering team for an update. I then found out that support was added in our most recent release, vSphere 8.0U3. While no changes we…
This video highlights another interesting feature of Data Services Manager (DSM) 2.0, namely the Consumption Operator. This allows customers with existing Kubernetes deployments to request DSM to provision databases from these K8s clusters, without switching context to either the DSM Gateway API or DSM UI. The videos shows how to install the operator and enable bindings for both infrastructure policies and backup locations. These bindings mean that only those resources can be used by end-users or developers who wish to create databases using this method.
One of the common asks we get from customers on Data Services Manager (DSM) 2.0 is the following: “I already run Kubernetes. Is it possible to create databases from my existing Kubernetes clusters using DSM?”. The answer is Yes. We provide a piece of software called the DSM Consumption Operator. This installs on your local Kubernetes (K8s) cluster and allows admins or developers to request the creation of databases (PostgreSQL, MySQL). On receipt of this request, DSM provisions its own K8s cluster, and then provisions the database on top. Your admins or developers can then connect to the database and…
This video will show the power of the Gateway API in Data Services Manager (DSM) 2.0. The Gateway API is a Kubernetes API for the creation, modification, query and deletion of DSM objects. There are two personas related to the Gateway API, the infrastructure admin and the DSM admin/user. The video shows how to retrieve the Kubernetes configuration file (kubeconfig) for each of the personas. It also shows how to use the gateway API to create infrastructure components such as an IP Pool, a VM Class and an Infrastructure Policy. The gateway API is a great tool for those administrators…
This session was selected by the VMware User Group (VMUG) for their Global Virtual Event which was held on June 27, 2023. As part of the session, some of the fundamentals of Kubernetes (K8s) are discussed. The talk then moves onto areas where vSphere Administrators can begin to onboard with Kubernetes, particularly when K8s control plane and worker nodes are deployed as a set of virtual machines on top of vSphere infrastructure. The two areas which are discussed in significant detail are the external Load Balancers and the vSphere CSI driver. The talk examines the options for different Load Balancers…
I’ve seen a number of queries around the behaviour of vSphere with Tanzu when it comes to querying Kubernetes objects on the Supervisor Cluster. More often than not, it is a question which arises when a user get an error similar to the following: Error from server (Forbidden): wcpnamespaces.appplatform.wcp.vmware.com is forbidden: \ User “sso:Administrator@vsphere.local” cannot list resource “wcpnamespaces” in API group \ “appplatform.wcp.vmware.com” in the namespace “cormac-ns” The reason for these errors is because the Supervisor Cluster is not treated as a general purpose Kubernetes cluster. The predominant role of the Supervisor Cluster is to provide services, such as the…