Kubernetes as a Service with VMware Cloud Director and Container Service Extension 3.1.1


Tanzu Normal is now obtainable with the VMware Cloud Supplier program. Final month we launched VMware Cloud Director 10.3.1 with Container Service Extension 3.1.1, which brings help to supply production-ready Kubernetes Clusters for Managed Service or Kubernetes as a Service with Tanzu Kubernetes Grid(TKG) Clusters.

This weblog put up covers a technical overview of Tanzu Normal parts with VMware Cloud Director(10.3.1), VMware Tanzu Mission Management(Service by way of Cloud Companion Navigator), and Container Service Extension(3.1.1).

Container Service Extension 3.1.1:

The Container Service Extension 3.1.1 offers the runtime for TKG clusters with three plugins – Container Community Interface(CNI), Container Storage Interface(CSI), and Cloud Supplier Interface(CPI). 

Determine 1: CSE provisioned Tanzu Kubernetes Grid Cluster on VMware Cloud Director

Container Storage Interface(CSI)

We will create TKG clusters with the Storage plugin(CSI) to help dynamic creation and deletion of Persistent Quantity with Kubernetes Clusters. A Lot of functions with a Database at their core require persistent storage to keep up software knowledge. Additionally, the volumes created by the apps make further storage disks with out including to current cluster assets necessities. With Built-in CSI plugin and PV help, clients’ software knowledge Persists upon adjustments within the TKG cluster and pods for stateful functions.

Determine 2: Persistent Volumes created and Claimed by an Utility on CSE provisioned TKG Cluster on VMware Cloud Director

Rights for Persistent Volumes:

Supplier requires to configure further rights to buyer org for Persistent Quantity creation. Tenant admin can add these different capabilities to the cluster creator function managing the Tanzu Kubernetes clusters. The Container Service Extension Official documentation web page describes rights and roles and their features right here.

To permit apps to create PVC, cluster-admin should outline storage class, for instance, discovered right here. As soon as the cluster creator offers a storage class, it may be set because the default storage class for all apps on the clusters. The TKG cluster creator then can configure this as a storage class for the apps. On this instance, I’m configuring a WordPress app by way of Bitnami Helmchart.

Determine 3: Created Persistent Quantity and Claims by WordPress app on TKG Cluster

Cloud Supplier Interface(CPI)

Cloud Supplier Interface offers a management for networking features particular to Ingress providers with VMware Cloud Director and NSX-T Superior Load balancer. The CCM pod for CPI works with VMware Cloud Director to create NAT guidelines and NSX-T Superior LB to automate Load balancer Service. Safe ingress entry (HTTPS) for visitor providers is offered by importing an SSL certificates with the title of Kubernetes Cluster. 

Determine 4: NAT rule for Ingress Entry to an Utility on TKG Cluster
Determine 5: Auto-configured Load Balancer Service for Ingress Entry on TKG Cluster
Determine 6: Cluster Writer uploaded SSL Certificates for safe Ingress on the client group VCD portal

Rights for Load Balancer Service Automation

Supplier must publish further rights for automated Load Balancing to buyer group. Tenant admin wants to supply these capabilities to the Tanzu Kubernetes cluster creator function. The supplier admin additionally should put together NSX-T Superior LB with VMware Cloud Director as described right here

Container Community Interface(CNI):

The Tanzu Kubernetes clusters embody Antrea as a Community plugin. To learn extra about Antrea Community Plugin, please entry the assets right here. The CNI Antrea plugin has been supported from Container Service Extension Launch 3.0.4.

CSE Server Greenfield Set up Upgrades for Tanzu Kubernetes Grig Clusters

There are further enhancements for greenfield set up of Container service extension. CSE server’s greenfield set up:

CSE Server Set up:

The server set up step consists of establishing the CSE server, connecting the CSE server with the VMware Cloud Director supplier portal, and importing TKG and Native templates to the VMware Cloud Director catalog.

Tenant Onboarding

The tenant onboarding consists of publishing rights bundles to the client group, enabling Container Service Extension UI plugin, and enabling buyer Group by CSE server.

Container Service Extension offers TKG Runtime by importing TKG OVAs to the Cloud supplier’s shared catalog. The suppliers can obtain these templates from the customer support portal.

The “cse template import” command permits suppliers to add TKG templates to outlined shared catalog on config. YAML file

Determine 7: ‘cse template import’ command to import TKG OVAs

The brand new discipline “no_vc_communication=true” is launched within the CSE server configuration, dependency from vCenter Server for TKG clusters. The brand new discipline worth concedes that the CSE server solely communicates with VMware Cloud Director Portal with out speaking with the underlying vCenter Server.

Tanzu Mission Management and Information Safety

Tanzu Mission Management Normal Version is included with Tanzu Normal. Tanzu Mission management may be accessed from the Cloud Companion Navigator buyer portal to handle Insurance policies, Information Safety, Picture Registries, and plenty of extra use instances. The shopper customers can connect the CSE provisioned TKG clusters to Tanzu Mission Management and leverage Information Safety performance with Persistent Volumes. The Information Safety with Tanzu Mission Management is described right here

Registry, Logging, and Monitoring

Cloud Suppliers can leverage Bitnami Content material Catalog for varied Kubernetes eco-system parts like Harbor Registry, Prometheus, and Grafana for Logging, and Monitoring. For these functions, the TKG cluster creator can use CPI model 1.0.2 documented right here. To use the newest CPI model, we will replace Pod to make use of the 1.0.2 model as follows:

  1. kubectl get pods -n kube-system (Fetch pod title containing 'vmware-cloud-director-ccm')
  2. Edit the pod content material by executing kubectl edit pod -n <vmware-cloud-director-ccm-xxxx>
  3. Substitute current 'picture:' content material with initiatives.registry.vmware.com/vmware-cloud-director/cloud-provider-for-cloud-director:1.0.2

To summarize, CSE 3.1.1 with VMware Cloud Director offers Tanzu Normal for Cloud Supplier for Kubernetes as a service and leverage Tanzu Normal parts resembling Tanzu Mission Management, Harbor for Registry, Prometheus Operator with Grafana from Bitnami Helm chart.

Additional Studying:

  1. Tanzu Mission Management for Cloud Suppliers
  2. Developer Prepared Cloud for Cloud Suppliers on Youtube
  3. Function Friday Video Collection together with Tanzu and Developer Prepared Cloud


Please enter your comment!
Please enter your name here