Search Results for: decryptK8Pwd.py

Dynamically Rebalance or Evacuate VKS Control Plane / Worker Nodes across vSphere Zones in VCF 9.0

12.16.2025 by William Lam // 2 Comments

vSphere Zones in VMware Cloud Foundation (VCF) 9.0 have been enhanced to offer greater flexibility in resource consumption and isolation for both vSphere Supervisor Control Plane VMs (Management), vSphere Kubernetes Service (VKS) Cluster (Workloads) or a combination of the two.

Depending on your required level of management availability and workload isolation, administrations have several vSphere Supervisor Zone deployment options to select from:

Note: The management zone selection (single vs multi) is only configurable during the initial enablement of vSphere Supervisor. It is currently NOT possible to reconfigure the vSphere Supervisor to switch from a single to multi-zone management without re-deploying vSphere Supervisor.

[Read more...]

Quick Tip - Using VCF CLI to login to vSphere Supervisor when configured with VCF Automation

12.05.2025 by William Lam // 1 Comment

When a vSphere Supervisor Cluster is configured to be consumed by VCF Automation, the Identity Provider (IdP) for that vSphere Supervisor is automatically configured to redirect to VCF Automation (VCFA) as an OIDC relay.

When an end user wishes to access or manage their resources, they will be directed to the IdP that has been configured for their Organization Portal. To create a k8s login context, they will need to create a VCFA API token that is then passed to the VCF CLI before they can interact with their resources using kubectl.

Below is an example VCF CLI command where I am logging into an Organization Portal called legal and I have specified my VCFA endpoint along with the VCFA API Token to login as an end user.

vcf context create legal --endpoint auto01.vcf.lab --api-token $VCF_CLI_VCFA_API_TOKEN --insecure-skip-tls-verify --type cci --tenant-name legal

However, if you are an administrator who is managing the underlying VCF Infrastructure and need to troubleshoot or access the vSphere Supervisor Cluster, an alternative workflow will be required.

[Read more...]

vSphere Pods using VDS based Supervisor in vSphere with Tanzu?

05.23.2023 by William Lam // 12 Comments

vSphere with Tanzu has received an exciting update with the release of vSphere 8.0 Update 1, which removes the restriction for requiring NSX-based networking to deploy Supervisor Services. This is really cool because customers with only a VDS based Supervisor can now also get the benefits of the various Supervisor Services that vSphere with Tanzu supports!

For those not aware, Supervisor Services are deployed as vSphere Pods, which is a super tiny VM that boots up a Photon OS kernel and is configured with just enough resources to run one or more Linux containers. In earlier releases of vSphere with Tanzu, vSphere Pods required an NSX based Supervisor, but with this restriction removed in vSphere 8.0 Update 1, it seems like deploying vSphere Pods should also be possible with just a VDS based Supervisor? ?

[Read more...]