WilliamLam.com

Configuring VCF Automation (VCFA) Organization Portal OIDC IdP using Terraform Provider for VCFA

by // Leave a Comment

I recently demonstrated how to automate the configuration of the VCF Automation (VCFA) Provider Portal using the new Terraform Provider for VCFA. You can also use the same provider to configure your VCFA Organization Portals.

In this blog post, I will use the Terraform Provider for VCFA (TF4VCFA) to configure a specific VCFA Organization Portal with an External Identity Provider (IdP), which can be super helpful if you need to manage multiple IdPs for each VCFA Organizations. The current release of the TF4VCFA only supports configuring an OIDC or LDAP resource, but VCFA does have support for OIDC, LDAP and SAML IdPs.

Since I use Keycloak as my IdP of choice, I will be demonstrating how to setup the OIDC IdP within VCFA.

[Read more...]

Flexible Combinations with VCF Fleet Deployment Models 

by // 2 Comments

When deploying a new VMware Cloud Foundation (VCF) Fleet, users can choose from two different deployment models: Simple (one-node) or High-Availability (3-node) within the VCF Installer, which applies to the VCF Automation, VCF Operations and NSX Manager components.


Here is a quick visual that represents the two different deployment models:


While the VCF Installer UI only provides two deployment options, the underlying VCF platform can actually support a combination of simple and HA deployment for the individual components based on your needs.

[Read more...]

Quick Tip - Deploy OVF/OVA with Basic Authentication Endpoint

by // 4 Comments

As part of rebuilding my VMware Cloud Foundation (VCF) 9.0.1 environment, a refresh of my VCF (Offline) Software Depot was needed to include the latest 9.0.1 binaries including various OVF/OVAs like Data Services Manager (DSM).

My VCF Software Depot has been configured with basic authentication, which is a requirement for the VCF Installer. This meant before I can import the DSM OVA into vCenter Server, I typically would need to download a local copy of the OVA, which got me thinking about this workflow ...

Can an OVF/OVA be deployed directly from a web server that requires basic authentication? 🤔

[Read more...]