WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
  • VKS
  • Homelab
    • Hardware Options
    • Hardware Reviews
    • Lab Deployment Scripts
    • Nested Virtualization
    • Homelab Podcasts
  • VMware Nostalgia
  • Apple

Exploration of Tanzu Kubernetes Grid (TKG) multi-vCenter Server templating using YTT

07.16.2021 by William Lam // Leave a Comment

The motivation behind this blog post originates from a really cool blog post by Mike Brown who shared an interesting Telco use case for wanting to running Tanzu Kubernetes Grid (TKG) on VMware Cloud on AWS (VMConAWS) and centrally managing TKG Workload Clusters, which would run at each individual Edge/Cell Site location.

Awesome post from @vcdx71, lots of great nuggets! https://t.co/1tPFv1kpHf

1) 🔥@VMwareTanzu Kubernetes Grid (TKG) w/multi-vCenter Servers

2) 📈 Continue adoption of #VMWonAWS for DC Evac & extending to Edge Mgmt

3)📡 Cell Site/RAN mention,♥️ innovations from Telco customers

— William Lam (@lamw.bsky.social | @*protected email*) (@lamw) July 13, 2021

While reading through Mike's blog post, I noticed one of the steps was to edit the generated YAML from the TKG Management Cluster which would then be used to deploy the individual TKG Workload Clusters. This would need to happen for each new deployment 😮 and of course, this could be very error prone and frustrating for end users. Here is an example of what the YAML file looks like which is over 1K+ lines!

This screams for automation and I had been looking for a reason to try out YTT again, which is a YAML templating tool that is part of the open source project Carvel. Although I had played with YTT before, it did not feel intuitive, especially for a new user who was trying to solve a quick problem. I figured this was my opportunity to take another look at YTT.

After a couple of hours and a lot of trial/error, I ended up with a partial solution and realized that I would not be able to figure this out given there were even more complicated sections within the YAML. I felt the bar to getting started with YTT was still too high and it may not be the right tool for this particular situation. I opted for a quicker solution using sed, which I had experience with before, but I also know that depending on the problem, sed can be just as complex and I also dislike regular expressions  🙂

[Read more...]

Categories // Automation, Kubernetes, VMware Tanzu Tags // Carvel, Tanzu Kubernetes Grid, yaml, ytt

Packer reference for VMware Harbor Virtual Appliance

07.08.2021 by William Lam // 2 Comments

I recently had a need to setup a container registry for a project that I was working on and Harbor was of course my default choice. Although Harbor is pretty easy to setup, I did not want to manually go through the installation each time I needed Harbor and I figured it was time to build my own Harbor Virtual Appliance (OVA), just like I have shown in the past with these reference implementations here and here.

UPDATE (02/03/23) - VMware has productized and is now shipping an official VMware Harbor Virtual Appliance (OVA) as part of the latest Tanzu Kubernetes Grid (2.1) release.

Nice to finally see @project_harbor team release official OVA Appliance w/latest @VMwareTanzu Kubernetes Grid 2.1 release https://t.co/gZIW8SckH9

I still remember team reaching out about productizing what I had built back in 2021 🥳https://t.co/IyquqwZgEK

H/T @vmw_rguske pic.twitter.com/vwWsCtOSBe

— William Lam (@lamw.bsky.social | @*protected email*) (@lamw) February 3, 2023

For those interested, you can find the reference implementation for building a Harbor Virtual Appliance at https://github.com/lamw/harbor-appliance

When deploying the Harbor Appliance, you will find the basic OVF properties that I have encoded including networking, credentials, debugging and advanced settings. Hopefully should be pretty straight forward for anyone who has deployed an OVA before to vSphere.

[Read more...]

Categories // Kubernetes, VMware Tanzu Tags // Harbor, Kubernetes, Tanzu Kubernetes Grid, vSphere with Kubernetes

Quick Tip - vSphere Permission to view vSphere with Tanzu Namespaces

07.06.2021 by William Lam // 6 Comments

If you wish to create a custom vSphere Role that has the ability to view vSphere Namespaces which is part of vSphere with Tanzu, you will need to add the user to the following vSphere Single Sign-On Group: ServiceProviderUsers, which is located under Single Sign On->Users and Groups->Groups (2nd page) within the vSphere UI.


Once added, you can logout and log back in and the user should now see the vSphere Namespaces as shown in the screenshot below. In my example, I have a user named william which is created in the default vsphere.local domain and has been assigned the user the vSphere Read Only role along with this additional SSO group. They will be able to view all resources but will not have permission to make any changes to the infrastructure. If you are using Active Directory, the exact same process works and just make sure you log out and log back in for the changes to take effect.

Categories // VMware Tanzu, vSphere 7.0 Tags // permission, vSphere Kubernetes Service

  • « Previous Page
  • 1
  • …
  • 12
  • 13
  • 14
  • 15
  • 16
  • …
  • 28
  • Next Page »

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Mastodon
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • Automating the vSAN Data Migration Pre-check using vSAN API 06/04/2025
  • VCF 9.0 Hardware Considerations 05/30/2025
  • VMware Flings is now available in Free Downloads of Broadcom Support Portal (BSP) 05/19/2025
  • VMUG Connect 2025 - Minimal VMware Cloud Foundation (VCF) 5.x in a Box  05/15/2025
  • Programmatically accessing the Broadcom Compatibility Guide (BCG) 05/06/2025

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2025

 

Loading Comments...