WilliamLam.com

Using the new installation method for deploying OpenShift 4.5 on VMware Cloud on AWS

07.18.2020 by William Lam // 1 Comment

I recently saw a tweet from Jason Shiplett who works over on the VMware Validated Design (VVD) team (also my former team before joining VMware Cloud) who shared a new validated design for running Redhat OpenShift 4.3 on VMware Cloud Foundation. Funny enough, a couple of days ago I was just researching into deploying OpenShift running on VMware Cloud on AWS from a customer inquiry.

Timing could not have been better as RedHat just announced their OpenShift 4.5 release a few days ago as and one of the major updates is support for vSphere using their full stack automation also known as te Installer Provisioned Infrastructure (IPI) option. Previous to this, customers who wanted to deploy OpenShift on vSphere had to use the User Provisioned Infrastructure (UPI) method, which the VVD design also uses, which is much lengthier and complex when compared to the native IPI method.

For someone who has never worked with OpenShift before, this was great news and I get to try out this new deployment method on an VMware Cloud on AWS infrastructure 🙂

Pre-Requisites:

Step 1 - You will need a Linux system to perform the installation and it should have access to the vCenter Server running in VMware Cloud on AWS (VMC). In my example, I am using an Ubuntu Server 20.04 VM which is also running in the SDDC and has outbound internet connectivity.

Step 2 - Login to VMware Cloud on AWS console and create a new NSX-T network segment that is DHCP enabled. In my example, I named it openshift-network with a 192.168.3.0/24 configuration.

Step 3 - Navigate to Inventory->Groups and create the following groups and replace the CIDR networks with that of your SDDC:

Group	Name	IP Address Members
Compute	OpenShift Network	192.168.3.0/24
Compute	SDDC Management Network	10.2.0.0/16
Management	OpenShift Network	192.168.3.0/24

[Read more...]

Retrieving network statistics on VMware Cloud on AWS using NSX-T Policy API

07.16.2020 by William Lam // 1 Comment

One question that has come up lately from VMware Cloud on AWS customers is to understand their network traffic usage, especially as it pertains to traffic that exit or egress their SDDC. There are a number of graphical tools that can be used today to get insights into this information, one is the popular vRealize Network Insight Cloud solution which many of our VMware Cloud on AWS customers are taking advantage of to not only understand traffic usage and flow data history but is also instrumental in aiding customers when planning workload migrations from their on-premises datacenter to VMware Cloud on AWS.

While researching this topic, I also came to learn that this information can be retrieved using the NSX-T Policy API which is available to all customers to use. We are going to be leveraging the Tier-0 statistics interface API from NSX-T which will give us both transmit and receive stats on all supported interfaces. From the diagram below, we can see the interfaces that are applicable to VMware Cloud on AWS is the Internet interface which includes VPN traffic, VPC interface which includes traffic going to Linked VPC and Direct Connect interface which includes traffic when using AWS Direct Connect.

As you might expect, these exact same three interface types is then represented as logical interfaces within the NSX-T Policy API which uses the following IDs:

cross-vpc
public
direct-connect

Note: Statistics on the Direct Connect interface will also include traffic if you are using the new VMware Transit Connect with AWS Transit Gateway feature.

These interface can be discovered by performing a GET on /policy/api/v1/infra/tier-0s/vmc/locale-services/default/interfaces and then you would then identify the two NSX-T Edge (Active/Passive) and construct the T0 URL to retrieve the statistics. I will not bore you with the details and have implemented this as a new PowerShell function called Get-NSXTT0Stats and for those interested in the implementation, please see the code here.

Note: For those wanting to see the full NSX-T Policy REST URLs, simply append -Troubleshoot flag and that will output additional information on how I am retrieving the various pieces of information required to call into the T0 Stats API.

[Read more...]

Is vSphere with Kubernetes available for evaluation?

07.14.2020 by William Lam // 1 Comment

Yes. Given the frequency that this question has come up, I thought it would be useful to share some more details on how you can start playing with the new vSphere with Kubernetes (K8s) capability which was introduced as part of the vSphere 7.0 release. vSphere w/K8s requires NSX-T and although vSphere (ESXi and vCenter Server Appliance) has supported a 60 day evaluation period, NSX-T historically did not support any self-service evaluation. In addition, there were also some confusion in how vSphere w/K8s was bundled today from a packaging standpoint which is offered as part of the VMware Cloud Foundation (VCF) 4.0 SKU.

Putting aside the pricing and packaging aspects, customers can indeed evaluate vSphere w/K8s using one of the following two options below:

Option 1: 60 Day Eval

Sign up for the vSphere 7.0 (ESXi & VCSA) evaluation (https://my.vmware.com/en/web/vmware/evalcenter?p=vsphere-eval-7) and NSX-T 3.0 evaluation (https://my.vmware.com/web/vmware/evalcenter?p=nsx-t-eval). After signing up you will receive evaluation keys that can be used when setting up vSphere w/K8s. If you want to quickly go from 0 to Kubernetes, be sure to check out my vSphere with K8s Automation Lab Deployment which can give you a running environment in under 30min!

Option 2: 365 Day Eval

Sign up for VMUG Advantage which includes VMUGEval that provides licenses for vSphere 7.0, NSX-T 3.0, VCF 4.0 and many other VMware products for an entire year for non-production usage. After signing up you will receive license keys that will be valid for 1 year which can then be used when setting up vSphere w/K8s. With VMUG Advantage, you can consume vSphere w/K8s the "manual" method, using my vSphere with K8s Automation Lab Deployment or using SDDC Manager which is part of VCF 4.0 to automatically deployed the required SDDC infrastructure so that can then enable vSphere w/K8s.

Here is a screenshot of my vSphere w/K8s environment which was deployed using my Sphere with K8s Automation Lab Deployment script and using the evaluation keys which I had just signed up!

Option 3: Infinite Day Eval

VMware Hands-on-Lab is another great option which is completely free and you only need a web browser! You can check out HOL-2113-01-SDC for more details.