WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
  • VKS
  • Homelab
    • Hardware Options
    • Hardware Reviews
    • Lab Deployment Scripts
    • Nested Virtualization
    • Homelab Podcasts
  • VMware Nostalgia
  • Apple

Search Results for: vSphere with Kubernetes

Introducing VMware Tanzu Community Edition (TCE) - Tanzu Kubernetes for everyone!

10.04.2021 by William Lam // 10 Comments

A very exciting new project was just announced at the DevOps Loop Conference called Tanzu Community Edition or TCE for short.

What is TCE and why should you care?

Today, it can be challenging for end users (administrators, architects, developers, platform operators, etc.) to get first hand experience with VMware's Tanzu portfolio. Some of the challenges can include downloading the software, licensing the software and having the required resources to run the software.

TCE aims to provide a frictionless experience for anyone that wants to get hands with an enterprise grade Kubernetes platform, that is fully featured with our Tanzu commercial offerings. TCE is easy to use, freely available for anyone to download and use for learning, testing, development and pre-production purposes.

In addition, TCE also includes newer features that are not found in the Tanzu commercial offering (yet) and early experimental features that the community will be the first to try out! As features further develop and mature based on feedback from the community, they will eventually graduate into our commercial offerings.
Not only does TCE provide access to the same commercial offering of our Kubernetes runtime called Tanzu Kubernetes Grid (TKG), but it also includes additional packages that can be optionally installed that can help with building, managing, deploying and running modern applications and services.

[Read more...]

Categories // VMware Tanzu Tags // Tanzu Community Edition, Tanzu Kubernetes Grid, TCE

Single node Supervisor Control Plane VM for vSphere with Tanzu now possible in vSphere 7.0 Update 3

09.28.2021 by William Lam // 8 Comments

Last year, when vSphere with Kubernetes (original name of what is now vSphere with Tanzu) was first released, I had shared a process on how to deploy a minimal setup including a detailed write-up for setting up vSphere with Tanzu on an Intel NUC with just 32GB of memory.

I am always looking for ways to simplify and ease the consumption of various VMware technologies within a homelab and I was pretty happy with the tweaks that I could make to reduce the amount of resources needed to run vSphere with Tanzu. Instead of needing to deploy three Supervisor Control Plane VMs, the modification to the vSphere with Tanzu configuration, allowed me to deploy just two Supervisor Control Plane VMs. It was unfortunate that deploying only a single Supervisor Control Plane VM at the time was not possible due to a known issue.

While deploying a pre-release of vSphere 7.0 Update 3 in one of my lab environments, I was going through the process of tweaking the vSphere with Tanzu configuration before enablement and I figure why not try the one node setting, in case it was fixed 🤷 I honestly was not expecting it to work since there was an internal bug that was filed awhile back and I had not seen the bug closed. To my complete surprise, vSphere with Tanzu enabled successfully and there was just a single Supervisor Control Plane VM!


It turns out that someone from Engineering must have fixed the issue and a single Supervisor Control Plane VM is now possible with the upcoming release of vSphere 7.0 Update 3! 🥳

UPDATE (07/02/24) - As of vSphere 8.0 Update 3, you no longer have the ability to configure a single Supervisor Control Plane VM using the minmaster and maxmasters parameters, which have also been removed from /etc/vmware/wcp/wcpsvc.yaml in favor of allowing users to control this configuration programmatically as part of enabling vSphere IaaS (formally known as vSphere with Tanzu). The updated vSphere IaaS API that allows users to specify number of Supervisor Control Plane VM will not be available until the next major vSphere release. While this regressed capability is unfortunate, it was also not an officially supported configuration and for users who wish to specify the number of Supervisor Control Plane VM using YAML method, you will need to use an earlier version of vSphere.

To change the settings, you will need to SSH to the VCSA and edit the following configuration file /etc/vmware/wcp/wcpsvc.yaml and search for minmasters and maxmasters and change the value from 3 to 1.

minmasters: 1
maxmasters: 1

For the changes to go into effect, you will need to restart the vSphere with Tanzu service which is listed as wcp by running the following command:

service-control --restart wcp

In addition, for homelab purposes, you may also want to change the controlplane_vm_disk_provisioning parameter, which defaults the Supervisor Control Plane VM to Thick provisioned rather than Thin, which many folks use in their labs.

controlplane_vm_disk_provisioning: "thin"

Categories // Home Lab, VMware Tanzu, vSphere 7.0 Tags // vSphere Kubernetes Service

Heads Up - Verify the SSL certificate trust for your vSphere with Tanzu Content Library

07.28.2021 by William Lam // 1 Comment

I just learned that SSL certificate for VMware's vSphere with Tanzu Content Library (https://wp-content.vmware.com/v2/latest/lib.json) had just been updated a few days ago and this will have an impact for anyone who had subscribed to the Content Library prior to the certificate update.

Since I had setup the subscribed Content Library several months back, all the OVAs at the time were already sync'ed and there are no immediate errors when the "Fetch Content Library" task is performed (which will be fixed in a future release). However, I was seeing some strange issues with deploying specific versions of Kubernetes and I did not think much of it and deploying another version was fine, so I figured maybe it was just my setup. I also had another lab, so I ended up using that environment most recently.

It is only until you click on a specific Content Library Item and perform a manual sync will you see the following error, which indicates you are affected:

A general system error occurred: HTTP request error: cannot authenticate SSL certificate for host wp-content.vmware.com.


The quickest way to check whether you are affected is by looking at the configured SSL Thumbprint of your subscribed Content Library and comparing that to the vSphere with Tanzu Content Library endpoint.


Unfortunately, the configured SSL Thumbprint for the subscribed Content Library is not visible in the vSphere UI, but this information is available in the vSphere Content Library API.

I just put together this quick PowerCLI snippet which will retrieve the SSL Thumbprint for your subscribed Content Library and compare to the current thumbprint. If it does not match, you will get an error message printing out the current SSL Thumbprint.

Connect-CisServer -Server vcsa.primp-industries.local -User *protected email* -Password VMware1!

$SubscribedCLName = "TKG-Content-Library"
$TKGCLThumbprint = "01:8D:FD:13:A6:9E:CA:AC:CB:7C:67:18:C1:47:11:8C:64:91:5D:C9"

$contentLibraryService = Get-CisService com.vmware.content.library
$LibraryIDs = $contentLibraryService.list()

foreach($libraryID in $LibraryIDs) {
        $library = $contentLibraryService.get($libraryID)
        if($library.name -eq $SubscribedCLName) {
            $ContentLibrary = $Library
            break
        }
}

if($ContentLibrary.subscription_info.ssl_thumbprint -ne $TKGCLThumbprint.toLower()) {
    Write-Error "SSL Thumbprint $($ContentLibrary.subscription_info.ssl_thumbprint) for $SubscribedCLName does not currently match!`n"
}

The fix is straight forward, simply edit the settings of your subscribed Content Library, do not make any changes and then click on OK. Since the configured SSL Thumbprint no longer matches the hosted Content Library, you will be prompted with an action to confirm the new thumbprint and then you can save the settings.


As of right now, the SSL Certificate for the hosted vSphere with Tanzu Content Library is valid until July 7, 2022 and I expect that VMware will replace the TLS certificate prior to that date and this operation will need to be performed again. Since this issue was initially reported internally, I have also asked to see if an official VMware KB to be published.

Categories // VMware Tanzu Tags // content library, vSphere Kubernetes Service

  • « Previous Page
  • 1
  • …
  • 10
  • 11
  • 12
  • 13
  • 14
  • …
  • 36
  • Next Page »

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Mastodon
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • Automating the vSAN Data Migration Pre-check using vSAN API 06/04/2025
  • VCF 9.0 Hardware Considerations 05/30/2025
  • VMware Flings is now available in Free Downloads of Broadcom Support Portal (BSP) 05/19/2025
  • VMUG Connect 2025 - Minimal VMware Cloud Foundation (VCF) 5.x in a Box  05/15/2025
  • Programmatically accessing the Broadcom Compatibility Guide (BCG) 05/06/2025

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2025

 

Loading Comments...