WilliamLam.com

Search Results for: veba

How to configure Knative and containerd in VMware Event Broker Appliance (VEBA) to use a private registry?

by // 2 Comments

I was recently helping out fellow colleague Patrick Kremer who was looking into an issue that one of our users had filed on how to configure the VMware Event Broker Appliance (VEBA) so that it can take advantage of a custom container registry for deploying VEBA functions. If you attempt to specify a container image from a private container registry, especially one that has a self-signed certificate, you will see the following error:

Unable to fetch image "harbor.primp-industries.local/library/veba/kn-py-echo:1.0": failed to resolve image to digest: Get "https://harbor.primp-industries.local/v2/": x509: certificate signed by unknown authority; Get "https://harbor.primp-industries.local:443/v2/": x509: certificate signed by unknown authority

I had assumed that this should have been a pretty trivial configuration change to make the underlying Kubernetes container runtime trust the desired container registry and that there would be an easy to follow tutorial that Patrick could search for. The latest release of VEBA has moved away from using the Docker runtime to containerd and this should have helped narrow down the search results, at least that was our assumption.

Not only are there plenty of resources online, but there seem to be multiple methods depending on the version of Kubernetes and containerd which was pretty overwhelming. After several attempts using various blog articles, Patrick found that the trust error has still not gone away. I finally decided to take a closer look and discovered that there are actually two components that must be updated to properly support a private container registry: containerd & Knative Serving Controller. I eventually found this page in the Knative Serving documentation that provided a hint but ultimately, I was not able to fully grok the details until I came across this Github thread that brought clarity on how to create the required secret for the root CA certificate which would allow the Knative Serving controller to trust the root CA certificate.

Below are the instructions for the required changes and I have also attempted to simplify the steps by providing automation snippets that makes it easy for anyone to consume. In my setup, I am using Harbor registry which was built from my Harbor Virtual Appliance but the steps should apply for any other private container registry.

[Read more...]

VMware Event Broker Appliance (VEBA) v0.7.2

by // Leave a Comment

The VEBA team is excited to share that we have just published our v0.7.2 release, which is a minor release and contains a number of enhancements as well as fixes that our users had observed in earlier v0.7.x releases. Highlighted below are some of new user facing capabilities along few of the backend updates. For a detailed change log, please refer to the v0.7.2 release notes.

What's New:

Backend Updates:

  • Updated OS to latest Photon OS 4.0 Rev2
  • Updated Knative Serving/Eventing stack to v1.1.0
  • Updated Kubernetes to v1.21.5
  • Migrated container runtime from Docker to Containerd
  • Pipeline and automation overhaul, publishing artifacts to GCR for scale and address docker rate limit issues

VMware Event Broker Appliance (VEBA) v0.7.1

by // 2 Comments

The VMware Event Broker Appliance (VEBA) team is excited to share that we have just delivered our final VEBA release for 2021, VEBA v0.7.1, which is a minor update that contains a couple of fixes that was observed in the original v0.7 release. With the recent log4j vulnerability disclosure, I also want to mention that VEBA is NOT affected.

As 2021 starts to wrap up, I also wanted to take this opportunity and thank everyone in our VEBA community for your continued support and engagement. Our public VEBA Slack channel has more than doubled in size since launching and we just had our 250th user join this week! We also recently launched our VEBA Monthly Community Call, where folks can bring questions and use cases to discuss with others on how best to achieve certain outcomes. All sessions are recorded including meeting notes, which you can review in case you can not make. The community call occurs on the last Tuesday of each month at 8am PST (we will not be doing Dec call due to upcoming holidays).

Lastly, I could not be more excited for VEBA in 2022 and hopefully we will be able to share more news in the upcoming year. If you still have not heard of VEBA before and wish to learn more, I highly encourage you check out our VMworld 2021 session VEBA Revolutions - Unleashing the Power of Event-Driven Automation #CODE2773 and start on your Event-Driven Automation journey with our community.

Have a happy and safe holiday everyone! ☃️🥳🍾

What's New

Note: If you currently have vCenter Server 7.0 Update 3 installed, you may run into an issue when using the VEBA vSphere UI plugin. This is currently a known issue which will be fixed in a future vCenter Server update, however you can follow this blog post for a workaround.

New VEBA Logo

Last but not least, we also want to share that the VEBA project now has an official VMware logo! A big thanks to the VMware Brand team who helped create our logo in such a short amount of time, it turned out amazing and conceptualizes VEBA in such a simple, yet powerful graphic 👌


We certainly will miss the Otto the Orca as the "unofficial" VEBA logo that was designed and created by fellow VEBA teammate Robert Guske.