WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud
  • Tanzu
    • Application Modernization
    • Tanzu services
    • Tanzu Community Edition
    • Tanzu Kubernetes Grid
    • vSphere with Tanzu
  • Home Lab
  • Nested Virtualization
  • Apple

Configuring Active Directory integration with VMware PKS Ops Manager using VMware Identity Manager (vIDM)

04.27.2018 by William Lam // 1 Comment

When configuring Ops Manager for VMware Pivotal Container Service (PKS) from an Authentication standpoint, you can either chose local authentication or use an external identity provider. The former means you are managing local users that reside within the User Account and Authentication (UAA) component of Ops Manager, which may be okay for a lab or proof of concept environment. However, for a Production deployment, most customers prefer to use their enterprise directory services which is typically Microsoft Active Directory.

Ops Manager can integrate with a number of external identity providers as long as it can speak SAML. For VMware customers, the preferred identity provider solution is VMware Identity Manager (vIDM) which not only supports Active Directory, but can also support a number of other directory service integrations like Active Directory Federation Services (ADFS) as example. Since vIDM supports SAML-based authentication, we can configure Ops Manager to use vIDM which also means we benefit from all of the enterprise Single Sign-On capabilities that vIDM delivers, including things like multi-factor authentication which can provide an additional layer of security when connecting to your PKS infrastructure.

Since there is currently no documentation on how to set this up, with the help of my colleague Blair Fritz and Assaf from the vIDM Engineering team, we have documented the process below which outline the required steps to integrate Ops Manager with vIDM.

[Read more...]

Categories // Cloud Native, Kubernetes Tags // active directory, Identity Provider, IDP, Ops Manager, PKS, SAML, VMware Identity Manager

Getting started with VMware Pivotal Container Service (PKS) Part 4: Ops Manager & BOSH

03.29.2018 by William Lam // 1 Comment

In this article, we will begin our PKS installation by deploying Pivotal Ops Manager which provides a management interface (UI/API) for Cloud/Platform Operators to manage the complete lifecycle of both BOSH and PKS from install, patch and upgrade. In addition, you can also deploy new application services using Ops Manager Tiles like adding an Enterprise-class Container Registry like VMware Harbor which can then be configured to work with PKS or any other solution that you may have deployed using Ops Manager.

As part of the the Ops Manager deployment, we will also install the BOSH Tile which is responsible for managing, provisioning, monitoring and self-healing of the VMs that make up a Kubernetes (K8S) Cluster deployment within PKS. BOSH supports a number of IaaS platforms which includes vSphere and through their Cloud Provider Interface (CPI), it will ensure the VMs are always up and in some cases, it may even delete and simply re-deploy VMs if they become unresponsive. This is all done completely automated without any interaction from the Cloud/Platform Operator which means for Developers, they can rest assure whatever SLA or High Availability options that have been defined as part of their application deployment, the underlying platform will ensure those requirements will always be met.

If you missed any of the previous articles, you can find the complete list here:

  • Getting started with VMware Pivotal Container Service (PKS) Part 1: Overview
  • Getting started with VMware Pivotal Container Service (PKS) Part 2: PKS Client
  • Getting started with VMware Pivotal Container Service (PKS) Part 3: NSX-T
  • Getting started with VMware Pivotal Container Service (PKS) Part 4: Ops Manager & BOSH
  • Getting started with VMware Pivotal Container Service (PKS) Part 5: PKS Control Plane
  • Getting started with VMware Pivotal Container Service (PKS) Part 6: Kubernetes Go!
  • Getting started with VMware Pivotal Container Service (PKS) Part 7: Harbor
  • Getting started with VMware Pivotal Container Service (PKS) Part 8: Monitoring Tool Overview
  • Getting started with VMware Pivotal Container Service (PKS) Part 9: Logging
  • Getting started with VMware Pivotal Container Service (PKS) Part 10: Infrastructure Monitoring
  • Getting started with VMware Pivotal Container Service (PKS) Part 11: Application Monitoring
  • vGhetto Automated Pivotal Container Service (PKS) Lab Deployment

[Read more...]

Categories // Automation, Cloud Native, Kubernetes, NSX Tags // BOSH, cloud native apps, Kubernetes, Ops Manager, PCF, Pivotal, PKS

Search

Author

William Lam is a Senior Staff Solution Architect working in the VMware Cloud team within the Cloud Infrastructure Business Group (CIBG) at VMware. He focuses on Cloud Native technologies, Automation, Integration and Operation for the VMware Cloud based Software Defined Datacenters (SDDC)

Connect

  • Email
  • GitHub
  • LinkedIn
  • RSS
  • Twitter
  • Vimeo

Recent

  • Changing the default HTTP(s) Reverse Proxy Ports on ESXi 8.0 03/22/2023
  • Quick Tip - How to download ESXi ISO image for all releases including patch updates? 03/15/2023
  • SSD with multiple NVMe namespaces for VMware Homelab 03/14/2023
  • Is my vSphere Cluster managed by vSphere Lifecycle Manager (vLCM) as a Desired Image or Baseline? 03/10/2023
  • Interesting VMware Homelab Kits for 2023 03/08/2023

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2023