Category Archives: Kubernetes

o WOMAN JOB INTERVIEW facebook

Interview with Daniel Bryant, Ambassador Labs – Kubernetes, PaaS, Err what’s next?

I’m really excited to get this interview out of the door. I missed Daniel’s session at KubeCon, “From Kubernetes to PaaS to … Err, What’s Next?”. The room was packed, I wasn’t able to sit in, so instead I watched it from the KubeCon live stream, sat on the beanbags in the hallway.

The session was fantastic, but I couldn’t ask any questions afterwards. So I dropped Daniel a message on twitter, and he agreed to chat, and be recorded for an interview.

Originally, we parked 25 minutes for the interview, but had so much fun we ended up at 47 minutes or so. Rather than cut everything down back to the 25 minutes mark. I decided to split the interview in two halves, so you can listen during your coffee breaks.

We break down Daniel’s KubeCon session in more depth, but importantly for me, give it a platform/infrastructure operations spin, as this is my background in IT as I build my knowledge in the Cloud Native world and learn knew technology and software.

I hope you enjoy it as much as I did recording it! (YouTube Playlist).

Part 1

Part 2

Regards

Dean Lewis

VMC Tanzu Header

VMware Cloud on AWS – Managed Tanzu Kubernetes Grid with Tanzu Mission Control

In my previous blog post, I detailed a full end to end guide in deploying and configurating the managed Tanzu Kubernetes Service offering as part of VMware Cloud on AWS (VMC), finishing with some example application deployments and configurations.

In this blog post, I am moving on to show you how to integrate this environment with Tanzu Mission Control, which will provide fleet management for your Kubernetes instances. I’ve wrote several blog posts on TMC previous which you can find below:

Tanzu Mission Control 
- Getting Started Tanzu Mission Control 
- Cluster Inspections 
- Workspaces and Policies  
- Data Protection 
- Deploying TKG clusters to AWS 
- Upgrading a provisioned cluster 
- Delete a provisioned cluster 
- TKG Management support and provisioning new clusters
- TMC REST API - Postman Collection
- Using custom policies to ensure Kasten protects a deployed application
Management with Tanzu Mission Control

The first step is to connect the Supervisor cluster running in VMC to our Tanzu Mission Control environment.

Connecting the Supervisor Cluster to TMC

Within the TMC console, go to:

  • Administration
  • Management Clusters
  • Register Management Cluster
    • Select “vSphere with Tanzu”

Managed Tanzu Kubernetes Service - VMC - TMC - Register Management Cluster

On the Register Management Cluster page:

  • Set the friendly name for the cluster in TMC
  • Select the default cluster group for managed workload clusters to be added into
  • Set any description and labels as necessary

Managed Tanzu Kubernetes Service - VMC - TMC - Register Management Cluster - Name and Assign

  • Proxy settings for a Supervisor Cluster running in VMC are not supported, so ignore Step 2.

Managed Tanzu Kubernetes Service - VMC - TMC - Register Management Cluster - Proxy Configuration

  • Copy the registration URL.

Managed Tanzu Kubernetes Service - VMC - TMC - Register Management Cluster - Register

  • Log into your vSphere with Tanzu Supervisor cluster.
  • Find the namespace that identifies your cluster and is used for TMC configurations, “kubectl get ns”
    • It will start “svc-tmc-xx”
    • Copy this namespace name

Managed Tanzu Kubernetes Service - VMC - TMC - Supervisor Cluster - Kubectl get namespace Continue reading VMware Cloud on AWS – Managed Tanzu Kubernetes Grid with Tanzu Mission Control

Tanzu Blog Logo Header

Tanzu Kubernetes Grid – Upgrading a Management and Workload Cluster deployed to vSphere

In this blog post, I am going to walk through how to upgrade both your Tanzu Kubernetes Grid Management and Workload clusters. I’ll cover the Tanzu CLI options, as well as how you can leverage the features of Tanzu Mission Control for upgrades as well.

For my example use cases, I’ll be upgrading from TKG 1.4.2 to 1.5.4. Although the process should be similar for other upgrade paths, I do recommend you consult the official documentation before attempting any upgrade in case there are any changes.

Caution: VMware recommends not installing or upgrading to Tanzu Kubernetes Grid v1.5.0-v1.5.3, due to a bug in the versions of etcd in the versions of Kubernetes used by Tanzu Kubernetes Grid v1.5.0-v1.5.3. Tanzu Kubernetes Grid v1.5.4 resolves this problem by incorporating a fixed version of etcd. For more information, see Resolved Issues in the TKG v1.5 Release Notes.
Pre-requisites

To upgrade Tanzu Kubernetes Grid (TKG), you download and install the new version of the Tanzu CLI on the machine that you use as the bootstrap machine. You must also download and install base image templates and VMs, depending on whether you are upgrading clusters that you previously deployed to vSphere, Amazon EC2, or Azure.

Download the Tanzu CLI and Kubernetes OVAs

On the VMware Customer Portal download both the Tanzu CLI and OVA files as necessary.

I’ve highlighted in the below screenshot; your Management Cluster will always need to run the latest Kubernetes version.

Tanzu Kubernetes Grid - Upgrade - Download Product files - Tanzu CLI - Kubernetes OVAS

Upload Kubernetes OVAs to vCenter

Continue reading Tanzu Kubernetes Grid – Upgrading a Management and Workload Cluster deployed to vSphere

Tanzu Blog Logo Header

Tanzu Mission Control – Upgrading attached Tanzu Kubernetes Grid Clusters fails with error “updates to immutable fields are not allowed”

The Issue

When trying to upgrade an attached Tanzu Kubernetes Grid Cluster via Tanzu Mission Control (TMC), that is either created by a Tanzu Management Cluster, or via the Tanzu Kubernetes Grid Service (vSphere with Tanzu), the console gives you an error message similar to:

API Error: Failed to upgrade cluster: (target=mc:01G4BGAVKHHB6C3JJ5R0WA44NM, intentId=01G4CMP025ZHEBQ000E4SM996H): admission webhook "default.validating.tanzukubernetescluster.run.tanzu.vmware.com" denied the request: updates to immutable fields are not allowed (invalid argument)
I’ve captured some screenshots below of the process.
Tanzu Mission Control - Upgrade vSphere with Tanzu Cluster - Tanzu Kubernetes Grid Service  Tanzu Mission Control - Upgrade vSphere with Tanzu Cluster - Tanzu Kubernetes Grid Service - Upgrade Cluster
Tanzu Mission Control - Upgrade Cluster - Error Message - admission webhook default.validating.tanzukubernetescluster.run.tanzu.vmware.com denied the request

The Cause

Tanzu Mission Control doesn’t keep information about the Tanzu Clusters CNI configuration. Today, TMC doesn’t support upgrading clusters that are provisioned using Callico. This is not documented in the TMC Documentation.

If you provision a cluster using TMC, it will use the Antrea CNI, and you cannot change this.

Below you can see that my cluster was provisioned using the Callico CNI.

Tanzu Mission Control - Upgrade Cluster Fails - kubectl get tanzukuberntescluster

The Fix

Upgrade the Tanzu Cluster outside of Tanzu Mission Control.

Regards

Dean Lewis

Tanzu Blog Logo Header

Tanzu Kubernetes Grid – Manual Certificate Renewal

The Issue
Note: VMware has released a full in-depth KB Article that I'd advise you review along with this blog post. If you have any queries or concerns with the processes detailed, always open a support ticket!
- How to rotate certificates in a Tanzu Kubernetes Grid cluster (86251)

One day my Kubernetes cluster just stopped responding. I could no longer connect to the Kubernetes API.

I rebooted all the nodes (as it was a demo environment) to no luck, and still nothing. So I had to go off digging.

The Cause

I SSH’d into one of my control-plane nodes, and started to tail the kubelet logs. Continue reading Tanzu Kubernetes Grid – Manual Certificate Renewal