VMware Tanzu Header

vSphere with Tanzu – Creating cluster fails with “storage class is not valid”

VMware, Kubernetes,
The Issue

When you have attached a vSphere Storage Policy to your vSphere Namespace, and tried to create a cluster using the Storage Policy Name, you find it will fail with an error such as:

Error from server (storage class is not valid for control plane VM: StorageClass 'Tanzu Storage Policy' is not assigned for namespace 'deanl', 

storage class is not valid for worker VMs: StorageClass 'Tanzu Storage Policy' is not assigned for namespace 'deanl', 

storage class Tanzu Storage Policy under spec.settings.storage.defaultClass is not valid: StorageClass 'Tanzu Storage Policy' is not assigned for namespace 'deanl'): error when creating "cluster.yaml": 

admission webhook "default.validating.tanzukubernetescluster.run.tanzu.vmware.com" denied the request: storage class is not valid for control plane VM: StorageClass 'Tanzu Storage Policy' is not assigned for namespace 'deanl', 

storage class is not valid for worker VMs: StorageClass 'Tanzu Storage Policy' is not assigned for namespace 'deanl', 

storage class Tanzu Storage Policy under spec.settings.storage.defaultClass is not valid: StorageClass 'Tanzu Storage Policy' is not assigned for namespace 'deanl'

When you look at the vSphere namespace, the Storage Policy is attached.

vSphere Namespace Storage Policy

And example of the erroneous Tanzu Cluster definition YAML:

apiVersion: run.tanzu.vmware.com/v1alpha1
kind: TanzuKubernetesCluster
metadata:
  name: deanl-cluster
  namespace: deanl
spec:
  distribution:
    version: v1.18.5
  topology:
    controlPlane:
      class: best-effort-small
      count: 1
      storageClass: "Tanzu Storage Policy"
    workers:
      class: best-effort-small
      count: 1
      storageClass: "Tanzu Storage Policy"
  settings:
    network:
      cni:
        name: calico
    storage:
      defaultClass: "Tanzu Storage Policy"
The Cause

Continue reading vSphere with Tanzu – Creating cluster fails with “storage class is not valid”

DMS - vRA Header

Data Management for VMware Tanzu with vRealize Automation as Custom Resources

VMware, , , ,

In this blog post, we will cover the technical configuration to import the packages that myself and Katherine Skilling (Twitter, LinkedIn, Blog) have created.

This work is to show the possibility of creating custom workflows to integrate other products that are not natively supported within vRA, by exploiting Dynamic Types. A further write-up will detail the technical configurations of how this integration was created.

You can read this blog post on how to create Dynamic Types in vRealize Orchestrator to be used as custom resources in vRealize Automation:

Updated Feb 2022 - Includes edits needed to enable compatability with Data Management for VMware Tanzu v1.1
High-Level Overview

This blog post focuses on integrating “Data Management for VMware Tanzu”, you can read more here about this product:

These packages offer the following capabilities:

  • vRA Cloud Assembly Custom Resource for Data Management with VMware Tanzu
    • Create a database instance
    • Delete a database instance (clean up when a deployment is deleted)
    • Day 2 actions for database instance
      • Scale database instance resources
      • Point in Time Backup of database instance
      • Power-On database instance
      • Power-Off database instance
Pre-Requisites
  • Data Management for VMware Tanzu platform deployed and configured
    • Agent appliance deployed and environment configured.
    • Organisation configured with Org Admin user account.
  • vRealize Automation deployed and configured
    • Using embedded vRO will be fine
    • vRA needs to be able to connect to the DMS system over HTTPs, so appropriate routes and firewalls configured.
  • Grab the files from this location
Recording

Below is a 25 minute recording showing you how to implement the documented steps that follow in this blog post.

Importing & Configuring the vRealize Orchestrator packages

From the downloaded files under the folder “vRealize Orchestrator” there is two files:

  • com.vmware.dms.backup.package
  • dms-dynamictypes-config.package

Open the vRealize Orchestrator UI (https://{vro-url}/orchestration-ui)

  • Left-hand navigation pane > Assets > Packages > Import

DMS - vRO import package

  • Select the file name “com.vmware.dms.backup.package”
  • Select to trust the package and click import

Continue reading Data Management for VMware Tanzu with vRealize Automation as Custom Resources

vRealize Automation - Code Stream Header

vRealize Automation 8.5 – Code Stream – Unexpected character (‘\\’ (code 92))

VMware, , , ,
The Issue

When running certain REST Tasks in Code Stream, the pipeline execution fails on this task with:

Unexpected character ('\\' (code 92)): was expecting double-quote to start field name \n at [Source: (io.netty.buffer.ByteBufInputStream); line: X, colume: X]"
vRA 8.5 Code Stream - Unexpected character was expecting double-quote to start field name - Error
The Workaround

Continue reading vRealize Automation 8.5 – Code Stream – Unexpected character (‘\\’ (code 92))

MongoDB + Kubernetes Header

MongoDB Container data loss issue – A Journey

Kubernetes, , , , , ,

Over the past month or so I noticed an issue with my Pac-Man Kubernetes application, which I use for demonstrations as a basic app front-end that writes to a database back end, running in Kubernetes.

  • When I restored my instances using Kasten, my Pac-Man high scores were missing.
  • This issue happened when I made some changes to my deployment files to configure authentication to the MongoDB using environment variables in my deployment file.

This blog post is a detail walk-through of the steps I took to troubleshoot the issue, and then rectify it!

Summary if you don’t want to read the post

If you are not looking to read through this blog post, here is the summary:

  • I changed MongoDB images, I needed to configure a new mount point location to match the MongoDB configuration
  • New MongoDB image is non-root, so had to use an Init container to configure the permissions on the PV first
Overview of the application

The application is made up of the following components:

  • Namespace
  • Deployment
    • MongoDB Pod
      • DB Authentication configured
      • Attached to a PVC
    • Pac-Man Pod
      • Nodejs web front end that connects back to the MongoDB Pod by looking for the Pod DNS address internally.
  • RBAC Configuration for Pod Security and Service Account
  • Secret which holds the data for the MongoDB Usernames and Passwords to be configured
  • Service
    • Type: LoadBalancer
      • Used to balance traffic to the Pac-Man Pods

Pac-Man Kubernetes Diagram

Confirming the behaviour

The behaviour I was seeing when my application was deployed:

  • Pac-Man web page – I could save a high score, and it would show in the high scores list
    • This showed the connectivity to the database was working, as the app would hang if it could not write to the database.
  • I would protect my application using Kasten. When I deleted the namespace, and restored everything, my application would be running, but there was no high scores to show.
  • This was apparent from deploying the branch version v0.5.0 and v0.5.1 from my GitHub.
  • Deploying the branch v0.2.0 would not product the same behaviour
    • This configuration did not have any database authentication setup, meaning MongoDB was open to the world if they could connect without a UN/Password.
Testing the Behaviour

Continue reading MongoDB Container data loss issue – A Journey

vRealize Operations Header

vRealize Operations – Creating interactions between separate dashboards

VMware, , ,

Whilst reading some of the older vRealize Operations documentation, I stumbled on something I didn’t think was possible.

  • The ability to create interactions between separate dashboards.

At first, I thought could not be correct? I don’t remember seeing this option. But sure enough it’s there. So, I thought I’d write a quick blog about it and share to the world.

  • You can apply sections or context from one dashboard to another. You can connect widgets and views to widgets and views in the same dashboard or to other dashboards to investigate problems or better analyze the provided information.
Configuring Interactions between Dashboards

First, I’ve created two dashboards, which are based on the old troubleshooting dashboards. Both dashboards have an Object Picker List to filter the various related objects on each dashboard.

  • Dashboard-1 – Troubleshoot Cluster
  • Dashboard-2 – Troubleshoot VM

The premise is simple, when I select a Cluster object from Dashboard-1, I want the list of VMs to be filtered in Dashboard-2, to those only in the selected Cluster.

vROPs - Dashboard Interaction - example dashboards Continue reading vRealize Operations – Creating interactions between separate dashboards