Tag Archives: Tanzu Mission Control

vRA EKS Tanzu Mission Control Header

Using vRA to deploy AWS EKS Clusters and register with Tanzu Mission Control

This walk-through will detail the technical configurations for using vRA Code Stream to deploy AWS EKS Clusters, register them as Kubernetes endpoints in vRA Cloud Assembly and Code Stream, and finally register the newly created cluster in Tanzu Mission Control.

Requirement

Tanzu Mission Control has some fantastic capabilities, including the ability to deploy Tanzu Kubernetes Clusters to various platforms (vSphere, AWS, Azure). However today there is no support to provision native AWS EKS clusters, it can however manage most Kubernetes distributions.

Therefore, when I was asked about where VMware could provide such capabilities, my mind turned to the ability to deploy the clusters using vRA Code Stream, and provide additional functions on making these EKS usable.

High Level Steps
  • Create a Code Stream Pipeline
    • Create a AWS EKS Cluster
    • Create EKS cluster as endpoint in both Code Stream and Cloud Assembly
    • Register EKS cluster in Tanzu Mission Control
Pre-Requisites
  • vRA Cloud access
    • The pipeline can be changed easily for use with vRA on-prem
  • AWS Account that can provision EKS clusters
  • A Docker host to be used by Code Stream
  • Tanzu Mission Control account that can register new clusters
  • VMware Cloud Console Tokens for vRA Cloud and Tanzu Mission Control API access
  • The configuration files for the pipeline can be found in this GitHub repository
Creating a Code Stream Pipeline to deploy a AWS EKS Cluster and register the endpoints with vRA and Tanzu Mission Control
Create the variables to be used

First, we will create several variables in Code Stream, you could change the pipeline tasks to use inputs instead if you wanted. Continue reading Using vRA to deploy AWS EKS Clusters and register with Tanzu Mission Control

VMware Tanzu Header

Tanzu Mission Control – Delete a provisioned cluster

In this blog post we are going to cover off how to delete a Tanzu Kubernetes Grid cluster that has been provisioned by Tanzu Mission Control. We will cover the following areas:

Below are the other blog posts in the series.

Tanzu Mission Control 
- Getting Started Tanzu Mission Control 
- Cluster Inspections 
- Workspaces and Policies  
- Data Protection
- Deploying TKG clusters to AWS
- Upgrading Kubernetes for a provisioned cluster

We are going to use the cluster I created in my last blog post.

Below are my EC2 instances that make up my TMC provisioned cluster, here I have filtered my view using the field “tmc.cloud.vmware.com/cluster” + cluster name.

Tanzu Mission Control - AWS Consoles - Instances - Filtered tmc.cloud.vmware.com

Deleting a Provisioned cluster in the TMC UI

In the TMC UI, going to the clusters view, you can click the three dots next to the cluster you want to remove and select delete.

Tanzu Mission Control - Clusters - Delete cluster

Alternatively, within the cluster object view, click actions then delete.

Tanzu Mission Control - Cluster Object - Delete cluster

Both options will bring up the below confirmation dialog box.

You select one of the following options:

  • Delete and remove agent (recommended)
    • Remove from TMC and delete agent extensions
  • Manually delete agent extensions
    • A secondary option whereby a manual removal is needed if a cluster delete fails

Enter the name of the cluster you want to delete, to confirm the cluster deletion.

Tanzu Mission Control - Cluster Object - Delete cluster - Confirm Continue reading Tanzu Mission Control – Delete a provisioned cluster

VMware Tanzu Header

VMware Tanzu Mission Control – Using the Data Protection feature for backups and restores

In this blog post we will cover the following topics

- Data Protection Overview
- Create a AWS Data Protection Credential
- Enable Data Protection on a Cluster
- Running a backup manually or via an automatic schedule
- Restoring your data

The follow up blog posts are;

- Tanzu Mission Control
- - Getting Started with TMC
- - - What is Tanzu Mission Control?
- - - Creating a Cluster Group
- - - Attaching a cluster to Tanzu Mission Control
- - - Viewing your Cluster Objects
- - -Where can I demo/test/trial this myself?
- - Cluster Inspections
- - - What Inspections are available 
- - - Performing Inspections 
- - - Viewing Inspections
- - Workspaces and Policies
- - - Creating a workspace 
- - - Creating a managed Namespace 
- - - Policy Driven Cluster Management 
- - - Creating Policies
TMC Data Protection Overview

Tanzu Mission Control implements data protection through the inclusion of the Project Velero,  this tool is not enabled by default. This blog post will take you through the setup.

Data is stored externally to a AWS location, with volume backups remaining as part of the cluster where you’ve connected TMC.

Currently there is no ability to backup and restore data between Kubernetes clusters managed by TMC.

Create a AWS Data Protection Credential

First we need to create a AWS data protection credential, so that TMC can configure Velero within your cluster to save the data externally to AWS.

If you are looking for supported options for protecting data to other locations, I recommend you either look at deploying Project Velero manually outside of TMC (losing access to the data protection features in the UI) or look at another enterprise service such as Kasten.io.

  • On the Administration screen, click Accounts, and Create Account Credential.
  • Select > AWS data protection credential

TMC Data Protection Create Account Credential AWS data protection credential

  • Set your account name for easy identification and click to generate template and save this file to your machine.

TMC Data Protection Create AWS Data protection credential Credential Name Generate template

The next steps will require configuration in the AWS console to create resources using CloudFormation so that Project Velero can export data to AWS. Here is the official VMware documentation on this configuration.

TMC Data Protection Create AWS Data protection credential log into the AWS console

  • In the AWS Console, go to the CloudFormation service

TMC Data Protection AWS Console Cloud Formation

  • Click to create a new stack
  1. Click “Template is ready” as we will provide our template file from earlier.
  2. Click to upload a template file
  3. Select the file from your machine
  4. Click next

TMC Data Protection AWS Console CloudFormation Create a Stack Specify template

  • Provide a stack name and click next

TMC Data Protection AWS Console CloudFormation Create a Stack Specify stack details

  • Ignore all the items on this page and click next
  • Review your configuration and click finish.

TMC Data Protection AWS Console CloudFormation Create a Stack Configure Stack Options

  • Once you’ve reviewed and clicked create/finish. You will be taken into the Stack itself.
  • You can click the Events tab and the refresh button to see the progress.

Continue reading VMware Tanzu Mission Control – Using the Data Protection feature for backups and restores