Posts

My day job requires me to do a lot of work with VMware Cloud on AWS. If I plan on doing any real work with the virtual machines, kubernetes clusters, or applications I really need a VPN tunnel to securely access those resources. My problem has been setting up my aging Ubiquiti USG firewall with BGP. This post will show how I setup a route based VPN tunnel with my Ubiquiti USG. Big shoutout to Brian Beach for his work setting up the USG with an AWS Transit Gateway. ...

At some point, you’ll be faced with an upgrade request. New Kubernetes features, new security patches, or just to maintain your support. A vSphere 7 with Tanzu deployment has several components that may need to be updated and most of which can be updated independently of one another. In this post we’ll walk through an update to vSphere, then update the Supervisor namespace, and then finally the Tanzu Kubernetes cluster. ...

I was asked for a post detailing my home A/V setup. So this post will outline the equipment in my office that I use for video conferencing and recording videos. Desk One of the best things I did for my office was to switch to a standing desk. I was spending way too much time sitting in a chair and a standing desk helped to alleviate muscle pain. It also kept me in a bit more active mood if that’s a thing. After doing a bit of research I decided to try the Terra 2 desk. My biggest concern with a standing desk was hiding cables in a desk with no front. So I added the cable chase which did help. It does block the front of the desk top though so if you want to mount anything like a monitor/camera/light mount beware that with the cable chase on, you can’t use a clamp. ...

Time for an update on the home lab. 2020 meant spending a lot of time at home and there were plenty of opportunities to tinker around with the home lab. I did purchase some new hardware, and did plenty of reconfiguring so here’s the 2021 version of my home lab in case anyone is interested. Rack The rack is custom made and been in use for a while now. My lab sits in the basement on a concrete floor. So I built a wooden set of shelves on casters so I could roll it around if it was in the way. I place the UPS on the shelf so that I can unplug the power to move the lab. As long as I have a long enough Internet cable, I can wheel my lab around for as long as the UPS holds on. On one side I put a whiteboard so I could draw something out if I was stuck. I don’t use it that often, but I like that it covers the side of the rack. ...

Kubernetes clusters can come in many shapes and sizes. Over the past 18 months I’ve deployed quite a few Kubernetes clusters for customers but these clusters all have different requirements. What image registry am I connecting to? Do we need to configure proxies? Will we need to install new certificates to the nodes? Do we need to tweak some containerd configurations? During many of my customer engagements the answer to the above questions is, “yes”. ...

Your Kubernetes clusters are up and running on vSphere 7 with Tanzu and you can’t wait to get started on your first project. But before you get to that, you might want to enable the Harbor registry so that you can privately store your own container images and use them with your clusters. Luckily, in vSphere 7 with Tanzu, the Harbor project has been integrated into the solution. You just have to turn it on and set it up. ...

There is new functionality included in VMware Tanzu Mission Control (TMC) that I’m pretty excited about. After the recent update, you can now register your vSphere with Tanzu Supervisor cluster with TMC and then begin provisioning workload clusters. Before you can provision clusters, you’ll need to register your TKG Supervisor cluster to TMC. Those procedures require you to apply and update some YAML which you can find here. Deploy a vSphere TKG Cluster through TMC Login to your TMC account and go to the Clusters tab. Click the CREATE CLUSTER button where you’ll now see a drop down. Select Tanzu Kubernetes Grid Service on vSphere 7. ...

Have you ever missed when trying to properly size an Kubernetes environment? Maybe the requirements changed, maybe there were wrong assumptions, or maybe the project took off and it just needs more resources. Under normal circumstances, I might suggest to you to build a new Tanzu Kubernetes Grid (TKG) cluster and re-deploy your apps. Unfortunately, as much as I want to treat Kubernetes clusters as ephemeral, they can’t always be treated this way. If you need to resize your TKG nodes without re-deploying a new cluster, then keep reading. ...

You’ve deployed your first Tanzu Kubernetes Grid Clusters in vSphere 7 and are beyond the learning phase. You’re now ready to start automating your Kubernetes cluster builds, and application deployments. Typically you’d login to your TKG clusters through the kubectl cli with a command like: kubectl vsphere login ... Normally, you’d be right, but that command requires an interactive login, meaning for you to wait for a second prompt to enter a password. The current version of the vSphere plugin doesn’t have an option for non-interactive logins so we need to get creative until this feature is added. ...

If you’ve worked with Kubernetes for very long, you’ve surely run into a need to manage YAML files. There are a bunch of options out there with their own benefits and drawbacks. One of these tools is called ytt and comes as part of the Carvel tools (formerly k14s). If you’re working with the Tanzu Kubernetes Grid product from VMware, you’re likely to be using ytt to mange your TKG YAML manifests. This post aims to help you get started with using ytt for your own customizations. ...