K8S

Antrea: The Ubiquitous CNI

By Chip Zoller |  Jun 20, 2020  | k8s, all tags
About six months ago, a new container network interface (CNI) was released to the world, this one coming out of VMware called Antrea. I had heard positive things about this new CNI and although I thought “great, yet another CNI”, I decided to dive in, take a look, and see why the community needed a new one. It turns out that we do, so in this article I’m going to discuss a little of why Antrea is particularly valuable (and needed), show the installation of Antrea with some non-default configured options, and look at monitoring.
Continue Reading...

Getting Started with Tanzu Kubernetes Grid

By Chip Zoller |  Apr 11, 2020  | k8s, vsphere, all tags
After VMworld US 2019 when the Tanzu portfolio was announced, there was naturally a lot of excitement for what VMware was doing around modern application development. Fast forward a couple months when more things were announced, names were changed, and Pivotal became part of VMware, and what Tanzu actually is and what the product sets are has been wildly confusing to most. One of those offerings called Tanzu Kubernetes Grid (TKG) has now been released, and so in this article I want to explain what this offering is, what it promises, and, lastly, how to get started with the CLI tool by putting rubber to the road.
Continue Reading...

Behind the Scenes with Cluster API Provider vSphere

By Chip Zoller |  Apr 8, 2020  | k8s, vsphere, all tags
The verdict is in and Kubernetes has proven a great success in its ability to deploy and manage containerized applications. And in that regard, it is now seen as the de facto platform for running cloud-native applications. A somewhat more recent project has emerged which seeks to apply that same system of desired state reconciliation to Kubernetes clusters themselves, and this is called the Cluster API (CAPI) project. Cluster API has already been written about numerous times (this blog is a good overview; so is this for more of a technical primer) and so I won’t rehash its merits here.
Continue Reading...

Why Kubernetes on Virtual Machines?

By Chip Zoller |  Jan 17, 2020  | k8s, vsphere, all tags
One of the arguments or debates (depending on how generous you are) that continues to rage in the world of Kubernetes is the old “bare metal versus virtual machines” subject. Some people seem to be all in on bare metal while you have those staunch opponents (as well as some hilarious memes) who advise not even attempting it. The reality, of course, is an “it depends” moment, with pros and cons on each side.
Continue Reading...

Authentication and Authorization in Kubernetes

By Chip Zoller |  Oct 30, 2019  | k8s, security, authentication, featured, all tags
Kubernetes is designed to be secured by default, and many of the built-in technologies and concepts are designed to ensure that is the case. Often times, the first exposure users will have to Kubernetes security will be to authentication and authorization: simply getting inside the cluster and being permitted to do something. In this blog post, I want to focus on human user/operator access to Kubernetes and the mechanisms at your disposal to ensure you get it right the first try.
Continue Reading...

pks-rancher-reg: Automated PKS Cluster Registration For Rancher

By Chip Zoller |  Oct 15, 2019  | k8s, rancher, pks, all tags
My previous blog showed a method that can be used to stand up Rancher Server in HA on VMware PKS, and I’m going to build on it in this one. Having a Rancher Server environment is great for managing all sorts of Kubernetes clusters from the edge to those hosted in cloud providers, but we can also use it to manage VMware PKS clusters as well. That’s really no secret. However, since PKS focuses on a high degree of difficult automation to produce ready-to-run Kubernetes clusters at the end of the day, wouldn’t it be nice to extend that to making them ready-to-manage as well?
Continue Reading...

Rancher HA on Enterprise PKS

By Chip Zoller |  Sep 25, 2019  | k8s, rancher, pks, nsx-t, all tags
Rancher is a container orchestration and management tool that has been around for several years at this point and performs a variety of different functions. In more recent days, it has been refactored to completely adopt Kubernetes. In this blog, I am going to focus on how to build an enterprise-grade, highly-available, and secure installation of Rancher Server on top of VMware Enterprise PKS. I’ll respond to the burning question of ‘why Rancher on PKS in the first place?
Continue Reading...

HTTPS Ingress with Enterprise PKS

By Chip Zoller |  Sep 3, 2019  | k8s, pks, networking, nsx-t, all tags
Kubernetes is an awesome technology, in my humble opinion, and one of the best ways to adopt it and begin to use it in a production-worthy manner is with VMware’s Enterprise PKS. By using Enterprise PKS, you get some truly great additional value by leveraging NSX-T for the networking and security components. One of those things that comes in so handy is the ingress controller capabilities of NSX-T in which you don’t need to go roll your own.
Continue Reading...

pks-dns: Automated DNS registration for PKS Clusters

By Chip Zoller |  Aug 9, 2019  | pks, k8s, docker, all tags
VMware’s Enterprise PKS is a great solution for quickly and easily stamping out Kubernetes clusters. It really makes the process simple and repeatable while bringing additional benefits like scaling, upgrades, and auto-healing thanks to the likes of BOSH–PKS’ right-hand man. It also leverages (or can) NSX-T which provides tons of additional value. All of these pieces come together to form what is often touted as a “turnkey solution”. However, ever since I first started working with the product, something has always bugged me and remained in the back of my mind like a chime ringing in the distance.
Continue Reading...

Optimize-VMwarePKS: A PowerShell script for all your VMware PKS deployment needs

By Chip Zoller |  Apr 3, 2019  | pks, k8s, powershell, vsphere, all tags
Ever since VMware PKS (now called Enterprise PKS) came onto the market over a year ago, it’s been a big hit. With it, you get upstream Kubernetes, NSX-T, an enterprise-class container registry, automation of the entire K8s cluster creation process, and lots more all on top of the de facto private cloud platform of vSphere. It’s truly becoming the way organizations are standardizing on K8s cluster instantiation, upgrade, and management on-premises.
Continue Reading...