Recent
Secure Kubernetes Secrets on VCF with External Secrets Operator and Secret Store Service
·8 mins
how to configure ESO on VKS with VCF Secret Store
Integrating ArgoCD authentication with VCF Automation
integrating ArgoCD OIDC auth with VCF Automation
Deploying Windows Clusters on vSphere Kubernetes Service with VKS Image Builder
There have been numerous how-to guides over the past few years on building and deploying Windows clusters on the different Kubernetes distributions supported by VMware. This post aims to solidify the understanding of the current most up to date process of doing this on vSphere Kubernetes Service which is the definitive Kubernetes service for VMware. At the time of writing the latest vSphere Kubernetes Release(VKR) is v1.34.1---vmware.1-vkr.4 so that is what this will be based on.
Auditing CNS Volumes in VCF
·3 mins
Learn how to effectively audit CNS volumes in VCF using a Python script to gain insights into volumes from a namespace-based view
Templating cluster creation with Tanzu Mission Control
·7 mins
Overview # I have had a question come up a few times with customers and coworkers about how to reduce duplication when creating clusters with Tanzu Mission Control(TMC). The question or issue that is usually brought up is that the platform engineering team wants to be able to create clusters quickly and many of the settings between cluster creation are the exact same, thus having a lot of duplication between clusters. When looking at the TMC UI there’s not a way to set custom defaults today to be able to remove the need to fill in every field each time you create a cluster. However, using the UI is probably not the approach a platform team wants to take to scale anyway. It’s much more efficient to codify the clusters and automate the creation. In this post, we will walk through creating cluster templates and using the Tanzu CLI to create clusters with minimal inputs. We will focus on TKG Clusters mostly, but I will also provide some commands that work with AKS and EKS clusters are well.
Setting static IPs for workloads in TKG
·6 mins
A question comes up often of how can a static IP be set for workloads running in TKG. The answer is generally “It depends” and then followed by a series of questions about why it’s needed and if there are alternatives that could be done etc. In many scenarios, this is needed so that workloads running in a container on TKG can be identified by an external firewall and be allowed to talk to some external service. For example, maybe a workload needs to get access to a particular database and it has a strict access policy based on IP.