Introduction to vSphere with Tanzu - Hands-on-Lab with VMware

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello and welcome to today's webinar an introduction to vsphere with tanzu the vmware hands-on lab this event is presented in partnership with vmware and produced by actual tech media thanks so much for joining us on this special webinar this is going to be a little different from many of the webinars we do that's because this webinar is going to be specifically focused on how to use vmware vsphere with tanzu as seen and taught through the vmware hands-on labs if you're not familiar with vmware hands-on labs you can go to the link that you see right there at the top of your handouts tab and you can follow along with everything that you see in this event in your own web browser for free so make sure that you try out vsphere with tanzu for yourself now before we get started and i introduce you to today's expert presenter there's just a few things that you should know about the event my name is david davis of actual tech media and i'll be serving as the moderator we want this to be an educational event and we encourage your questions in the questions pane we'll be answering all of your questions live at the end of the demonstration so make sure that you get your questions in early and to help encourage your questions we also have our best question prize which i'll talk about here in just a moment i also want to call your attention to the handouts tab it's there that as i said you'll find a link to follow along with everything that you see in this lab for yourself in your own web browser there's also a number of other links and resources available for download specifically an ebook on vsphere with tanzu and everything that it can do for you as well as the full hands-on lab guide that you can use to download and follow along at the end of the webinar i'll be announcing the winner of our amazon 300 gift card so make sure that you stay tuned for that all prize winners must of course meet the actual tech media prize policy that you'll find in the handouts tab if you're watching this on demand the drawing has already occurred we also have our best question prize for an amazon 50 gift card we'll select the winner of this prize after the event and contact them via email and that just shows how much we value your questions so with that it's time to kick off today's special events i'm excited to welcome mr bob bauer staff system engineer at vmware bob it's great to have you on i'll hand it off to you take it away all right hello everybody thanks for joining us today um my name is bob bauer and we're going to be covering vsphere with tonzu uh and specifically the hands-on lab that we created around this for vmworld so again my name is bob bauer i'm a staffy se um on the modern applications business unit team so we're the team that deals with all of the the tanzu products tanzu is really a portfolio of of modern application products so it's not just the kubernetes piece that we're looking at today but there are other pieces so i'd encourage you to go look that up i'm a lab captain and one of the co-creators of this hands-on lab and we'll be refreshing this for vmworld 2021 as well so there'll be a new version of this coming out in a couple of months i come from a background in large enterprise networking so and uh vsphere operations so i worked for a couple of very large enterprises operating their production vsphere environments i also have a background in cloud networking and nsx in cloud architecture and i live in minneapolis so i'm happy to be with you guys here today to talk about this hands-on lab some people are interested in in how we put these things together so this particular lab is rather rare you know rather large we use a vcloud director and we run on a number of different public clouds we use up to five different public clouds to present these hands-on labs this particular uh lab has a number of what we call layer one vms which are running uh in the uh base virtualization layer so you don't see them in the lab and then we also run a number of layer two vm so this one has nine different virtual machines that make up this this hands-on lab well a 51 v cpus 164 gigs of memory and 867 gigs of disk so it's a very sizable lab um and you can imagine when we deploy this at scale the amount of resources it takes to run this so it's just a little bit of background you can see there's some different networking constructs in here where we have uh various networks exposed out to the vms and then everything is is sitting underneath on a on a base network that's on our virtualization layer and then we use a virtual router to network all of that together so we're going to go through today i'm not going to step through every single piece of the lab but we're going to cover the modules and kind of show you pick out areas of interest to dig a little deeper into and just kind of show you around hands-on lab in general and how to navigate the hol-2113 which is vsphere with tonsu so the first module is really mainly an introduction we talk about some of the principles of principles behind tanzu and some of the tanzu services that gets exposed and then there's an interactive simulation or what we call an isim that goes through what it would be like to actually enable this uh in your vcenter and so that's a click-through module that we'll we won't really click through here but what we'll do is we'll just show you a little bit about what that is and we'll spend more time in module two and module three so module two is really around the vi admin persona um and it's all about managing uh you know in tanzu itself inside of vcenter and some of the components in there and what you would do during that workflow and then module three is something that would be a little bit more developer focus so if we have you know a mix of vi admins and developers in the audience there's something for everybody here um and we'll go through really working with tons of kubernetes clusters explain those and and what the basic operations around logging in and deploying an application or a cluster so with that i'm going to go ahead and switch over and get started with the hands-on lab so this is a hands-on lab uh regular interface and so this just is where you'd go to get started and if you go to try our labs um it'll bring you to the catalog and then you can search for just 2113 which is our our tons of one or you could search for tanzu it'll bring up all the ones that that match it and you'll notice there's a lightning lab that's kind of a slimmed down version that just picks a couple pieces of the larger lab and allows you to move through it really quickly and then we have our rv sphere with tonzu which is the lab we're going to go through today and so i've already got this up and running so i'm going to just resume this lab when you click on it it'll bring it up and and drop you into the lab environment and you'll notice that it pulls up a guide over here that has all of the kind of guidance on how to work it as well as a table of contents and working through the whole lab and then what you'll get in the other window is actually like a console to our virtual machine so for those of you that haven't done hands-on labs before we'll just spend a couple seconds on orientating orientating you on the interface itself there's controls up here that allow you to change the size of the screen and toggle full screen and things like that so you can click on that or click on this to maximize your console desktop and one of the things you always want to look for when you're doing hands-on labs is to look to see that this ready so for those of you in the room that might be following along we can pre-populate some of these labs but then we get to a point where we're having to spin them up on demand and so this lab status can take a while to go green as the various machines are spinning up that i showed in that diagram and as we kind of work through getting all those connections verified and validated so it's not uncommon to see you know initializing down here where this is red so just make sure if you are following along that you wait for this to go green and ready before you try to doing this otherwise you'll run into all kinds of errors the other side of the interface is your manual and so you can actually pop this out into a floating window you can step through it here you'll notice that there's an arrow navigation here as well so you can use this to work your way through the lab manual so we'll spend a little bit of time on there and then this is basically just a virtual desktop so you guys are all familiar with this i'm sure and if you pop out the table of contents it'll show you the the modules that we talked about and so the way that hands-on labs are built is allows you to to jump around and start any module in any order so they're not predicated on you finishing module one before you go to module two so that allows you to come back and do these at any time so if you do some things today and then you go home and want to jump back in you can feel free to jump back into any of these modules so the first one we're going to talk about is module one i'm not going to spend a lot of time in here you can click down and go to the introduction you can see it it will bring you to the the specific area over here so you can close this and it will bring focus into your your manual and you can blow these manuals out to make them larger if you want but the first section module is really a lot of introductory items around you know what is tanzu the theory behind it um what components and services are brought in so i'm not going to spend a lot of time jumping through this there's a couple of videos in here that talk a little bit about more than networking underneath tanzu and then the services that we expose meaning the ability to provision kubernetes clusters uh using your existing storage for persistent storage and kubernetes those types of things so there's a lot of reading in here that you can go through that will really kind of orientate you within the service the other piece i did mention is this hands-on lab interactive simulation and so if we click to that item and we scroll through here you would be able to click here to open uh the interactive simulation again i'm not going to really spend a lot of time on this here because this is something you can run through but isim is basically a clickable interface that takes you step by step through what it would be like to enable workload management or tanzu on your vcenter so if you want to run through this that you know and your own time it's it's a good thing to do kind of takes you through what it would be like to turn it on that's a process that takes a lot of resources and is is a bit time consuming so we don't have you do it live in the lab but this will give you a feel for exactly what it's like so i'd encourage you to go back and look at that when you have time now the next piece will run to and this is where we'll spend quite a bit more time is is managing vsphere with tanzu um again these this whole lab is about 90 minutes so i'm not going to walk you through every single step and every single screen what i'm going to try to do is give you an idea how to work through the lab and then kind of drill into things that are of interest and one of them is you know we talked about the supervisor cluster we'll talk about what that is but again if you follow through this while we're well we're going through the lab you'll be able to read these up or read them at a different point in time it talks about the supervisor cluster so instead of walking through this i'm actually going to jump into vcenter and talk you through it there but just know that you can use this module guide and this table of contents to circle through and do any of the things that we're talking about so we'll open chrome and we'll get logged into vcenter this does have the credentials saved so sometimes you have to just kind of hover over the login button until it goes blue for you and then you can click on it to log in and this will dump us right into rvcenter and i'm going to go ahead and close the manual so we have a little more real estate and i'm going to close this bar down at the bottom as well so we have a little bit more but what we're looking at now is vcenter this is what you're used to seeing as a vi admin for those of you that are in that role and when we talk about enabling vsphere with tonzu this is done on a per v sphere cluster basis so if i have multiple clusters in here i can choose which clusters i enable the kubernetes service on and i don't have to do it across the board it is a per vsphere cluster construct and what you'll see in the isim is we go up into this workload management when we're highlighted on a cluster and this will where this is where we can actually enable it so what i see here is i already have one cluster that's enabled for it it gives me some information about this cluster uh what is the control plane ip address and things like that and then there's some other operations that you do up here around patching and things like that so we're not going to cover enabling but what happens when you enable is we will create this object this namespaces object and for those of you again familiar with vsphere you'll notice it's a looks like a resource pool because it really is and this namespaces resource pool is the place that we use to basically house all of the tanzu kubernetes objects so we'll go through all of these one by one but when we do an enablement what happens is we create this and then we deploy three virtual machines that we call supervisor control plane vms these supervisor control plane vms are really the management cluster for kubernetes running on this vsphere cluster so this is a management component and it's part of the entire uh cluster api construct and so i don't expect most of you have experience with cluster api but i would encourage you to read it up on it but what we're doing with vsphere with tonzu is we're using cluster api and kubernetes to allow you to do all the lifecycle management of kubernetes in your organizations so cluster api is a upstream kubernetes project there's a lot of large vendors that are part of the cluster api project and it's all about using kubernetes to manage kubernetes the same way that you use it to manage your applications so by using cluster api in conjunction with our kubernetes supervisor cluster we allow you very simple and powerful management of all your kubernetes deployments within your organization so it's life cycle management it's creating new kubernetes clusters it's patching existing clusters it's scaling clusters so it's using kubernetes to do all of the same things you do for applications but to actually lifecycle manage the rest of the kubernetes clusters in your organization so we'll dig a little bit into this but what happens when we enable tanzu uh with kubernetes on vster7 is we create this namespace object we deploy these virtual machines and we we de operators on this supervisor cluster wizard's cluster running on vms with all of our custom operators and the cluster api operators installed and then this becomes the way that you create the rest of your your kubernetes clusters and so we'll go through that in in module three as an administrator then the next object that you uh will be interested in is something that's called the supervisor cluster namespace and it is a kubernetes namespace those of you that are familiar with namespaces know that it's really a way to determine who can see what and what they can do and what they can use and so we use that the same way within vsphere 7 with with kubernetes and tonzu we created a supervisor cluster namespace as a really a way to contain tons of kubernetes grid clusters and provide permissions into those clusters and determine what kind of storage they can use how much compute and memory they can use and view all of the objects that are in there so you can think of a supervisor namespace as kind of a virtual tenant that you would create in your kubernetes environment that you can hand out to teams so you can use namespaces to manage different line of businesses or different applications or different teams and provide access into to leverage kubernetes so the namespace object is really again something that a vi admin would create and so module 2 takes us through kind of step by step first of all what do you all see within a name space and what is it and then have you create one so what we're going to do is we're going to cover a few of the things that you can see inside of it again i'm not going to jump down into every little bit because there's a lot in here that would take longer than we have time for but again as i mentioned a name space is a way to really kind of create a virtual tendency within your kubernetes environment so when you create one some of the things you do is you assign permissions so who can see and use this namespace when they're talking to kubernetes when i create storage things like persistent volume claims is what kubernetes applications use to store their stateful information what storage policies do i want to enable within this namespace so this can use any of the underlying storage that is inside your existing esxi clusters to also store persistent volume claims for kubernetes workloads so you don't have to figure out something different for storage with kubernetes we leverage what you already have today inside your vcenter to do that you can also set limits on capacity and usage so one of the things that tanzu does and you'll see this as we move into module three is allow you to do self-service of kubernetes clusters for your development or your sre teams meaning once the supervisor cluster is set up and once you've created a supervisor cluster namespace for a team and given that team access you can actually allow them to create and manage their own kubernetes clusters so that's not something that the administrative team needs to take on as a role anymore that can actually be turned over to development or can be turned over to automation to do but you can put guardrails around how much of the capacity of this cluster they can consume and where does their storage end up and who can see it and what can they do so what it really does is it gives you the ability to enable basically a kubernetes dial tone or kubernetes as a service within vcenter and then allow other teams to really consume that without having to get involved with that yourself but the great thing about the way that you see this in vcenter is you actually have a lot of visibility into what's happening within these name spaces so this demo app one is a name space that we pre-created for you and we we set permissions in this case just to allow the administrative user to be able to edit the namespace which means they can create new clusters in there they can see everything that's in there so they'll be able to create new tons of kubernetes grid clusters they'll be able to see other clusters that are in there um we've set up persistent volume claim storage policy to use something a storage policy we created called kubernetes again this is just a normal vcenter storage policy that gets configured it's nothing different it's basically pointing to existing data stores and storage that is compatible underneath vsphere and we're just basically saying this is where we want our storage to end up when we create something inside this namespace and then in this case we didn't set any limits but you can edit these limits you can see that you have the capability to set cpu memory and storage uh on this particular supervisor cluster namespace so although i'm would potentially turn over self-service either to some sort of automation or ci cd tooling or even you know developers using the kube cuddle command line to create clusters i still have the ability to control how much of my cluster capacity can be used by this namespace and then finally here you see that we can see that we already have a tons of kubernetes grid cluster deployed in here and we'll talk about those in a couple minutes but the point of this is as a vsphere admin you have a lot of control over what can happen within these name spaces as well as a lot of visibility so you can see the events that go on and so the hands-on lab module two walks you through a lot of these screens and it will take you in depth into the resource limits and the general configuration items that you can have in here the permissions looking at the compute tab you can see the tons of kubernetes grid clusters that are already created in here you can see the virtual machines that are created that back those up and information as to what class of vms they're using you can see the storage policies that are enabled within this namespace if there's any volumes that are already deployed you can see them in here and then you can see some of the networking information so again as an administrator you have a lot of control there's a lot of guard rails and and knobs that you can twist to help make sure that even though you may allow self-service you can protect your infrastructure from being overused so the next thing that the hand on lab does is it will go through and i'll pop out this manual so we've kind of gone through you know a couple of these phases about logging into vcenter uh expanding the cluster looking at the supervisor cluster vm so you can read those in your own time it'll talk a little bit about how they get provisioned and some of the details around them and then we talked about the name spaces so we've kind of gone through this area where we've talked about the demo app one namespace what it shows you all the information you can get as administrator um and the configure tabs and those types of things and then the next thing would be to go through and actually create one so i will get to this one where we can actually create a new supervisor cluster namespace and again this is something that as a virtual admin would be something that would be in your job uh description what i show here is there's a couple different ways you can do it and i always like to show customers that there are a lot of different ways to to create a supervisor cluster name space one way to do it very easily is just to right click on the vsphere cluster object itself and you'll see there's a new namespace tab here the other way as you can see when i'm highlighted on this there's some new categories that weren't here before if you aren't using vsphere ratanzu namely this namespaces tab and so if i click here i'm also able to create a new namespace and then the third way is going up into workload management and creating a new namespace here as well there's some reasons why they they created all these different ways to do it is because only members of the administrator at vsphere local are going to see this namespace tree in this view if you're logged into vcenter as an administrator but you're not a member of the administrators at vsphere local group you wouldn't see this namespace object and these types of things so then your workflow would be working through the namespaces tab here or up here they all get you to the same place so it talks about in the lab you know show you the different ways you can create it uh go through and create namespace create new namespace it has you select the vsphere cluster as i mentioned there can be multiple vsphere clusters that have tanzu enabled so you may have more than one choice so it has you go through and pick our region a which is our only option here and then click in and type the name of the name space so in our lab we did demo app two um you'll see a little a note here that says basically needs to be a dns compliant name what that means is it needs to be lowercase only certain characters are are supported things like a dash it can't start in a capital letter it has to be basically numbers and letters all lowercase um and so if you did something different you would see that error pop up here so that's all that means there doesn't mean it actually needs to be a dns entry somewhere it just tells us need to be in the format that is compliant with dns and then networking here would allow you to choose from what we call the workload network so this is where the virtual machines that that your tkg clusters are created from would be attached to and then we go ahead and hit create and so no matter which way you go it dumps you into the same wizard so the rest of the lab will walk you through uh some of the things that you want to set and there's also this handy little tip that comes that says hey before you go out and share this with a devops team you might want to do these following things and so you can dismiss this wizard what is basically telling you is you want to be able to do things like add permissions now one of the cool things that we're doing with uh vsphere with tanzu when it's part of vcenter 7 is we're exposing any of the identity sources that you have linked to vcenter already as an identity source so we're actually taking on authentication for kubernetes which can be challenging to configure on your own and so you'll see here we have the normal local os and vsphere domain and then we have a corp.local which is an active directory identity identity source that's configured into this particular vcenter so again any identity source that is supported under vcenter can be leveraged as an identity source to authenticate users into the namespaces and the tkg clusters that sit underneath it and then i'm just going to go ahead and just start typing something i type a user i can type the name of a user or a group and then i'm going to select a role and i'm going to choose edit here and it does talk about the roles a little bit in some of the documentation but basically right now today there's an edit in a view role that's supported the edit role really gives you the ability to create tons of kubernetes grid clusters within this supervisor cluster namespace and again we'll cover that in module 3. if you're a view it's read only to the namespace which means you can see any tons of kubernetes grid clusters that get created underneath here but you can't create your own and then we will authenticate you to the tons of kubernetes grid cluster but we can use custom role binding within kubernetes to map that to any custom role or any of the built-in roles that kubernetes has so it gives you a flexible way to allow us to authenticate you but control which role you would have on the kubernetes clusters whereas if you are an edit user you will automatically be mapped as a cluster admin to any tons of kubernetes grid clusters that are created underneath this supervisor cluster namespace for those of you that aren't kubernetes uh you know really deep into kubernetes or don't understand all the pieces yet don't worry about it you'll understand that as it goes but kubernetes has its own r back built into it where you can create roles that say what you can do in the cluster we're going to authenticate and then either have you automatically map to the cluster admin or allow your your kubernetes teams to map you to a custom role that is how you might operate your organization so you can add multiple different groups individual users in these two permission categories the next piece would be around adding storage and so the storage policies again these are just standard vsphere storage policies and they map to back-end storage so that can be vsan that can be nfs that can be block storage on a san whatever storage is on the hcl for vsphere is supported to be used for these storage policies and again it allows me to create where i want to have my persistent volume claims for kubernetes clusters and the the vms that get created for the kubernetes clusters live and i can set more than one and so you can use different tiers of storage for different applications and things like that and then we talk here about creating limits so here you know editing limits i can set these limits and it talks about you know setting a five gigahertz limit on cpu um i think what do we do four gigs for memory now this would be very small so this wouldn't work really well for a cluster uh and then storage uh you know five gigs for storage so this just gives you an idea how you can actually set these resource limits on these and then finally um it will show you if there's any clusters already there and then there's a a piece here about content libraries so we'll get into this a little bit when we also configure tons of kubernetes grid cluster and go through that but in the instructions it talks about what we do with the content libraries and it takes you through actually viewing the content library that's already there so the way that we distribute the ovas for the virtual machines that make up our tons of kubernetes grid clusters is through a content library now in a normal environment this is actually a subscribed content library that goes out and talks to a cdn in uh you know that vmware hosts and we regularly publish new versions of these ovas and these are standard ovas that have um all of the components required to deploy a kubernetes uh cluster so it's the operating system currently we have photon as our operating system and then it's the version of kubernetes that we're running so now this lab was made you know several months ago back in you know i think the last time we published it was before vmworld in 2020 so we've actually you know had numerous different versions of kubernetes come out since then where you know supporting up to 120 currently but it has the different versions so what you would see in an environment that had internet access um you would see a number of different options for versions of kubernetes that your your developers or your infrastructure folks could deploy to create a kubernetes clusters and so a lot of times application teams will have tested on a certain version of kubernetes for their application and so they may want to have control of that having this content library with lots of different versions available to them again gives them the freedom to kind of support the version of kubernetes that they want for their application that they need for their application and it's done via having multiple ova's that are sitting here ready to deploy any one of those versions now in this lab because this is an internet isolated environment we only have this current version of 118 up here but again in a real environment where this was a subscribed library you would have a bunch of different options if you are running air gapped you can manually pull down these ovas and push them into vsphere to still give your developers and your sre teams and whoever's deploying your clusters the same experience without having internet access but if you do allow it to pull from the internet these will just continue to add new versions as we publish them so when we talk about content libraries and where do we get the vms to actually create our tons of kubernetes grid clusters that we're going to do in module 3. this is where it comes from and so when we were going through setting the permissions and the configuration of this one of the items are this content library that you could edit so you could have different content libraries for different supervisor cluster name spaces if that was something that you needed to do okay and so that's mainly what module two covers is is again things that are done inside of vcenter that are more of a via admin type of role one thing i didn't talk about is within this existing namespace that we had deployed when we started this is we did have a tons of kubernetes grid cluster and so when i look underneath the namespace i actually see this this different object and it is uh a tons of kubernetes grid cluster it lists its lists itself as developer managed infrastructure again that's the whole premise around being able to self-service deploy these these objects and if i expand it out what i'm actually going to see are the virtual machines that make up autonzu kubernetes grid cluster so these vms are really just normal virtual machines they've been deployed from the ovas that we just looked at that are in the content library and so it is a tons of kubernetes grid cluster running on virtual machines inside a namespace that we've configured on our supervisor cluster so that can be a little confusing at first and we'll kind of dig in that to the next module uh where we talk about this but again if you look at the name spaces you can see a lot of this stuff and again so we looked at these tons of kubernetes grid clusters here if i wanted to compute i would see the same kind of view i saw i have one cluster if i look at the virtual machines it shows me the virtual machines it's basically the same thing that i see underneath here the other thing i want to touch on before we move on to module three is that we talk a lot about self-service with with tons of kubernetes grid and allowing your development teams or sri teams to create their own kubernetes clusters by no means does that mean that they are logging into vcenter and accessing any of these things what i've showed you in the module two is all about what do vi admins see inside of vcenter and what do they create to enable this self-service developers and any other automation that's going to want to consume this kubernetes dial tone to create kubernetes clusters for your applications is going to be doing that through the kubernetes api so again this is kind of where if you're not super familiar with kubernetes it's a concept that you'll have to do a little bit of reading up on but kubernetes has an api that it publishes and developers interact with that api through the kube cuddle cli it's a command line tool they log into it they they have rights to talk to a cluster and they request objects to create their applications and that's a real oversimplified view of what happens but all of the developer workflow all of the self-service consumption that they would do is done through the kubernetes api server none of it is done through talking to vcenter so we're not giving people access into vcenter when i give somebody permissions uh into a namespace object that that's not a vcenter permission that's a kubernetes permission so they wouldn't be able to log into vcenter no nor do they have any reason to log into vcenter to do any of this stuff so i just want to kind of strike on that because sometimes you know that is always a concern of the vi admin is who's in my vcenter you know how do i manage these positions how do i make sure they're not doing things they're not supposed to so again none of this that we're going to be talking about in the next module is actually done through vcenter itself so now we'll move on to module three and module three is all around working with tons of kubernetes clusters and so there's an introduction here that talks about what is a a tons of kubernetes cluster so what we covered in module two again was enabling this tanzu kubernetes grid service on this vsphere cluster so that we have this capability and this capacity to deploy tons of kubernetes grid clusters and these tons of kubernetes grid clusters are virtual machines running kubernetes this is where all of your applications are going to run this is where your developers are going to work they're not going to work up in the supervisor cluster that's really a container and a permission model and a tendency model that helps you manage all of these objects that can be created but the developers at the end of the day all of their stuff is really going to be running on these tkg clusters so this would be the same as going out and creating a bunch of vms uh you know downloading cube adm and kubelet and the the coop ctl manually creating the cluster and turning it into a kubernetes cluster except that all of that is automated by cluster api and we're automatically leveraging consumption of the storage that's underneath vsphere and the networking configuration that's under vsphere to make this workload work so it's it's an easy way to to drive all of this workflow we didn't spend a bunch of time talking about the networking and i'm not going to spend any more other than just say that we support h.a proxy nsxt and as of u2 avi load balancer or what's now called the nsx advanced load balancer to provide that network function that we'll look at so there's a couple options for how you do it this particular lab because it was built on u1 is using aj proxy when we rebuild the next version for vmworld it will be on the newer version using avi which is now again called the nsx advanced load balancer okay so section three module three takes us into kind of a more of a developer-centric workflow and again talks about creating a kubernetes cluster so tons of kubernetes grid it's an open source upstream compliant kubernetes that vmware distributes so we're not forking kubernetes we're actually creating taking the upstream open source we're adding our controllers and some of our secret sauce to it and we're making that available to you so this is an upstream open source compliant kubernetes that your developers will be you know very familiar with um this area covers a little bit of the stuff that we've already covered into which is going through uh some of the stuff in vcenter but as a developer now really most of my work is going to be done at the the cli so at the kubernetes or the coupe ctl command line so i'm going to make this larger so it's a little bit easier to see and for those of you again that are not necessarily real familiar with kubernetes uh this may be a little bit confusing but it does a good job of spelling it on the lab so what i go through here you'll you'll be able to get more information into the lab itself one of the cool things about hands-on lab is we do um show commands that you can drag and drop over into your window so you don't have to type them one other thing i'm going to show real quick is how do we get this ip address so we're going to now log into this kubernetes cluster that we created um and we're using the kubernetes uh command line or the cube cuddle as what most people call it and we're going to authenticate to our supervisor cluster so we can now start to do stuff and this again is something your developers would do every time you enable tons of kubernetes grid on the cluster you're going to get a load balanced ip that is either provided by avi or nsx or aj proxy that load balances the kubernetes on that particular cluster and so your developers when you go to onboard them what you can actually do is just hand off this ip address that shows up for this cluster oh i think i have to put http in front of it or ps and what we do is we host a web page on this particular supervisor cluster so each each tonzo cluster that we enable will have its own supervisor cluster and a different ip address so if you have people that are on different ones they might be different but this landing page is a great place to kind of hand off to your development team so they can download the cube cuddle command line as well as our vsphere plug-in which we use to do authentication and you can see that we have it for linux mac and windows so your developers could simply download that onto their jump box or their workbox wherever they're doing their work and then they would be able to authenticate into the supervisor cluster and begin to do things so this talks about how you log into it i'm not going to spend a lot of time on it because it's better to read it but basically if you're doing the lab you can actually highlight that drag this command over and drop it into your shell and hol will automatically populate this information for you so you can see what i'm doing is i'm logging into that that same ip address i had up here that 129 that's my supervisor cluster api for kubernetes and i'm using the administrator corp.local username and i'm using this kubset tl vsphere login so this is what allows us to use our sso to actually authenticate you to kubernetes and so i'll go ahead and type the password hopefully correctly and we'll log in and what happens is now i get to see what i have access to so we automatically surface which areas i have access to and kubernetes these are called contexts you can think about it as setting the context for your cube ctl cli tool which cluster or which namespace i want to talk to so we'll see that i have a context that is my supervisor cluster which is the thing we just logged into as a user i don't really have the ability to do anything on there and if i try i'll get permission errors and then you'll see that i have two namespaces that i've been given access to the demo app one and the demo app too and so the lab will take you through and explain setting a context again what it's really all about doing is setting the the context for your coop ctl which cluster or namespace am i looking so so we're going to set into the the demo app01 context which is looking at this demo apple one namespace that we created in the supervisor cluster and i have the rights of edit on here so now i could go and start creating stuff i can start creating my tkg clusters now the the lab doesn't go through all of these commands so i'm going to just show you guys a couple things before we move into this part there are um and if you want to explore the cube cuddle and you can do this in the hands-on lab even though it's not in the instructions um this is a full environment so you can basically explore and do stuff that's a little bit off book not everything's going to work because you might end up the rights or we might run out of resources but i'm just going to show you one so if you type the coop ctl api resources what it's going to do is show you all of the resources that this kubernetes cluster can look at so what these resources are is what the kubernetes api understands and knows as resources some of these are built-in kubernetes objects some of these objects are ones that we provide through our vm operators if you remember on our supervisor cluster i said we install a bunch of operators that extend the functionality of kubernetes to work with our stuff and to do cluster api stuff and so you'll notice some of the things that come are part of the upstream kubernetes some are part of our tonzu or vmware operator pieces but if you're ever looking for in any kubernetes cluster what commands do i have access to this api resource is a good one and so the one i want to look at is we want to look at these tons of kubernetes grid clusters if you remember i said this is where your developers work so as a developer i could look and say hey um show me all the tons of kubernetes grid clusters in all the name spaces that i have access to that are out here and it shows me i have that tkg cluster one uh it's in the demo app one name space this matches exactly what i would see back in vcenter is a vcenter admin so if i go back to my hosts and clusters and look at this you can see i've got that same cluster object here and i'm not going to spend a ton of time digging deep into cluster api because this can get over your head very quickly but there's a couple other things i can notice that i can look at so i can look at something called get a vm so i can kind of do that same command i just did instead of doing looking at tons of kubernetes cluster i can look at a vm it actually shows me the workers the vms that are backing up this particular cluster so again same thing i could see in vsphere as a vsphere admin the vms i can actually see them as a developer and as i get familiar with cluster api this becomes really powerful because they can see all of the things that make up a kubernetes cluster running on virtual machines as kubernetes objects and that's really the magic of cluster api is it holds these objects that represent something now these vms aren't actually running inside this name space they're running in a vcenter just like anything else but the objects that represent them are part of this namespace and as a developer this becomes very familiar to me because it's the same things i would see when looking at an app so i can look at things like you know the deployment behind it um i can look at what's called a machine set which is similar to uh you know a a deployment i can look at machine deployment like replica sets i can look at machines that are behind it so this is very familiar to your uh your development your sra teams that that builds your clusters and if you're going to take this job on they'll become really familiar to you as well you have all of this power inside of inside of the kubectl and the kubernetes api to do all of this life cycle management of kubernetes clusters so if we go through the lab what it wants us to do is change into this directory so this jump box has a directory uh a bunch of different uh files in it and one of them is what is it like to create a tanzu cluster so i keep talking about this self-service and what this like and and that may feel like you have to build a lot of automation around it and it's very difficult but in reality i'll just less this tkg cluster yaml file so your development teams to deploy their own fully functioning kubernetes cluster that's complete has authentication built in uh it creates the virtual machines behind it all of the network has the ability to create network entries and services and use persistent storage they're all created by this very short yaml file so this is maybe 15 16 lines and this would be done just like you would any application cube ctl apply minus f to this file this is how we created this tons of kubernetes grid cluster that we were just looking at so we get to say what version of kubernetes we want to run we get to talk about um so that's right here 118.5 how many uh master vms so the control plane for kubernetes what size vms those are how many workers what size vms those are what network stack i'm going to use andrea or calico what ips i might want within the cluster and then which storage classes can i use and from this very simple file we will create the virtual machines install kubernetes turn it into a cluster and return you a fully formed kubernetes cluster in maybe 10 to 15 minutes and if i wanted to add additional nodes i could just scale this cluster up and add more workers through a very single command if i want to upgrade to the next version of kubernetes i can do that from a single command at the command line so this puts all of this in full self service for your development teams and um you know your sres or or if you want to use something like v realize automation to create clusters or something like you know a regular ci cd pipeline like gip lab or jenkins anything that can talk to kubernetes can apply this yaml for you and automate this even further so again if you're not into kubernetes this might take a little uh you know a little bit to make sense of but it explains in the lab very clearly about what these pieces are and how to do that so once your developers or your automation team or whoever's going to create your tons of kubernetes great clusters for you creates a cluster then what's going to happen is now it's time for your development teams to go ahead and start deploying their applications and accessing these clusters so this section of the lab will take you through logging into the tons of kubernetes grid clusters so if you remember we already did a vsphere login where we were just logging in to see what namespaces we had access to um and it showed us our list of namespaces that we could access and create clusters in once you create a cluster what you want to do is actually be able to log into that cluster itself and so we use the same tons of kubernetes uh grid or cube ctl vsphere login but we add a couple additional pieces on here we add the name of the tons of kubernetes grid cluster that we want to log into so again your developers are going to be deploying applications on these tkg clusters and so they just say hey i want to log into this tkg cluster one they can find out the names of their cluster by using some of those other commands i showed you earlier and that cluster happens to be in this name space so when they issue this command and then they go ahead and log in what happens is they'll get that list of context backs but you'll now you'll notice that they also have the tkg cluster context and so what you can do is on the next page it would have you go ahead and show you the command to change again the context of your your coop kettle to use this context and again this is just changing the focus of where your cube cuddle is going to try to execute commands again so now it's going to be talking to the kubernetes api on this tkg cluster instead of trying to talk to the kubernetes api on your supervisor cluster and then you'd be able to do things like uh get nodes or get pods or get namespaces and deploy applications and so what you notice here about a tkg cluster is again it's a fully formed kubernetes cluster it has its own control plane its own set of workers these are running on virtual machines that we were looking at a few minutes ago back in in vcenter and so your developers can do anything they could do on any upstream cluster they can create custom roles they can create config maps they can create service accounts they can do all those types of things and deploy their applications so the next step of this lab will also talk about deploying a couple of applications so first of all it'll go through and have you deploy nginx which is a stateless app so it doesn't have persistent disk um it just deploys the application and takes you through that so you can work through that on your own uh and then there's a second part asks you to show how to get to it through the web browser one of the things i do want to point out is again since we have either nsx or h a proxy or avi behind the scenes here is when we deploy an application and expose it as service as type load balancer we will automatically provision a routable public or a routable ip within your org for this particular application and so the screenshot shows you how you would go through and find the ip address that nginx is listening on and again we're providing this as part of that network service where we allow you to consume the networking that we have configured to automatically service this so you don't have to go to your admins and request an f5 vip or anything like that we will automatically give you a vip for anything you expose externally using service of type load balancer and so this part will take you through figuring out what that ip is testing out nginx in the uh browser and then we also go through and deploy a stateful app which uses disks so it has state and has its own pvcs and it talks about how that happens and so you can work through this now i'm not going to do these in this lab because we're running short on time and i want to make sure we leave time for questions but these are the parts of the labs that you can work through on your own service or your own time deploying micro services and applications logging in and validating those jump box items all that things like that so basically you can do this in your own time and there's a number of cool apps that you can deploy here that kind of build upon each other another thing you can do if you want to uh is to go ahead and actually um deploy another tkg cluster i have to make sure i can get into the right space here so we have this tkg cluster file that we talked about earlier that is the yaml file to deploy cluster and so if you wanted to edit this you could actually edit this and what you would need to do is change the cluster name to something different than tkg cluster one so you would just want to do maybe cluster o2 for example and again since these labs are live you can do this um anything you want and then maybe change the worker count from one to or from three to maybe like one so you have one control plane worker count change the cluster name to cluster o2 save the file and then do a cube ctl apply minus f on the file name and it would actually deploy another cluster for you so you can actually see how that actually works real time and that'd be something i suggest you do as well and then the last last part of the app does talk lab does talk a little bit about harbor so you will find up here a saved link to harbor which is um that's a upstream open source uh container registry that you can run um it also is part of the tanzu portfolio so it will tell you how to log into that you can check that out and then it will also talk a little bit about i believe octant which is a an upstream open source free product that vmware has that basically allows you to dig into the cluster and look at what's going on so it'll show you what's going on with the deployments and the applications and allow you to really dig into it it's kind of like a kubernetes dashboard on steroids so that we'll go ahead and wrap up the lab and leave some time for questions um i appreciate you guys hanging in me with us i know we moved through a lot of it very quickly but go back and and play with the lab in your own time and experience all of this stuff so questions we got excellent presentation really cool uh demo bob thank you so much for sharing that with us uh we we do have a ton of questions out here and we just have a few minutes left probably to handle uh some of these questions i'm looking down the list here and there's a lot of great questions i do want to remind everyone before we go and wrap up don't forget about the handouts tab as well you can follow along and do everything there that bob walk you through with the first link that's at the top of the handouts follow along with vsphere with tanzu there's also the lab guide in there as well as the resource on vmware vsphere 7 with kubernetes so the first question bob i see here on the list they're asking is there a specific version of kubernetes that's supported with this and is there a required version of vsphere that needs to be used yeah thanks dave so this is based on what we looked in the hands-on lab today it is vsphere 7 that has the built-in kubernetes functionality that we looked at in the lab 7.0 so 7 update 2 a is the latest that added in support for avi and a couple other pieces uh instead of h.a proxy and then if we talk about the kubernetes version itself so as we saw in that content library we ship a number of different versions of kubernetes you know 1.20 1.18 19 17 16. so we support a wide number of versions of kubernetes but it is all tons of kubernetes grid which is vmware's signed binaries it's not a fork of the upstream project it's actually the upstream binaries we take it we sign it we put our operators in and then we support it and we're very active in upstream so we we uh work with upstream when we patch something that they have not patched we can submit that upstream if they patch something we can pull it down and wrap it in so it is all tons of kubernetes grid that's supported as terms of what distribution of kubernetes but that is upstream compliant kubernetes uh that's delivered so hopefully that answers the question okay there's a multi-cloud version that will also run on 6.7 and cover that here but that that's there as well okay excellent and that kind of brings us here to the next question they're asking uh what clouds could we run this on and specifically they're asking if gcp is on the roadmap for the future yeah gcp is definitely on the road map our tonsil companies grid integrated tkgi which some of you may have known from the old days is called pks that does still run on gcp but we're working on getting our multi-cloud product in there i don't have like i can't give out exact timelines but it is definitely roadmap got it okay and then kind of a high-level question here what's the benefit of vmware tanzu for the company i mean i think most everyone's familiar with vmware vsphere but specifically vmware with tanzu what's what's new or what's different what do people need to know yeah i think one of the main things that i i really look at is you know we talked about i think at the beginning tons of is a portfolio so there's service mesh there's a global fleet management piece of it there's the the build service piece of it and those types of things um but if we talk about tons of kubernetes grid which we looked at here as part of easter seven the first thing is that it's built in so you don't have to stand up a different product you basically enable this product yes you do have to stand up you know something like avi or aj proxy or nsx for the networking side but essentially it's built in and it leverages the things you already do so you already have the vsphere platform that you're running vms on you can use that same platform now to provide you know kubernetes as a service to your teams um and it uses the storage that's already there uh if you're using the standard networking the networking that's already there with the addition of you know having to add obvi or h.a proxy as another appliance and so it's all kind of part of what you're already used to also since we leveraged the sso components in there authentication uh is easier you don't have to stand up third-party product to do that and so you kind of have a single platform that you can run it all you don't have to do any provisioning of virtual machines to stand up your clusters a lot of products you need to feed it a set of pre-provisioned virtual machines that you have to then you know set up and and manage first where this is all kind of built in so once you turn it on you're basically able to really just leverage that service and really um you know really push out kubernetes clusters with ease on what you've already got excellent excellent well we've got a lot of questions still left here i'm afraid we're going to have to get back to those electronically since we're running out of time here in our live webinar event but um bob i guess before we go just kind of final question i mean for folks who want to get started with this and try it out they just go to the hands-on lab link that's there in the handouts tab and then kind of what happens after that it's a it's a quick free registration i believe and then they can gain access to this lab yeah right hands-on labs are definitely free so you can just basically go to the hands-on lab catalog and search for the hol2113 go through it as many times as you want and it will give you a good feel for how the product integrates the other thing is you can kind of go off script so you know we definitely have a lab manual that lets you kind of work you through this stuff but once you've done that you know you can go ahead and create your own name space and and try you know play around a little bit there's some deployments in there to deploy the apps so it will definitely give you a good feel for what's going on excellent all right bob well it's been really great having you on thank you so much for sharing all your knowledge with us about the new vsphere with tanzu for sure thanks for having me and i appreciate everybody's questions i'll i'll continue to work through the questions that were asked on the chat and see if i can get them all answered but definitely appreciate you guys having me and your time and interest absolutely and thank you to vmware of course for supporting the event today uh check out again the vmware hands-on labs the lab guide and there is the download right there on vmware vcr7 with kubernetes you can go try this out for free in the vmware hands-on labs and you know gain some experience see how this can help you at your company this is the first of a three-part webinar series we're doing here with vmware so we hope to see you on our upcoming events in this series uh watch your email inbox for invitations to the other upcoming webinars here in the series and with that i want to announce the winner of our amazon 300 gift card this is going to jeff obranovic from tennessee congratulations jeff obranovic from tennessee we'll reach out to you to deliver your gift card and we'll also be reaching out to our best question prize prizewinner as well thank you to everyone who joined us today on the webinar i hope you learned a lot and have a great day we'll see you next time bye-bye

Info

Channel: ActualTech Media -

Views: 310

Rating: undefined out of 5

Keywords:

Id: ImDf2Fofqvc

Channel Id: undefined

Length: 61min 52sec (3712 seconds)

Published: Thu Jul 08 2021