gowatana

Enable-WMCluster -Cluster "wcp-cluster-31" `
-SizeHint Tiny `
-EphemeralStoragePolicy "vm-storage-policy-wcp" `
-ImageStoragePolicy "vm-storage-policy-wcp" `
-MasterStoragePolicy "vm-storage-policy-wcp" `
-ManagementVirtualNetwork (Get-VirtualNetwork -Name "DPortGroup-0010-MGMT") `
-ManagementNetworkMode StaticRange `
-ManagementNetworkStartIPAddress "192.168.10.51" `
-ManagementNetworkSubnetMask "255.255.255.0" `
-ManagementNetworkGateway "192.168.10.1" `

gowatana

  [vsanDatastore] 8c4b8760-0394-9427-46f1-005056812782/vm02.vmdk
    DOM Object: 904b8760-04b9-b605-47fe-005056812782 (v14, owner: 192.168.10.123, proxy owner: None, policy: stripeWidth = 1, cacheReservation = 0, proportionalCapacity = 0, hostFailuresToTolerate = 2, forceProvisioning = 0, spbmProfileId = c9612595-21c4-445a-ad13-f514d02bd160, spbmProfileGenerationNumber = 0, storageType = Allflash, replicaPreference = Capacity, iopsLimit = 0, checksumDisabled = 0, CSN = 14, SCSN = 10, spbmProfileName = RAID6)
      RAID_6
        Component: 904b8760-cb6b-a806-1e16-005056812782 (state: ACTIVE (5), host: 192.168.10.124, capacity: mpx.vmhba0:C0:T2:L0, cache: mpx.vmhba0:C0:T1:L0,
                                                         votes: 2, usage: 0.0 GB, proxy component: false)
        Component: 904b8760-ca5a-ab06-f50d-005056812782 (state: ACTIVE (5), host: 192.168.10.123, capacity: mpx.vmhba0:C0:T2:L0, cache: mpx.vmhba0:C0:T1:L0,
                                                         votes: 1, usage: 0.0

gowatana

$haproxy_ca_cert_file = Get-Content "./lab-haproxy-41_ca.crt" | Out-String

$workload_network_primary = New-WMNamespaceNetworkSpec `
-Name "network-1" `
-DistributedPortGroup "DPortGroup-0021-WL1" `
-Gateway "192.168.21.1" `
-Subnet "255.255.255.0" `
-AddressRanges "192.168.21.11-192.168.21.79"

$workload_network_additional_1 = New-WMNamespaceNetworkSpec `

gowatana

---
kind: Service
apiVersion: v1
metadata:
  name: svc-web
spec:
  type: LoadBalancer
  selector:
    app: httpd
  ports:

gowatana

---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: crb-vmware-system-privileged
roleRef:
  kind: ClusterRole
  name: psp:vmware-system-privileged
  apiGroup: rbac.authorization.k8s.io
subjects:

gowatana

export SCP=192.168.24.11
export TKC_NS=lab-ns-51
export TKC_NAME=tanzu-cluster-51
export VSPHERE_USERNAME=administrator@vsphere.local
export KUBECTL_VSPHERE_PASSWORD=VMware1!

kubectl vsphere login \
--server=$SCP \
--tanzu-kubernetes-cluster-namespace=$TKC_NS \
--tanzu-kubernetes-cluster-name=$TKC_NAME \

gowatana

export SCP=192.168.24.11
export TKC_NS=lab-ns-51
export VSPHERE_USERNAME=administrator@vsphere.local
export KUBECTL_VSPHERE_PASSWORD=VMware1!

kubectl vsphere login \
--server=$SCP \
--vsphere-username=$VSPHERE_USERNAME \
--insecure-skip-tls-verify

gowatana

---
kind: TanzuKubernetesCluster
apiVersion: run.tanzu.vmware.com/v1alpha1
metadata:
  name: tanzu-cluster-51
spec:
  distribution:
    version: v1.19.7
  topology:
    controlPlane:

gowatana

#cloud-config

disable_root: true
ssh_pwauth: true
package_upgrade: false

users:
- name: nutanix
  lock-passwd: false
  passwd: $6$oDzrtJla$rMzS0vuH95Q2PjDgqVOsI30MqAYemPK5Y9uYsSpeQWd99R4hqm/JWoJqH4Y81SlbtTMkglp243leccceKNZ9h.

gowatana

ingress-nginx の様子をデモ。WebサービスA、サービスBを起動して、Ingressで振り分け。

1. LB (MetalLB) の準備

• NSX-T LB の代わり

MetalLB の IP レンジを決めておく。（ワーカーの IP レンジで。例： 10.0.3.221-10.0.3.229）

$ cat configmap.yml