ingress-nginx の様子をデモ。WebサービスA、サービスBを起動して、Ingressで振り分け。
- NSX-T LB の代わり
MetalLB の IP レンジを決めておく。(ワーカーの IP レンジで。例: 10.0.3.221-10.0.3.229)
$ cat configmap.yml
Enable-WMCluster -Cluster "wcp-cluster-31" ` | |
-SizeHint Tiny ` | |
-EphemeralStoragePolicy "vm-storage-policy-wcp" ` | |
-ImageStoragePolicy "vm-storage-policy-wcp" ` | |
-MasterStoragePolicy "vm-storage-policy-wcp" ` | |
-ManagementVirtualNetwork (Get-VirtualNetwork -Name "DPortGroup-0010-MGMT") ` | |
-ManagementNetworkMode StaticRange ` | |
-ManagementNetworkStartIPAddress "192.168.10.51" ` | |
-ManagementNetworkSubnetMask "255.255.255.0" ` | |
-ManagementNetworkGateway "192.168.10.1" ` |
[vsanDatastore] 8c4b8760-0394-9427-46f1-005056812782/vm02.vmdk | |
DOM Object: 904b8760-04b9-b605-47fe-005056812782 (v14, owner: 192.168.10.123, proxy owner: None, policy: stripeWidth = 1, cacheReservation = 0, proportionalCapacity = 0, hostFailuresToTolerate = 2, forceProvisioning = 0, spbmProfileId = c9612595-21c4-445a-ad13-f514d02bd160, spbmProfileGenerationNumber = 0, storageType = Allflash, replicaPreference = Capacity, iopsLimit = 0, checksumDisabled = 0, CSN = 14, SCSN = 10, spbmProfileName = RAID6) | |
RAID_6 | |
Component: 904b8760-cb6b-a806-1e16-005056812782 (state: ACTIVE (5), host: 192.168.10.124, capacity: mpx.vmhba0:C0:T2:L0, cache: mpx.vmhba0:C0:T1:L0, | |
votes: 2, usage: 0.0 GB, proxy component: false) | |
Component: 904b8760-ca5a-ab06-f50d-005056812782 (state: ACTIVE (5), host: 192.168.10.123, capacity: mpx.vmhba0:C0:T2:L0, cache: mpx.vmhba0:C0:T1:L0, | |
votes: 1, usage: 0.0 |
$haproxy_ca_cert_file = Get-Content "./lab-haproxy-41_ca.crt" | Out-String | |
$workload_network_primary = New-WMNamespaceNetworkSpec ` | |
-Name "network-1" ` | |
-DistributedPortGroup "DPortGroup-0021-WL1" ` | |
-Gateway "192.168.21.1" ` | |
-Subnet "255.255.255.0" ` | |
-AddressRanges "192.168.21.11-192.168.21.79" | |
$workload_network_additional_1 = New-WMNamespaceNetworkSpec ` |
--- | |
kind: Service | |
apiVersion: v1 | |
metadata: | |
name: svc-web | |
spec: | |
type: LoadBalancer | |
selector: | |
app: httpd | |
ports: |
--- | |
kind: ClusterRoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: crb-vmware-system-privileged | |
roleRef: | |
kind: ClusterRole | |
name: psp:vmware-system-privileged | |
apiGroup: rbac.authorization.k8s.io | |
subjects: |
export SCP=192.168.24.11 | |
export TKC_NS=lab-ns-51 | |
export TKC_NAME=tanzu-cluster-51 | |
export VSPHERE_USERNAME=administrator@vsphere.local | |
export KUBECTL_VSPHERE_PASSWORD=VMware1! | |
kubectl vsphere login \ | |
--server=$SCP \ | |
--tanzu-kubernetes-cluster-namespace=$TKC_NS \ | |
--tanzu-kubernetes-cluster-name=$TKC_NAME \ |
export SCP=192.168.24.11 | |
export TKC_NS=lab-ns-51 | |
export VSPHERE_USERNAME=administrator@vsphere.local | |
export KUBECTL_VSPHERE_PASSWORD=VMware1! | |
kubectl vsphere login \ | |
--server=$SCP \ | |
--vsphere-username=$VSPHERE_USERNAME \ | |
--insecure-skip-tls-verify |
--- | |
kind: TanzuKubernetesCluster | |
apiVersion: run.tanzu.vmware.com/v1alpha1 | |
metadata: | |
name: tanzu-cluster-51 | |
spec: | |
distribution: | |
version: v1.19.7 | |
topology: | |
controlPlane: |
#cloud-config | |
disable_root: true | |
ssh_pwauth: true | |
package_upgrade: false | |
users: | |
- name: nutanix | |
lock-passwd: false | |
passwd: $6$oDzrtJla$rMzS0vuH95Q2PjDgqVOsI30MqAYemPK5Y9uYsSpeQWd99R4hqm/JWoJqH4Y81SlbtTMkglp243leccceKNZ9h. |