just another tech blog site...

Update AVI configuration in TKG 1.4

I needed to change the configuration of AVI / NSX ALB that is powering my TKG 1.4 cluster. The change is a downgrade since i’m seeing weird stuff on the new version of AVI i was using. In hindsight, i could have easily just recreated everything in my TKG cluster as it’s all scripted/ templated already but doing this steps would help you understand the integration works. so lets get started: In the Managem
Read More

Remove Tanzu Mission Control Agent manually

Background: After detaching a Tanzu Workload cluster in TMC (Tanzu Mission Control), vmware-system-tmc namespace is still left in the workload cluster Quick Commands to complete the cleanup:
Read More

Remove kubernetes namespace stuck in Terminating

Quick Post: Cause: This is because of a stuck resource in kubernetes. Solution: One way to get around this is to remove the finalizer spec to allow kubernetes in to clean-up the namespace. Steps: Dump the namespace spec in json format Edit the namespace.json and remove the finalizer portion in the spec. it should look like below From: to: Manually patch the namespace using the following command … and that’
Read More

Expose kubernetes service using CloudFlare Argo Tunnel

Last February, I blogged how to use Inlets which allows you to expose your on-prem kubernetes cluster to the big bad internet using an exit node which is a public VPS. It works as it claims but this may not be for everyone as you need to pay extra $/mo for the public VPS. Like anything in IT- there’s many ways to skin a cat. Now, i’ll be detailing another way to achieve this using CloudFlare Argo Tunnel w
Read More

Remove failed node in TKG after MachineHealth checks mark it failed

With Tanzu Kubernetes Grid Cluster API implements Machine Health-Check that provides node health monitoring and node auto-repair for Tanzu Kubernetes clusters. In action, what happens is it automatically consolidates the desired state with regards to node configuration in the event of failure. Saw this in action when power wen-out and caused one my worker nodes to be corrupted. As a response, the cluster-api provisio
Read More

Goodbye Metallb – Hello AVI LB. How to use Avi LB on your on-prem kubernetes

NOTE: This post is based on Tanzu Kubernetes Grid. If you are using other kubernetes release, installing/using AVI Kubernetes Operator manually should work. With the release of Tanzu Kubernetes Grid ( tkg 1.3), Avi Kubernetes Operator can be pre-configured as part of kubernetes cluster creation. This helps streamline setting up Type:LoadBalancer especially for on-prem kubernetes install. This is HUGE as it removes th
Read More

Setup Harbor Registry with Traefik as Ingress Controller and LetsEncrypt Certificate

For this post, I’ll document how to setup Harbor registry using Traefik as an ingress controller with a valid certificate from LetsEncrypt . Documentation around the topic is scattered in different places and people just assumes you’ll figure out the trivial details. So without further ado… let’s start with a quick pre-requisites. Pre-requisite As an image registry, Harbor needs to have a vali
Read More

Expose your On-Prem Kubernetes to the Internet with Inlets!

DISCLAIMER: I’m not affiliated with inlets/ openfaas. I bought inlets-pro license on my own as it’s a cool tech which answers limitations to my current home-lab setup. As with anyone running an on-premise Kubernetes, exposing services internally is straight forward process – setting up services/ ingress. voila! You got your application consumable by anyone internal to your network. Now to have it ac
Read More

Salt Stack Enterprise Installation gotchas

New year.. new stack (get it?) For this year – I wanted to learn a new configuration management I’ve been using at home. Although ansible CLI has been good and dependable, AWX has left a bad taste. The high resource utilization and cumbersome way of installing in Kubernetes are good reason to look at other options. Good thing, being with VMware allows us to try the softwares that are currently in our solu
Read More