Category

TKG 1.1.3 is out and with it brings an exciting change – NFS Tools is now included in the PhotonOS! This is big as it opens up ootb integration with shared storage. Previously, you need to mess with photonOS internal manually to make use of NFS for pods… and yeah -new K8S version too. Now – time for an upgrade. Before that, lets do the pre-work Upload both tkg OVA: kubernetes and haproxy and mark it

Since last week, I’ve been running harbor using a self-signed certificate. This is okay for home-lab purpose but annoying once you start integrating with Kubernetes. This is because you need to modify the each node to trust the self-signed cert to be able to push/pull images, and with TKG providing scale-out k8s installation – this is a headache to integrate. To solve this, we can use LetsEncrypt to provi

For this post, I’ll be documenting how to run Harbor behind Traefik in a kubernetes installation. Although the Harbor helm chart can be installed with nginx ingress controller – I already have an ingress controller running in my cluster and I prefer to use it instead. (Also, traefik is way easier to configure :P). Now, to install, configure the following in the values.yaml in the harbor helm chart: values

During the weekend, I wanted to try creating a CI/CD pipeline for web-applications I’ve been developing ( details on a separate post). Given the only experience I have with such technologies (CI/CD Pipeline) is seeing them from marketing slide – this is an opportunity for me to learn and document my experience. Hello Jenkins When you think CI/CD- you’ll always going to come across Jenkins. Now, whil

This post documents the experience in using ansible module for nsx-t https://github.com/vmware/ansible-for-nsxt Prerequisites The following steps were undertaken in a control VM where the ansible playbook will be executed. Install ovftool I’m using ubuntu 18.04 and have downloaded ovftool.bundle from VMware. After uploading the file, issue sh VMware-ovftool-4.3.0-7948156-lin.x86_64.bundle pip3 install --upgrade

A month ago, I took and passed Certified Kubernetes Application Developer (CKAD) and, a week later, Certified Kubernetes Administrator (CKA). This post is not meant to provide review guidelines but my take on the exam as someone: Who has been taking only VMware Certifications in the last 10 years (my last non-vmware cert is NCDA back in 2010?) Primary experience being a System Administrator Knowledge in Cloud-Native

Unable to validate the provided access credentials: Failed to validate credentials. Error: java.security.cert.CertificateException: No subject alternative DNS name matching <nsx> found. Cloud account: null Task: /provisioning/endpoint-tasks/d3f06b7ab13aec7559c1458d6fa20 Got the above error when trying to add NSX-V cloud-account to vRealize Automation 8. Issue: it’s because the self-signed certificate of the

When doing an upgrade via LCM of vRA from 8.0 to 8.0.1, you might encounter this error: Disk space on root partition (/) on VM Disk 1 (/dev/sda4) should have atleast 20 GB of free disk space. This is because initial installation of vRA only has small disk not enough for upgrade. The issue is documented in the Known Issue for vRA 8.0.1 here To resolve, WITHOUT POWERING OFF your Virtual Appliance, go to each of the vRA

vRealize Automation 8 is out! This is a big release as it marks feature parity with VMware Cloud Automation Service (SaaS offering). In addition, a new architecture which eliminates the need for Windows Server. For this post, i’ll document what’s needed for an Enterprise Install of vRA8. High-level diagram: Components: 1 x Lifecycle Manager3 x Identity Manager3 x vRealize Automation Appliance2 x LB to handle IDM and

Some kubernetes action 🙂 I’ve just installed prometheus-grafana monitoring on my kubeadm built k8s cluster. This is the repo i used to do such: https://github.com/giantswarm/prometheus After installing, there was an error getting node metrics. The error: Get http://172.16.20.14:10255/metrics: dial tcp 172.16.20.14:10255: getsockopt: connection refused To fix this, you need to allow kubelet read-only port by spe