VMware Tanzu Kubernetes Grid Integrated Edition

Broadcom Employee Kyle Roberts posted Apr 30, 2019 06:35 PM

Which IaaS are you using, btw? vSphere with NSX-T?

 

When referring to separate service networks for production use and development use, are you referring to 2 separate/isolated Service Networks within your "IaaS"(i.e., 2 distinct prod and dev foundations)?

 

Or do you want separate k8s clusters for prod and dev use, each managed by their own admins(1 pks foundation, multiple clusters? In this 2nd case, you deploy a single PKS foundation and deploy 2 k8s clusters. Each k8s clusters is isolated.

Alexandre Oliveira posted Apr 30, 2019 09:25 PM

Firstly thanks. Now, lets go:

 

Which IaaS are you using, btw? vSphere with NSX-T?

Vsphere without NSX by now

 

When referring to separate service networks for production use and development use, are you referring to 2 separate/isolated Service Networks within your "IaaS"(i.e., 2 distinct prod and dev foundations)?

No. I have a single vsphere cluster. I created the AVs in the same cluster but using a specific resource pool for each AV (Infra, Produ and Desen, for example).

But each AV is configured to use a specific network: NETInfra, NETProdu and NETDesen,  being NETInfra the infrastrcuture network and NETProdu/NETDEsen services network.

PS.: Each network above is a DMZ configured in ToR/Firewalls.

 

The problem is when I configuring the PKS via Ops Manager the "Assign AZs and Networks" section just permit a single service network! And after in the Plans config, just the network available is the network configured above (In Assign ...). Therefore, I just can create a plan for Produ (for examplo, plan1) and the plan2 cannot use the NETDesen, for example, at least via ops manager (gui).

 

 

 

 

 

Alexandre Oliveira posted May 01, 2019 01:15 PM

Just to stay more clear:

 

I'm using a single PKS instance and Bosh director who has defined with 3 AZs (Infra, Produ and Develop), each AZ with your especific network (NETInfra, NETProdu and NETDevelop). The AZInfra/NETInfra is the infrastructure RP/network. The AZProdu/NETProdu and AZDevelop/NETDevelop are, both, services RP/netwoks.

 

RP = Resource Pool. As I said before.

Broadcom Employee Kyle Roberts posted May 01, 2019 02:15 PM

Hi Alexandre,

 

You can have multiple AZs, where each AZ has its own Infrastructure Network AND Service Network. And you can use each AZ that way. But you cannot configure the way you are explaining.

 

You should Create 3 Availability Zones in Director Tile that way. Then you can utilize the 3 AZs within the PKS tile and plans.

 

Alexandre Oliveira posted May 01, 2019 03:26 PM

Hi Kyle, firstly of all thanks for help! But ....

 

How? above is my config ...

 

In Bosh Director config:

1) I create as AZs vinculing it to IaaSConfig, cluster(vsphere) and Resource Pool

 

2) I create the networks, now:

  NETInfra -> AZs (AZInfra, AZProdu, AZDevelop)

  NETProdu -> AZs (AZInfra, AZProdu)

  NETDevelop -> AZS (AZInfra, AZDevelop)

 

3) Apply the changes;

 

In PKS config:

 

1) In AZ and Network Assigns:

 

  Place singleton jobs in: AZInfra

  Balance other jobs in: AZInfra, AZProdu, AZDevelop (option not in use yet)

  Network: NETInfra

  Service Network: NETProdu 

  

  PS.: the two last options (Network and Service Network) is in combo box style (just one selection).

 

2) In Plan1: (in theory my plan to kubernete cluster of production)

 

  Master/ETCD AZs: AZProdu (appears AZINfra and AZPRodu in select style)

  Worker AZs: AZProdu (appears the same option above)

 

3) In Plan2: (in theory my plan do kubernete cluster of development)

 

  Master/ETCD AZs: (Do not appear the AZDevelop option, just AZINfra and AZPRodu options)

  Worker AZs: (Do not appear the AZDevelop option, just AZINfra and AZPRodu options)

 

 

This is my doubt?

 

 

 

Alexandre Oliveira posted May 01, 2019 03:27 PM

Above not!!!! Bellow (sorry my english) kkkkkk

Broadcom Employee Kyle Roberts posted May 01, 2019 05:54 PM

Hi Alexandre,

 

I may have confused things:

 

When I said:

 

"You can have multiple AZs, where each AZ has its own Infrastructure Network AND Service Network. And you can use each AZ that way. "

 

I meant:

"You can have multiple AZs, where every AZ will use the same Infrastructure Network AND Service Network. Then you can utilize the multiple AZs within the PKS tile and plans. And you can use each AZ that way. But you cannot configure the way you are explaining in vSphere on Flannel."

 

Else, you would still be able have Prod k8s clusters and Dev k8sn clusters using separate AZs (but not separate service networks).

 

If I confused things, apologies. If you are really wanting 2 or more distinct vSphere Service Networks you should look into utilizing NSX-T networking and utilize Network Profiles if using completely different Service Networks is what you are looking for. NSX-T networking option comes with Enterprise PKS license, btw. And I would suggest reaching out to your Pivotal Account team and our assigned Pivotal Platform Architect for more info.

 

 

Alexandre Oliveira posted May 01, 2019 09:50 PM

Ok Kyle, Thanks for all.