Deploy a Tanzu supervisor namespace in Cloud Assembler

This post describes how to add Tanzu supervisor clusters with Aria Automation Cloud Assembler for use in deployments and how to create namespaces in a supervisor cluster using a Cloud Template.

Supervisor clusters are customised Kubernetes clusters associated with vSphere. They expose Kubernetes APIs to end users, and they use ESXI as a platform for worker nodes rather than Linux. Supervisor namespaces facilitate access control to Kubernetes resources, because it is typically easier to apply policies to namespaces than to individual virtual machines. We can create multiple namespaces for each supervisor cluster.

To use supervisor namespaces with Cloud Assembler, a vSphere endpoint must be configured, and Tanzu must be enabled on the vSphere cloud account. I’ve described the Tanzu setup in my homelab Tanzu article.

To make Tanzu Supervisor services available in Aria Automation, we follow this procedure:

In Cloud Assembler, select Infrastructure > Configure > Kubernetes in Cloud Assembly. Click Add Supervisor Cluster. Provide the following information, then click Add:

Account: the cloud account, e.g. vc1.poc.corp
Supervisor cluster: the supervisor cluster, e.g. cluster1

In Cloud Assembler, navigate to Infrastructure > Configure > Kubernetes Zone. Select New Kubernetes Zone. Provide the following information:

Account: vc1.poc.corp
Name: vc1.poc.corp / kubernetes1

Now click the Provisioning tab to select the supervisor cluster that will be associated with the namespaces.

Click Add Compute and select the available supervisor cluster, e.g. cluster1. Then click Save.

Now navigate to Infrastructure > Administration > Projects and then select the project that you want to associate with your Kubernetes zone.

Here, click the Kubernetes Provisioning tab on the Project page. Then click Add Kubernetes Zone and add the zone that we’ve just created. Click on Save.

Now, we create a new Storage Profile for Kubernetes provisioning. As we know, Storage profiles include disk customisations, and a means to identify the type of storage by capability tags. Tags are then matched against provisioning service request constraints to create the desired storage at deployment time.

To create the Storage Profile, navigate to Infrastructure > Configure > Storage Profiles and click New Storage Profile. Create the Storage Profile as follows:

Account: vc1.poc.corp / datacenter1
Name: Tanzu Storage
Disk type: Standard disk
Storage policy: tanzu (a custom Storage Policy that has been created specifically for Kubernetes provisioning)
Capability tags: storage:tanzu

Finally, we can create the Cloud Template to provision Supervisor Namespaces. To add the namespace to a cloud template we select Design > Cloud Template and create a new one. Then we select the Supervisor namespace item on the left menu and drag it to the canvas.

We customize the blueprint by letting the user specify the desired name of the namespace, and by specifying the appropriate storage policy as created previously.

formatVersion: 1
inputs:
  name:
    type: string
    title: Name of the namespace
    pattern: ^[a-z0-9]+(-[a-z0-9]+)*$
resources:
  Cloud_SV_Namespace_1:
  type: Cloud.SV.Namespace
  properties:
    name: ${input.name}
    storage:
      - profile:
         constraints:
           - tag: storage:tanzu

To test a deployment, we click on Deploy, specify a name for the deployment and the namespace, and wait until the deployment has been finished.

We can also verify the existence of the namespace in vCenter.

Deploy a Tanzu supervisor namespace in Cloud Assembler

NSX-T setup with Edge single NIC uplink profile and static routing

Orchestrator workflows fails when invoked from Aria Automation Service Broker

Leave a Reply Cancel reply