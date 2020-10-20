As promised, here is the complimentary solution to my existing Automated vSphere with Tanzu Lab Deployment Script, which will automatically deploy and configure the required infrastructure (vCenter Server Appliance, ESXi, vSAN and HAProxy VMs) so that you can quickly jump to enabling Workload Management on your vSphere Cluster.

FYI: Ben Corrie, one of the Engineers on the vSphere with Tanzu team recently published a vSphere with Tanzu 4-Part Deep Dive video series where he walks you through in deploying everything from scratch along with the concepts that should help you better understand how vSphere with Tanzu works. He is actually doing this in his own personal homelab and thought this might be useful to share with others. Kudos Ben and highly recommend folks check out his video if you new to vSphere with Tanzu and Kubernetes.



Enabling Workload Management is a manual step after the automated deployment script and as you know, I prefer to automate as much as I can. I have updated my existing PowerCLI Workload Management Module to now also support the new vSphere with Tanzu capability using HAProxy for networking instead of NSX-T. The module can be downloaded from PowerShell Gallery by simply running

Install-Module VMware.WorkloadManagement

Note: I should also mention that as of PowerCLI 12.1, there are now official PowerCLI cmdlets for configuring Workload Management which did not exists when vSphere 7.0 initially GA'ed and reason for this module. I have not personally taken a look at the cmdlets, but expect simliar set of user input will be required to enable.

Given the difference of input between an NSX-T and HAProxy based vSphere with Tanzu Cluster, I decided to create a new function called New-WorkloadManagement2 (very creative) and it accepts the following parameters:

ClusterName - Name of vSphere Cluster to enable Workload Management

At first glance, this may seem like a large amount of input and it is but that is what is needed when using the vSphere UI to enable Workload Management. I have streamlined some of the parameters and used defaults (assuming you used my deployment script). If not, you can always override the default values if you deployed vSphere with Tanzu using HAProxy the manual method as this ultimately just uses the vCenter Server REST API for Workload Management.

Here is an example of using the New-WorkloadManagement2 function:

$vSphereWithTanzuParams = @{ ClusterName = "Workload-Cluster"; TanzuvCenterServer = "tanzu-vcsa-1.cpbu.corp"; TanzuvCenterServerUsername = "*protected email*"; TanzuvCenterServerPassword = "VMware1!"; TanzuContentLibrary = "TKG-Content-Library"; ControlPlaneSize = "TINY"; MgmtNetworkStartIP = "172.17.31.120"; MgmtNetworkSubnet = "255.255.255.0"; MgmtNetworkGateway = "172.17.31.1"; MgmtNetworkDNS = @("172.17.31.5"); MgmtNetworkDNSDomain = "cpub.corp"; MgmtNetworkNTP = @("5.199.135.170"); WorkloadNetworkStartIP = "172.17.36.130"; WorkloadNetworkIPCount = 20; WorkloadNetworkSubnet = "255.255.255.0"; WorkloadNetworkGateway = "172.17.36.1"; WorkloadNetworkDNS = @("172.17.31.5"); WorkloadNetworkServiceCIDR = "10.96.0.0/24"; StoragePolicyName = "tanzu-gold-storage-policy"; HAProxyVMvCenterServer = "mgmt-vcsa-01.cpbu.corp"; HAProxyVMvCenterUsername = "*protected email*"; HAProxyVMvCenterPassword = "VMware1!"; HAProxyVMName = "tanzu-haproxy-1"; HAProxyIPAddress = "172.17.31.116"; HAProxyRootPassword = "VMware1!"; HAProxyPassword = "VMware1!"; LoadBalancerStartIP = "172.17.36.2"; LoadBalancerIPCount = 125 } New-WorkloadManagement2 @vSphereWithTanzuParams 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 $vSphereWithTanzuParams = @ { ClusterName = "Workload-Cluster" ; TanzuvCenterServer = "tanzu-vcsa-1.cpbu.corp" ; TanzuvCenterServerUsername = "*protected email*" ; TanzuvCenterServerPassword = "VMware1!" ; TanzuContentLibrary = "TKG-Content-Library" ; ControlPlaneSize = "TINY" ; MgmtNetworkStartIP = "172.17.31.120" ; MgmtNetworkSubnet = "255.255.255.0" ; MgmtNetworkGateway = "172.17.31.1" ; MgmtNetworkDNS = @ ( "172.17.31.5" ) ; MgmtNetworkDNSDomain = "cpub.corp" ; MgmtNetworkNTP = @ ( "5.199.135.170" ) ; WorkloadNetworkStartIP = "172.17.36.130" ; WorkloadNetworkIPCount = 20 ; WorkloadNetworkSubnet = "255.255.255.0" ; WorkloadNetworkGateway = "172.17.36.1" ; WorkloadNetworkDNS = @ ( "172.17.31.5" ) ; WorkloadNetworkServiceCIDR = "10.96.0.0/24" ; StoragePolicyName = "tanzu-gold-storage-policy" ; HAProxyVMvCenterServer = "mgmt-vcsa-01.cpbu.corp" ; HAProxyVMvCenterUsername = "*protected email*" ; HAProxyVMvCenterPassword = "VMware1!" ; HAProxyVMName = "tanzu-haproxy-1" ; HAProxyIPAddress = "172.17.31.116" ; HAProxyRootPassword = "VMware1!" ; HAProxyPassword = "VMware1!" ; LoadBalancerStartIP = "172.17.36.2" ; LoadBalancerIPCount = 125 } New-WorkloadManagement2 @ vSphereWithTanzuParams

The function will first connect to the vCenter Server which was used to deploy the HAProxy VM and then use the Guest Operations API (Invoke-VMScript) to automatically extract the HAProxy certificate which is one of the required parameters. It will then disconnect from that vCenter Server and connect to the new deployed vCenter Server from the automation script to provide the rest of the required paraemters. If the enablement request was accepted, you should see a message that asks you to use the vSphere UI to monitor the progress and when you navigate to the Workload Management section of the vSphere UI, you should see the enablement process begin. If all information was provided correctly, this can take up to 30-40min to complete.