Kubernetes

Getting started with VMware Pivotal Container Service (PKS) Part 8: Monitoring Tool Overview

04/24/2018 by William Lam 1 Comment

I had received a few questions about the monitoring capabilities for VMware PKS and some of the VMware tools that can help provide visibility and audibility of the platform. Different consumers of PKS will care about different things, as you can imagine the cloud admin/platform operator is primarily concerned with the underlying infrastructure (compute, storage, network) including the PKS Management components. Developers want to know how their application is doing and if there are any issues, how to quickly access the information they need to debug and fix the problem.

Logging

Complete end-to-end logging is a mandatory requirement for many customers, especially when it comes to dealing with large and complex application deployments. Being able to provide centralized access of all logs to both operators and developers is key to be able to quickly triage and resolve an issue. Remote syslog can be configured throughout the PKS stack from the infrastructure and going all the way up to the application if developers decides to instrument logging and sending it to the same syslog target. VMware customers can take advantage of vRealize Log Insight (vSphere customers receive 25 free OSI licenses) which is a on-premises log management solution. If you prefer a SaaS-based solution, VMware also has Log Intelligence which can be used to service both premises infrastructure as well as other cloud hosted deployments.

Infrastructure Monitoring

For Cloud Admins/Platform Operators, vRealize Operations Manager (vROPs) will be the tool of choice which many of our customers are already familiar with. vROps provides analytics, capacity management and alerting for all of your underlying compute, storage and networking infrastructure. This information can be trended over time and provide help proactive identify any anomalies within the infrastructure before they arise. There are a number of Management Packs that can be used to provide easy to consume and out of the box dashboards such as vSphere which gives you information about your vCenter Server and the ESXi hypervisor, NSX-V as well as NSX-T for networking/security and core storage including VSAN.

Application Monitoring

Unlike traditional applications, Cloud Native Apps require a completely different way of monitoring to ensure Developers can easily access the important information they require for development purposes. VMware Wavefront is a SaaS-based solution that is metrics monitoring and analytics platform that can handle the high-scale requirements of modern cloud-native applications. Not only can Developers instrument their own applications and forward that to Wavefront, but Wavefront also provides complete visibility into a Kubernetes (K8S) deployment from namespaces, nodes, pods and all the way down to the individual containers.

Here is a diagram to help illustrate the visibility that each solution provides:

In the next three posts, I walk through the configuration steps to setup vRLI, vROPs and Wavefront with VMware PKS.

If you missed any of the previous articles, you can find the complete list here:

Getting started with VMware Pivotal Container Service (PKS) Part 7: Harbor

04/10/2018 by William Lam 1 Comment

Now that we have a functional PKS deployment, an optional but very useful add-on to deploy and integrate with PKS is the VMware Harbor solution. Harbor is an Enterprise-class container registry that customers can run within their own Datacenter to securely store and provide access to container images used by their development teams. The process of deploying Harbor is similiar to PKS. You will need to download the Harbor Tile from Pivotal Network, import that into Ops Manager and then configure and deploy using the same interface.

If you missed any of the previous articles, you can find the complete list here:

How to access the Kubernetes Dashboard UI for a VMware PKS Managed K8S Cluster?

04/05/2018 by William Lam Leave a Comment

As some of you may have noticed I have been spending some time working with VMware PKS and Google's Kubernetes (K8S). In fact, I have an entire blog series which you can find below if you are interested.

While consuming one of my PKS managed K8S Cluster, I wanted to access the built-in K8S Web UI Dashboard (which is installed by default as part of the K8S setup by PKS) but I was not able to find a way to access it. After speaking with Michael West, who works in our CNABU, I found out that the K8S Dashboard currently does not support OAuth Tokens which prevents us from easily accessing the UI. However, there is a workaround which involves using an SSH tunnel and leveraging K8S proxy to proxy the Dashboard UI to the K8S Master Node which we can then access from our desktop machine.

Step 1 - We need to configure port forwarding using an SSH Tunnel, depending on the OS type that you wish to connect to the Dashboard UI, take a look at the specific steps below.

Windows - You can use any number of SSH Clients, I normally use Putty. Enter the username/hostname as you normally would but before connecting, expand Connection->SSH->Tunnels and add a new forwarded port with source port being 8001 and destination being localhost:8001. Once you have completed this step, you can connect like you normally would.

MacOS/Linux - You can simply use the built-in ssh client and run the following:

ssh [email protected] -L 8001:127.0.0.1:8001 -N

Note: If the system that you are trying to access the Dashboard UI also has kubectl installed, then an SSH tunnel is not required and you can simply go straight to Step 2.

Step 2 - Once you have successfully SSH'ed to your PKS Client VM, you can then run the following command to start the K8S proxy:

kubectl proxy

Step 3 - To access the K8S Dashboard, open a browser and connect to http://localhost:8001/ui which should take you to login page. From here, you will need a copy of the specific K8S Cluster configuration file (stored in ~/.kube/config which can be pulled using pks get-credentials [NAME-OF-PKS-CLUSTER]) and provide that as shown in the screenshot below to login to dashboard.

After signing in with the K8S Configuration file, you should be taken the dashboard for your specific K8S Cluster. If you do not see any of your pods, make sure to toggle the Namespace from the system "Default". Below is a screenshot of my K8S Cluster which was deployed with our Yelb application as shown in Part 6 of my VMware PKS series.

Getting started with VMware Pivotal Container Service (PKS) Part 6: Kubernetes Go!

04/04/2018 by William Lam 7 Comments

In this article, we will walk through the two workflows, one from the perspective of the Cloud/Platform Operator and how to create a new PKS Cluster to how it will be consumed by the Developer which is simply accessing the Kubernetes API endpoint and does not have to know anything about how it was provisioned or even access to the underlying PKS infrastructure. I think most of you have probably been waiting for this part of the series to see PKS in action and demonstrate how easy it is to manage and consume K8S Clusters.

If you missed any of the previous articles, you can find the complete list here:

Getting started with VMware Pivotal Container Service (PKS) Part 5: PKS Control Plane

04/02/2018 by William Lam 3 Comments

Continuing with our PKS installation, we are now going to finish up with configuring and deploying the PKS Control Plane Tile which provides a frontend API that will be used by Cloud/Platform Operators to easily interact with PKS for provisioning and managing (create, delete, list, scale up/down) Kubernetes (K8S) Clusters. Once a K8S Cluster has successfully been deployed through PKS, operators simply provide their developers the external hostname of the K8S Cluster and the kubectl configuration file and they can immediately start deploying applications without knowing anything about PKS and how it works! If an application that a developer is deploying requires an external load balancer service, they can easily specify that in their application deployment YAML file and behind the scenes, PKS will automatically provision on-demand an NSX-T Load Balancer to service the application and this is completely seamless and does not require any additional assistance from the operator.

If you missed any of the previous articles, you can find the complete list here:

Getting started with VMware Pivotal Container Service (PKS) Part 4: Ops Manager & BOSH

03/29/2018 by William Lam Leave a Comment

In this article, we will begin our PKS installation by deploying Pivotal Ops Manager which provides a management interface (UI/API) for Cloud/Platform Operators to manage the complete lifecycle of both BOSH and PKS from install, patch and upgrade. In addition, you can also deploy new application services using Ops Manager Tiles like adding an Enterprise-class Container Registry like VMware Harbor which can then be configured to work with PKS or any other solution that you may have deployed using Ops Manager.

As part of the the Ops Manager deployment, we will also install the BOSH Tile which is responsible for managing, provisioning, monitoring and self-healing of the VMs that make up a Kubernetes (K8S) Cluster deployment within PKS. BOSH supports a number of IaaS platforms which includes vSphere and through their Cloud Provider Interface (CPI), it will ensure the VMs are always up and in some cases, it may even delete and simply re-deploy VMs if they become unresponsive. This is all done completely automated without any interaction from the Cloud/Platform Operator which means for Developers, they can rest assure whatever SLA or High Availability options that have been defined as part of their application deployment, the underlying platform will ensure those requirements will always be met.

If you missed any of the previous articles, you can find the complete list here: