Drive it with your mouse, your finger, or just use the arrow keys.
Use Learn mode to learn the demo. The orange boxes show where to click.
Use Present mode to hide the orange boxes and notes.
Click a Shortcut to jump to a specific part of the demo.
VMware Cloud Foundation
Creating Name Spaces with vSphere with Kubernetes
Welcome to this demonstration on creating namespaces in vSphere with Kubernetes on VMware Cloud Foundation.
As a vSphere administrator, you create Namespaces on the vSphere cluster where Kubernetes has been enabled. Namespaces are used to control developer access to the vSphere with Kubernetes cluster and to set resources limits on how much of the underlying CPU, memory and storage resources they can consume. After creating a namespace, you provide the URL of the Kubernetes control plane to the developer who can then authenticate and begin deploying workloads within the boundaries defined in the namespace.
In this demonstration, we will show the steps to create and assign access to a new namespace. We will also show how to connect a namespace to a content library in preparation for deploying Tanzu Kubernetes Grid (TKG) Clusters.
At the SDDC Manager Dashboard we see vSphere with Kubernetes has been enabled on our VI domain.
We see that Kubernetes has been enabled on the “wld01-clus01” cluster.
We navigate to Workload Management to create namespaces on our Kubernetes enabled cluster.
We select the Kubernetes enabled cluster and enter the name for our namespace. We will create a namespace with the name “wld01-namespace”.
In only takes a few seconds to create a new namespace. Here we see the new namespace has been created. We are presented with recommended steps to take before handing the namespace off to the developers. This includes setting permissions, choosing the default storage policy, setting resource limits, and adding a content library.
Access to the namespace is managed using SSO credentials. Normally, you would add your Active Directory (AD) domain as an identity source in SSO to enable developers to authenticate using their AD credentials. However, in this demo we will enable access for the “devteam” group created in the “vsphere.local” SSO domain.
Switch the domain context to our SSO Domain “vsphere.local”.
We’ll first add a user account for Ava, one of our lead developers.
Next, we will create a group, named “deveteam” and add our developer “ava” as a member.
The add group wizard uses the text we type to provide a filtered list of users matching the input string.
Next, we will grant the “devteam” group access to our “wld01-ns01” namespace. We first return to the Namespaces view.
We select the namespace we want to assign permission for. In this example, wld01-ns01.
We then assign the “devteam” group edit access to the namespace.
We see the “devteam” group now has permission to edit the wld01-ns01 namespace. Next, we will set the default vSAN storage policy for the namespace.
We can also set resource limits for this namespace. Resource limits control how much of the available CPU, memory, and storage capacity is available to this namespace.
By default, there are no resource limits. To set a limit you specify the amount of resources that you want to allocate to the namespace. In this example we will not create resource limits.
Next we will setup a Content Library for the namespace. vSphere with Kubernetes stores the VM templates that are used to deploy Tanzu Kubernetes Grid (TKG) clusters in a content library. Prior to adding a content library to the namespace we must first create a content library in vCenter Server.
Assign a name to the content library and specify the vCenter Server instance that the library will be associated with. Be sure to select the vCenter instance for the workload domain where vSphere with Kubernetes has been enabled.
You can manually upload the TKG Cluster VM images and templates to your Content Library, or you can subscribe to a shared repository hosted by VMware to download the VM images and templates.
We will subscribe to that content library using the subscription URL https://wp-content.vmware.com/v2/latstest/lib.json. Refer to the vSphere for Kubernetes documentation for more information.
Next, we specify the datastore where the content library will save the VM images and templates.
The content library has been created. The vCenter server will immediately begin downloading the available VM templates.
We see a single template that is 11.667GB in size has been downloaded. This is the TKG VM template that will be used to deploy the nodes for the TKG clusters.
Next, we will assign this content library to our namespace.
The UI switches to the cluster configuration view.
With the namespace create, access granted to the development team, and a content library assigned, we’re now ready to hand the namespace off to our developers.
To do this we simply point the developers to the CLI Tools webpage where they can download the vSphere kubectl plugin.
This concludes the demonstration on creating a new namespace on vSphere with Kubernetes.
As a vSphere administrator, you create Namespaces on the vSphere with Kubernetes Supervisor Cluster. You set resources limits to the namespace and permissions so that developers can access it. You provide the URL of the Kubernetes control plane to developer where they can run Kubernetes workloads on the namespaces for which they have permissions.
Follow along by completing the next demonstration showing how to developers are able to access namespaces in order to deploy TKG clusters on vSphere with Kubernetes.
For more information on VMware Cloud Foundation, visit our website at vmware.com/go/cloudfoundation.