VMware Cloud Director Availability 4.5

VMware has announced General Availability of VMware Cloud Director Availability 4.5 last November.

VMware Cloud Director Availability

VMware Cloud Director Availability is a powerful solution used by VMware Cloud Providers to offer simple, secure, and cost-effective onboarding, migration, and disaster recovery as a service to or between multi-tenant VMware clouds.

What are the core capabilities of VMware Cloud Director Availability?

  • Intuitive disaster recovery as a service protection and wizard-driven workflows to protect virtual machines (VM) or vApps. Replication and recovery of VMs and vApps between VMware Cloud Director (cloud to cloud) or on-premises to VMware Cloud Director and vice versa. The offering is now available for on-premises vSphere to protect and migrate workloads from dedicated on-premises vCenter site to Cloud vCenter.
  • Single on-premises appliance installation for ease of deployment and simplicity for customers replicating to provider vCenter or VMware Cloud Director cloud endpoints. Supports a migration path and DR functionality from vSphere 7.0.
  • The capability of each deployment to serve as both source and recovery endpoints (synchronous sites). There are no dedicated source and destination sites; symmetrical replication flow can be started and managed from either the source or the recovery site, meaning the UI can be accessed from anywhere with the correct context.
  • Migration, protection, and control over retained replications (stored instances) as well as flexible RPO policy controls for providers to apply to one Virtual Data Center (VDC) or individual replications via predefined or flexible SLA policies. This helps to control storage costs and provide tiered services to customers. With the latest release, providers have the option to enable 1-minute RPO for mission-critical applications. Since 4.4, the RPO compliance reporting feature has been introduced to keep cloud providers informed about RPO violations to allow both parties to track, monitor, and audit RPO best practices and aid troubleshooting.
  • Cold or warm migration to provider VMware Cloud Director-based cloud from on-premises via vSphere plugin or via VMware Cloud Director Availability interface in the provider cloud. Cloud providers and tenants can carry out a fast-track migration with the new 1-click migration feature that automatically replicates using static, basic replication settings.
  • Warm one-way migration from vSphere plugin or VMware Cloud Director provider cloud to VMware Cloud on AWS SDDC under Cloud Director service management.
  • Layer 2 stretch networking for simpler migrations (and/or disaster recovery) from on-premises to VMware Cloud Director as well as VMware Cloud on AWS.
  • Secure tunneling through TCP proxy, between sites with built-in encryption and optional compression availability. Cloud to cloud replicant encryption is also supported using Cloud Director encrypted storage policies at the target.
  • Multi-tenant support native within the VMware Cloud Director hierarchy and in-context DRaaS providing administrative simple views and actions directly in VMware Cloud Director. In case of vSphere (V2V) DR and migration, multi-tenancy will be offered in the future. For the moment, this is supported for dedicated vCenter endpoints only.

VMware Cloud Director Availabil- Use Cases

  • On-premises to cloud migration (and vice versa*), on-premises to cloud DR (and vice versa), cloud to cloud DR, cross-version VMware Cloud Director migration.

    *Vice versa not available from/to Cloud Director Org VDC on VMware Cloud on AWS; this is a one-way migration only.
  • Cloud providers using VMware Cloud Director Availability can protect and migrate dedicated on-premises vCenter workloads to vSphere cloud (and vice versa).

To learn more about the VMware Cloud Provider Program, please visit http:// http://www.vmware.com/partners/service-provider.html.

VMware NSX Migration for VMware Cloud Director 1.4.1

VMware NSX Migration for VMware Cloud Director 1.4.1 was released with new features:

  • External Networks directly connected to NSX-T Tier-1 Gateway: VMware Cloud Director version 10.4.1 or higher allows connecting an NSX-T overlay or VLAN-backed external network to a gateway via service interface connection. VLAN segment-backed external network can be connected to only one edge gateway (a single network can be connected to a single edge node per VLAN Id). The migration tool will create necessary static routes when the default gateway is towards the external network that is directly connected to the edge gateway.
  • Support for Transparent Load Balancing: You can migrate edge gateways with load balancer service having transparent pools configured with VMware Cloud Director version 10.4.1.
  • Support for Load Balancer VIP (IPv4) from Org VDC Network Subnet: You can migrate edge gateways with load balancer virtual service VIP and load balancer pools using IPv4 address from Org VDC network subnet with VMware Cloud Director version 10.4.1.
  • Edge Gateway Assessment Reports: The migration tool in addition to the existing Assessment and Summary reports will also create an Edge Gateway detailed report and a Load Balancer detailed report when they run in V2T assessment mode. These reports contain a detailed analysis of edge gateways and load balancer services enlisting the Objects (Name/ID) causing possible blockage of migration.
  • NAT service Enhancement: From VMware Cloud Director version 10.4.1  onwards, Org VDC networks on which NAT rules are applied will be migrated as Non-Distributed networks. When such NAT rules are created on the NSX-T edge gateway, they will be applied to their respective Non-Distributed Org VDC network interface as per their NSX-V counterpart. NAT rules will also be applied to segment-backed external network in case of NSX-T edge gateway uplink connected to it via the service interface.
  • Firewall Service Enhancement: From VMware Cloud Director version 10.4.1 onwards, firewall rules on NSX-T backed edge gateway will be applied to the Org VDC network to which they are scoped. The scope of firewall rules will be determined from the NAT rule using the firewall rule IP address. In case if no NAT rule using the firewall rule IP address, then the firewall rule will be applied to all edge gateway interfaces.
  • Enhancement to reduce downtime during migration and rollback: Modified the workflow of migration and rollback to reduce downtime during N-S network switchover.
  • Workaround to fix network connectivity loss issue after NSX-T to NSX-V vMotion: For NSX-T to NSX-V migration, when migrating a workload VM back to NSX-V, the network connectivity might not work because the distributed firewall filter in NSX-T is always higher than in NSX-V. The workaround is to place the workload VM in the NSX-T exclusion list before vMotion

VMware Cloud Director 10.4.1 Theming and Branding

VMware Cloud Director 10.4.1 has an entirely new user interface where providers can create, manage and assign themes for their tenants and the provider portal.

In the past VMware Cloud Director 10.4.1 theming and branding was API based, now with this new release customisation can be done directly from the user interface (UI), which allows making VMware Cloud Director look and feel like Cloud Provider brand and company portal for customers.

Changing the look and feel of the provider and the tenant portal VMware Cloud Director 10.4.1 allows sharing of Cloud Provider branding message.

To enable this new features go to Administrator Tab, Settings, Features Flags and enable Branding API


After Branding API is enable, navigate to the Customize Portal Section (under more tab) and select Themes


By default there are two default theme (Base dark and Light).

For the creation of a new theme select Create Theme


Two options will appear Light or Dark themes. Pick one and Create Theme

In this option you can create the new theme, picking color heather, adding Logo, etc. A preview will be available at any time.



Note: Upgrading to VMware Cloud Director 10.4.1 is recommended from 9.7 to 10.4.1 versions but with stages.

VMware Cloud Director 10.4.1

VMware Cloud Director 10.4.1 was announced by VMware last week, new networking features, new branding and theming experience are part of this new release.

VMware Cloud Director new expierence

All new Features:

  • AVI Transparent Load Balancing
  • SEG tagging for monitoring
  • IP Name Space (Rolling updates)
  • Service Accounts Multisite Support
  • Solution Add-On Management
  • Remap Users between Identity Providers (Deprecation of Local Users) (API only)
  • New Branding & Theming Experience
  • Support for EFI boot and Secure Boot
  • Support for vSphere 8.0
  • Support for NSX 4.0.1
  • UI Enhancements
VMware Cloud Director

Upgrading the VMware Cloud Director Appliance

Upgrade from VMware Cloud Director appliance version 9.7 to version 10.4 is supported.

Starting with VMware Cloud Director 10.0, Microsoft SQL Server databases are unsupported.

When you are upgrading VMware Cloud Director, the new version must be compatible with the following components of your existing installation: 

  • The database software you are currently using for the VMware Cloud Director database.
  • The VMware vSphere ® release you are currently using. 
  • The VMware NSX® release that you are currently using. 
  • Any third-party components that directly interact with VMware Cloud Director.

For information about the compatibility of VMware Cloud Director with other VMware products and with third-party databases, refer to the VMware Product Interoperability Matrices at https://interopmatrix.vmware.com/Interoperability

Upgrade and Migration Paths and Workflows

Source EnvironmentTarget environment
VMware Cloud Director appliance 10.4 with an embedded PostgreSQL database
VMware Cloud Director 9.7 on Linux with an external Microsoft SQL Server databaseMigrate to VMware Cloud Director appliance 9.7. See Migrating vCloud Director with an External Microsoft SQL Database to vCloud Director Appliance.

Upgrade your environment to VMware Cloud Director appliance 10.4. See Upgrade the VMware Cloud Director Appliance by Using an Update Package.
VMware Cloud Director 9.7 on Linux with an external PostgreSQL databaseMigrate to VMware Cloud Director appliance 9.7. See Migrating vCloud Director with an External PostgreSQL Database to vCloud Director Appliance.
Upgrade your environment to VMware Cloud Director appliance 10.4. See Upgrade the VMware Cloud Director Appliance by Using an Update Package.
VMware Cloud Director 10.0 on Linux with an external PostgreSQL databaseMigrate to VMware Cloud Director appliance 10.0. See Migrating vCloud Director with an External PostgreSQL Database to vCloud Director Appliance.
Upgrade your environment to VMware Cloud Director appliance 10.4. See Upgrade the VMware Cloud Director Appliance by Using an Update Package.
VMware Cloud Director 10.1 on Linux with an external PostgreSQL databaseMigrate to VMware Cloud Director appliance 10.1. See Migrating VMware Cloud Director with an External PostgreSQL Database to VMware Cloud Director Appliance.
Upgrade your environment to VMware Cloud Director appliance 10.4. See Upgrade the VMware Cloud Director Appliance by Using an Update Package.
VMware Cloud Director 10.2 on Linux with an external PostgreSQL databaseMigrate to VMware Cloud Director appliance 10.2. See Migrating VMware Cloud Director with an External PostgreSQL Database to VMware Cloud Director Appliance.
Upgrade your environment to VMware Cloud Director appliance 10.4. See Upgrade the VMware Cloud Director Appliance by Using an Update Package.
VMware Cloud Director 10.3 on Linux with an external PostgreSQL databaseMigrate to VMware Cloud Director appliance 10.3. See Migrating VMware Cloud Director with an External PostgreSQL Database to VMware Cloud Director Appliance.
Upgrade your environment to VMware Cloud Director appliance 10.4. See Upgrade the VMware Cloud Director Appliance by Using an Update Package.
VMware Cloud Director appliance 9.7 and later with an embedded PostgreSQL databaseUpgrade your environment to VMware Cloud Director appliance 10.4. See Upgrade the VMware Cloud Director Appliance by Using an Update Package.

VMware Cloud Director Container Service Extension 4.0

VMware Cloud Director Container Service Extension (CSE) 4.0 was announced by VMware last week, CSE now is delivered as an OVA file.

VMware Cloud Director Container Service Extension is a plug-in for VMware Cloud Director™ extension that helps users create and work with Kubernetes clusters.

VMware Cloud Director Container Service Extension brings Kubernetes as a service to VMware Cloud Director by deploying and managing fully functional VMware Cloud Director provisioned VMware Cloud Director clusters. By using VMware Cloud Director Container Service Extension, development teams can focus on application development, and simplifies infrastructure management.

The following diagram illustrates the architecture of VMware Cloud Director Container Service Extension 4.0, and the workflow of service providers and tenant users.

Architecture of VMware Cloud Director Container Service Extension 4.0

New features

  • You can now perform cluster life cycle management tasks such as create, upgrade, resize, and delete Kubernetes clusters in Kubernetes Container Clusters UI plug-in of VMware Cloud Director.
  • CSE Management tab: A new service provider persona workflow in the Kubernetes Container Clusters UI plug-in. This workflow guides service providers through the VMware Cloud Director Container Service Extension set up in the UI plug-in, and prepares the environment to allow tenant users to create Kubernetes clusters.
  • Multi-node control plane UI for Tanzu Kubernetes Grid clusters, allowing high availability of the Kubernetes control plane.
  • Heterogeneous clusters with custom sized nodes to build clusters that can accommodate memory or CPU intensive containers.
  • Pre-installation of Tanzu core packages in Tanzu Kubernetes Grid clusters at creation time, that reduces additional configuration by containerized applications.
  • GPU support for Tanzu Kubernetes Grid clusters to allow for AI / ML applications.
  • The VMware Cloud Director Container Service Extension UI is localized to the following languages: German (de_DE), French (fr_FR), Italian (it_IT), Spanish (es_ES), Brazilian Portuguese (pt_BR), Japanese (ja_JP), Korean (ko_KR), Simplified Chinese (zh_CN), Traditional Chinese (zh_TW).
  • VMware Cloud Director Container Service Extension is packaged as an appliance and uses Photon OS 3.0.
  • VMware Cloud Director Container Service Extension supports HA deployment to allow high availability of cluster management tasks, such as create, upgrade, resize and delete a cluster.
  • Support for the deployment of VMware RabbitMQ using VMware Data Solutions Extension..
  • You can select a specific LB VIP and subnet for the control plane to manage additional network security or for business continuity.
  • Cluster API for VMware Cloud Director, CAPVCD, 1.0.0 is released alongside VMware Cloud Director Container Service Extension 4.0. You can use CAPVCD 1.0.0 independently to lifecycle Kubernetes Clusters.

Prerequisites

A virtual data center (VDC) within the organization
An organization (VCD)
NSX Advanced Load Balancer preconfigure 
NSX Cloud preconfigure 
Independent Shared Named Disks
Outbound Internet connectivity.
Network connectivity between the machine where VMware Cloud Director Container Service Extension is installed, and the VMware Cloud Director server. VMware Cloud Director Container Service Extension communicates with VMware Cloud Director using VMware Cloud Director public API endpoint.

Deployment Step

  1. Download OVAs
    VMware Cloud Director Container Service Extension
    Tanzu Kubernetes Grid Templates
  2. Create Catalogs and Upload OVAs
    https://via.vmw.com/EzIGV0
  3. Setting up the Configuration for CSE Server
    https://via.vmw.com/TJrvbR
  4. Add VM Sizing Policies to Organization VDCs
    https://via.vmw.com/iiqyvD
  5. Create a User with CSE Admin Role
    https://via.vmw.com/87BqhQ
  6. Start CSE Server
    https://via.vmw.com/QmFJqp
  7. Download Tanzu Kubernetes Grid Templates
    https://via.vmw.com/FBERLs
  8. Sharing Tanzu Kubernetes Grid Templates
    https://via.vmw.com/UzKSRu

Upgrading to VMware Cloud Director 10.4

VMware Cloud Director 10.4 was launched almost 3 months ago, if you have an older version is a good time to plan and upgrade to the latest version.

VMware Cloud Director 10.4

Since versions prior to VMware Cloud Director 10.3 reached the end of support it’s a good time to upgrade to version 10.4.

You can check the Lifecycle Matrix here:
https://lifecycle.vmware.com/#/

Platform Services & Operations​ improvements

  • Enhanced visibility into catalog synchronization steps and progress​
  • Fast cross-VC catalog instantiation with shared storage​
  • Service account API tokens​
  • Consolidated VM console on VCD API URL​
  • High-priority automated test suites run on CDS​
  • Support for all VCD workflows through a proxy between VCD and vSphere (including for automated tests)​
  • Multi-tenancy service account enhancements​
  • CSE / Container enhancements​
  • Extensibility enhancements​
  • Terraform & vRA enhancements

Networking improvements

  • Static Routes​
  • New NSX Advanced Load Balancer Basic Features​
  • New NSX Advanced Load Balancer licensing model​
  • Mitigation for NSX-T vApp fencing limitations (API)

Storage improvements

  • Better IOPS reporting
  • SDRS enhancements​ to save VM placement time and utilize proper storage space

Compliance updates

  • STIG Readiness Guide​
  • Photon OS 3.0


If your Cloud Director is the appliance version, you can directly migrate from version 9.7 and up.

VMware Cloud Director Appliance Upgrade Path

In the case of a VMware Cloud Director Linux-Based Upgrade with the external database, you can go to version 10.4 from 10.1.4.1

In all of the cases, please check:

Don’t miss VMware EXPLORE 2022

VMware Explore – Barcelona – November 2022

The last time VMware held a massive event was in 2019, after two years and a pandemic in November (From 7 to 10) we will see each other again.

As we already know, the event has changed its name and from this year it will be called “VMware Explore”. The place will continue to be the Fira Gran Via in Barcelona.

With 35+ hours of technology and transformation education, training, and executive insights, I’ll have vast opportunities to gain actionable value through:

• Access to 400+ sessions that will enable me to scale cloud-native platform operations, accelerate cloud transformation, and empower and secure the hybrid workforce.

• Practical insights and best practices from customers who’ve cracked the code on addressing challenges like the ones we face.

• Face time with top experts with tips to improve the use of existing solutions and roadmaps on how to advance our capabilities to conquer new business requirements.

• Opportunities to interact hands-on with the latest multi-cloud solutions; accompanied by product experts right there ready to assist.

• Join with the Cross-Cloud services and open-source communities while engaging with an extensive ecosystem of 90% of the top cloud partners.

Finally, I recommend attending the following session:

Need to Migrate Thousands of Workloads? No problem!
Speakers: Andrea Siviero and Suresh Thirumalapudi

This session got the “VMware Explore People’s Choice Awards” in the US VMware Explore


Registration is still open:
https://event.vmware.com/flow/vmware/explore2022eu/reg/form/contactInfo

Tanzu for VMware Cloud Director

Container Service Extension (CSE) is a key component for VMware Cloud director to provide Kubernetes as a Service. Since CSE 3.1.2 was launched new features such as “Cluster API Provider for Cloud Director” were released.

This is a quick overview about CSE – TKGm – Cluster API and Ingress Load Balancer

CSE Components
CSE User Personas

CSE Server OS:
Any OS is supported

Minimum resources for CSE Server:
2 vCPU
2GB Memory
10GB Storage

CSE Server Requires access to VMware Cloud Director 

CSE Server requires outbound internet connectivity to install required packages and container service extension

Tanzu Kubernetes Grid with CSE

TKG 1.4 Release Notes

TKG with Container Service Extension

Cluster API for VMware Cloud Director

Provision Production ready TKG Clusters on VMware Cloud Director
Multi-control Plane TKG Clusters 


Bootstrap Cluster is the first cluster which installs management Clusters in customer organization.
This one can be an existing TKG cluster in the organization. 

Second step is installing Cluster API on the bootstrap cluster 

Last configure Management cluster for self-management

TKG Load Balancer

​1x  Service Engine Group is deployed for every TKG cluster (both management and workload)

​A load balancer is automatically deployed to front-end the Kubernetes API server

VMware Cloud Director Created Service Engine Group on NSXT Advanced LB

​Allows simplified scaling for multiple Kubernetes control plane nodes.

Prerequisites for Automated Ingress Load Balancing

Cloud Provider:

​Provision NSX-T Advanced LB, enable LB in customer Organization
Provision rights bundles to allow LB Service management
Allocate External Network IP Pool

​Tenant User:

Upload SSL certificate for Secure Ingress Access
Install Contour or Nginx using helm 

Container Service Extension 3.1.2

CSE 3.2.1 GA announced

Last week Container Service Extension 3.1.2 was released. In this post, I will describe the new features and compatibility matrix.
Also a quick overview for Cloud Providers.

New Features:

  • Cluster API Provider for Cloud Director that offers multi-control plane clusters and cluster upgrades using declarative, Kubernetes-style APIs.
  • Kubernetes External Cloud Provider for VCD has been updated to v1.1.0.
  • Kubernetes Container Storage Interface for VCD has been updated to v1.1.0.
  • Kubernetes Container Clusters plugin has been updated to version 3.1.2. The plugin ships with VCD 10.3.2.
  • Support for injecting proxy information into TKG clusters created by CSE. Learn more about the feature.
  • New command option to forcefully delete clusters that were not fully created and were left in unremovable state.
  • Support for VMware Tanzu packages – Harbor, FluentBit, Prometheus, Grafana in TKG clusters.

Compatibility

CSE – UI Plugin – VMware Cloud Director
CSE – VMware Cloud Director – NSX-T
CSE – Cloud Director – NSX-T / AVI

Tanzu Kubernetes for Cloud Providers

Which TKG flavor is the correct one?

As Service Providers are looking for multi-tenancy TKG-m is the right flavor. Please avoid using TKG-s.

CSE / TKG-m deployment steps

For more information about TKG-m deployment, please check:

https://gnunes.cloud/2022/01/10/tanzu-for-cloud-providers/

TANZU FOR CLOUD PROVIDERS

VMware / Container Service Extension Platform Architecture


Most Service Providers are looking to extend the existing VMware Cloud Director environment to offer Containers-as-a-Service by implementing VMware Tanzu Kubernetes Grid, which enables deploying and managing containers.

There are several options, the question is which of them is correct regarding your business needs. In this post, I will try to help Service Providers to get that these answers.

Basic or Standard

These are the two different options for cloud providers (for now, this will change in the future)

Tanzu Basic is included for Partners utilising Flex Core Model

Tanzu Basic

Tanzu Basic along with VMware Cloud Director enables Managed Kubernetes Services that helps Cloud Providers expand their services business by targeting DevOps and Developers with current or new customers who are on vSphere – those who want to embrace infrastructure transformation on-premises, as the first step towards modern applications delivery. VMware Tanzu Basic simplifies the adoption of Kubernetes on-premises, putting cloud-native constructs at the VI Admin’s fingertips as part of vSphere.

Tanzu Standard

VMware Tanzu Standard provides an enterprise-grade Kubernetes runtime across both on-premises, public clouds, and at the edge, with a global control plane for consistent and secure management at scale.

It helps customers realize the benefits of multi-cloud, operate all clusters consistently across environments while enhancing security and governance over your entire K8s footprint.

Tanzu Kubernetes grid deployment

Which TKG flavor is the correct one?

As Service Providers are looking for multi-tenancy TKG-m is the right flavor. Please avoid using TKG-s.

Container Service Extension (CSE)

Container Service Extension (CSE) for VMware Cloud Director enables service providers to offer Kubernetes services with Open source and Upstream Kubernetes Templates. In addition, Container Service Extension 3.1.1 introduces a significant enhancement to support Tanzu Kubernetes Grid (Multi-cloud), also known as TKGm. Starting with CSE 3.1.1, providers can use TKG-m(1.4) as runtime. The provider administrator can install CSE with a few updated configurations to facilitate TKGm runtime for the customers.

CSE – TKG-m deployment steps

My Lab Products Versions

These versions are the ones I deployed in my home lab.
*CSE can be installed with any other supported OS.

As you can see, deployment of NSX-T, Advance Load Balancing and, CSE are mandatory for the TKG-m enablement.

There is no OVA version yet, so the deployment should be done manually.

Next time we can take a deeper look into Container Service Extension (CSE) deployment and troubleshooting.

Have a nice 2022!