Provision and Manage Kubernetes Clusters as-a-Service using vRealize Automation and Pivotal Container Service

Contributions by Pranay Bakre, Alka Gupta

Pivotal Container Service (PKS) aims to simplify how enterprises deploy, run and manage Kubernetes clusters on any cloud. Download the release from PivNet.

Every enterprise wants to run containers in production. However, primary questions being asked are: “How do I get Kubernetes to work in my data center? How do I simplify deployment of kubernets clusters? How do I integrate kubernetes with my VMware SDDC ? What about security and Day 2 operations like upgrade, patching, scaling, HA ? ”

PKS answers these questions with a feature set tailored to the requirements of the enterprises.  Read about PKS features in detail here.

One of the feature PKS offers is On-Demand Provisioning of Kubernetes clusters using the PKS CLI, which gives developers an enterprise-ready Kubernetes cluster in minutes. Many VMware customers have a desire to automate the deployment of all data center workloads using vRealize Automation. These workloads may include traditional Virtual machines, docker containers as well as Kubernetes clusters.  In this blog, we outline a methodology and detailed steps to extend vRealize Automation with PKS for provisioning Kubernetes clusters on demand as-a-service. The blog also includes the software to build the solution offering.

Pre-requisites:

• PKS must be deployed on vSphere 6.5 along with NSX-T 2.1. Documentation for installing and configuring PKS is here. Specific details on integrating PKS with NSX-T is here. 
• A client VM with SSH service enabled must exist in the environment
• PKS CLI and its dependencies must be downloaded and configured on the client VM. PKS CLI software is part of the PKS release.

Implementation Details

• • Follow the PKS documentation to install PKS CLI            
  • Download the PKS-vRA integration zip file and unzip it
  • Log in to vRealize Orchestrator in your environment
  • Select ‘Design’ from the dropdown on the homepage, click on the ‘Packages’ tab and select ‘Import Package’ icon

• Select the vra.pks.package from the zip file, trust the certificate and import it as seen below:

Once the package is successfully imported, the package and its contents should be visible under packages.

• Navigate to the ‘Workflows’ tab and verify all the workflows as shown below:

• You should also see a couple of elements created in the ‘Configurations’ tab, under the following path: PKS->Clusters

The ‘pkscli’ element contains the information about a SSH host where PKS CLI is installed in your environment. Enter the values as per your environment.

• Go to the ‘Workflows’ tab, expand the tree — Library->Dynamic Types->Configuration and execute the workflow — Import Configuration From Package
• Select the ‘dynamictypes-config-15-May-2018-00-34-55-GMT.package’ from ‘vRA-PKS-Integration.zip’ and submit the workflow like below:

• In the ‘Inventory’ tab, you should see objects created under Dynamic Types as shown below:

• Go back to the unzipped directory of ‘PKS-vRA-Integration.zip’ that you downloaded in step-1 and import the XaaS blueprint using CloudClient
• Log in to your vRealize Automation environment using CloudClient:

Note: Log in with a user who has IaaS administrator privileges with the following command: vra login userpass –user –tenant –server https:// –password

• Import the blueprint using the following command — vra content import –-path “path_to extracted_files”\PKS-vRA-Integration\e0002a6b-5d53-456e-a20a-36df76ebbdd4-xaas-blueprint.zip –-resolution OVERWRITE –-precheck WARN –-verbose as shown below:

• Once you’ve successfully imported the blueprint, login to your vRealize Automation tenant and navigate to Design->XaaS->XaaS Blueprints. You should see the following blueprint:

• Similarly, import the two XaaS-resource actions located in the unzipped folder, into vRealize Automation using the following command: vra content import –path “path_to extracted_files”\PKS-vRA-Integration\8c18a473-97ae-43e3-8356-25f2be8bc683-xaas-resource-action.zip –resolution OVERWRITE –precheck WARN –verbose
• Add, vra content import –path “path_to extracted_files”\PKS-vRA-Integration\ ef4b666a-9813-40db-a64b-6f08bda2e456-xaas-resource-action.zip –resolution OVERWRITE –precheck WARN –verbose
• After successful import, you should see the following resource actions in vRA:

• Navigate to Design->XaaS->Custom Resources. You should see a custom resource named ‘PKS Cluster’ as shown below:

• To make the imported blueprint and resource actions available for consumption, make sure to publish and add these to the correct entitlements. The two actions will be used to – Scale an existing PKS cluster and Delete an existing cluster
• Go to the ‘vRA Catalog’ tab and you should see ‘Create K8S cluster’ as a catalog item
• Request the item, enter the required parameters like ‘Name of the cluster’, ‘External Hostname to interact with the cluster’ and ‘Number of worker nodes’ and submit the request

• Check the status of your request in the ‘Requests’ tab
• Login to vSphere Web Client and you should see a PKS cluster being provisioned. After successful provisioning the cluster will look like this:

• Once the cluster is deployed, the external hostname value can be provided to the developers who can start deploying pods and applications on the cluster
• As a Day-2 operation, an existing cluster can be scaled to add multiple worker nodes. It can be done via the ‘Scale a K8S cluster’ action in vRealize Automation

Similarly a cluster can be deleted using ‘Delet K8S cluster’ resource action.

Some additional Reading:

VMware Cloud Native Apps

Pivotal Cloud Foundry 2.0

VMware Open Source projects