NSX-T

VMware vSphere with Kubernetes Guide Part 3 - kubectl Basics

This is Part 3 of my "VMware vSphere with Kubernetes" Guide. In the previous parts, I've explained how to enable Kubernetes in vSphere, deploy the Harbor Registry, and create a namespace in the Supervisor Cluster. Now it's time to get familiar with the Kubernetes CLI Tool kubectl and to deploy your first pod.

If you do not have a Kubernetes activated vSphere Cluster, refer to Part 1 and Part 2 for instructions.

Read More »VMware vSphere with Kubernetes Guide Part 3 - kubectl Basics

VMware vSphere with Kubernetes Guide Part 2 - Harbor, Namespaces and K8S Components

This is Part 2 of my "VMware vSphere with Kubernetes" Guide. In the last article, I've explained how to get "Workload Management" enabled in a vSphere cluster. At this point, the cluster is successfully enabled to support Kubernetes, but what's next? Before I start to deploy the first container I'm going to enable additional services, create a Kubernetes Namespace in the Supervisor Cluster, and explore the deployed components in vCenter and NSX-T.

Read More »VMware vSphere with Kubernetes Guide Part 2 - Harbor, Namespaces and K8S Components

Getting Started Guide - VMware vSphere with Kubernetes

With the release of vSphere 7.0, the integration of Kubernetes, formerly known as Project Pacific, has been introduced. vSphere with Kubernetes enables you to directly run containers on your ESXi cluster. This article explains how to get your cluster enabled for the so-called "Workload Management".

The article covers evaluation options, licensing options, troubleshooting, and the initial configuration.

Read More »Getting Started Guide - VMware vSphere with Kubernetes

How to enable LDAP Authentication in NSX-T 3.0

NSX-T 3.0 has added support for authentication using AD or LDAP sources. In previous versions, you had to deploy the vIDM (VMware Identity Manager) appliance to allow external authentication. You can still use vIDM but if you only need NSX-T authentication you can now do it without a sole purpose appliance.


This article explains how to enable LDAP authentication in NSX-T 3.0.Read More »How to enable LDAP Authentication in NSX-T 3.0

How to manually add NSX-T Managers to a Cluster

After deploying the first NSX-T Manager, additional managers can be deployed using the NSX-T GUI. This is a crucial step to create a redundant and reliable setup. To deploy an additional NSX-T Manager appliance you first have to add the target vCenter as "Compute Manager". In some cases, eg. when NSX-T Managers are to run in a dedicated management vCenter, you don't want to add the vCenter as Compute Manager.

A compute manager is required to deploy an appliance. To add a compute manager, visit the COMPUTE MANAGERS page.


This article explains how to manually add additional Managers to an NSX-T Cluster using the CLI, without configuring a compute manager.

Read More »How to manually add NSX-T Managers to a Cluster

How to use SSH Key Authentication in NSX-T

If you are working with Linux you are very likely familiar with SSH Keys. Public Key authentication is an authentication method that relies on a generated public/private keypair and enables a secure method to login without entering a password.

Usually, you would use ssh_copy_id to transfer keys to a remote system or add it to the authorized_keys file manually but NSX-T does not support those methods. This article explains how to enable ssh key authentication for NSX-T Managers and Edge Appliances.

Read More »How to use SSH Key Authentication in NSX-T

Quick Tip: Remove NSX-T Password Expiration

VMware NSX-T has a preconfigured password expiration policy of 90 days. When the password expiration day is near, a notification is displayed in the Web interface. There are 3 preconfigured local users: admin, audit, and root. All passwords have to be changed after 90 days. This article explains how to remove the password expiration.

The password for local user 'admin' will expire in [x] days.
The password for local user 'root' will expire in [x] days.
The password for local user 'audit' will expire in [x] days.

Please keep in mind that not only the password for NSX-T Manager expires, but also for Edge Transport Nodes (Edge VMs). When the password has expired, some functions (API / Web-Interface Login) is no longer possible, so make sure you either change the password regularly or remove the expiration policy.

Read More »Quick Tip: Remove NSX-T Password Expiration