To deploy and manage kubernetes in vCloud, you can use the container service extensions tool.
An important note: working with the tool requires command line and python3 application skills.
These settings are mandatory, otherwise it will be impossible or very difficult to deploy the kubernetes cluster.
First of all, you need to create a network for the kubernetes cluster. To do this, in the Cloud Control Panel in the menu on the left side of the screen you need to switch to the "Networks" section and click the "ADD" link above the list of networks. This will open the Network Creation Wizard. On the first page of the wizard, select the type of network - Routed (after completing the settings on each page, click "Next"). On the second page the network name and addressing are specified (do not matter, for example, k8s_net and 10.0.8.1/24). On the third page you should select Edge Gateway to which the network will be connected. On the fourth page - the address pool dhcp, on the fifth - DNS-server. On the last page you will be asked to check and apply the settings. After the wizard is finished, wait for the network to be created.
The next step will be to provide Internet access from the created network (required during the deployment phase of the cluster) and access to the cluster network from your cloud and the Internet (if required). To provide Internet access you need to add to the Edge in the NAT settings the snat rule that transmits subnet addresses to the external IP. Next, from any virtual machine in your vCloud, check the availability of the kubernetes cluster network (with the command ping <gateway_address>, in our example ping 10.0.8.1), if necessary configure firewall rules. It is recommended to configure the cluster network access to the Edge SSL VPN, its configuration is described in this article:
The last stage of the preliminary works is generation of rsa keys for password-free access to the cluster. The need for this step is related to the fact that password access is disabled by default. In Linux, you can generate a key using the command ssh-keygen, in Windows you can use the key generator from the program kit putty.
It is assumed that the system from which the cluster will be deployed has already received the required version of python3 (at least 3.7.3 for cse version 2.5.1, for later versions the requirements should be clarified in cse documentation). If the correct version of python3 is not installed, you should do so according to the official installation manual for your operating system (details: https://www.python.org/doc/).
First you should install vcd-cli:
pip3 install vcd-cli
Then you need to authorize in vCloud by performing the command:
vcd login vcd.cloud4y.ru orgname username,
orgname - your organization's name (e.g. demo-petrov, gazprom)
username - the username of a user with administrator rights in your vCloud organization (under this user they are usually logged in to the Cloud Control Panel). The command asks for a user password.
In case of successful authorization, the following message will appear: administrator logged in, org: 'demo-petrov', vdc: 'demo-petrov_VDC_hk41'.
After successful authorization, the configuration file is created, on Linux systems ~/.vcd-cli/profiles.yaml (in Windows 10, Windows Server 2016 and above - .vcd-cli\ profiles.yaml). The following lines should be added at the end of this file (following the yaml syntax):
Now you can install the cse:
pip3 install container-service-extension
Checking that the installation is correct:
vcd cse version
The result should be a line output:
CSE, Container Service Extension for VMware vCloud Director, version x.x.x.
Note – errors during installation of vcd-cli and cse, as well as messages about inability to load container_service_extension.client.cse module, indicate incompatible version or incorrect installation or configuration of python3. On some systems it is recommended to use pip3.7 install instead of pip3 install. The message "No such command "cse" indicates an error in the configuration file profiles.yaml.
To deploy the cluster, perform the command:
vcd cse cluster create <cluster name> --network <name of the network> --ssh-key <path to rsa key> --nodes <cluster nodes number> --enable-nfs
If the error "Error: Session has expired or user not logged in. Please re-login" repeat the authorization procedure as described in the previous section.
If executed successfully, the cluster will be created in a separate vApp. You can see the creation process in the vCloud web interface.