Deploying vSphere with Tanzu on a VDS Setup with HAProxy

In this blog post, I will share my experience of deploying vSphere with Tanzu on a VDS setup with HAProxy. While there have been several blog posts written on this topic, I will provide the steps I took to get up and running with vSphere with Tanzu. The official VMware documentation provides additional and detailed information.

Step 1: Unify Network with the following VLANs and routable networks:

Before deploying vSphere with Tanzu, it is essential to unify the network with the following VLANs and routable networks:

* vCenter modification to allow single node supervisor control plane VM as written by William Lam (https://williamlam.com/2021/09/single-node-supervisor-control-plane-vm-for-vsphere-with-tanzu-now-possible-in-vsphere-7-0-update-3.html)

Step 2: Select haproxy-v0.2.0 and New VM from this Template

From the Content Library, select haproxy-v0.2.0 and create a new VM from this template. Note that the Load Balancer IP Range is a subset of the 192.168.3.0/24 network and does not contain the Frontend IP as configured in Step 8-2.8.

Step 3: Configure the Networking

Configure the networking for the HAProxy VM by selecting the following options:

* Usable IP Ranges for this /26 subnet are 192.168.3.193-192.168.3.254

* Use the default gateway (192.168.3.1) and DNS server (192.168.3.100)

Step 4: Summary | Ready to Complete

After deployment, you should see the three IP addresses for Management, Workload, and Frontend as configured during deployment. Before proceeding with the enablement of Workload Management, have a look at the anyip-routes service with the command systemctl status anyip-routes.service. This service should be in an active (running) state.

Step 5: Review Configuration Files

Within the files /etc/vmware/route-tables.cfg and /etc/vmware/anyip-routes.cfg, and /etc/haproxy/haproxy.cfg, you can see what configuration has been made during the OVA deployment. See my config files below (some lines with comments are removed):

Step 6: Enable Workload Management

To enable workload management in the next step, you need the certificate, which can be copied from the contents of /etc/haproxy/ca.crt on the HAProxy VM. If all went well with the HAProxy deployment, you can now enable workload management. Depending on your setup, it may take some time to deploy the supervisor control plane VM(s).

Step 7: Monitor and Troubleshoot

After deployment, you should see a supervisor cluster with a control plane node address listed. The warning comes from a license that has not yet been configured. In the Hosts and Cluster View, you will notice a resource pool “Namespaces” with a SupervisorControlPlaneVM (1) and more if you did not tweak this setting (default is 3).

In conclusion, deploying vSphere with Tanzu on a VDS setup with HAProxy requires careful planning and execution. By following these steps, you can successfully deploy vSphere with Tanzu and enable workload management. However, it is essential to monitor and troubleshoot the deployment to ensure that everything is running smoothly and securely.