Ask an OpenShift Admin Office Hour - OpenShift + VMware = BFF!

VMware’s vSphere platform is hugely popular for OpenShift deployments and there is an equally impressive amount of integration possible between them. Today we’re joined by VMware’s Robbie Jerrom to discuss and answer questions around the recommendations for configuration and how to maximize the benefits of both platforms to the benefit of your applications. 

As always, please see the list below for additional links to specific topics, questions, and supporting materials for the episode!

If you’re interested in more streaming content, please subscribe to the OpenShift.tv streaming calendar to see the upcoming episode topics and to receive any schedule changes. If you have questions or topic suggestions for the OpenShift Administrator’s Office Hour, please contact us via Discord, Twitter, or come join us live, Wednesdays at 11am EST / 1600 UTC, on YouTube and Twitch.

Episode 22 recorded stream:

Supporting links for today’s topic:

• Use this link to jump straight to where we begin talking about OpenShift and VMware.

Other links and materials referenced during the stream:

• This stream covers how to deploy OpenShift to vSphere with both UPI and IPI methods.
• OpenShift is now fully supported when deployed to VMware Cloud on AWS (VMC)!
• Here is how to install and configuring the VMware CSI driver with OpenShift.
• Here is how to deploy OpenShift using NSX-T as the SDN.
• The full documentation for the in-tree storage provisioner that is deployed and configured by OpenShift UPI can be found here.
• The documentation for the VMware CSI provisioner, also known as Cloud Native Storage, is here.

Questions answered during the stream:

• Can I mix CPU architectures, e.g. x86 and Power, in the same OpenShift cluster? Unfortunately, no, not at this time.
• Can I preemptively scale nodes in the cluster using the node autoscaler?
• I accidentally deleted the ignition files needed to add more nodes to a UPI/non-integrated cluster. How can I extract them from the cluster?
• Can we Storage vMotion a worker node? You can use vMotion, but not Storage vMotion. If you need to change the datastore used by the VM, it’s recommended to shut it down first.
• Is it possible to do a non-integrated (bare metal UPI) OCP install to vSphere with Microsoft Windows nodes? No, Windows nodes are only supported with vSphere IPI, see episode 18 for more details about Windows nodes in OpenShift.
• What are the benefits of the vSphere cloud provider? The cloud provider is responsible for managing machines for vSphere IPI, and UPI when configured, deployments.
• What role do Machines, MachineSets, and Machine API play with UPI? They normally only exist with IPI, only in instances where you’ve added them manually day 2 would they show up in a UPI cluster.
• Should we use VMware’s CSI driver - Cloud Native Storage - instead of the in-tree driver OpenShift deploys and configures by default? The in-tree driver configured by OpenShift has to stay in the cluster, but you can, and probably should, deploy the CSI driver and use it.
• Is it possible to change a cluster from DHCP to static IP address assignments? Yes. There are several ways, but the recommended method is to remove the nodes one-by-one and redeploy them with static IPs.
• How does OpenShift work with DRS and resource reservations? They work great together! If you don’t listen to any other question/answer in this video, this is a great one - Robbie breaks down, in detail, the various configurations and recommendations.
• How should we handle overcommitment at the hypervisor and OCP node levels? Resource reservations are strongly encouraged for the control plane, but the worker nodes can vary based on the workload and how aggressive you want to be with resource utilization.
• Can vCloud Foundation be used with OpenShift 4.7? It sure can! There’s a reference architecture for it too!
• Can I install OpenShift to AMD Ryzen CPUs and how do I identify the kernel version being used by CoreOS? Yes, Ryzen desktop CPUs work with OpenShift. The easiest way to find the specific kernel version being used is to oc debug to a node and check.
• Can we declare infra nodes in the install-config.yaml? Unfortunately no, but you can have them deployed during install by adding the MachineSet definition to the manifests directory. We’ve had some other streams on infra node provisioning and configuration here and here.
• Should (anti)affinity rules be used for control plane nodes? Yes, soft anti-affinity rules are encouraged to prevent a single physical node failure from impacting OpenShift. You’ll need to create them after the cluster is deployed though, unfortunately OpenShift, nor the installer, creates them for you.
• Are the primary benefits of the VMware CSI provisioner (Cloud Native Storage) only when using vSAN? No, you can use the CSI provisioner with any datastore and gain the ability to do policy based provisioning and get additional visibility in vCenter to the PVC(s).
• Can I change the cloud provider for an existing cluster? Unfortunately, no.
• Is debug the preferred way to connect to nodes? What about SSH? I prefer debug for a myriad of reasons, but sometimes when troubleshooting SSH is the only way.
• Can I control different cluster architectures from a single control panel? Yes. Red Hat Advanced Cluster Manager is probably what you’re looking for.
• Are there any enhancements on the Kubernetes or OpenShift roadmap that will let us know if there is danger as a result of virtual nodes being on the same physical host? There has been some discussion in the upstream SIG, but nothing is available today.
• Are there any tools to deploy OpenShift in one-click? An IPI cluster is pretty close to that, but there’s currently nothing other than CodeReady Containers for this. You could create automation in VMware’s vRealize Automation to deploy a cluster with almost no interaction though.
• Robbie walks through a high level overview of all the integrations available between OpenShift and the VMware portfolio. There’s almost certainly some things you didn’t know existed here that can potentially make a huge impact!