├── .gitignore ├── README.md ├── Velero.svg ├── _config.yml ├── caclusterissuer └── README.md ├── cert-manager-logo.PNG ├── cloudian-logo.png ├── consumption-interface ├── Release_Notes_1_0_0.md ├── Release_Notes_1_0_1.md ├── Release_Notes_1_0_2.md └── open_source_license_cci_ns_service_1.0.0_rc.txt ├── contour-logo.png ├── dsm-co ├── README_1_2_0.md └── README_2_2_0.md ├── external-dns-logo.png ├── harbor-logo.png ├── harbor ├── README-v2.11.2.md └── README.md ├── minio logo.svg ├── supervisor-services-labs ├── argocd-operator │ ├── argocd-instance.yaml │ ├── argocd.png │ ├── usage.md │ ├── v0.12.0 │ │ ├── argocd-operator.yaml │ │ └── values.yaml │ └── v0.8.0 │ │ └── argocd-operator.yaml ├── external-secrets-operator │ ├── external-secrets-example.yaml │ ├── externalsecrets.png │ ├── usage.md │ └── v0.9.14 │ │ └── external-secrets-operator.yaml ├── grafana-operator │ ├── Grafana.png │ ├── grafana-instance.yaml │ ├── networkpolicy.yaml │ ├── usage.md │ └── v5.15.0 │ │ ├── grafana-operator.yaml │ │ └── values.yaml ├── keda │ ├── keda.svg │ ├── nginx-deployment.yaml │ ├── scaledobject-instance.yaml │ ├── usage.md │ └── v2.13.1 │ │ └── keda.yaml ├── licence-agreement.md ├── rabbitmq-operator │ ├── rabbitmq-instance.yaml │ ├── rabbitmq-logo.svg │ ├── usage.md │ └── v2.8.0 │ │ ├── rabbitmq-operator.yaml │ │ └── values.yaml └── redis-operator │ ├── redis-instance.yaml │ ├── redis.png │ ├── usage.md │ └── v0.16.0 │ └── redis-operator.yaml └── vmw-logo-vmware-logo-grey.svg /.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | - [Supervisor Services Catalog](#supervisor-services-catalog) 2 | - [TKG Service](#tkg-service) 3 | - [TKG Service Versions](#tkg-service-versions) 4 | - [Consumption Interface](#consumption-interface) 5 | - [Consumption Interface Versions](#consumption-interface-versions) 6 | - [vSAN Data Persistence Platform (vDPP) Services:](#vsan-data-persistence-platform-vdpp-services) 7 | - [Backup \& Recovery Service](#backup--recovery-service) 8 | - [Velero vSphere Operator CLI Versions](#velero-vsphere-operator-cli-versions) 9 | - [Velero Versions](#velero-versions) 10 | - [Certificate Management Service](#certificate-management-service) 11 | - [CA Cluster Issuer Versions](#ca-cluster-issuer-versions) 12 | - [Cloud Native Registry Service](#cloud-native-registry-service) 13 | - [Harbor Versions](#harbor-versions) 14 | - [Kubernetes Ingress Controller Service](#kubernetes-ingress-controller-service) 15 | - [Contour Versions](#contour-versions) 16 | - [External DNS Service](#external-dns-service) 17 | - [ExternalDNS Versions](#externaldns-versions) 18 | - [NSX Management Proxy](#nsx-management-proxy) 19 | - [NSX Management Proxy Versions](#nsx-management-proxy-versions) 20 | - [Data Services Manager Consumption Operator](#data-services-manager-consumption-operator) 21 | - [Data Services Manager Consumption Operator Versions](#data-services-manager-consumption-operator-versions) 22 | --- 23 | - [Supervisor Services Labs Catalog](#supervisor-services-labs-catalog) 24 | - [ArgoCD Operator](#argocd-operator) 25 | - [ArgoCD Operator Versions](#argocd-operator-versions) 26 | - [External Secrets Operator](#external-secrets-operator) 27 | - [External Secrets Operator Versions](#external-secrets-operator-versions) 28 | - [RabbitMQ Cluster Kubernetes Operator](#rabbitmq-cluster-kubernetes-operator) 29 | - [RabbitMQ Cluster Kubernetes Operator Versions](#rabbitmq-cluster-kubernetes-operator-versions) 30 | - [Redis Operator](#redis-operator) 31 | - [Redis Operator Versions](#redis-operator-versions) 32 | - [KEDA](#keda) 33 | - [KEDA Versions](#keda-versions) 34 | - [Grafana Operator](#grafana-operator) 35 | - [Grafana Operator Versions](#grafana-operator-versions) 36 | 37 | 38 | # Supervisor Services Catalog 39 | 40 | Discover current Supervisor Services offered to support modern applications through vSphere Services. 41 | New service will be added overtime with the goal to continue to empower your DevOps communities. 42 | 43 | Prior vSphere 8 Update 1, the Supervisor Services are only available with Supervisor Clusters enabled using VMware NSX-T. With vSphere 8 U1, Supervisor Services are also supported when using the vSphere Distributed Switch networking stack. 44 | 45 | | Supervisor Service | vSphere 7 | vSphere 8 | 46 | | :--: | :--: | :--: | 47 | | TKG Service | ❌ * | ✅
_requires vSphere 8.0 Update 3 or later_| 48 | | Consumption Interface | ❌ | ✅
_requires vSphere 8.0 Update 3 or later_| 49 | | vSAN Data Persistence Platform Services - MinIO | ✅ | ✅ | 50 | | Backup \& Recovery Service - Velero | ✅ | ✅ | 51 | | Certificate Management Service - cert-manager | ❌ | ✅ | 52 | | Cloud Native Registry Service - Harbor | ❌ * | ✅ | 53 | | Kubernetes Ingress Controller Service - Contour | ❌ | ✅ | 54 | | External DNS Service - ExternalDNS | ❌ | ✅ | 55 | | NSX Management Proxy | ❌ | ✅
_requires vSphere 8.0 Update 3 or later with Supervisor Clusters enabled using VMware NSX-T_ | 56 | | Data Services Manager Consumption Operator | ❌ | ✅
_requires vSphere 8.0 Update 3 or later with additional configuration.
Please contact Global Support Services (GSS) for the additional configuration_ | 57 | *\* The embedded Harbor Registry and TKG Service features are still available and supported on vSphere 7 and onwards.* 58 | 59 | ## TKG Service 60 | 61 | VMware Tanzu Kubernetes Grid Service (TKG Service) lets you deploy Kubernetes workload clusters on the vSphere IaaS control plane. Starting with vSphere 8.0 Update 3, Tanzu Kubernetes Grid is installed as a Supervisor Service. This architectural change decouples TKG from vSphere IaaS control plane releases and lets you upgrade the TKG Service independent of vCenter Server and Supervisor. 62 | 63 | - Service install [documentation](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-iaas-cp-update/GUID-2005FFCD-07F4-450E-BAE5-445BE9D629AE.html) 64 | 65 | ### TKG Service Versions 66 | The [Interoperability Matrix](https://interopmatrix.broadcom.com/Interoperability?col=820,17000,18237,17284,18034,18430,18431,18448,18667,18589,18562&row=2,%261794,&isHidePatch=true&isHideLegacyReleases=false) shows each TKG Service version below, including compatible Kubernetes releases and the vCenter Server versions containing compatible Supervisor versions. Note that some compatible Kubernetes releases may have reached End of Service; refer to the [Product Lifecycle](https://support.broadcom.com/group/ecx/productlifecycle) tool (Division: "VMware Cloud Foundation", Product Name: "Tanzu Kubernetes releases") to view End of Service dates for Kubernetes releases. 67 | 68 | - Download latest version [TKG Service v3.3.2](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/kubernetes-service/3.3.2-package.yaml) 69 | - [Release Notes](https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere-supervisor/8-0/release-notes/vmware-tanzu-kubernetes-grid-service-release-notes.html#GUID-4e548863-c753-46af-b78a-c308d560981d-en_id-72280637-4785-49e0-8728-860db0f1c284) 70 | - [OSS Information](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/kubernetes-service/3.3.2-package.open_source_license.txt) 71 | - Download [TKG Service v3.3.1](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/kubernetes-service/3.3.1-package.yaml) 72 | - [Release Notes](https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere-supervisor/8-0/release-notes/vmware-tanzu-kubernetes-grid-service-release-notes.html#GUID-4e548863-c753-46af-b78a-c308d560981d-en_id-d980858e-865c-4182-bc2d-6270521e9a19) 73 | - [OSS Information](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/kubernetes-service/3.3.1-package.open_source_license.txt) 74 | - Download [TKG Service v3.3.0](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/kubernetes-service/3.3.0-package.yaml) 75 | - [Release Notes](https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere-supervisor/8-0/release-notes/vmware-tanzu-kubernetes-grid-service-release-notes.html#GUID-4e548863-c753-46af-b78a-c308d560981d-en_id-9a8726db-dc10-44f5-8a7c-a030c6366c94) 76 | - [OSS Information](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/kubernetes-service/3.3.0-package.open_source_license.txt) 77 | - Download [TKG Service v3.2.0](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/kubernetes-service/3.2.0-package.yaml) 78 | - [Release Notes](https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere-supervisor/8-0/release-notes/vmware-tanzu-kubernetes-grid-service-release-notes.html#GUID-4e548863-c753-46af-b78a-c308d560981d-en_id-dc37abc7-0aa5-4d4c-8118-1a041f1afe65) 79 | - [OSS Information](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/kubernetes-service/3.2.0-package.open_source_license.txt) 80 | - Download [TKG Service v3.1.1](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/kubernetes-service/3.1.1-package.yaml) 81 | - [Release Notes](https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere-supervisor/8-0/release-notes/vmware-tanzu-kubernetes-grid-service-release-notes.html#GUID-4e548863-c753-46af-b78a-c308d560981d-en_id-79e16754-ab76-47cf-a500-9b9ddea90907) 82 | - [OSS Information](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/kubernetes-service/3.1.1-package.open_source_license.txt) 83 | - Download [TKG Service v3.1.0](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/kubernetes-service/3.1.0-package.yaml) 84 | - [Release Notes](https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere-supervisor/8-0/release-notes/vmware-tanzu-kubernetes-grid-service-release-notes.html#GUID-4e548863-c753-46af-b78a-c308d560981d-en_id-7580485a-27a3-4b85-99b8-412c2d61d6fe) 85 | - [OSS Information](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/kubernetes-service/3.1.0-package.open_source_license.txt) 86 | 87 | 88 | ## Consumption Interface 89 | 90 | Provides the Local Consumption Interface (LCI) for Namespaces within vSphere Client. This also includes the Single Sign On (SSO) component required by the Cloud Consumption Interface (CCI) in Aria Automation within VMware Cloud Foundation. 91 | 92 | The minimum required version for using this interface is vSphere 8 Update 3. 93 | 94 | ### Consumption Interface Versions 95 | 96 | Installation instructions can be found [here in VMware documentation](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-with-tanzu-services-workloads/GUID-4843E6C6-747E-43B1-AC55-8F02299CC10E.html). 97 | 98 | **IMPORTANT NOTICE**: Occasionally, the plug-in may fail to load on the initial 99 | attempt. To check if the plug-in has loaded correctly, click the **vSphere Client** 100 | menu icon, then to **Administration** -> **Client** -> **Plug-ins**. 101 | Check the Status column of the Namespace UI plug-in, and in case you see a "Plug-in 102 | configuration with Reverse Proxy failed." Message, reinstall the plug-in. 103 | 104 | Download latest version: 105 | - [Consumption Interface v1.0.2](https://vmwaresaas.jfrog.io/artifactory/supervisor-services/cci-supervisor-service/v1.0.2/cci-supervisor-service.yml) 106 | 107 | - [Release notes](./consumption-interface/Release_Notes_1_0_2.md) 108 | 109 | ### OSS information 110 | 111 | [LCI OSS](./consumption-interface/ConsumptionInterface_LocalConsumptionInterface_1_0_0.zip) 112 | 113 | [SSO OSS](https://support.broadcom.com/group/ecx/productfiles?displayGroup=VMware%20Aria%20Suite%20-%20Enterprise&release=2019&os=&servicePk=202420&language=EN&groupId=204007) Refer to the Open Source Tab 114 | 115 | 116 | ## vSAN Data Persistence Platform (vDPP) Services: 117 | 118 | vSphere with Tanzu offers the vSAN Data Persistence platform. The platform provides a framework that enables third parties to integrate their cloud native service applications with underlying vSphere infrastructure, so that third-party software can run on vSphere with Tanzu optimally. 119 | 120 | - Using vSAN Data Persistence Platform (vDPP) with vSphere with Tanzu [documentation](https://docs.vmware.com/en/VMware-vSphere/7.0/vmware-vsphere-with-tanzu/GUID-F7223607-30A5-4B2D-9B06-A55A65FEAA11.html) 121 | - Enable Stateful Services in vSphere with Tanzu [documentation](https://docs.vmware.com/en/VMware-vSphere/7.0/vmware-vsphere-with-tanzu/GUID-F68B264E-76A3-4A6D-A3B0-17153DDF7A18.html) 122 | 123 | 124 | Available vDPP Services 125 | 126 | - MinIO partner [documentation](https://docs.min.io/minio/vsphere/core-concepts/core-concepts.html) 127 | - Download version: [Minio 2.0.10](https://projects.packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/minio/minio-service-definition-v2.0.10-3.yaml) 128 | 129 | 130 | ## Backup & Recovery Service 131 | 132 | 133 | 134 | Velero vSphere Operator helps users install Velero and its vSphere plugin on a vSphere with Kubernetes Supervisor cluster. Velero is an open source tool to safely backup and restore, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes. 135 | 136 | - Service install [documentation](https://docs.vmware.com/en/VMware-vSphere/7.0/vmware-vsphere-with-tanzu/GUID-DA21BF67-160E-48D9-8D94-0D3690E51FD0.html) 137 | 138 | ### Velero vSphere Operator CLI Versions 139 | 140 | *This is a prerequisite for a cluster admin install.* 141 | 142 | - Download latest version: [Velero vSphere Operator CLI - v1.6.1](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=Velero-YAML&path=Velero%252FSupervisorService%252F1.6.1%252Fvelero-vsphere-1.6.1-linux-amd64.tar.gz) 143 | - Download: [Velero vSphere Operator CLI - v1.6.0](https://github.com/vmware-tanzu/velero-plugin-for-vsphere/releases/download/v1.5.3/velero-vsphere-1.6.0-linux-amd64.tar.gz) 144 | - Download: [Velero vSphere Operator CLI - v1.5.0](https://github.com/vmware-tanzu/velero-plugin-for-vsphere/releases/download/v1.5.1/velero-vsphere-1.5.0-linux-amd64.tar.gz) 145 | - Download: [Velero vSphere Operator CLI - v1.4.0](https://github.com/vmware-tanzu/velero-plugin-for-vsphere/releases/download/v1.5.1/velero-vsphere-1.4.0-linux-amd64.tar.gz) 146 | - Download: [Velero vSphere Operator CLI - v1.3.0](https://github.com/vmware-tanzu/velero-plugin-for-vsphere/releases/download/v1.4.2/velero-vsphere-1.3.0-linux-amd64.tar.gz) 147 | - Download: [Velero vSphere Operator CLI - v1.2.0](https://github.com/vmware-tanzu/velero-plugin-for-vsphere/releases/download/v1.4.0/velero-vsphere-1.2.0-linux-amd64.tar.gz) 148 | - Download: [Velero vSphere Operator CLI - v1.1.0](https://github.com/vmware-tanzu/velero-plugin-for-vsphere/releases/download/v1.1.0/velero-vsphere-1.1.0-linux-amd64.tar.gz) 149 | 150 | ### Velero Versions 151 | 152 | - Download latest version: [Velero vSphere Operator v1.6.1](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=Velero-YAML&path=Velero%252FSupervisorService%252F1.6.1%252Fvelero-vsphere-1.6.1-def.yaml) 153 | - Download: [Velero vSphere Operator v1.6.0](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=Velero-YAML&path=Velero%252FSupervisorService%252F1.6.0%252Fvelero-vsphere-1.6.0-def.yaml) 154 | - Download: [Velero vSphere Operator v1.5.0](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=Velero-YAML&path=Velero%252FSupervisorService%252F1.5.0%252Fvelero-vsphere-1.5.0-def.yaml) 155 | - Download: [Velero vSphere Operator v1.4.0](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=Velero-YAML&path=Velero%252FSupervisorService%252F1.4.0%252Fvelero-vsphere-1.4.0-def.yaml) 156 | - Download: [Velero vSphere Operator v1.3.0](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=Velero-YAML&path=Velero%252FSupervisorService%252F1.3.0%252Fvelero-supervisorservice-1.3.0.yaml) 157 | - Download: [Velero vSphere Operator v1.2.0](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=Velero-YAML&path=Velero%252FSupervisorService%252F1.2.0%252Fvelero-supervisorservic-1.2.0.yaml) 158 | - Download: [Velero vSphere Operator v1.1.0](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=Velero-YAML&path=Velero%252FSupervisorService%252F1.0.0%252Fvelero-supervisorservice-1.0.0.yaml) 159 | 160 | ## Certificate Management Service 161 | 162 | 163 | 164 | ClusterIssuers are Kubernetes resources that represent certificate authorities (CAs) that are able to generate signed certificates by honoring certificate signing requests. All cert-manager certificates require a referenced issuer that is in a ready condition to attempt to honor the request. 165 | 166 | - Service install - Follow steps 1 - 5 in the [documentation](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-with-tanzu-services-workloads/GUID-4843E6C6-747E-43B1-AC55-8F02299CC10E.html) then continue to the bullet point below. 167 | - Read [Service Configuration](caclusterissuer/README.md) to understand how to install your root CA into the ca-clusterissuer. 168 | 169 | ### CA Cluster Issuer Versions 170 | 171 | - Download latest version: [ca-clusterissuer v0.0.2](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=supervisor-services&path=ca-clusterissuer/v0.0.2/ca-clusterissuer.yml) 172 | - Download version: [ca-clusterissuer v0.0.1](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=supervisor-services&path=ca-clusterissuer/v0.0.1/ca-clusterissuer.yml) 173 | 174 | CA Cluster Issuer Sample `values.yaml` 175 | 176 | - We do not provide any default values for this package. Instead, we encourage that you generate certificates. Please read [How-To Deploy a self-signed CA Issuer and Request a Certificate](https://github.com/vsphere-tmm/vsphere-with-tanzu-dev-center/tree/main/cert-manager#how-to-deploy-a-self-signed-ca-issuer-and-request-a-certificate) for information on how to create a self-signed certificate. 177 | 178 | ## Cloud Native Registry Service 179 | 180 | 181 | 182 | Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. Harbor extends the open source Docker Distribution by adding the functionalities usually required by users such as security, identity and management. Having a registry closer to the build and run environment can improve the image transfer efficiency. Harbor supports replication of images between registries, and also offers advanced security features such as user management, access control and activity auditing. 183 | 184 | - The [contour package](#contour) is a prerequisite for Harbor v2.9.x, so that must be installed 185 | first if you are using v2.9.x. 186 | - Harbor v2.11.2 supports exposing the registry using loadbalancer, and contour is not required. 187 | - Follow the instructions under [Installing and Configuring Harbor on a Supervisor](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-with-tanzu-services-workloads/GUID-8C645717-C473-4E67-8DEE-049B71447B86.html). 188 | 189 | ### Harbor Versions 190 | 191 | - Download latest version: [Harbor v2.11.2](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/harbor/harbor-service-v2.11.2-respin.yml) 192 | - Download version: [Harbor v2.9.1](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=supervisor-services&path=harbor/v2.9.1/harbor.yml) 193 | 194 | Harbor Sample `values.yaml` 195 | 196 | - Download version: [values for v2.11.2](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/harbor/harbor-data-values-v2.11.2-respin.yml) For details about each of the required properties, [see the configuration details page](harbor/README-v2.11.2.md). 197 | - Download version: [values for v2.9.1](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=supervisor-services&path=harbor/v2.9.1/harbor-data-values.yml). For details about each of the required properties, [see the configuration details page](harbor/README.md). 198 | 199 | ## Kubernetes Ingress Controller Service 200 | 201 | 202 | 203 | Contour is an Ingress controller for Kubernetes that works by deploying the Envoy proxy as a reverse proxy and load balancer. Contour supports dynamic configuration updates out of the box while maintaining a lightweight profile. 204 | 205 | - Service install - Follow steps 1 - 5 in the [documentation](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-with-tanzu-services-workloads/GUID-4843E6C6-747E-43B1-AC55-8F02299CC10E.html). 206 | 207 | ### Contour Versions 208 | 209 | - Download latest version: [Contour v1.29.3](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/contour/v1.29.3/contour-service-v1.29.3.yml) 210 | - Download version: [Contour v1.28.2](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=supervisor-services&path=contour/v1.28.2/contour.yml) 211 | - Download version: [Contour v1.24.4](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=supervisor-services&path=contour/v1.24.4/contour.yml) 212 | - Download version: [Contour v1.18.2](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=supervisor-services&path=contour/v1.18.2/contour.yml) 213 | 214 | Contour Sample `values.yaml` 215 | 216 | - Download latest [values for v1.29.3](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/contour/v1.29.3/contour-data-values.yml). These values can be used _as-is_ and require no configuration changes. 217 | - Download [values for versions before v1.29.3](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=supervisor-services&path=contour/v1.24.4/contour-data-values.yml). These values can be used _as-is_ and require no configuration changes. 218 | 219 | ## External DNS Service 220 | 221 | 222 | 223 | ExternalDNS publishes DNS records for applications to DNS servers, using a declarative, Kubernetes-native interface. This operator connects to your DNS server (not included here). For a list of supported DNS providers and their corresponding configuration settings, see the [upstream external-dns project](https://github.com/kubernetes-sigs/external-dns). 224 | 225 | - On Supervisors where Harbor is deployed with Contour, ExternalDNS may be used to publish a DNS hostname for the Harbor service. 226 | 227 | ### ExternalDNS Versions 228 | 229 | - Download latest version: [ExternalDNS v0.14.2](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/external-dns/external-dns-service-0.14.2.yml) 230 | - Download v0.13.4 version: [ExternalDNS v0.13.4](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=supervisor-services&path=external-dns/v0.13.4/external-dns.yml) 231 | - Download v0.11.0 version: [ExternalDNS v0.11.0](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=supervisor-services&path=external-dns/v0.11.0/external-dns.yml) 232 | 233 | ExternalDNS data `values.yaml` 234 | 235 | - Because of the large list of supported DNS providers, we do not supply complete sample configuration values here. If you're deploying ExternalDNS with Harbor and Contour, make sure to include `source=contour-httpproxy` in the configuration values. An *incomplete* example of the service configuration is included below. Make sure to setup API access to your DNS server and include authentication details with the service configuration. 236 | 237 | ```yaml 238 | deployment: 239 | args: 240 | - --source=contour-httpproxy 241 | - --source=service 242 | - --log-level=debug 243 | ``` 244 | 245 | Validated Supported DNS Server Example: 246 | - RFC2136 BIND DNS Server: [values.yaml](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/external-dns/external-dns-data-values_0.14.2.yaml). Replace the values indicated by the comments with your own DNS server details. 247 | 248 | ## NSX Management Proxy 249 | 250 | NSX Management Proxy is for Antrea-NSX adapter in TKG workload cluster to reach NSX manager. We recommend to use NSX Management Proxy when there is isolation between management network and workload network and the workloads running in TKG workload clusters cannot reach NSX manager. 251 | 252 | ### NSX Management Proxy Versions 253 | - For vSphere 8.0 Update 3 or later 254 | - Download latest version: [nsx-management-proxy v0.2.2](https://packages.broadcom.com/artifactory/vsphere-distro/vsphere/iaas/nsx-management-proxy/v0.2.2/nsx-management-proxy.yml) 255 | - For vSphere 8.0 Update 3 256 | - Download version: [nsx-management-proxy v0.2.1](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=supervisor-services&path=nsx-management-proxy/v0.2.1/nsx-management-proxy.yml) 257 | - Download version: [nsx-management-proxy v0.2.0](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=supervisor-services&path=nsx-management-proxy/v0.2.0/nsx-management-proxy.yml) 258 | - Download version: [nsx-management-proxy v0.1.1](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=supervisor-services&path=nsx-management-proxy/v0.1.1/nsx-management-proxy.yml) 259 | 260 | NSX Management Proxy Sample `values.yaml` 261 | 262 | - Download [values for all versions](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=supervisor-services&path=nsx-management-proxy/v0.1.1/nsx-management-proxy-data-values.yml). Make sure to fill the property `nsxManagers` with your NSX Manager IP(s). 263 | 264 | **Note:** NSX Management Proxy is supported in vSphere 8.0 Update 3 when Supervisor Clusters are enabled using VMware NSX-T networking stack under following configurations: 265 | - NSX Load Balancer is configured as load balancing solution. 266 | - NSX Gateway Firewall is enabled. 267 | 268 | ## Data Services Manager Consumption Operator 269 | 270 | The Data Services Manager(DSM) Consumption Operator facilitates native, self-service access to DSM within a Kubernetes environment. It exposes a selection of resources supported by the DSM provider, allowing customers to connect to the DSM provider from Kubernetes. Although the DSM provider does not currently support tenancy natively, the DSM Consumption Operator enables customers to seamlessly integrate their existing tenancy model, effectively introducing tenancy into the DSM provider. 271 | 272 | - The DSM provider is a prerequisite for DSM consumption operator, so that must be installed first. 273 | - Installation instructions can be found [here in VMware documentation](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-with-tanzu-services-workloads/GUID-A0A5F6D4-87A4-46CA-A50A-33664F43F299.html) 274 | - Configuration instructions can be found [here in VMware documentation](https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-with-tanzu-services-workloads/GUID-4843E6C6-747E-43B1-AC55-8F02299CC10E.html). 275 | 276 | ### Data Services Manager Consumption Operator Versions 277 | 278 | - Download latest version: [DSM Consumption Operator v2.2.0](https://packages.broadcom.com/artifactory/dsm-distro/dsm-consumption-operator/supervisor-service/2.2.0/package.yaml) 279 | 280 | Data Services Manager Consumption Operator Sample values. yaml 281 | 282 | - Download latest version: [values for v2.2.0](https://packages.broadcom.com/artifactory/dsm-distro/dsm-consumption-operator/supervisor-service/2.2.0/values.yaml). For details about each of the required properties, [see the configuration details page](dsm-co/README_2_2_0.md#data-services-manager-consumption-operator-2.2.0-configuration). 283 | 284 | **Installation Note:** DSM Consumption Operator v2.2.0
285 | When installing DSM Consumption Operator v2.2.0 as a Supervisor Service, if you encounter any issues related to the Service-id, please contact Global Support Services (GSS) for immediate assistance. 286 | 287 | **Upgrade Note:** DSM Consumption Operator v2.2.0
288 | Earlier versions of the DSM Consumption Operator, including v1.1.0, v1.1.1, v1.1.2 and v1.2.0 are deprecated and should not be used for new Supervisor Service installation. 289 | If you are upgrading from these older versions to v2.2.0, do not uninstall the existing version. Instead, we highly recommend contacting GSS for guidance and support. This will ensure a smooth upgrade process and prevent potential disruptions. 290 | For additional help, please refer to the support documentation or reach out to our technical support team. 291 | 292 | --- 293 | # Supervisor Services Labs Catalog 294 | 295 | ## *Experimental* 296 | 297 | The following Supervisor Services Labs catalog is only provided for testing and educational purposes. Please do not use these services in a production environment. These services are intended to demonstrate Supervisor Services' capabilities and usability. VMware will strive to provide regular updates to these services. The Labs services have been tested starting from vSphere 8.0. Over time, depending on usage and customer needs, some of these services may be included in the core product. 298 | 299 | **WARNING** - By downloading and using these solutions from the Supervisor Services Labs catalog, you explicitly agree to the conditional use **[license agreement](supervisor-services-labs/licence-agreement.md)**. 300 | 301 | ## ArgoCD Operator 302 | 303 | 304 | 305 | The Argo CD Operator manages the entire lifecycle of Argo CD and its components. The operator aims to automate the tasks required to operate an Argo CD deployment. Beyond installation, the operator helps automate the process of upgrading, backing up, and restoring as needed and removes the human toil as much as possible. For a detailed description of how to consume the ArgoCD Operator, see the [ArgoCD Operator project.](https://argocd-operator.readthedocs.io/en/latest/) 306 | 307 | ### ArgoCD Operator Versions 308 | 309 | - Download the latest version: [ArgoCD Operator v0.12.0](supervisor-services-labs/argocd-operator/v0.12.0/argocd-operator.yaml) 310 | - Download previous v0.8.0: [ArgoCD Operator v0.8.0](supervisor-services-labs/argocd-operator/v0.8.0/argocd-operator.yaml) 311 | 312 | ArgoCD Operator Sample `values.yaml` for v0.12.0 - [values.yaml](supervisor-services-labs/argocd-operator/v0.12.0/values.yaml) 313 | ArgoCD Operator Sample `values.yaml` for v0.8.0 - None 314 | 315 | - The sample `values.yaml` for the latest version has been provided above. This operator requires minimal configurations, and the necessary pods get deployed in the `svc-argocd-operator-domain-xxx` namespace. 316 | 317 | #### Usage: 318 | 319 | - Check out this example on deploying an ArgoCD instance with the Argo CD Operator [here.](supervisor-services-labs/argocd-operator/usage.md) 320 | - For advanced configurations, check the [detailed reference](https://argocd-operator.readthedocs.io/en/latest/reference/argocd/) and [sample usage](https://argocd-operator.readthedocs.io/en/latest/usage/basics/) 321 | 322 | ## External Secrets Operator 323 | 324 | 325 | 326 | External Secrets Operator is a Kubernetes operator that integrates external secret management systems like AWS Secrets Manager, HashiCorp Vault, Google Secrets Manager, Azure Key Vault, IBM Cloud Secrets Manager, CyberArk Conjur, etc. The operator reads information from external APIs and automatically injects the values into a Kubernetes Secret. For a detailed description of how to consume External Secrets Operator, visit [External Secrets Operator project](https://external-secrets.io/latest/) 327 | 328 | ### External Secrets Operator Versions 329 | 330 | - Download latest version: [External Secrets Operator v0.9.14](supervisor-services-labs/external-secrets-operator/v0.9.14/external-secrets-operator.yaml) 331 | 332 | External Secrets Operator Sample `values.yaml` - None 333 | 334 | - We do not provide this package's default `values.yaml`. This operator requires minimal configurations, and the necessary pods get deployed in the `svc-external-secrets-operator-domain-xxx` namespace. 335 | 336 | #### Usage: 337 | 338 | - Check out this example on how to access a secret from **GCP Secret Manager** using External Secrets Operator [here](supervisor-services-labs/external-secrets-operator/usage.md) 339 | 340 | ## RabbitMQ Cluster Kubernetes Operator 341 | 342 | 343 | 344 | The RabbitMQ Cluster Kubernetes Operator provides a consistent and easy way to deploy RabbitMQ clusters to Kubernetes and run them, including "day two" (continuous) operations. RabbitMQ clusters deployed using the Operator can be used by applications running on or outside Kubernetes. For a detailed description of how to consume the RabbitMQ Cluster Kubernetes Operator, see the [RabbitMQ Cluster Kubernetes Operator project.](https://www.rabbitmq.com/kubernetes/operator/operator-overview) 345 | 346 | ### RabbitMQ Cluster Kubernetes Operator Versions 347 | 348 | - Download latest version: [RabbitMQ Cluster Kubernetes Operator v2.8.0](supervisor-services-labs/rabbitmq-operator/v2.8.0/rabbitmq-operator.yaml) 349 | 350 | RabbitMQ Cluster Kubernetes Operator Sample `values.yaml` - 351 | 352 | - Modify the latest [values.yaml](supervisor-services-labs/rabbitmq-operator/v2.8.0/values.yaml) by providing a new location for the RabbitMQ Cluster Kubernetes Operator image. This may be required to overcome DockerHub's rate-limiting issues. The RabbitMQ Cluster Kubernetes Operator pods and related artifacts get deployed in the `svc-rabbitmq-operator-domain-xx` namespace. 353 | 354 | #### Usage: 355 | 356 | - Check out this example on how to deploy a RabbitMQ cluster using the RabbitMQ Cluster Kubernetes Operator [here](supervisor-services-labs/rabbitmq-operator/usage.md) 357 | - For advanced configurations, check the [detailed reference](https://www.rabbitmq.com/kubernetes/operator/operator-overview). 358 | 359 | ## Redis Operator 360 | 361 | 362 | 363 | A Golang-based Redis operator that oversees Redis standalone/cluster/replication/sentinel mode setup on top of Kubernetes. It can create a Redis cluster setup using best practices. It also provides an in-built monitoring capability using Redis-exporter. For a detailed description of how to consume the Redis Operator, see the [Redis Operator project.](https://ot-redis-operator.netlify.app/docs/overview/) 364 | 365 | ### Redis Operator Versions 366 | 367 | - Download latest version: [Redis Operator v0.16.0](supervisor-services-labs/redis-operator/v0.16.0/redis-operator.yaml) 368 | 369 | Redis Operator Sample `values.yaml` - 370 | 371 | - We do not provide this package's default `values.yaml`. This operator requires minimal configurations, and the necessary pods get deployed in the `svc-redis-operator-domain-xxx` namespace. 372 | 373 | #### Usage: 374 | 375 | - View an example of how to use the Redis Operator to deploy a Redis standalone instance [here](supervisor-services-labs/redis-operator/redis-instance.yaml) 376 | - For advanced configurations, check the [detailed reference](https://ot-redis-operator.netlify.app/docs/getting-started/). 377 | 378 | ## KEDA 379 | 380 | 381 | 382 | KEDA is a single-purpose and lightweight component that can be added into any Kubernetes cluster. KEDA works alongside standard Kubernetes components like the Horizontal Pod Autoscaler and can extend functionality without overwriting or duplication. With KEDA you can explicitly map the apps you want to use event-driven scale, with other apps continuing to function. This makes KEDA a flexible and safe option to run alongside any number of any other Kubernetes applications or frameworks. For a detailed description of how to use KEDA, see the [Keda project.](https://keda.sh/) 383 | 384 | ### KEDA Versions 385 | 386 | - Download latest version: [KEDA v2.13.1](supervisor-services-labs/keda/v2.13.1/keda.yaml) Note: This version supports Kubernetes v1.27 - v1.29. 387 | 388 | KEDA Sample `values.yaml` - 389 | 390 | - We do not provide this package's default `values.yaml`. This operator requires minimal configurations, and the necessary pods get deployed in the `svc-kedaxxx` namespace. 391 | 392 | #### Usage: 393 | 394 | - View an example of how to use KEDA `ScaledObject` to scale an NGINX deployment [here](supervisor-services-labs/keda/usage.md). 395 | - For additonal examples, check the [detailed reference](https://github.com/kedacore/samples). 396 | 397 | ## Grafana Operator 398 | 399 | 400 | 401 | Grafana Operator is a Kubernetes operator built to help you manage your Grafana instances and its resources from within Kubernetes. The operator can install and manage local Grafana instances, Dashboards and Datasources through Kubernetes Custom resources. The Grafana Operator automatically syncs the Kubernetes Custom resources and the actual resources in the Grafana Instance. For a detailed description of how to use Grafana Operator, see the [Grafana Project.](https://grafana.com/docs/grafana-cloud/developer-resources/infrastructure-as-code/grafana-operator/) 402 | 403 | ### Grafana Operator Versions 404 | 405 | - Download latest version: [Grafana Operator v5.15.0](supervisor-services-labs/grafana-operator/v5.15.0/grafana-operator.yaml). 406 | 407 | Grafana Operator Sample `values.yaml` for v5.15.0 - [values.yaml](supervisor-services-labs/grafana-operator/v5.15.0/values.yaml) 408 | 409 | - The sample `values.yaml` for the latest version has been provided above. This operator requires minimal configurations, and the necessary pods get deployed in the `svc-grafana-operator-xxx` namespace. 410 | 411 | #### Usage: 412 | 413 | - View an example of how to use Grafana Operator to create a Grafana instance [here](supervisor-services-labs/grafana-operator/usage.md). 414 | - For additonal examples, check the [detailed reference](https://grafana.github.io/grafana-operator/docs/examples/). 415 | -------------------------------------------------------------------------------- /Velero.svg: -------------------------------------------------------------------------------- 1 | velero 2 | -------------------------------------------------------------------------------- /_config.yml: -------------------------------------------------------------------------------- 1 | title: vSphere Supervisor Services 2 | description: vSphere with Tanzu | Supervisor Services 3 | markdown: GFM 4 | -------------------------------------------------------------------------------- /caclusterissuer/README.md: -------------------------------------------------------------------------------- 1 | # CA Cluster Issuer Configuration 2 | 3 | This guide assumes that you have already generated your root certificate and 4 | key. 5 | 6 | The ca-clusterissuer only needs to be supplied two values to function. 7 | - `tls_crt` - This is a base64 encoded root certificate. 8 | - `tls_key` - This is the base64 encoded key/secret. 9 | 10 | These values need to be supplied when attempting to install the ca-clusterissuer 11 | into a supervisor. The format of the file can be seen in [values.yml](https://vmwaresaas.jfrog.io/ui/api/v1/download?repoKey=supervisor-services&path=ca-clusterissuer/v0.0.1/ca-clusterissuer-data-values.yml). We do not provide any defaults in this file, it exists only to demonstrate the structure. To generate a base64 12 | version of your certificate and your key, you can run the following commands: 13 | 14 | ``` 15 | $ cat crt.pem | base64 -w0 # or at crt.pem | base64 -b0 on BSD based systems 16 | $ cat key.pem | base64 -w0 # or at key.pem | base64 -b0 on BSD based systems 17 | ``` 18 | 19 | These values can then be copied into the vCenter text box when prompted. 20 | 21 | ⚠️ **Caution** CA issuers are generally for advanced users with a good idea of 22 | how to run a PKI. To be used safely in production, CA issuers introduce complex 23 | planning requirements around rotation, trust store distribution and disaster 24 | recovery. 25 | 26 | For more information on CA issuers, visit the [ca cert-manager 27 | documentation](https://cert-manager.io/docs/configuration/ca/). 28 | -------------------------------------------------------------------------------- /cert-manager-logo.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vsphere-tmm/Supervisor-Services/0b86db5f5a6eb9cce347007e0a68e380a6f7cbcb/cert-manager-logo.PNG -------------------------------------------------------------------------------- /cloudian-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vsphere-tmm/Supervisor-Services/0b86db5f5a6eb9cce347007e0a68e380a6f7cbcb/cloudian-logo.png -------------------------------------------------------------------------------- /consumption-interface/Release_Notes_1_0_0.md: -------------------------------------------------------------------------------- 1 | Known issues and limitations of the Consumption Interface Supervisor Service 2 | 3 | LCI : Local Consumption Interface 4 | 5 | - LCI is not supported on Multi-Zone Supervisors. 6 | 7 | - After installing the service into a supervisor, you should expect a delay while the plugin is installed. If you do not see the plugin listed in the Resources tab under Workload Management -> Namespaces -> your namespace, please wait and then refresh the page. 8 | 9 | - After installing the service into a supervisor, you will need to reload the web page or login in a new window to allow the plugin to load properly. Failure to do so may result in seeing a 502 error returned on the UI. 10 | 11 | - The UI allows users to publish TKG cluster VMs that are currently deployed. The published image will not be usable and users should not leverage this feature for such VMs. 12 | 13 | - There is a known issue in the TKG cluster creation wizard. If a user works backward through the wizard, some configuration may be lost. Users should execute the wizard end-to-end in sequence. 14 | 15 | - Resource updates will not automatically refresh in the UI. Users need to use the reload button to refresh the views on the resources. 16 | -------------------------------------------------------------------------------- /consumption-interface/Release_Notes_1_0_1.md: -------------------------------------------------------------------------------- 1 | Known issues and limitations of the Consumption Interface Supervisor Service 2 | 3 | LCI : Local Consumption Interface 4 | 5 | What's New 6 | 7 | - Minimal support for Kubernetes Service 3.2 is included. This version of the Consumption Interface is compatible with Kubernetes Service 3.2 but does not yet support all operations or features included with Kubernetes Service 3.2. In particular, there is no support for windows and lifecycle management of clusters using ClusterClass `builtin-generic-v3.2.0`. Day2 operations for Clusters using the `builtin-generic-v3.1.0` ClusterClass will not be possible and would need to be handled through the use of kubectl. 8 | 9 | Known Issues 10 | 11 | - LCI is not supported on Multi-Zone Supervisors. 12 | 13 | - After installing the service into a supervisor, you should expect a delay while the plugin is installed. If you do not see the plugin listed in the Resources tab under Workload Management -> Namespaces -> your namespace, please wait and then refresh the page. 14 | 15 | - After installing the service into a supervisor, you will need to reload the web page or login in a new window to allow the plugin to load properly. Failure to do so may result in seeing a 502 error returned on the UI. 16 | 17 | - The UI allows users to publish TKG cluster VMs that are currently deployed. The published image will not be usable and users should not leverage this feature for such VMs. 18 | 19 | - There is a known issue in the TKG cluster creation wizard. If a user works backward through the wizard, some configuration may be lost. Users should execute the wizard end-to-end in sequence. 20 | 21 | - Resource updates will not automatically refresh in the UI. Users need to use the reload button to refresh the views on the resources. 22 | 23 | -------------------------------------------------------------------------------- /consumption-interface/Release_Notes_1_0_2.md: -------------------------------------------------------------------------------- 1 | Known issues and limitations of the Consumption Interface Supervisor Service 2 | 3 | LCI : Local Consumption Interface 4 | 5 | What's New in 1.0.2 6 | 7 | - Fix for customers running in environments with large numbers of groups associated with users in Active Directory. The supervisor service would install correctly but none of the services are operational. 8 | 9 | Known Issues 10 | 11 | - LCI is not supported on Multi-Zone Supervisors. 12 | 13 | - After installing the service into a supervisor, you should expect a delay while the plugin is installed. If you do not see the plugin listed in the Resources tab under Workload Management -> Namespaces -> your namespace, please wait and then refresh the page. 14 | 15 | - After installing the service into a supervisor, you will need to reload the web page or login in a new window to allow the plugin to load properly. Failure to do so may result in seeing a 502 error returned on the UI. 16 | 17 | - The UI allows users to publish TKG cluster VMs that are currently deployed. The published image will not be usable and users should not leverage this feature for such VMs. 18 | 19 | - There is a known issue in the TKG cluster creation wizard. If a user works backward through the wizard, some configuration may be lost. Users should execute the wizard end-to-end in sequence. 20 | 21 | - Resource updates will not automatically refresh in the UI. Users need to use the reload button to refresh the views on the resources. 22 | 23 | - [Previous release notes](./Release_Notes_1_0_1.md) 24 | 25 | 26 | -------------------------------------------------------------------------------- /contour-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vsphere-tmm/Supervisor-Services/0b86db5f5a6eb9cce347007e0a68e380a6f7cbcb/contour-logo.png -------------------------------------------------------------------------------- /dsm-co/README_1_2_0.md: -------------------------------------------------------------------------------- 1 | # Data Services Manager Consumption Operator 1.2.0 Configuration 2 | 3 | Below is table that highlights the required fields for the Data Services Manager(DSM) Consumption Operator data values file. 4 | 5 | | Property | Value | Description | 6 | | -------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | 7 | | imagePullSecret | remove this property | not required as we have enabled anonymous image pull | 8 | | imagePullSecretGeneration.create.password | remove this property | not required as we have enabled anonymous image pull | 9 | | imagePullSecretGeneration.create.server | remove this property | not required as we have enabled anonymous image pull | 10 | | imagePullSecretGeneration.create.username | remove this property | not required as we have enabled anonymous image pull | 11 | | dsm.authSecretName | Secret name | Name of the secret that contains the DSM credentials | 12 | | dsm.authSecretGeneration.create.endpoint | https:// | URL of the DSM provider (do no use FQDN) | 13 | | dsm.authSecretGeneration.create.user | DSM username | Username present in the DSM provider | 14 | | dsm.authSecretGeneration.create.password | Password | Password of the DSM user | 15 | | dsm.authSecretGeneration.create.rootCA | DSM root CA | YAML multi-line string containing the DSM root CA. Available under /opt/vmware/tdm-provider/cert/provider-ca-cert.pem in DSM provider.
**Note:** Make sure to use yaml multi-line syntax | 16 | | dsm.allowedInfrastructurePolicies | List of allowed infrastructure policies | It is a full list or subset of infrastructure policies available in DSM provider. | 17 | | dsm.allowedBackupLocations | List of allowed backup locations | It is a full list or subset of backup locations available in DSM provider. | 18 | | applyToNamespaces.backupLocations | List of default backup locations | It is a full list or subset of `dsm.allowedBackupLocations`. This enables the automatic deployment of backup location binding in namespaces that are qualified by the `applyToNamespaces.selector.matchAnnotations` configuration | 19 | | applyToNamespaces.infrastructurePolicies | List of default infrastructure policies | It is a full list or subset of `dsm.allowedInfrastructurePolicies`. This enables the automatic deployment of infrastructure policy binding in namespaces that are qualified by the `applyToNamespaces.selector.matchAnnotations` configuration | 20 | | applyToNamespaces.selector.matchAnnotations | Annotations of the namespaces where we need to deploy infrastructure policy binding and backup location binding by default | You can find these by running kubectl get namespace -oyaml. Select the a subset annotations from the output, which is common across all the namespaces.
**Note:** remove {} and add the annotation below as properties of matchAnnotations | 21 | | dsm.adminNamespace | Name of the admin namespace | It is the name of the admin namespace on the consumption side which syncs dsm-system namespace on the DSM provider side.
Eg: co-dsm-system | 22 | | consumptionClusterName | Cluster name | A name to uniquely identify the consumption cluster | 23 | -------------------------------------------------------------------------------- /dsm-co/README_2_2_0.md: -------------------------------------------------------------------------------- 1 | # Data Services Manager Consumption Operator 2.2.0 Configuration 2 | 3 | Below is table that highlights the required fields for the Data Services Manager(DSM) Consumption Operator data values file. 4 | 5 | | Property | Value | Description | 6 | | -------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | 7 | | imagePullSecret | remove this property | not required as we have enabled anonymous image pull | 8 | | imagePullSecretGeneration.create.password | remove this property | not required as we have enabled anonymous image pull | 9 | | imagePullSecretGeneration.create.server | remove this property | not required as we have enabled anonymous image pull | 10 | | imagePullSecretGeneration.create.username | remove this property | not required as we have enabled anonymous image pull | 11 | | dsm.authSecretName | Secret name | Name of the secret that contains the DSM credentials | 12 | | dsm.authSecretGeneration.create.endpoint | https:// | URL of the DSM provider (do no use FQDN) | 13 | | dsm.authSecretGeneration.create.user | DSM username | Username present in the DSM provider | 14 | | dsm.authSecretGeneration.create.password | Password | Password of the DSM user | 15 | | dsm.authSecretGeneration.create.rootCA | DSM root CA | YAML multi-line string containing the DSM root CA. Available under /opt/vmware/tdm-provider/cert/provider-ca-cert.pem in DSM provider.
**Note:** Make sure to use yaml multi-line syntax | 16 | | dsm.allowedInfrastructurePolicies | List of allowed infrastructure policies | It is a full list or subset of infrastructure policies available in DSM provider. | 17 | | dsm.allowedBackupLocations | List of allowed backup locations | It is a full list or subset of backup locations available in DSM provider. | 18 | | applyToNamespaces.backupLocations | List of default backup locations | It is a full list or subset of `dsm.allowedBackupLocations`. This enables the automatic deployment of backup location binding in namespaces that are qualified by the `applyToNamespaces.selector.matchAnnotations` configuration | 19 | | applyToNamespaces.infrastructurePolicies | List of default infrastructure policies | It is a full list or subset of `dsm.allowedInfrastructurePolicies`. This enables the automatic deployment of infrastructure policy binding in namespaces that are qualified by the `applyToNamespaces.selector.matchAnnotations` configuration | 20 | | applyToNamespaces.selector.matchAnnotations | Annotations of the namespaces where we need to deploy infrastructure policy binding and backup location binding by default | You can find these by running kubectl get namespace -oyaml. Select the a subset annotations from the output, which is common across all the namespaces.
**Note:** remove {} and add the annotation below as properties of matchAnnotations | 21 | | dsm.adminNamespace | Name of the admin namespace | It is the name of the admin namespace on the consumption side which syncs dsm-system namespace on the DSM provider side.
Eg: co-dsm-system | 22 | | consumptionClusterName | Cluster name | A name to uniquely identify the consumption cluster | 23 | -------------------------------------------------------------------------------- /external-dns-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vsphere-tmm/Supervisor-Services/0b86db5f5a6eb9cce347007e0a68e380a6f7cbcb/external-dns-logo.png -------------------------------------------------------------------------------- /harbor-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vsphere-tmm/Supervisor-Services/0b86db5f5a6eb9cce347007e0a68e380a6f7cbcb/harbor-logo.png -------------------------------------------------------------------------------- /harbor/README-v2.11.2.md: -------------------------------------------------------------------------------- 1 | # Harbor v2.11.2 Configuration 2 | 3 | Below is table that highlights the required fields for the Harbor data values file. 4 | 5 | | Property | Value | Description | 6 | |------------------------------------------------------------------|------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| 7 | | hostname | FQDN | The FQDN that you have designated to access the Harbor UI and for referencing the registry in client applications. The domain should be configured in an external DNS server such that it resolves to the Envoy Service IP created by Contour or the External IP of the LoadBalancer Service, depending on the settings. | 8 | | tlsCertificate.tlsSecretLabels | {"managed-by": "vmware-vRegistry"} | The certificate that Tanzu Kubernetes Grid uses to install the Harbor CA as a trusted root on Tanzu Kubernetes Grid clusters. | 9 | | persistence.persistentVolumeClaim.registry.storageClass | A storage policy name. | A storage class that is used for the Harbor registry PVCs. | 10 | | persistence.persistentVolumeClaim.jobservice.jobLog.storageClass | A storage policy name. | A storage class that is used for the Harbor jobservice PVCs. | 11 | | persistence.persistentVolumeClaim.database.storageClass | A storage policy name. | A storage class that is used for the Harbor database PVCs. | 12 | | persistence.persistentVolumeClaim.redis.storageClass | A storage policy name. | A storage class that is used for the Harbor redis PVCs. | 13 | | persistence.persistentVolumeClaim.trivy.storageClass | A storage policy name. | A storage class that is used for Harbor trivy PVCs. | 14 | | enableNginxLoadBalancer | true or false | Use a K8s Service of type LoadBalancer to expose Harbor's endpoints when it's set to true. This requires a Supervisor to be configured with a load balancer. enableNginxLoadBalancer and enableContourHttpProxy can't be true at the same time. When they are both set to false, an Ingress will be created to expose Harbor's endpoints. | 15 | | enableContourHttpProxy | true or false | When true, uses Contour's httpproxy resources to expose Harbor's endpoint. Ensure enableNginxLoadBalancer and enableContourHttpProxy are not both set to true. | 16 | 17 | -------------------------------------------------------------------------------- /harbor/README.md: -------------------------------------------------------------------------------- 1 | # Harbor Configuration 2 | 3 | Below is table that highlights the required fields for the Harbor data values file. 4 | 5 | | Property | Value | Description | 6 | |------------------------------------------------------------------| -------------------- | -------------- | 7 | | hostname | FQDN | The FQDN that you have designated to access the Harbor UI and for referencing the registry in client applications. The domain should be configured in an external DNS server such that it resolves to the Envoy Service IP created by Contour.| 8 | | tlsCertificate.tlsSecretLabels | {"managed-by": "vmware-vRegistry"}| The certificate that Tanzu Kubernetes Grid uses to install the Harbor CA as a trusted root on Tanzu Kubernetes Grid clusters.| 9 | | persistence.persistentVolumeClaim.registry.storageClass | A storage policy name.| A storage class that is used for the Harbor registry PVCs.| 10 | | persistence.persistentVolumeClaim.jobservice.jobLog.storageClass | A storage policy name.| A storage class that is used for the Harbor jobservice PVCs.| 11 | | persistence.persistentVolumeClaim.database.storageClass | A storage policy name.| A storage class that is used for the Harbor database PVCs.| 12 | | persistence.persistentVolumeClaim.redis.storageClass | A storage policy name.| A storage class that is used for the Harbor redis PVCs.| 13 | | persistence.persistentVolumeClaim.trivy.storageClass | A storage policy name.| A storage class that is used for Harbor trivy PVCs.| 14 | -------------------------------------------------------------------------------- /minio logo.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /supervisor-services-labs/argocd-operator/argocd-instance.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1beta1 2 | kind: ArgoCD 3 | metadata: 4 | name: my-demo-argocd 5 | labels: 6 | example: basic 7 | spec: 8 | nodePlacement: 9 | nodeSelector: 10 | kubernetes.io/os: CRX 11 | server: 12 | service: 13 | type: LoadBalancer 14 | # Currently Redis images are downloaded from Dockerhub and may be subject to download rate limits. 15 | # To overcome this, use a proxy cache or host the image on another registry. 16 | # In such scenarios, uncomment the next two lines, and update the registry image path accordingly. 17 | # redis: 18 | # image: my-registry/proxy-cache/library/redis -------------------------------------------------------------------------------- /supervisor-services-labs/argocd-operator/argocd.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vsphere-tmm/Supervisor-Services/0b86db5f5a6eb9cce347007e0a68e380a6f7cbcb/supervisor-services-labs/argocd-operator/argocd.png -------------------------------------------------------------------------------- /supervisor-services-labs/argocd-operator/usage.md: -------------------------------------------------------------------------------- 1 | Once the ArgoCD Operator has been deployed successfully on the Supervisor, deploy an ArgoCD object within your vSphere Namespace. To do so, follow the steps below. 2 | 3 | 1. Download the [example](argocd-instance.yaml) as a reference for a simple deployment. 4 | 2. Log in to the Supervisor - `10.220.3.18` is the Supervisor IP address in this example - with a user that has owner/edit access to the vSphere Namespace - `user@vsphere.local` in this example. 5 | ```bash 6 | $ kubectl vsphere login --server 10.220.3.18 -u user@vsphere.local 7 | ``` 8 | 3. To deploy ArgoCD to the vSphere Namespace - `demo1` in this example - set the context appropriately. 9 | ```bash 10 | $ kubectl config use-context demo1 11 | ``` 12 | 4. Use kubectl to deploy the file -`argocd-instance.yaml` in this example - that was downloaded in Step 1. 13 | ```bash 14 | $ kubectl apply -f argocd-instance.yaml 15 | ``` 16 | 5. Upon successful deployment, the following should be the status. Use the EXTERNAL-IP address of the argocd-server service to connect to the UI - `10.220.3.20` in this example. 17 | ```bash 18 | $ kubectl get pods 19 | NAME READY STATUS RESTARTS AGE 20 | demo1-argocd-application-controller-0 1/1 Running 0 5m9s 21 | demo1-argocd-redis-cd8c958fd-jltgd 1/1 Running 0 5m9s 22 | demo1-argocd-repo-server-6ccccfc999-rm4ng 1/1 Running 0 5m9s 23 | demo1-argocd-server-945597778-2qfjk 1/1 Running 0 5m9s 24 | 25 | $ kubectl get svc 26 | NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 27 | ... 28 | demo1-argocd-server LoadBalancer 10.96.0.88 10.220.3.20 80:30803/TCP,443:30679/TCP 6m41s 29 | ... 30 | ``` 31 | 6. If you encounter a DockerHub rate-limiting for the Redis image, use a proxy-cache or host the image on another registry. The sample `argocd-instance.yaml` shows how to reference an alternate image location. -------------------------------------------------------------------------------- /supervisor-services-labs/argocd-operator/v0.12.0/argocd-operator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: data.packaging.carvel.dev/v1alpha1 2 | kind: PackageMetadata 3 | metadata: 4 | name: argocd-operator.fling.vsphere.vmware.com 5 | spec: 6 | categories: 7 | - CI/CD 8 | - GitOps 9 | displayName: argocd-operator 10 | iconSVGBase64: none 11 | longDescription: The Argo CD Operator manages the full lifecycle for Argo CD and 12 | its components. The operator's goal is to automate the tasks required when operating 13 | an Argo CD cluster. Beyond installation, the operator helps to automate the process 14 | of upgrading, backing up and restoring as needed and remove the human as much 15 | as possible. In addition, the operator aims to provide deep insights into the 16 | Argo CD environment by configuring Prometheus and Grafana to aggregate, visualize 17 | and expose the metrics already exported by Argo CD. 18 | maintainers: 19 | - name: supervisor-services-labs.pdl@broadcom.com 20 | providerName: VMware 21 | shortDescription: The Argo CD Operator manages the full lifecycle for Argo CD and 22 | its components. 23 | --- 24 | apiVersion: data.packaging.carvel.dev/v1alpha1 25 | kind: Package 26 | metadata: 27 | name: argocd-operator.fling.vsphere.vmware.com.0.12.0 28 | spec: 29 | refName: argocd-operator.fling.vsphere.vmware.com 30 | releasedAt: "2024-10-01T01:51:26Z" 31 | template: 32 | spec: 33 | deploy: 34 | - kapp: {} 35 | fetch: 36 | - imgpkgBundle: 37 | image: projects.packages.broadcom.com/vsphere-labs/argocd-operator@sha256:850cc1f1253f2f898c61d8305b6004373c2f9422faaf562afb26456b790a3155 38 | template: 39 | - ytt: 40 | paths: 41 | - ./config 42 | - kbld: 43 | paths: 44 | - '-' 45 | - .imgpkg/images.yml 46 | valuesSchema: 47 | openAPIv3: 48 | default: null 49 | nullable: true 50 | version: 0.12.0 51 | -------------------------------------------------------------------------------- /supervisor-services-labs/argocd-operator/v0.12.0/values.yaml: -------------------------------------------------------------------------------- 1 | # To reference the argocd-operator:tag hosted on an alternate/registry, modify the value of the image field. 2 | image: quay.io/argoprojlabs/argocd-operator:v0.12.0 -------------------------------------------------------------------------------- /supervisor-services-labs/argocd-operator/v0.8.0/argocd-operator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: data.packaging.carvel.dev/v1alpha1 2 | kind: PackageMetadata 3 | metadata: 4 | name: argocd-operator.fling.vsphere.vmware.com 5 | spec: 6 | categories: 7 | - CI/CD 8 | - GitOps 9 | displayName: argocd-operator 10 | iconSVGBase64: none 11 | longDescription: The Argo CD Operator manages the full lifecycle for Argo CD and 12 | its components. The operator's goal is to automate the tasks required when operating 13 | an Argo CD cluster. Beyond installation, the operator helps to automate the process 14 | of upgrading, backing up and restoring as needed and remove the human as much 15 | as possible. In addition, the operator aims to provide deep insights into the 16 | Argo CD environment by configuring Prometheus and Grafana to aggregate, visualize 17 | and expose the metrics already exported by Argo CD. 18 | maintainers: 19 | - name: supervisor-services-labs.pdl@broadcom.com 20 | providerName: VMware 21 | shortDescription: The Argo CD Operator manages the full lifecycle for Argo CD and 22 | its components. 23 | --- 24 | apiVersion: data.packaging.carvel.dev/v1alpha1 25 | kind: Package 26 | metadata: 27 | name: argocd-operator.fling.vsphere.vmware.com.0.8.0 28 | spec: 29 | refName: argocd-operator.fling.vsphere.vmware.com 30 | releasedAt: "2024-03-25T18:23:27Z" 31 | template: 32 | spec: 33 | deploy: 34 | - kapp: {} 35 | fetch: 36 | - imgpkgBundle: 37 | image: projects.registry.vmware.com/vsphere-labs/argocd-operator@sha256:9d725c3bfd7207746c307af3223e040e85647bb4f532a6716dcf6df8fa61805e 38 | template: 39 | - ytt: 40 | paths: 41 | - ./config 42 | - kbld: 43 | paths: 44 | - '-' 45 | - .imgpkg/images.yml 46 | valuesSchema: 47 | openAPIv3: 48 | default: null 49 | nullable: true 50 | version: 0.8.0 51 | -------------------------------------------------------------------------------- /supervisor-services-labs/external-secrets-operator/external-secrets-example.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: external-secrets.io/v1beta1 3 | kind: SecretStore 4 | metadata: 5 | name: gcp-secret-manager 6 | spec: 7 | provider: 8 | gcpsm: 9 | auth: 10 | secretRef: 11 | secretAccessKeySecretRef: 12 | name: gcpsm-secret 13 | key: secret-access-credentials 14 | projectID: my-gcp-projectid 15 | --- 16 | apiVersion: external-secrets.io/v1beta1 17 | kind: ExternalSecret 18 | metadata: 19 | name: gcp-external-secret 20 | spec: 21 | secretStoreRef: 22 | kind: SecretStore 23 | name: gcp-secret-manager 24 | target: 25 | name: workload-vsphere-tkg2-ssh 26 | template: 27 | type: kubernetes.io/ssh-auth 28 | data: 29 | ssh-privatekey: "{{ .mysecret | toString }}" 30 | data: 31 | - secretKey: mysecret 32 | remoteRef: 33 | key: tkg-ssh-priv-keys -------------------------------------------------------------------------------- /supervisor-services-labs/external-secrets-operator/externalsecrets.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vsphere-tmm/Supervisor-Services/0b86db5f5a6eb9cce347007e0a68e380a6f7cbcb/supervisor-services-labs/external-secrets-operator/externalsecrets.png -------------------------------------------------------------------------------- /supervisor-services-labs/external-secrets-operator/usage.md: -------------------------------------------------------------------------------- 1 | Since the External Secrets Operator integrates with multiple providers, usage varies based on the types of secret stores accessed and secrets consumed. Once the External Secrets Operator has been deployed successfully on the Supervisor, basic operations include creating a `SecretStore` object and an `ExternalSecret` object within your vSphere Namespace. 2 | 3 | 1. Download the [example](external-secrets-example.yaml) as a reference for a simple usage. For this example to work, store an SSH private key as a secret called `tkg-ssh-priv-keys` in **GCP Secret Manager**. A service account with the `Secret Manager Secret Accessor` role should be granted access to the secret. The service account's key has to been downloaded and kept in a secure location. (*Note* - Service account keys could pose a security risk if compromised, and this exercise is for demo purposes only) 4 | 2. Log in to the Supervisor - `10.220.3.18` is the Supervisor IP address in this example - with a user with owner/edit access to the vSphere Namespace - `user@vsphere.local` in this example. 5 | ```bash 6 | $ kubectl vsphere login --server 10.220.3.18 -u user@vsphere.local 7 | ``` 8 | 3. To create External Secrets objects within the vSphere Namespace - `demo1` in this example - set the context appropriately. 9 | ```bash 10 | $ kubectl config use-context demo1 11 | ``` 12 | 4. Create a secret to store the GCP service account's key downloaded in step 1 - `key.json` in this example. 13 | ```bash 14 | $ kubectl create secret generic gcpsm-secret --from-file=secret-access-credentials=key.json -n demo1 15 | ``` 16 | 5. Modify Line 14 `projectID: my-gcp-projectid` of the file -`external-secrets-example.yaml` in this example - that was downloaded in Step 1, per your GCP ProjectID and use kubectl to deploy the file. 17 | ```bash 18 | $ kubectl apply -f external-secrets-example.yaml 19 | ``` 20 | 6. Upon successful deployment, a new secret object `workload-vsphere-tkg2-ssh` should have been created and its data should match the one uploaded in the GCP Secret Manager. 21 | ```bash 22 | $ kubectl get secret -n demo1 workload-vsphere-tkg2-ssh -o json |jq -r '.data."ssh-privatekey"'|base64 -d 23 | ``` -------------------------------------------------------------------------------- /supervisor-services-labs/external-secrets-operator/v0.9.14/external-secrets-operator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: data.packaging.carvel.dev/v1alpha1 2 | kind: PackageMetadata 3 | metadata: 4 | name: external-secrets-operator.fling.vsphere.vmware.com 5 | spec: 6 | categories: 7 | - Secrets Management 8 | - CICD 9 | displayName: external-secrets-operator 10 | iconSVGBase64: none 11 | longDescription: External Secrets Operator is a Kubernetes operator that integrates 12 | external secret management systems like AWS Secrets Manager, HashiCorp Vault, 13 | Google Secrets Manager, Azure Key Vault, IBM Cloud Secrets Manager, CyberArk Conjur 14 | and many more. The operator reads information from external APIs and automatically 15 | injects the values into a Kubernetes Secret. 16 | maintainers: 17 | - name: supervisor-services-labs.pdl@broadcom.com 18 | providerName: VMware 19 | shortDescription: External Secrets Operator is a secrets management tool for Kubernetes. 20 | --- 21 | apiVersion: data.packaging.carvel.dev/v1alpha1 22 | kind: Package 23 | metadata: 24 | name: external-secrets-operator.fling.vsphere.vmware.com.0.9.14 25 | spec: 26 | refName: external-secrets-operator.fling.vsphere.vmware.com 27 | releasedAt: "2024-04-02T00:05:02Z" 28 | template: 29 | spec: 30 | deploy: 31 | - kapp: {} 32 | fetch: 33 | - imgpkgBundle: 34 | image: projects.registry.vmware.com/vsphere-labs/external-secrets-operator@sha256:ff797c8624e4c87c36fd97a65bf99d48c8f3e6da13fe15819d9c599fe8daa3c0 35 | template: 36 | - ytt: 37 | paths: 38 | - ./config 39 | - kbld: 40 | paths: 41 | - '-' 42 | - .imgpkg/images.yml 43 | valuesSchema: 44 | openAPIv3: 45 | default: null 46 | nullable: true 47 | version: 0.9.14 48 | -------------------------------------------------------------------------------- /supervisor-services-labs/grafana-operator/Grafana.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vsphere-tmm/Supervisor-Services/0b86db5f5a6eb9cce347007e0a68e380a6f7cbcb/supervisor-services-labs/grafana-operator/Grafana.png -------------------------------------------------------------------------------- /supervisor-services-labs/grafana-operator/grafana-instance.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: grafana.integreatly.org/v1beta1 2 | kind: Grafana 3 | metadata: 4 | name: grafana 5 | labels: 6 | dashboards: grafana 7 | spec: 8 | service: 9 | spec: 10 | type: LoadBalancer 11 | config: 12 | log: 13 | mode: "console" 14 | auth: 15 | disable_login_form: "false" 16 | security: 17 | admin_user: root 18 | admin_password: secret -------------------------------------------------------------------------------- /supervisor-services-labs/grafana-operator/networkpolicy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: grafana-network-policy 5 | spec: 6 | podSelector: 7 | matchLabels: 8 | app: grafana 9 | policyTypes: 10 | - Ingress 11 | ingress: 12 | - from: 13 | - ipBlock: 14 | cidr: "0.0.0.0/0" 15 | ports: 16 | - port: 3000 -------------------------------------------------------------------------------- /supervisor-services-labs/grafana-operator/usage.md: -------------------------------------------------------------------------------- 1 | Once the Grafana Operator has been successfully deployed on the Supervisor, deploy a Grafana object within your vSphere Namespace. To do so, follow the steps below. 2 | 3 | 1. Download the [example](grafana-instance.yaml) as a reference for a simple deployment. 4 | 2. Log in to the Supervisor - `10.220.3.18` is the Supervisor IP address in this example - with a user that has owner/edit access to the vSphere Namespace - `user@vsphere.local` in this example. 5 | ```bash 6 | $ kubectl vsphere login --server 10.220.3.18 -u user@vsphere.local 7 | ``` 8 | 3. To deploy Grafana to the vSphere Namespace - `demo1` in this example - set the context appropriately. 9 | ```bash 10 | $ kubectl config use-context demo1 11 | ``` 12 | 4. Use kubectl to deploy the file -`grafana-instance.yaml` in this example - that was downloaded in Step 1. 13 | ```bash 14 | $ kubectl apply -f grafana-instance.yaml 15 | ``` 16 | 5. Upon successful deployment, the following should be the status. 17 | ```bash 18 | $ kubectl get all -n demo1 19 | NAME READY STATUS RESTARTS AGE 20 | pod/grafana-deployment-58bcb66668-hbhsf 1/1 Running 0 20h 21 | ... 22 | 23 | NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 24 | service/grafana-service LoadBalancer 10.96.0.59 10.43.16.68 3000:32063/TCP 20h 25 | ... 26 | 27 | NAME READY UP-TO-DATE AVAILABLE AGE 28 | deployment.apps/grafana-deployment 1/1 1 1 20h 29 | ... 30 | 31 | NAME DESIRED CURRENT READY AGE 32 | replicaset.apps/grafana-deployment-58bcb66668 1 1 1 20h 33 | ... 34 | ``` 35 | Use the EXTERNAL-IP address / PORT 3000 of the grafana-service service to connect to the UI - `10.43.16.68:3000` in this example. The login credentials are in the `grafana-instance.yaml` file. 36 | 37 | 6. If you are deploying Grafana on an NSX-based deployment, some of the additional custom resources may not be deployed due to the NSX firewall, which prevents communication across vSphere Namespaces. To bypass this restriction, use the sample K8s NetworkPolicy provided in the [example](supervisor-services-labs/grafana-operator/networkpolicy.yaml). 38 | 39 | ```bash 40 | $ cat networkpolicy.yaml 41 | --- 42 | apiVersion: networking.k8s.io/v1 43 | kind: NetworkPolicy 44 | metadata: 45 | name: grafana-network-policy 46 | spec: 47 | podSelector: 48 | matchLabels: 49 | app: grafana 50 | policyTypes: 51 | - Ingress 52 | ingress: 53 | - from: 54 | - ipBlock: 55 | cidr: "0.0.0.0/0" 56 | ports: 57 | - port: 3000 58 | 59 | $ kubectl apply -f networkpolicy.yaml -n demo1 60 | ``` -------------------------------------------------------------------------------- /supervisor-services-labs/grafana-operator/v5.15.0/grafana-operator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: data.packaging.carvel.dev/v1alpha1 2 | kind: PackageMetadata 3 | metadata: 4 | creationTimestamp: null 5 | name: grafana-operator.fling.vsphere.vmware.com 6 | spec: 7 | categories: 8 | - Visualization 9 | - Observability 10 | displayName: grafana-operator 11 | iconSVGBase64: none 12 | longDescription: The Grafana Operator is a Kubernetes operator built to help you manage your Grafana instances and its resources in and outside of Kubernetes. Whether you’re running one Grafana instance or many, the Grafana Operator simplifies the processes of installing, configuring, and maintaining Grafana and its resources. Additionally, it's perfect for those who prefer to manage resources using infrastructure as code or using GitOps workflows through tools like ArgoCD and Flux CD. 13 | maintainers: 14 | - name: supervisor-services-labs.pdl@broadcom.com 15 | providerName: VMware 16 | shortDescription: The Grafana Operator is a Kubernetes operator built to help you manage your Grafana instances and its resources in and outside of Kubernetes. 17 | --- 18 | apiVersion: data.packaging.carvel.dev/v1alpha1 19 | kind: Package 20 | metadata: 21 | creationTimestamp: null 22 | name: grafana-operator.fling.vsphere.vmware.com.5.15.0 23 | spec: 24 | refName: grafana-operator.fling.vsphere.vmware.com 25 | releasedAt: "2024-11-06T21:00:17Z" 26 | template: 27 | spec: 28 | deploy: 29 | - kapp: {} 30 | fetch: 31 | - imgpkgBundle: 32 | image: projects.packages.broadcom.com/vsphere-labs/grafana-operator@sha256:b3d21e4adf129add6d20d72f7ba51a3e0fc1b69feb6c3fc30a18f314811a01e8 33 | template: 34 | - ytt: 35 | paths: 36 | - ./config 37 | - kbld: 38 | paths: 39 | - '-' 40 | - .imgpkg/images.yml 41 | valuesSchema: 42 | openAPIv3: 43 | default: null 44 | nullable: true 45 | version: 5.15.0 46 | -------------------------------------------------------------------------------- /supervisor-services-labs/grafana-operator/v5.15.0/values.yaml: -------------------------------------------------------------------------------- 1 | # To reference the grafana-operator:tag hosted on an alternate/registry, modify the value of the image field. 2 | image: ghcr.io/grafana/grafana-operator:v5.15.0 -------------------------------------------------------------------------------- /supervisor-services-labs/keda/keda.svg: -------------------------------------------------------------------------------- 1 | IconCreated with Sketch. -------------------------------------------------------------------------------- /supervisor-services-labs/keda/nginx-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: nginx-deployment 5 | spec: 6 | selector: 7 | matchLabels: 8 | app: nginx 9 | replicas: 0 10 | template: 11 | metadata: 12 | labels: 13 | app: nginx 14 | spec: 15 | containers: 16 | - name: nginx 17 | image: nginx:1.14.2 18 | ports: 19 | - containerPort: 80 20 | nodeSelector: 21 | kubernetes.io/os: CRX 22 | # Currently NGINX images are downloaded from Dockerhub and may be subject to download rate limits. 23 | # To overcome this, use a proxy cache or host the image on another registry. 24 | # In such scenarios, modify the value of image: and update the registry image path accordingly. 25 | # image: my-registry/proxy-cache/library/nginx:1.14.2 -------------------------------------------------------------------------------- /supervisor-services-labs/keda/scaledobject-instance.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: keda.sh/v1alpha1 2 | kind: ScaledObject 3 | metadata: 4 | name: cron-scaledobject 5 | spec: 6 | scaleTargetRef: 7 | name: nginx-deployment 8 | minReplicaCount: 0 9 | cooldownPeriod: 300 10 | triggers: 11 | - type: cron 12 | metadata: 13 | timezone: America/New_York 14 | start: 0 6 * * * 15 | end: 0 20 * * * 16 | desiredReplicas: "10" -------------------------------------------------------------------------------- /supervisor-services-labs/keda/usage.md: -------------------------------------------------------------------------------- 1 | Once Keda has been deployed successfully on the Supervisor, deploy NGINX within your vSphere Namespace. To do so, follow the steps below. 2 | 3 | 1. Download the [NGINX example](nginx-deployment.yaml) as a reference for a simple deployment. 4 | 5 | 2. Log in to the Supervisor - `10.220.3.18` is the Supervisor IP address in this example - with a user with owner/edit access to the vSphere Namespace - `user@vsphere.local` in this example. 6 | ```bash 7 | $ kubectl vsphere login --server 10.220.3.18 -u user@vsphere.local 8 | ``` 9 | 10 | 3. To deploy NGINX to the vSphere Namespace - `demo1` in this example - set the context appropriately. 11 | ```bash 12 | $ kubectl config use-context demo1 13 | ``` 14 | 15 | 4. Use kubectl to deploy the file -`nginx-deployment.yaml` in this example - downloaded in Step 1. 16 | ```bash 17 | $ kubectl apply -f nginx-deployment.yaml 18 | ``` 19 | 20 | 5. Upon successful deployment, the following should be the status. There should be 0 NGINX pods deployed as the deployment manifest states `replicas: 0` 21 | ```bash 22 | $ kubectl get deployment 23 | k get deployment -n demo1 24 | NAME READY UP-TO-DATE AVAILABLE AGE 25 | nginx-deployment 0/0 0 0 43m 26 | ``` 27 | 28 | 6. Download the [scaledobject example](scaledobject-instance.yaml) as a reference yaml for scaling the NGINX deployment based on a trigger type `cron`. The example will scale the `nginx-deployment` to 10 replicas from **6AM to 8PM EST**. Modify the values in the YAML accordingly. 29 | 30 | 7. Use kubectl to deploy the file -`scaledobject-instance.yaml` in this example - downloaded in Step 6. 31 | ```bash 32 | $ kubectl apply -f scaledobject-instance.yaml 33 | ``` 34 | 35 | 8. The NGINX deployment should have scaled to 10 replicas if you are within the cron window. 36 | ```bash 37 | $ date 38 | Fri May 03 15:48:52 EDT 2024 39 | 40 | $ kubectl get pods -n demo1 41 | NAME READY STATUS RESTARTS AGE 42 | ... 43 | nginx-deployment-8bdf8c964-5g579 1/1 Running 0 58m 44 | nginx-deployment-8bdf8c964-7g5jn 1/1 Running 0 58m 45 | nginx-deployment-8bdf8c964-c7s4q 1/1 Running 0 58m 46 | nginx-deployment-8bdf8c964-cgmx4 1/1 Running 0 58m 47 | nginx-deployment-8bdf8c964-l54jj 1/1 Running 0 58m 48 | nginx-deployment-8bdf8c964-pptp8 1/1 Running 0 58m 49 | nginx-deployment-8bdf8c964-tj5p9 1/1 Running 0 58m 50 | nginx-deployment-8bdf8c964-vqjgc 1/1 Running 0 58m 51 | nginx-deployment-8bdf8c964-w92rg 1/1 Running 0 58m 52 | nginx-deployment-8bdf8c964-zxbl2 1/1 Running 0 58m 53 | ``` -------------------------------------------------------------------------------- /supervisor-services-labs/keda/v2.13.1/keda.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: data.packaging.carvel.dev/v1alpha1 2 | kind: PackageMetadata 3 | metadata: 4 | name: keda.fling.vsphere.vmware.com 5 | spec: 6 | categories: 7 | - Orchestration & Management 8 | - Scheduling 9 | displayName: keda 10 | iconSVGBase64: none 11 | longDescription: KEDA is a single-purpose and lightweight component that can be added into any Kubernetes cluster. KEDA works alongside standard Kubernetes components like the Horizontal Pod Autoscaler and can extend functionality without overwriting or duplication. With KEDA you can explicitly map the apps you want to use event-driven scale, with other apps continuing to function. This makes KEDA a flexible and safe option to run alongside any number of any other Kubernetes applications or frameworks. 12 | maintainers: 13 | - name: supervisor-services-labs.pdl@broadcom.com 14 | providerName: VMware 15 | shortDescription: KEDA is a Kubernetes-based Event Driven Autoscaler. With KEDA, you can drive the scaling of any container in Kubernetes based on the number of events needing to be processed. 16 | --- 17 | apiVersion: data.packaging.carvel.dev/v1alpha1 18 | kind: Package 19 | metadata: 20 | name: keda.fling.vsphere.vmware.com.2.13.1 21 | spec: 22 | refName: keda.fling.vsphere.vmware.com 23 | releasedAt: "2024-04-23T19:35:52Z" 24 | template: 25 | spec: 26 | deploy: 27 | - kapp: {} 28 | fetch: 29 | - imgpkgBundle: 30 | image: projects.registry.vmware.com/vsphere-labs/keda@sha256:933b11ed9f53c0ada5bdd9d2c95175399891004c4021d9b310c14dd22b699d7b 31 | template: 32 | - ytt: 33 | paths: 34 | - ./config 35 | - kbld: 36 | paths: 37 | - '-' 38 | - .imgpkg/images.yml 39 | valuesSchema: 40 | openAPIv3: 41 | default: null 42 | nullable: true 43 | version: 2.13.1 -------------------------------------------------------------------------------- /supervisor-services-labs/licence-agreement.md: -------------------------------------------------------------------------------- 1 | # VMware by Broadcom Supervisor Service Labs License Agreement 2 | 3 | This *VMware by Broadcom* Supervisor Services Labs License Agreement (the “Agreement”) 4 | is between you (either you individually or the organization you represent) (“you” or 5 | “Licensee”), and VMware LLC, if you are located in the United States, and VMware 6 | International Unlimited Company, if you are located outside of the United States (“VMware”, 7 | “we”, or “us”), and covers your use of a Supervisor Services Labs Offering. If you are 8 | accepting this Agreement on behalf of an organization, you represent that you are 9 | authorized to bind that organization. If you do not agree to the terms of this Agreement, then 10 | you must not install or use a Supervisor Services Labs Offering. Capitalized terms used in 11 | this Agreement are defined throughout this document and in Section 1 (“Definitions”) below. 12 | THIS AGREEMENT GOVERNS YOUR USE OF AND ACCESS TO THE SUPERVISOR 13 | SERVICE LABS OFFERINGS. YOU MAY USE THE SUPERVISOR SERVICE LABS 14 | OFFERING ONLY AS PERMITTED BY THIS AGREEMENT, AND ONLY FOR NON- 15 | PRODUCTION ACTIVITY. WE PROVIDE THE SUPERVISOR SERVICE LABS 16 | OFFERINGS STRICTLY “AS IS”, FREE OF CHARGE, AND WITHOUT ANY WARRANTY 17 | OR INDEMNIFICATION OF ANY KIND. 18 | ## 1.  DEFINITIONS 19 | “Documentation” means any printed and online written reference materials furnished to you 20 | in conjunction with the Supervisor Services Labs Offering, including, without limitation, 21 | instructions, testing guidelines, and end user guides. 22 | “Supervisor Services Labs Offerings” means the unreleased, concept version of any 23 | software, cloud service offering, app or tool offered pursuant to the VMware Supervisor 24 | Services Labs program, as found under “Experimental Supervisor Service Catalog at 25 | https://github.com/vsphere-tmm/Supervisor-Services, which may consist of (i) software, in 26 | object form only, excluding any Open Source Software provided with the software 27 | (“Experimental Supervisor Service Software”), and any media and Documentation provided 28 | by VMware with that software. 29 | “Intellectual Property Rights” means all worldwide intellectual property rights, including 30 | copyrights, trademarks, service marks, trade secrets, patent, patent applications, and moral 31 | rights, whether registered or unregistered. 32 | “Open Source Software” means various open source software components provided with a 33 | Supervisor Services Labs Offering, that are licensed to you under the terms of the 34 | applicable open source software license agreements. 35 | “Updates” means a modification, error correction, bug fix, new release, or other update to or 36 | for a Supervisor Services Labs Offering. “User” means any person who uses a Supervisor 37 | Services Labs Offering under your credentials, or accesses any content you may upload 38 | into or generate using a Supervisor Services Labs Offering. 39 | 40 | “Your Content” means any and all applications, files, information, data, or other content that 41 | you or your Users upload to or publish or display through a Supervisor Services Labs 42 | Offering. It does not include Performance Data or any technical data we may collect through 43 | our monitoring of your use of the Supervisor Services Labs Offering. 44 | ## 2. LICENSE GRANT, USE AND OWNERSHIP 45 | ### 2.1 Limited License 46 | Subject to the terms and conditions of this Agreement, VMware grants you a non-exclusive, 47 | non-transferable license (without the right to sublicense) (i) to use the Supervisor Services 48 | Labs Offering solely for purposes of internal testing and evaluation, including consideration 49 | of whether or not to license or subscribe to a commercial version of the Supervisor Services 50 | Labs Offering if any commercial version ever becomes available, (ii) to use the 51 | Documentation provided with the Supervisor Services Labs Offering in support of your 52 | authorized use of the Supervisor Services Labs Offering, and (iii) to copy Supervisor 53 | Services Labs Software for archival or backup purposes, provided that all titles and 54 | trademarks, copyright, and restricted rights notices are reproduced on all copies. You must 55 | not use the Supervisor Services Labs Offering (including the Documentation) except as 56 | expressly permitted in this Agreement. You must not use the Supervisor Services Labs 57 | Offering in a production environment. If you do use the Supervisor Services Labs Offering in 58 | a production environment you do so at your own risk and expense. 59 | ### 2.2 Supervisor Services Labs Program 60 | You acknowledge that (i) VMware has not publicly announced, other than through the 61 | Supervisor Services Labs program web page, the availability of the Supervisor Services 62 | Labs Offering, (ii) the Supervisor Services Labs Offering may contain features currently 63 | under development, (iii) VMware has not promised or guaranteed to you that the Supervisor 64 | Services Labs Offering will be publicly announced or made commercially available in the 65 | future, (iv) VMware has no express or implied obligation to publicly announce or introduce 66 | the Supervisor Services Labs Offering as a commercial offering, (v) VMware might not 67 | introduce an offering similar to or compatible with the Supervisor Services Labs Offering, 68 | (vi) the Supervisor Services Labs Offering may contain features, functionality, or modules 69 | that will not be included in any commercial version of the Supervisor Services Labs 70 | Offering, or that will be marketed separately for additional fees, and (vii) any version number 71 | referenced is subject to change and does not in any way represent VMware’s commitment 72 | to release any offering, whether or not similar to the Supervisor Services Labs Offering, in 73 | the future. Therefore, you expressly acknowledge and agree that any research or 74 | development that you may perform regarding the Supervisor Services Labs Offering or any 75 | product or service associated with the Supervisor Services Labs Offering is done entirely at 76 | your own expense and risk. 77 | ### 2.3 Feedback 78 | As consideration for access to and use of a Supervisor Services Labs Offering, you must, 79 | from time to time, as we may reasonably request, provide feedback (including comments 80 | and suggestions, and identifying potential errors and/or improvements) to VMware, and only 81 | to VMware, concerning the functionality and performance of the Supervisor Services Labs 82 | Offering. You will provide the requested feedback in a manner that is convenient to you, 83 | subject to reasonable availability of your personnel. Before you disclose to us any 84 | information under this Agreement that you consider your proprietary or confidential 85 | information, you must obtain our prior written approval to disclose that information to us; 86 | without our prior written approval, you must not disclose that information to us. We may, in 87 | our sole discretion, use any feedback to improve or enhance our offerings. You grant 88 | VMware a non-exclusive, perpetual, irrevocable, royalty-free, transferable, worldwide right 89 | and license, with the right to sublicense, to use, reproduce, disclose, distribute, perform, 90 | display, modify, prepare derivative works of, and otherwise exploit the feedback without 91 | restriction in any manner now known or in the future conceived, and to make, use, sell, offer 92 | to sell, import, and export any product or service that incorporates the feedback. 93 | ### 2.4 Performance Data 94 | The Supervisor Services Labs Offering, and all performance data and test results, including 95 | without limitation, benchmark test results (collectively “Performance Data”), relating to the 96 | Supervisor Services Labs Offering are our Confidential Information, and must be treated in 97 | accordance with the terms of Section 4 (“Confidentiality”) of this Agreement. You must not 98 | publish or disclose to any third party any Performance Data relating to the Supervisor 99 | Services Labs Offering. 100 | ### 2.5 Acceptable Use 101 | (a) You and your Users may not: (1) resell or sublicense the Supervisor Services Labs 102 | Offering; (2) use the Supervisor Services Labs Offering (i) in a way prohibited by law, 103 | regulation, governmental order or decree; (ii) to violate the rights of others; (iii) to try to gain 104 | unauthorized access to, test the vulnerability of, or disrupt the Supervisor Services Labs 105 | Offering, or any other service, device, data, account, or network; (iv) to spam or to distribute 106 | malware; (v) in a way that could harm the Supervisor Services Labs Offering or impair 107 | anyone else’s use of it; (vi) in a way intended to work around the Supervisor Services Labs 108 | Offering’s technical limitations or usage limits, if any; or (vii) in any application or situation 109 | where failure of the Supervisor Services Labs Offering could lead to the death or serious 110 | bodily injury of any person, or to severe physical or environmental damage; or (3) use any 111 | part of the Supervisor Services Labs Offering or any information we provide to you for your 112 | product development or for any other commercial purpose, including sales or marketing 113 | activities. You must ensure that your Users comply with the terms of this Agreement. You 114 | agree that if you become aware of any violation by one of your Users, you will terminate that 115 | User’s access immediately. 116 | (b) If you become aware that any of Your Content or a User’s use of Your Content violates 117 | this Agreement, you must immediately (a) suspend access to or remove the applicable part 118 | of Your Content or (b) suspend the User’s access, or both. We may also ask you to act 119 | within a certain time period. If you fail to comply with the request we may, at our sole 120 | discretion, suspend or terminate or disable access to Your Content or to the Supervisor 121 | Services Labs Offering until you comply with our request. 122 | (c) Except to the extent that any applicable mandatory laws prevent VMware’s restraining 123 | you from doing so, you may not, and you may not permit any third party to, sublicense, rent, 124 | copy, modify, create derivative works of, translate, reverse engineer, decompile, 125 | disassemble, or otherwise reduce to human perceivable form any portion of any Supervisor 126 | Services Labs Software or accompanying Documentation. 127 | (d) If you believe that your copyrighted work has been copied and is accessible on or in a 128 | Supervisor Services Labs Offering in a way that constitutes copyright infringement, please 129 | send a notice to us as provided in Section 8 of the VMware Community Terms of Use 130 | available at: http://www.vmware.com/community_terms.html. 131 | ### 2.6 Ownership 132 | (a) As between you and us, we and our licensors own and retain all right, title and interest in 133 | and to the Intellectual Property Rights in all Supervisor Services Labs Offerings, including 134 | all improvements, enhancements, modifications, and derivative works of a Supervisor 135 | Services Labs Offering, subject only to the limited license granted in Section 2.1 of this 136 | Agreement. This includes any information that we collect and analyze in connection with 137 | any Supervisor Services Labs Offering such as usage patterns and other information to 138 | improve and evolve our products and offerings. Your rights to use any Supervisor Services 139 | Labs Offering are limited to those expressly granted in this Agreement. No other rights with 140 | respect to any Supervisor Services Labs Offering or any related Intellectual Property Rights 141 | are implied. ALL RIGHTS NOT EXPRESSLY GRANTED UNDER THIS AGREEMENT ARE 142 | RESERVED TO VMWARE. (b) As between you and us, you retain all right, title and interest, 143 | and all Intellectual Property Rights, in and to Your Content. Our rights to access and use 144 | Your Content are limited to those expressly granted in the Agreement. No other rights with 145 | respect to Your Content or any related Intellectual Property Rights are implied. 146 | ### 2.7 No Support Services 147 | VMware is not obligated to provide any maintenance, technical support, or other support 148 | (including Updates) for any Supervisor Services Labs Offering. If VMware, in its sole 149 | discretion, supplies or enables any Update, the Update will be deemed a Supervisor 150 | Services Labs Offering under this Agreement and will be subject to the terms and conditions 151 | of this Agreement. 152 | ### 2.8 Expenses 153 | Each party will bear its own expenses in connection with this Agreement. The Supervisor 154 | Services Labs Offerings are provided to you free of charge. 155 | ### 2.9 Third-Party Software 156 | Supervisor Services Labs Software may enable a computer to run multiple instances of 157 | third-party guest operating systems and application programs. You acknowledge that you 158 | are responsible for obtaining any licenses necessary to operate any third-party software, 159 | including guest operating systems and application programs. 160 | ### 2.10 Other VMware Service Offerings or Software 161 | As part of your access to or use of a Supervisor Services Labs Offering, you may receive 162 | access to other VMware data, content, service offerings, software, or applications, which 163 | may be subject to separate terms. If so, those separate terms will prevail over this 164 | Agreement regarding your access to and use of that data, content, service offerings, 165 | software, or applications. 166 | ### 2.11 Open Source Software 167 | Except for Sections 5 (“Limitation of Liability”), 6 (“Warranty Disclaimer”), and 8 (“Other 168 | Provisions”), the terms and conditions of this Agreement do not apply to any Open Source 169 | Software accompanying any Supervisor Services Labs Software. That Open Source 170 | Software is provided under the terms of the open source license agreement or copyright 171 | notice accompanying the Open Source Software or in the open source licenses file 172 | accompanying the Supervisor Services Labs Software. 173 | ## 3. TERM, TERMINATION 174 | ### 3.1 175 | Your rights with respect to the Supervisor Services Labs Offering will terminate upon the 176 | first to occur of (a) initial release of a commercially available version of the Supervisor 177 | Services Labs Offering, (b) expiration of the Supervisor Services Labs Software based on 178 | the system date or license key expiration, (c) removal of the Supervisor Services Labs 179 | Offering from the Supervisor Services Labs program, or (d) termination by VMware, in its 180 | sole discretion, of your rights under this Agreement with respect to the Supervisor Services 181 | Labs Offering. 182 | ### 3.2 183 | Either you or VMware may terminate this Agreement or your rights with respect to a 184 | Supervisor Services Labs Offering at any time for any reason or for no reason by providing 185 | the other party written notice of that termination, and that termination will be effective 186 | immediately upon delivery of the notice. If you breach your confidentiality obligations as set 187 | forth in Section 4 (“Confidentiality”) of this Agreement, this Agreement and your rights with 188 | respect to a Supervisor Services Labs Offering will automatically terminate without notice, 189 | and we may immediately revoke your access to the Supervisor Services Labs Offering. 190 | ### 3.3 191 | Upon any expiration or termination of rights with respect to the Supervisor Services 192 | Labs Offering under this Agreement, the rights and license granted to you under this 193 | Agreement, including your ability to access any of Your Content stored in a Supervisor 194 | Services Labs Offering, will immediately terminate. You must immediately cease using the 195 | Supervisor Services Labs Offering, and must destroy or render practically inaccessible any 196 | Supervisor Services Labs Software, Documentation, and all other tangible items in your 197 | possession or control that contain Confidential Information. All provisions of this Agreement 198 | that are intended survive termination or expiration of this Agreement for any reason will 199 | survive. 200 | ## 4. CONFIDENTIALITY 201 | As used in this Agreement, “Confidential Information” means the Supervisor Services Labs 202 | Offering, all information regarding the Supervisor Services Labs Offering (including any 203 | trade secrets, know-how, inventions, techniques, processes, and algorithms embodied in 204 | the Supervisor Services Labs Offering), Documentation, Performance Data, any Updates, 205 | and any other information we provide to you under this Agreement, whether disclosed 206 | orally, in writing, or by examination or inspection, other than information that you can 207 | demonstrate: (i) was already known to you, other than under an obligation of confidentiality, 208 | at the time of disclosure; (ii) was generally available in the public domain at the time of 209 | disclosure to you; (iii) became generally available in the public domain after disclosure other 210 | than through any act or omission by you; (iv) was subsequently rightfully disclosed to you by 211 | a third party without any obligation of confidentiality; or (v) was independently developed by 212 | you without use of or reference to any information or materials disclosed by VMware or its 213 | suppliers. If you are required to disclose Confidential Information pursuant to any applicable 214 | law or a court order, you must notify us of the required disclosure promptly in writing and 215 | you must cooperate with us in any lawful action to contest or limit the scope of the required 216 | disclosure. “Confidential Information” includes any information relating to VMware products, 217 | product roadmaps, and other technical, business, financial and product development plans, 218 | forecasts, and strategies. You must not use any Confidential Information for any purpose 219 | other than as expressly authorized in this Agreement. You must not disclose any 220 | Confidential Information to any third party. Without limiting the foregoing, you must use at 221 | least the same degree of care that you use to prevent the disclosure of your own 222 | confidential information of like importance, but in no event less than reasonable care, to 223 | prevent the disclosure of any Confidential Information. 224 | ## 5. LIMITATION OF LIABILITY 225 | THE SUPERVISOR SERVICE LABS OFFERING IS PROVIDED TO YOU WITHOUT 226 | CHARGE, FOR LIMITED EVALUATION PURPOSES. THEREFORE, THE TOTAL 227 | LIABILITY OF VMWARE ARISING OUT OF OR RELATED TO THIS AGREEMENT WILL 228 | NOT EXCEED $100.00 USD OR THE EQUIVALENT IN LOCAL CURRENCY. TO THE 229 | FULLEST EXTENT PERMITTED BY LAW, IN NO EVENT WILL VMWARE HAVE ANY 230 | LIABILITY FOR ANY INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL 231 | DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS 232 | PROFITS, BUSINESS INTERRUPTION, LOSS OF USEOF THE SUPERVISOR SERVICE 233 | LABS OFFERING FOR ANY REASON, LOSS OF DATA, LOSS OF YOUR CONTENT, OR 234 | LOSS OF BUSINESS INFORMATION), HOWEVER CAUSED AND ON ANY THEORY OF 235 | LIABILITY (INCLUDING CONTRACT, TORT, NEGLIGENCE, PRODUCT LIABILITY, OR 236 | OTHERWISE), EVEN IF A PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH 237 | DAMAGES, AND NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF 238 | ANY REMEDY. 239 | ## 6. WARRANTY DISCLAIMER 240 |  SUPERVISOR SERVICE LABS OFFERINGS ARE PROVIDED “AS IS” WITHOUT 241 | WARRANTY OF ANY KIND. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE 242 | LAW, VMWARE, ITS LICENSORS AND SERVICE PROVIDERS DISCLAIM ALL 243 | WARRANTIES, CONDITIONS, AND OTHER TERMS, WHETHER EXPRESS, IMPLIED, 244 | OR STATUTORY, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY, 245 | SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON- 246 | INFRINGEMENT, AND ANY WARRANTIES AND CONDITIONS ARISING FROM COURSE 247 | OF DEALING OR COURSE OF PERFORMANCE, RELATING TO ANY SUPERVISOR 248 | SERVICE LABS OFFERING, ANY DOCUMENTATION, AND ANY MATERIALS OR 249 | SERVICES FURNISHED OR PROVIDED TO YOU UNDER THIS AGREEMENT. WE, OUR 250 | LICENSORS AND SERVICE PROVIDERS DO NOT WARRANT THAT A SUPERVISOR 251 | SERVICE LABS OFFERING WILL BE UNINTERRUPTED OR FREE FROM DEFECTS, OR 252 | THAT A SUPERVISOR SERVICE LABS OFFERING WILL MEET (OR IS DESIGNED TO 253 | MEET) YOUR BUSINESS REQUIREMENTS. 254 | ## 7. DATA PROTECTION, SECURITY 255 | ### 7.1 256 | By accepting this Agreement, you warrant and represent that you understand that a 257 | Supervisor Services Labs Offering is not intended to be used with any data of a commercial 258 | or sensitive nature. You must not submit or upload any personal data to a Supervisor 259 | Services Labs Offering, including (a) personal data within the meaning of that term given in 260 | the Regulation 2016/679 (the EU General Data Protection Regulation) or (b) protected 261 | health information within the meaning of the United States Health Insurance Portability and 262 | Accountability Act. 263 | ### 7.2 264 | We monitor the overall performance and stability of the infrastructure of any Supervisor 265 | Services Labs Cloud Service. You must not block or interfere with that monitoring. If we 266 | reasonably believe a problem with a Supervisor Services Labs Cloud Service may be 267 | attributable to your use of that offering or to Your Content, you must cooperate with us to 268 | identify the source of and to resolve that problem. 269 | ### 7.3 270 | Technical Data; Log Files. 271 | (a) Technical Data. We collect, process and store technical and related information about 272 | your use of a Supervisor Services Labs Offerings, including your devices, systems, 273 | applications, peripherals, internet protocol addresses, hardware identification, operating 274 | system, application software, peripheral hardware, number of active plugins and software 275 | development kits, the successful installation and launch of a Supervisor Services Labs 276 | Offering, the amount of computing and storage resources purchased or consumed, user 277 | counts, third party licenses or services consumed, and other Supervisor Services Labs 278 | Offering usage statistics (collectively, “Technical Data”). We use Technical Data to provide 279 | the Supervisor Services Labs Offering; for internal statistical and analytical purposes; to 280 | facilitate support (if any); to provision Updates; to develop and improve VMware products 281 | and services; to track and manage our infrastructure, network, storage, and software; and 282 | for capacity planning, troubleshooting, and other forecasting purposes. We may share 283 | Technical Data with our affiliates and third party service providers for these purposes and as 284 | otherwise required by applicable law. 285 | (b) Log Files. You acknowledge that correspondence and log files generated in conjunction 286 | with any communication or notice to us may contain sensitive, confidential, or personal 287 | information. You are solely responsible for taking the steps necessary to protect such data, 288 | including obscuring the logs or otherwise protecting such information prior to sending it to 289 | us. 290 | ### 7.4 291 | You are responsible for ensuring that the security of the Supervisor Services Labs 292 | Offering is appropriate for your intended use of the offering and Your Content. You are 293 | responsible for (a) protecting the security of Your Content, including without limitation, any 294 | access you might provide to Your Content by your employees, customers or other third 295 | parties, and in transit to and from the Supervisor Services Labs Offering; (b) properly 296 | configuring the Supervisor Services Labs Offering so that it is suitable for your use; (c) 297 | backing up Your Content to the extent required; (d) encrypting Your Content to the extent 298 | required; (e) providing any necessary notices to your users and obtaining any legally 299 | required consents from your Users concerning your use of a Supervisor Services Labs 300 | Offering and Your Content; and (f) complying with any laws or regulations applicable to Your 301 | Content and your use of a Supervisor Services Labs Offering. 302 | ### 7.5 303 | As between you and us, you are responsible for any losses or other consequences 304 | arising from your failure to encrypt or to back up Your Content, including any loss of or 305 | damage to any data. 306 | ## 8. OTHER PROVISIONS 307 | ### 8.1 Governing Law 308 | This Agreement, and all disputes arising out of or related to this Agreement, will be 309 | governed by and construed under the laws of the State of California without reference to 310 | conflict of laws principles. The United Nations Convention for the International Sale of 311 | Goods shall not apply. 312 | ### 8.2 Compliance with Laws; Export Control 313 | Each party will comply with all laws applicable to the actions contemplated by the 314 | Agreement. You acknowledge that any Supervisor Services Labs Offering provided to you 315 | by VMware pursuant to the Agreement is of United States origin, is provided subject to the 316 | U.S. Export Administration Regulations (including “deemed export” and “deemed re-export” 317 | regulations), and may be subject to the export control laws of other applicable territories. 318 | You represent and warrant that (a) you are not, and are not acting on behalf of, (1) any 319 | person who is a citizen, national, or resident of, or who is controlled by the government of 320 | any country to which the United States has prohibited export transactions; or (2) any person 321 | or entity listed on the U.S. Treasury Department list of Specially Designated Nationals and 322 | Blocked Persons, or the U.S. Commerce Department Denied Persons List or Entity List; (b) 323 | you will not permit a Supervisor Services Labs Offering to be used for any purposes 324 | prohibited by law, including any prohibited development, design, manufacture or production 325 | of missiles or nuclear, chemical or biological weapons; (c) Your Content will not be classified 326 | or listed on the United States Munitions list, contain defense articles, defense services or 327 | contain ITAR-related data; (d) Your Content will not require an export license and is not 328 | restricted from export to, or from, any VMware global resource or personnel under 329 | applicable export control laws; and (e) you are not subject, either directly or indirectly, to any 330 | order issued by any agency of the United States government, revoking or denying, in whole 331 | or in part, your United States export privileges. You will notify VMware immediately if you 332 | become subject to any such order. 333 | ### 8.3 Entire Agreement; Modification 334 | This Agreement is the entire agreement between the parties relating to the Supervisor 335 | Services Labs Offerings and the Supervisor Services Labs program, and all other terms are 336 | rejected. No waiver or modification of this Agreement will be valid unless in a writing signed 337 | by each party. The waiver of a breach of any term of this Agreement will in no way be 338 | construed as a waiver of any other term or breach of this Agreement. If any provision of this 339 | Agreement is held by a court of competent jurisdiction to be contrary to law, the remaining 340 | provisions of this Agreement shall remain in full force and effect. 341 | ### 8.4 Construction 342 | The headings of sections of this Agreement are for convenience and are not for use in 343 | interpreting this Agreement. As used in this Agreement, the word “including” means 344 | “including but not limited to”. 345 | ### 8.5 Third Party Rights 346 | Other than as expressly set forth in this Agreement, this Agreement does not create any 347 | rights for any person who is not a party to it, and no person who is not a party to this 348 | Agreement may enforce any of its terms or rely on any exclusion or limitation contained in it. 349 | ### 8.6 Force Majeure 350 | We will not be liable for any delay or failure to perform any obligations under this Agreement 351 | due to any cause beyond our reasonable control, including acts of God, labor disputes or 352 | other industrial disturbances, systemic electrical, telecommunications or other utility failures, 353 | earthquakes, storms or other elements of nature, blockages, embargoes, riots, acts or 354 | orders of government, acts of terrorism or war. 355 | ### 8.7 Order of Precedence 356 | The terms of the Agreement will supersede and control over any conflicting or additional 357 | terms and conditions that may be presented to you in connection with your use of a 358 | Supervisor Services Labs Offering. 359 | ### 8.8 Assignment 360 | You may not assign this Agreement or any rights or obligations hereunder, directly or 361 | indirectly, by operation of law, merger, acquisition of stock or assets, or otherwise, without 362 | our prior written consent. Any attempted assignment or transfer in violation of the foregoing 363 | will be null and void. Subject to the foregoing, this Agreement shall inure to the benefit of 364 | and be binding upon the parties and their respective successors and permitted assigns. 365 | ### 8.9 Contact Information 366 | If you have questions about this Agreement, please direct all correspondence to: VMware 367 | LLC, 3402 Hillview Avenue, Palo Alto, CA 94304, United States of America. 368 | 369 | VMware is a trademark of VMware LLC. and is registered in the U.S. and numerous other 370 | countries. -------------------------------------------------------------------------------- /supervisor-services-labs/rabbitmq-operator/rabbitmq-instance.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rabbitmq.com/v1beta1 2 | kind: RabbitmqCluster 3 | metadata: 4 | name: demo1-rabbitmq-cluster0 5 | spec: 6 | service: 7 | type: LoadBalancer 8 | persistence: 9 | storageClassName: vc01cl01-t0compute 10 | storage: 1G 11 | image: rabbitmq:3.13.1-management 12 | # Currently RabbitMQ images are downloaded from Dockerhub and may be subject to download rate limits. 13 | # To overcome this, use a proxy cache or host the image on another registry. 14 | # In such scenarios, uncomment the next two lines, and update the registry image path accordingly. 15 | # image: my-registry/proxy-cache/library/rabbitmq:3.13.1-management -------------------------------------------------------------------------------- /supervisor-services-labs/rabbitmq-operator/rabbitmq-logo.svg: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /supervisor-services-labs/rabbitmq-operator/usage.md: -------------------------------------------------------------------------------- 1 | Once the RabbitMQ Cluster Kubernetes Operator has been deployed successfully on the Supervisor, deploy a RabbitMQ Cluster object within your vSphere Namespace. To do so, follow the steps below. 2 | 3 | 1. Download the [example](rabbitmq-instance.yaml) as a reference for a simple deployment. You will need to modify the value of the `storageClassName` object as per your environment. 4 | 2. Log in to the Supervisor - `10.220.3.18` is the Supervisor IP address in this example - with a user that has owner/edit access to the vSphere Namespace - `user@vsphere.local` in this example. 5 | ```bash 6 | $ kubectl vsphere login --server 10.220.3.18 -u user@vsphere.local 7 | ``` 8 | 3. To deploy RabbitMQ Cluster to the vSphere Namespace - `demo1` in this example - set the context appropriately. 9 | ```bash 10 | $ kubectl config use-context demo1 11 | ``` 12 | 4. Use kubectl to deploy the file -`rabbitmq-instance.yaml` in this example - that was downloaded in Step 1. 13 | ```bash 14 | $ kubectl apply -f rabbitmq-instance.yaml 15 | ``` 16 | 5. Upon successful deployment, the following should be the status. Use the EXTERNAL-IP address of the rabbitmq-cluster service to connect to the cluster - `10.220.8.1` in this example. 17 | ```bash 18 | $ kubectl get all 19 | NAME READY STATUS RESTARTS AGE 20 | pod/demo1-rabbitmq-cluster0-server-0 1/1 Running 0 6d22h 21 | 22 | $ kubectl get svc 23 | NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 24 | service/demo1-rabbitmq-cluster0 LoadBalancer 10.96.0.53 10.220.8.1 5672:31907/TCP,15672:30104/TCP,15692:32637/TCP 6d22h 25 | service/demo1-rabbitmq-cluster0-nodes ClusterIP None 4369/TCP,25672/TCP 6d22h 26 | 27 | NAME READY AGE 28 | statefulset.apps/demo1-rabbitmq-cluster0-server 1/1 6d22h 29 | 30 | NAME ALLREPLICASREADY RECONCILESUCCESS AGE 31 | rabbitmqcluster.rabbitmq.com/demo1-rabbitmq-cluster0 True False 6d22h 32 | ... 33 | ``` 34 | 6. If you encounter a Dockerhub rate limiting for the RabbitMQ image, use a proxy-cache or host the image on another registry. The sample `rabbitmq-instance.yaml` shows how to reference an alternate image location. -------------------------------------------------------------------------------- /supervisor-services-labs/rabbitmq-operator/v2.8.0/rabbitmq-operator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: data.packaging.carvel.dev/v1alpha1 2 | kind: PackageMetadata 3 | metadata: 4 | name: rabbitmq-operator.fling.vsphere.vmware.com 5 | spec: 6 | categories: 7 | - Messageing 8 | - Streaming 9 | displayName: rabbitmq-operator 10 | iconSVGBase64: none 11 | longDescription: The RabbitMQ Cluster Kubernetes Operator provides a consistent and easy way to deploy RabbitMQ clusters to Kubernetes and run them, including "day two" (continuous) operations. RabbitMQ clusters deployed using the Operator can be used by applications running on Kubernetes or outside of Kubernetes. 12 | maintainers: 13 | - name: supervisor-services-labs.pdl@broadcom.com 14 | providerName: VMware 15 | shortDescription: The RabbitMQ Cluster Kubernetes Operator automates provisioning, management, and operations of RabbitMQ clusters running on Kubernetes. 16 | --- 17 | apiVersion: data.packaging.carvel.dev/v1alpha1 18 | kind: Package 19 | metadata: 20 | name: rabbitmq-operator.fling.vsphere.vmware.com.2.8.0 21 | spec: 22 | refName: rabbitmq-operator.fling.vsphere.vmware.com 23 | releasedAt: "2024-04-10T03:17:23Z" 24 | template: 25 | spec: 26 | deploy: 27 | - kapp: {} 28 | fetch: 29 | - imgpkgBundle: 30 | image: projects.registry.vmware.com/vsphere-labs/rabbitmq-operator@sha256:ae74e808e334731baaa07a2cb31a457e176a2361d3751af3acc0f448077b1e93 31 | template: 32 | - ytt: 33 | paths: 34 | - ./config 35 | - kbld: 36 | paths: 37 | - '-' 38 | - .imgpkg/images.yml 39 | valuesSchema: 40 | openAPIv3: 41 | properties: 42 | image: 43 | default: rabbitmqoperator/cluster-operator:2.8.0 44 | description: Image of RabbitMQ Operator 45 | type: string 46 | namespace: 47 | default: rabbitmq-operator 48 | description: The namespace in which to deploy rabbitmq-operator. 49 | type: string 50 | version: 2.8.0 51 | -------------------------------------------------------------------------------- /supervisor-services-labs/rabbitmq-operator/v2.8.0/values.yaml: -------------------------------------------------------------------------------- 1 | image: rabbitmqoperator/cluster-operator:2.8.0 -------------------------------------------------------------------------------- /supervisor-services-labs/redis-operator/redis-instance.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: redis-secret 6 | data: 7 | password: Vk13YXJlMTIzIQo= 8 | type: Opaque 9 | --- 10 | apiVersion: redis.redis.opstreelabs.in/v1beta2 11 | kind: Redis 12 | metadata: 13 | name: demo1-redis-standalone 14 | spec: 15 | kubernetesConfig: 16 | image: quay.io/opstree/redis:v7.2.3 17 | imagePullPolicy: IfNotPresent 18 | redisSecret: 19 | name: redis-secret 20 | key: password 21 | service: 22 | serviceType: LoadBalancer 23 | storage: 24 | volumeClaimTemplate: 25 | spec: 26 | storageClassName: vc01cl01-t0compute 27 | accessModes: ["ReadWriteOnce"] 28 | resources: 29 | requests: 30 | storage: 1Gi 31 | podSecurityContext: 32 | runAsUser: 1000 33 | fsGroup: 1000 34 | -------------------------------------------------------------------------------- /supervisor-services-labs/redis-operator/redis.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vsphere-tmm/Supervisor-Services/0b86db5f5a6eb9cce347007e0a68e380a6f7cbcb/supervisor-services-labs/redis-operator/redis.png -------------------------------------------------------------------------------- /supervisor-services-labs/redis-operator/usage.md: -------------------------------------------------------------------------------- 1 | Once the Redis Operator has been deployed successfully on the Supervisor, deploy a Redis Instance within your vSphere Namespace. To do so, follow the steps below. 2 | 3 | 1. Download the [example](redis-instance.yaml) as a reference for a simple deployment. You must modify the value of the `storageClassName` object as per your environment. The file also contains a Secret with the password `VMware123!` BASE64 encoded. Modify the file with your own BASE64 encoded password string. 4 | 2. Log in to the Supervisor - `10.220.3.18` is the Supervisor IP address in this example - with a user that has owner/edit access to the vSphere Namespace - `user@vsphere.local` in this example. 5 | ```bash 6 | $ kubectl vsphere login --server 10.220.3.18 -u user@vsphere.local 7 | ``` 8 | 3. To deploy Redis Instance to the vSphere Namespace - `demo1` in this example - set the context appropriately. 9 | ```bash 10 | $ kubectl config use-context demo1 11 | ``` 12 | 4. Use kubectl to deploy the file -`redis-instance.yaml` in this example - that was downloaded in Step 1. 13 | ```bash 14 | $ kubectl apply -f redis-instance.yaml 15 | ``` 16 | 5. Upon successful deployment, the following should be the status. Use the EXTERNAL-IP address of the redis-standalone-additional service to connect to the cluster - `10.220.8.6` in this example. 17 | ```bash 18 | $ kubectl get all 19 | k get all -n demo1 20 | NAME READY STATUS RESTARTS AGE 21 | pod/demo1-redis-standalone-0 1/1 Running 0 6h21m 22 | 23 | NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE 24 | service/demo1-redis-standalone ClusterIP 10.96.0.121 6379/TCP 6h21m 25 | service/demo1-redis-standalone-additional LoadBalancer 10.96.1.172 10.220.8.6 6379:31610/TCP 6h21m 26 | service/demo1-redis-standalone-headless ClusterIP None 6379/TCP 6h21m 27 | 28 | NAME READY AGE 29 | statefulset.apps/demo1-redis-standalone 1/1 6h21m 30 | ... 31 | ``` 32 | 6. Use the `redis-cli` to connect to the Redis instance that was just deployed. When prompted, provide the password - `VMware123!` in this example - to connect to the instance. 33 | ``` 34 | $ redis-cli -h 10.220.8.6 --askpass 35 | Please input password: ********* 36 | 10.220.8.6:6379> 37 | ``` -------------------------------------------------------------------------------- /supervisor-services-labs/redis-operator/v0.16.0/redis-operator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: data.packaging.carvel.dev/v1alpha1 2 | kind: PackageMetadata 3 | metadata: 4 | name: redis-operator.fling.vsphere.vmware.com 5 | spec: 6 | categories: 7 | - In-Memory Database 8 | - Caching 9 | displayName: redis-operator 10 | iconSVGBase64: none 11 | longDescription: A Golang based Redis operator that overseees Redis standalone and cluster mode setup on top of Kubernetes. It can create a Redis cluster setup with best practices on any Cloud. It also provides an in-built monitoring capability using redis-exporter. 12 | maintainers: 13 | - name: supervisor-services-labs.pdl@broadcom.com 14 | providerName: VMware 15 | shortDescription: Redis operator that overseees Redis standalone and cluster mode setup on top of Kubernetes 16 | --- 17 | apiVersion: data.packaging.carvel.dev/v1alpha1 18 | kind: Package 19 | metadata: 20 | name: redis-operator.fling.vsphere.vmware.com.0.16.0 21 | spec: 22 | refName: redis-operator.fling.vsphere.vmware.com 23 | releasedAt: "2024-04-17T18:30:14Z" 24 | template: 25 | spec: 26 | deploy: 27 | - kapp: {} 28 | fetch: 29 | - imgpkgBundle: 30 | image: projects.registry.vmware.com/vsphere-labs/redis-operator@sha256:bef1297474d098dc6663b3a5b2ff347e1eb1b6d5aa817149aaec70d2bbfafa7c 31 | template: 32 | - ytt: 33 | paths: 34 | - ./config 35 | - kbld: 36 | paths: 37 | - '-' 38 | - .imgpkg/images.yml 39 | valuesSchema: 40 | openAPIv3: 41 | default: null 42 | nullable: true 43 | version: 0.16.0 44 | -------------------------------------------------------------------------------- /vmw-logo-vmware-logo-grey.svg: -------------------------------------------------------------------------------- 1 | 2 | 3 | 5 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 22 | 25 | 29 | 34 | 40 | 43 | 47 | 48 | 49 | 50 | 51 | --------------------------------------------------------------------------------