Deploy the Enterprise PKS Management Console Appliance
Page last updated:
This topic describes how to deploy the VMware Enterprise PKS Management Console appliance from the OVA template.
If you have deployed a previous version of Enterprise Pivotal Container Service (Enterprise PKS) Management Console, you can use the management console to upgrade it to a newer version. For information about upgrading, see Upgrade Enterprise PKS Management Console.
- Download the OVA template from https://downloads.vmware.com.
- Use an account with vSphere administrator privileges to log in to vSphere using the vSphere Client.
- The vCenter Server instance must be correctly configured for Enterprise PKS Management Console deployment. For information about the vCenter Server requirements, see Virtual Infrastructure Prerequisites.
To deploy the Enterprise PKS Management Console appliance to vSphere, the procedure is as follows:
- In the vSphere Client, right-click an object in the vCenter Server inventory, select Deploy OVF template, select Local file, and click Browse to navigate to your download of the OVA template.
- Follow the installer prompts to perform basic configuration of the appliance and to select the vSphere resources for it to use.
- Accept or modify the appliance name
- Select the destination datacenter or folder
- Select the destination cluster or resource pool for the appliance VM
- Accept the end user license agreements (EULA)
- Select the disk format and destination datastore for the appliance VM
- On the Select Networks page, select a network port group to which to connect the appliance.
Important: If you intend to deploy Enterprise PKS in a bring your own topology NSX-T Data Center environment, do not use the network on which you deploy the Enterprise PKS Management Console appliance VM as the network for the management plane when you deploy Enterprise PKS. Using the same network for the appliance VM and the management plane requires additional NSX-T Data Center configuration and is not recommended.
On the Customize template page, expand Appliance Configuration.
- Set the root password for the appliance VM. Setting the root password for the appliance is mandatory.
- Optionally uncheck the Permit Root Login checkbox.
Note: If you uncheck the checkbox, you can permit root login later by editing the settings of the appliance VM.
The root password is the only mandatory option. If you want to use auto-generated certificates, DHCP networking, and you do not want to integrate with VMware vRealize Log Insight, click Next to start the OVA deployment. Otherwise, complete the remaining steps in this procedure.
Configure the appliance certificate, that is used by all of the services that run in the appliance to authenticate connections.
To use auto-generated, self-signed certificates, leave the Appliance TLS Certificate, Appliance TLS Certificate Key, and Certificate Authority Certificate text boxes blank.
To use a custom certificate:
Paste the contents of the server certificate PEM file in the Appliance TLS Certificate text box.
-----BEGIN CERTIFICATE----- appliance_certificate_contents -----END CERTIFICATE-----
Paste the contents of the certificate key in the Appliance TLS Certificate Key text box. The appliance supports unencrypted PEM encoded formats for TLS private keys.
-----BEGIN PRIVATE KEY----- appliance_private_key_contents -----END PRIVATE KEY-----
Paste the contents of the Certificate Authority (CA) file in the Certificate Authority Certificate text box.
-----BEGIN CERTIFICATE----- root_CA_certificate_contents -----END CERTIFICATE-----
To use a certificate that uses a chain of intermediate CAs, paste into the Certificate Authority Certificate text box the contents of a certificate chain PEM file. The PEM file must include a chain of the intermediate CAs all the way down to the root CA.
-----BEGIN CERTIFICATE----- intermediate_CA_certificate_contents -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- intermediate_CA_certificate_contents -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- root_CA_certificate_contents -----END CERTIFICATE-----
Expand Networking Properties and optionally configure the networking for the appliance VM.
To use DHCP, leave these properties blank.
- To set a static IP address on the appliance, set the Network IP Address, Network Netmask, and Default Gateway settings.
- To configure DNS servers, set the Domain Name Servers, and Domain Search Path settings.
- To specify a fully qualified domain name (FQDN) for the appliance, set the FQDN setting.
- If necessary, update Docker Container Network Subnet and Docker Container Network Gateway.
Services in the management console appliance are deployed as Docker containers on a Docker bridge network. Update these values if the default subnet CIDR 172.18.0.0/16 and gateway address 172.18.0.1 for this bridge network conflict with existing networks.
Optionally enter the host name and port for VMware vRealize Log Insight in the Log Insight Server Host/IP and Log Insight Server Port text boxes.
vRealize Log Insight gathers logs from the Enterprise PKS Management Console appliance itself. For vRealize Log Insight to gather logs from your Enterprise PKS deployments, you must configure the connection when you deploy Enterprise PKS from Enterprise PKS Management Console.
Click Next to review the settings that you have made.
Click Finish to deploy the Enterprise PKS Management Console appliance.
Use the Recent Tasks panel at the bottom of the vSphere Client to check the status of the OVA import and deployment of the appliance VM. The appliance VM takes a few minutes to deploy.
If the appliance VM fails to deploy, see Troubleshooting.
When the OVA deployment has completed successfully, you can access the management console.
- In the vSphere Client, right-click the appliance VM and select Power > Power On.
- When the appliance VM has booted, go to the Summary tab for the VM and copy its IP address.
- Enter the appliance IP address in a browser.
- At the VMware Enterprise PKS log in page, enter username
rootand the root password that you set when you deployed the OVA template.
You can now use Enterprise PKS Management Console to deploy or upgrade Enterprise PKS instances, either by using the configuration wizard or by importing an existing YAML configuration file.
- Deploy Enterprise PKS by Using the Configuration Wizard
- Deploy Enterprise PKS by Importing a YAML Configuration File
- Upgrade Enterprise PKS Management Console
Please send any feedback you have to email@example.com.