This section describes the input parameters required to add an SDDC provider. In addition, NSX-V or NSX-T backend networking require specific configuration parameters. Authentication also requires specific configuration parameters.

An SDDC provider requires the following information.

Table 1. vSphere Authentication

Variable

Description

vSphere hostname

FQDN or IP of vCenter server

vSphere username

vCenter server username

vSphere password

vCenter server password

Ignore the vCenter Server certificate validation?

If checked, VMware Integrated OpenStack with Kubernetes does not verify the vCenter Server certificate when connecting to the vCenter.

Table 2. vSphere Cluster and Datastore Configuration

Variable

Description

Compute cluster

vSphere compute cluster used to deploy Kubernetes cluster nodes

Datastores

vSphere datastores used to store Kubernetes cluster nodes, images, and volumes

Table 3. Management Network Setting for Kubernetes Cluster Nodes

Variable

Description

Port Group

Distributed port group that Kubernetes cluster nodes connect to. Not applicable for NSX-T networking.

VLAN ID (optional)

VLAN ID of the management portgroup. Leave blank if not using VLAN.

Network Address

Management network address in CIDR format such as 192.168.0.0/24.

IP Range

Start and end IP addresses of the management network allocation IP range.

Gateway

Gateway IP for the management network

DNS (optional)

DNS servers to be used if DNS for the management network is unavailable. To specify multiple servers, use comma separated values.

Networking Parameters

NSX-V or NSX-T networking requires specific input parameters.

Table 4. Configuration Information for NSX-V Networking with SDDC provider

Variable

Description

Manager address

FQDN or IP of the NSX-V manager

Username

NSX-V manager username

Password

NSX-V manager password

Ignore the NSX-V SSL certificate validation?

If checked, VMware Integrated OpenStack with Kubernetes does not verify the NSX-V SSL certificate when connecting to the NSX-V server.

Transport zone

Transport zone configured for NSX-V networking

Edge resource pool

vSphere resource pool for the NSX Edge VMs

Edge datastore

vSphere datastore for NSX Edge VMs

Virtual Distributed Switch

vSphere Distributed Switch configured for NSX-V networking

External network

vSphere distributed port group on the distributed switch

Table 5. Configuration Information for NSX-T Networking with SDDC provider

Variable

Description

Manager address

FQDN or IP of the NSX-T manager

Username

NSX-T manager username

Password

NSX-T manager password

Ignore the NSX-T SSL certificate validation?

If checked, VMware Integrated OpenStack with Kubernetes does not verify the NSX-T SSL certificate when connecting to the NSX-T server.

Tier 0 Router

Tier 0 router pre-configured for NSX-T networking

Default overlay transport zone

Overlay transport zone pre-configured for NSX-T networking

Default VLAN transport zone

VLAN transport zone pre-configured for NSX-T networking

Authentication Source Parameters

If you create a standalone user database, VMware Integrated OpenStack with Kubernetes creates a Kubernetes cluster admin user in the database to start. VMware Integrated OpenStack with Kubernetes also supports both Active Directory as an LDAP server on Windows and LDAP server for Unix and Linux.

Table 6. Local Admin User Authentication Source

Variable

Description

Kubernetes cluster admin user

Admin user for authentication with the local user database

Kubernetes cluster admin password

Password for authentication with the local user database

Table 7. Active Directory as LDAP Backend Authentication Source

Variable

Description

Default

Encryption

SSL or None

None

Hostname

FQDN or IP of the LDAP or AD server

None

Port

Port

636 for SSL

389 for non-SSL

Bind user

LDAP bind user.. Same as Kubernetes cluster admin user.

None

Bind Password

Password for LDAP bind user. Same as Kubernetes cluster admin user.

None

User Tree DN

Search base for users

None

Group Tree DN

Search base for groups

None

User object/class

LDAP objectclass for users

organizationalPerson

User ID attribute

LDAP attribute mapped to user ID. This must not be a multivalued attribute.

cn

User name attribute

LDAP attribute mapped to user name.

userPrincipalName

User mail attribute

LDAP attribute mapped to user e-mail

mail

User password attribute

LDAP attribute mapped to password

userPassword

User enabled attribute

LDAP attribute mapped to user enabled flag

userAccountControl

Group object/class

LDAP objectclass for groups

group

Group ID attribute

LDAP attribute mapped to group ID

cn

Group name attribute

LDAP attribute mapped to group name

sAMAccountName

Group member attribute

LDAP attribute mapped to group member

memberOf

Group description attribute

LDAP attribute mapped to group description

description