This section describes the input parameters required to add an SDDC provider. In addition, NSX-V or NSX-T backend networking require specific configuration parameters. Authentication also requires specific configuration parameters.

An SDDC provider requires the following information.

Table 1. vSphere Authentication
Variable Description
vSphere hostname FQDN or IP of vCenter server
vSphere username vCenter server username
vSphere password vCenter server password
Ignore the vCenter Server certificate validation? If checked, VMware Integrated OpenStack with Kubernetes does not verify the vCenter Server certificate when connecting to the vCenter.
Table 2. vSphere Cluster and Datastore Configuration
Variable Description
Compute cluster vSphere compute cluster used to deploy Kubernetes cluster nodes
Datastores vSphere datastores used to store Kubernetes cluster nodes, images, and volumes
Table 3. Management Network Setting for Kubernetes Cluster Nodes
Variable Description
Port Group Distributed port group that Kubernetes cluster nodes connect to. Not applicable for NSX-T networking.
VLAN ID (optional) VLAN ID of the management portgroup. Leave blank if not using VLAN.
Network CIDR Management network address in CIDR format such as 192.168.0.0/24.
IP Range Start and end IP addresses of the management network allocation IP range.
Gateway Gateway IP for the management network
DNS (optional) DNS servers to be used if DNS for the management network is unavailable. To specify multiple servers, use comma separated values.

Networking Parameters

NSX-V or NSX-T networking requires specific input parameters.

Table 4. Configuration Information for NSX-V Networking with SDDC provider
Variable Description
Manager address FQDN or IP of the NSX-V manager
Username NSX-V manager username
Password NSX-V manager password
Ignore the NSX-V SSL certificate validation? If checked, VMware Integrated OpenStack with Kubernetes does not verify the NSX-V SSL certificate when connecting to the NSX-V server.
Transport zone Transport zone configured for NSX-V networking
Edge resource pool vSphere resource pool for the NSX Edge VMs
Edge datastore vSphere datastore for NSX Edge VMs
Virtual Distributed Switch vSphere Distributed Switch configured for NSX-V networking
External network vSphere distributed port group on the distributed switch
Table 5. Configuration Information for NSX-T Networking with SDDC provider
Variable Description
Manager address FQDN or IP of the NSX-T manager
Username NSX-T manager username
Password NSX-T manager password
Ignore the NSX-T SSL certificate validation? If checked, VMware Integrated OpenStack with Kubernetes does not verify the NSX-T SSL certificate when connecting to the NSX-T server.
Tier 0 Router Tier 0 router pre-configured for NSX-T networking
Default overlay transport zone Overlay transport zone pre-configured for NSX-T networking
Default VLAN transport zone VLAN transport zone pre-configured for NSX-T networking

Authentication Source Parameters

If you create a standalone user database, VMware Integrated OpenStack with Kubernetes creates a Kubernetes cluster admin user in the database to start. VMware Integrated OpenStack with Kubernetes also supports both Active Directory as an LDAP server on Windows and LDAP server for Unix and Linux.

Table 6. Local Admin User Authentication Source
Variable Description
Kubernetes cluster admin user Admin user for authentication with the local user database
Kubernetes cluster admin password Password for authentication with the local user database
Table 7. Active Directory as LDAP Backend Authentication Source
Variable Description Default
Encryption SSL or None None
Hostname FQDN or IP of the LDAP or AD server None
Port Port 636 for SSL

389 for non-SSL

Bind user LDAP bind user.. Same as Kubernetes cluster admin user. None
Bind Password Password for LDAP bind user. Same as Kubernetes cluster admin user. None
User Tree DN Search base for users None
Group Tree DN Search base for groups None
User object/class LDAP objectclass for users organizationalPerson
User ID attribute LDAP attribute mapped to user ID. This must not be a multivalued attribute. cn
User name attribute LDAP attribute mapped to user name. userPrincipalName
User mail attribute LDAP attribute mapped to user e-mail mail
User password attribute LDAP attribute mapped to password userPassword
User enabled attribute LDAP attribute mapped to user enabled flag userAccountControl
Group object/class LDAP objectclass for groups group
Group ID attribute LDAP attribute mapped to group ID cn
Group name attribute LDAP attribute mapped to group name sAMAccountName
Group member attribute LDAP attribute mapped to group member memberOf
Group description attribute LDAP attribute mapped to group description description