This section describes the input parameters required to add an SDDC provider. In addition, NSX-V or NSX-T backend networking require specific configuration parameters. Authentication also requires specific configuration parameters.
An SDDC provider requires the following information.
| Variable | Description |
|---|---|
| vSphere hostname | FQDN or IP of vCenter server |
| vSphere username | vCenter server username |
| vSphere password | vCenter server password |
| Ignore the vCenter Server certificate validation? | If checked, VMware Integrated OpenStack with Kubernetes does not verify the vCenter Server certificate when connecting to the vCenter. |
| Variable | Description |
|---|---|
| Compute cluster | vSphere compute cluster used to deploy Kubernetes cluster nodes |
| Datastores | vSphere datastores used to store Kubernetes cluster nodes, images, and volumes |
| Variable | Description |
|---|---|
| Port Group | Distributed port group that Kubernetes cluster nodes connect to. Not applicable for NSX-T networking. |
| VLAN ID (optional) | VLAN ID of the management portgroup. Leave blank if not using VLAN. |
| Network CIDR | Management network address in CIDR format such as 192.168.0.0/24. |
| IP Range | Start and end IP addresses of the management network allocation IP range. |
| Gateway | Gateway IP for the management network |
| DNS (optional) | DNS servers to be used if DNS for the management network is unavailable. To specify multiple servers, use comma separated values. |
Networking Parameters
NSX-V or NSX-T networking requires specific input parameters.
| Variable | Description |
|---|---|
| Manager address | FQDN or IP of the NSX-V manager |
| Username | NSX-V manager username |
| Password | NSX-V manager password |
| Ignore the NSX-V SSL certificate validation? | If checked, VMware Integrated OpenStack with Kubernetes does not verify the NSX-V SSL certificate when connecting to the NSX-V server. |
| Transport zone | Transport zone configured for NSX-V networking |
| Edge resource pool | vSphere resource pool for the NSX Edge VMs |
| Edge datastore | vSphere datastore for NSX Edge VMs |
| Virtual Distributed Switch | vSphere Distributed Switch configured for NSX-V networking |
| External network | vSphere distributed port group on the distributed switch |
| Variable | Description |
|---|---|
| Manager address | FQDN or IP of the NSX-T manager |
| Username | NSX-T manager username |
| Password | NSX-T manager password |
| Ignore the NSX-T SSL certificate validation? | If checked, VMware Integrated OpenStack with Kubernetes does not verify the NSX-T SSL certificate when connecting to the NSX-T server. |
| Tier 0 Router | Tier 0 router pre-configured for NSX-T networking |
| Default overlay transport zone | Overlay transport zone pre-configured for NSX-T networking |
| Default VLAN transport zone | VLAN transport zone pre-configured for NSX-T networking |
Authentication Source Parameters
If you create a standalone user database, VMware Integrated OpenStack with Kubernetes creates a Kubernetes cluster admin user in the database to start. VMware Integrated OpenStack with Kubernetes also supports both Active Directory as an LDAP server on Windows and LDAP server for Unix and Linux.
| Variable | Description |
|---|---|
| Kubernetes cluster admin user | Admin user for authentication with the local user database |
| Kubernetes cluster admin password | Password for authentication with the local user database |
| Variable | Description | Default |
|---|---|---|
| Encryption | SSL or None | None |
| Hostname | FQDN or IP of the LDAP or AD server | None |
| Port | Port | 636 for SSL 389 for non-SSL |
| Bind user | LDAP bind user.. Same as Kubernetes cluster admin user. | None |
| Bind Password | Password for LDAP bind user. Same as Kubernetes cluster admin user. | None |
| User Tree DN | Search base for users | None |
| Group Tree DN | Search base for groups | None |
| User object/class | LDAP objectclass for users | organizationalPerson |
| User ID attribute | LDAP attribute mapped to user ID. This must not be a multivalued attribute. | cn |
| User name attribute | LDAP attribute mapped to user name. | userPrincipalName |
| User mail attribute | LDAP attribute mapped to user e-mail | |
| User password attribute | LDAP attribute mapped to password | userPassword |
| User enabled attribute | LDAP attribute mapped to user enabled flag | userAccountControl |
| Group object/class | LDAP objectclass for groups | group |
| Group ID attribute | LDAP attribute mapped to group ID | cn |
| Group name attribute | LDAP attribute mapped to group name | sAMAccountName |
| Group member attribute | LDAP attribute mapped to group member | memberOf |
| Group description attribute | LDAP attribute mapped to group description | description |
