Perform the prerequisite steps listed in this section.

Install the Bootstrapper virtual machine on a vCenter Server, optionally with vRealize Log Insight. For information about setting up VMware Telco Cloud Automation in an air-gapped environment, see VMware Telco Cloud Automation User Guide.
Note: If you are deploying VMware Telco Cloud Automation in an air-gapped environment, ensure that you select the Activation Mode as Standalone. For more information, see Activate VMware Telco Cloud Automation Manager.
  1. Use the VMware-Telco-Cloud-Automation-<version>.ova.
  2. In the Appliance Role step, select TCA Bootstrapper as the appliance role.
  3. Upload the latest Photon VM template on your vCenter Server. For example, photon-3-kube-v1.21.2+vmware.1 for VMware Tanzu Kubernetes Grid 1.4.0. This step ensures that the script creates management clusters and workload clusters.
  4. Using the bootstrapper_template.json file located at /opt/vmware/setup_ha/bootstrapper_template.json, create the bootstrapper.json file on the Bootstrapper virtual machine. The following table lists the required section in the bootstrapper.json file.
    Note:
    • Use Python version 3.6.9 or later.
    • All passwords are base64 encoded.
    • When deploying VMware Telco Cloud Automation in an air-gapped environment, ensure that the CA certificates are encoded in the base64 format.
    • If you have initiated the deployment using the user interface, if such case, you cannot use the script based deployment.
Section in bootstrapper.json Mandatory/Optional Comments
"bootstrapperVmContext": {
     "ip": "<IP/FQDN of Bootstrapper VM. Either IP or FQDN in case of IPv4. MUST be FQDN in case of IPv6>",
     "username": "<admin user on bootstrapperVM> MUST be 'admin'",
     "password": "<password encoded in base64 format>"
},
Mandatory
  • Bootstrapper virtual machine of appliance type tca-bootstrapper.
  • Enter the Bootstrapper virtual machine's IP address and credentials.
"ipFamilies": "<'IPv6' or 'IPv4'. Optional and defaults to 'IPv4' when not provided>",
Optional
  • Whether to use IPv4 or IPv6.
  • Default value: Ipv4
"vsphereContext": {
    "ip": "<IP/FQDN of vCenter. Either IP or FQDN in case of IPv4. MUST be FQDN in case of IPv6>",
    "username": "<admin user>",
    "password": "<password encoded in base64 format>",
    "dataCenter": "/<dataCenter>",
    "dataStore": "/<dataCenter>/datastore/<dataStoreName>",
    "network": "<network> Example:HA-VMPG-1034",
    "resourcePool": "/<dataCenter>/host/<clusterName>/Resources/<resourcePoolName>",
    "vmFolder": "/<dataCenter>/vm/<vmFolderName",
    "vmTemplate": "<Example: photon-3-kube-v1.22.9-vmware.1>",
    "version": "<Optional. Example: 7.0.2 Defaults to 7.0.2 when not provided.>"
},
Mandatory
  • Enter the vCenter Server IP address and credentials. The VMware Telco Cloud Automation appliance and Bootstrapper cluster in a cloud-native environment is created here.
  • The vCenter Server settings for creating VMware Telco Cloud Automation and the Bootstrapper cluster are:
    • dataCenter
    • network
    • resourcePool
    • vmFolder
  • username: A user belonging to the Administrator (system admin) group in vCenter Server.
  • vmTemplate: The latest version of Photon VM template according to the VMware Tanzu Kubernetes Grid version. For example, photon-3-kube-v1.21.2+vmware.1 for VMware Tanzu Kubernetes Grid 1.4.0. For supported component versions, see: VMware Tanzu Kubernetes Grid 1.4 Release Notes at docs.vmware.com.
  • version: Optional field for vSphere version. If provided, then enter the vSphere version. The default version is 7.0.2.
Note: Ensure that you provide full paths for the vsphereContext resources.
"managementCluster":{
    "controlPlaneEndpointIP": "<Management Cluster IP address in IPv4 or IPv6 format. This can not be FQDN.>",
    "clusterPassword": "<password encoded in base64 format>",
    "controlPlaneNode": {
        "_comment": "Defaults for all the fields of controlPlaneNode is set to minimum required when not provided.",
        "replicas": "<replica count of controlPlaneNode. Valid values are 3, 5 or 7.",
        "cpu": "<number of cores per controlPlaneNode. Minimum required is 2>",
        "memory": "<memory in MiB per controlPlaneNode. Minimum required is 8192. Needs to be multiple of 1024.",
        "disk": "<disk space in GB. Minimum required is 50>"
    },
    "workerNode": {
        "_comment": "Defaults for all the fields of workerNode is set to minimum required when not provided.",
        "replicas": "<replica count of workerNode. Minimum required is 3 if deploying both tcaMgr and tcaCp. Minimum required is 4 if deploying only one - either tcaMgr or tcaCp.>",
        "cpu": "<number of cores per workerNode. Minimum required is 4 for single TCA and 8 for both TCAs.>",
        "memory": "<memory in MiB per node. Minimum required is 16384 if deploying both tcaMgr and tcaCp. Minimum required is 8192 incase of deploying only either tcaMgr or tcaCp. In all case needs to be multiple of 1024.>",
        "disk": "<disk space in GB. Minimum required is 50>"
    }
},
Mandatory
  • Enter the external IP address of the management cluster.
"workloadCluster":{
    "controlPlaneEndpointIP": "<Workload Cluster IP address in IPv4 or IPv6 format. This can not be FQDN.>",
    "clusterPassword": "<password encoded in base64 format>"
},
Mandatory if tcaCp is provided. If you provide tcaCp, then all the fields are mandatory.
  • The workload cluster is created temporarily for generating a manifest. This manifest is then used for creating the Bootstrapper cluster.
  • Enter the external IP address of the workload cluster.
  • This section is required if tcaCp details are provided.
"tcaMgr" : {
     "ip": "<tcaMgr IP address in IPv4 or IPv6 format. This can not be FQDN.>",
     "platformManagerPscUrl": "https://<IP/FQDN of vCenter. Either IP or FQDN in case of IPv4. MUST be FQDN in case of IPv6>",
     "platformManagerPscDomain": "<domain> example: vc.example.vsphere.local",
     "platformManagerPscUsergroup": "<Vcenter user group> example: administrators",
     "platformManagerLdapUrl": "<full LDAP url including port> example: ldap(s)://<IP/FQDN of LDAP server. Either IP or FQDN in case of IPv4. MUST be FQDN in case of IPv6>:<port>",
     "platformManagerLdapAdminUserDn": "<LDAP Admin User Distinguished Name> example: cn=admin\\,cn=users\\,dc=domain\\,dc=com",
     "platformManagerLdapPassword": "<Password for the LDAP Admin User encoded in base64 format>",
     "platformManagerLdapUsergroup": "<LDAP Admin User Group Distinguished Name> example: cn=group\\,ou=groups\\,dc=domain\\,dc=com",
     "platformManagerLdapUserDn": "<Search Base for users in LDAP> example: cn=users\\,dc=domain\\,dc=com",
     "platformManagerLdapGroupDn": "<Search Base for groups in LDAP> example: ou=groups\\,dc=domain\\,dc=com"
},
Optional. If you include this section, then all the fields are mandatory.
  • Either provide all the PSC parameters or provide all LDAP parameters. Do not provide these details in mixed format.

    For example, you can provide either of the formats for platformManagerPscUrl
    • https://10.1.9.134
    • https://[2001:0db8:85a3::8a2e:0370:7333]
  • Provide inputs for tcaMgr or tcaCp, or both.
  • In a development environment, you can use the script to install both appliances on the same management cluster, under different namespaces.
Appliance Namespace
tca tca-manager
tca-cp tca-system
"tcaCp" : {

     "ip": "<tcaCp IP address in IPv4 or IPv6 format. This can not be FQDN.>",

     "platformManagerPscUrl": "https://<IP/FQDN of vCenter. Either IP or FQDN in case of IPv4. MUST be FQDN in case of IPv6>",
     "platformManagerPscDomain": "<domain> example: vc.example.vsphere.local",
     "platformManagerPscUsergroup": "<Vcenter user group> example: administrators",

     "sshPrivateKeyFile": "<path to ssh private key file> example /fullPath/.ssh/id_rsa",
     "sshPublicKeyFile": "<path to ssh public key file> example /fullPath/.ssh/id_rsa.pub",

     "sshPrivateKey": "<ssh key files above or bootstrapper cluster ssh private key>",
     "sshPublicKey": "<ssh key files above or bootstrapper cluster ssh public key>"


},
Optional. If you include this section, then all the fields are mandatory.
  • Provide inputs for tcaMgr or tcaCp, or both.
  • To access from bootstrapperVMContext, tcaCp requires a SSH public or SSH private key.
Note: Either provide the public key and private key in string format or as SSH files. Do not provide the keys in a mixed format.
Note:
  • In a Bootstrapper VM, you can find the private key and the public key under /root/.ssh/.
  • In a development environment, you can use the script to install both appliances on the same management cluster, under different namespaces.
Appliance Namespace
tca tca-manager
tca-cp tca-system
"overrideValues": {
     "comment": "each entry in this section is optional",
     "vrliAddress":"<IP/FQDN of VRLI. Either IP or FQDN in case of IPv4. MUST be FQDN in case of IPv6> : If VRLI Address is provided, fluent service pod will be installed in fluent-system namespace. Example: 10.1.9.10 or vrli-ipv6.example.vsphere.local",
     "repoLibraryPath":"<URI with IPv4/IPv6/FQDN, port and path for external repo like Airgap, Jfrog > Example: see below.",
     "dnsServers":[
        "<DNS Server IPv4 addresses 1> example 8.8.8.8",
        "<DNS Server IPv4 addresses 2> example 8.8.4.4",
        or
        "<DNS Server IPv6 addresses 1> example 2001:4860:4860::8888",
        "<DNS Server IPv6 addresses 2> example 2001:4860:4860::8844"
     ],
     "proxy": {
        "httpProxy":  "<URL and Port for httpProxy : Example http://[2001:0db8:85a3::8a2e:0370:1]:3128>",
        "httpsProxy": "<URL and Port for httpsProxy: Example http://[2001:0db8:85a3::8a2e:0370:1]:3128>",
        "noProxy": "<Comma separate list of FQDN, Domains, IP Addresses and subnetCIDRs for proxy exceptions>",
        "caCert": "<base64 encoded ca cert of proxy server>"
     },
    "airgapFQDN":"<FQDN address> fqdn of the airgap server> Example: airgap.example.com",
    "airgapCaCert": "<Optionally needed when airgap server is configured with self signed cert: base64 encoded>"
}
Optional Each key in this section is optional.
  • vrliAddress: If present, this key enables the installation of fluent service. Otherwise, the installation is skipped.
  • repoLibraryPath: This key is required in an air-gapped environment, or if you use an external repository for pulling images.
  • airgapFQDN: If you have set up VMware Telco Cloud Automation in the air-gapped environment.
  • airgapCert: Applicable only when you provide airgapFQDN.
  • proxy: This is an optional section. Default value is no proxy. However, if the proxy is provided, then all the parameters in the section is mandatory.
  • noProxy: This is a Comma separated list of FQDN, Domains, IP Addresses, and subnetCIDRs for proxy exceptions.
Note: You can either use proxy or airgap. You cannot use both togather.
Note: You must prefix unused fields with comment_. For example, if the airgap FQDN is not used, you must provide the following prefix: "comment_airgapFQDN":"<FQDN address> fqdn of the airgap server> Example: airgap.example.com". Or, you can remove the unused optional fields.