This section provides a list of prerequisites required for deploying the VMware Telco Cloud Service Assurance.
Prerequisites for Deploying VMware Telco Cloud Service Assurance
- For deployment host:
- Kubectl package must be installed on deployment host (required for executing kubectl commands).
- A Linux x86/64 bit host with Docker installed. This is required to avoid providing registry credentials in plain text format while deploying VMware Telco Cloud Service Assurance using
tcxctl
command. This is done using Docker login command to Harbor registry. - The machine must have connectivity to:
- The public Internet to download the VMware Telco Cloud Service Assurance package from VMware Customer Connect.
- The Kubernetes cluster.
- The Container Registry.
- The deployment user home partition must be a minimum of 40 GB.
- The yq tool installed.
- Before triggering the deployment of VMware Telco Cloud Service Assurance, ensure that the time is synced across all the servers on which the worker nodes are running using NTP.
- If you are deploying VMware Telco Cloud Service Assurance on VMware Tanzu Kubernetes Grid, verify that you meet the VMware Tanzu Kubernetes Grid specific prerequisites.
- If you are deploying VMware Telco Cloud Service Assurance on AKS, verify that you meet the AKS specific prerequisites.
- If you are deploying VMware Telco Cloud Service Assurance on AWS, verify that you meet the EKS specific prerequisites.
- If you are deploying VMware Telco Cloud Service Assurance through VMware Telco Cloud Automation, verify that you meet the VMware Telco Cloud Automation specific prerequisites.
- If you are deploying VMware Telco Cloud Service Assurance in VMs with Native Kubernetes, verify that you meet the specific prerequisites.
Prerequisites for Deploying VMware Telco Cloud Service Assurance on VMware Tanzu Kubernetes Grid
- Deployment files provided by VMware Customer Connect from where you can download the deployer package.
- Ensure that you have <config> for deploying VMware Telco Cloud Service Assurance in VMware Tanzu Kubernetes Grid workload cluster. For more information, see Obtaining KUBECONFIG File from VMware Tanzu Kubernetes Grid Workload Cluster.
- Verify that you have VMware Tanzu Kubernetes Grid workload cluster with available
vsphere-sc
storage class. For example, vSAN.Note: When creating a workload cluster, ensure that you refer the VMware Telco Cloud Service Assurance Sizing Sheet for calculating the number of VMs based on the flexible deployment. - Kubernetes workload cluster virtual IP must be noted post deployment of workload cluster. Use the virtual IP when updating values.yaml file.
- The recommended registry for VMware Tanzu Kubernetes Grid is Harbor. Supported versions of Harbor are from 2.2 to 2.8.2. Ensure that you deploy Harbor and you have access permissions to it.
Prerequisites for Deploying VMware Telco Cloud Service Assurance on Azure
- To deploy VMware Telco Cloud Service Assurance, configure AKS cluster.
- If deploying AKS cluster in a private network:
- Create an Azure Virtual Network (VNet) on AKS with required IP address. For private AKS cluster creation, see Create a private AKS cluster.
Note: For AKS, the recommended network plug-in is Kubenet. While creating AKS cluster, use
--pod-cidr
option to ensure that pods get the private IP addresses. The--pod-cidr
option must be provided with the private IP address specifying /16 subnet.Public Network: A Kubernetes cluster deployed in a public network using a cloud provider like AKS or EKS is reachable through the public internet. Deploying VMware Telco Cloud Service Assurance on such a cluster indicates that it can be accessed from any location with internet connectivity. Public IPs provided can be created using the cloud provider to access VMware Telco Cloud Service Assurance.
Private Network: A Kubernetes cluster deployed in a private network using a cloud provider like AKS or EKS is reachable only within that network. Deploying VMware Telco Cloud Service Assurance in such a cluster means it can be accessed only from a machine that is already in that network. The actual IP address used to access VMware Telco Cloud Service Assurance needs to be in the same private network.
- Configure the firewall for communicating between IP addresses in a subnet.
- Verify that all configured networking resources in Azure, such as VNet, subnet, and Route Table are available in the same resource group as the Kubernetes cluster.
- Verify that there is connectivity between the network to provide access to external clients or devices that are not part of the same network.
- By having the ports open, verify that the Kubernetes cluster is sending outward traffic. For more information on the list of open ports, see AKS Global Network Rules.
Note:
- The VMware Telco Cloud Service Assurance and the Domain Manager (IP, SAM, and ESM) deployment is tested when the VNet, subnet, and Route table are provided and configured to ensure connectivity to the on-premises test infrastructure.
- You can also deploy the VMware Telco Cloud Service Assurance and Domain Manager without the VNet, subnet, and Route Table. AKS provides a default for the same. Verify that there is connectivity between VMware Telco Cloud Service Assurance and Domain Manager and the infrastructure that monitor VMware Telco Cloud Service Assurance and Domain Manager.
- Create an Azure Virtual Network (VNet) on AKS with required IP address. For private AKS cluster creation, see Create a private AKS cluster.
- If deploying AKS cluster in a private network:
- Ensure you run a
docker login
to the Azure Container Registry (ACR) before invoking the installer. - Create an ACR instance in the same region and resource group as the AKS cluster.
Prerequisites for Deploying VMware Telco Cloud Service Assurance on AWS
- To deploy VMware Telco Cloud Service Assurance on AWS, configure EKS cluster.
Note: When creating a EKS cluster, ensure that you refer the VMware Telco Cloud Service Assurance Sizing Sheet for calculating the number of VMs based on the flexible deployment.
- For private network:
- Install Amazon EBS CSI driver for EKS 1.23.x or later versions. For more information, see Amazon EBS CSI Driver documentation.
- The recommended network plug-in is Amazon VPC CNI. For more information, see Amazon VPC CNI documentation.
- Ensure that AWS loadbalancer is deployed. For more information, see Installing the AWS Load Balancer documentation.
- Make sure that you create two subnet IDs for the VMware Telco Cloud Service Assurance deployment.
- Verify that AWS credentials and configuration file with profile information and access key are present in the deployment host at ~/.aws/config and ~/.aws/credentials. Ensure that deployment host has AWS client installed.
- Ensure you run a
docker login
to the Elastic Container Registry (ECR) before invoking the installer.
Prerequisites for Deploying VMware Telco Cloud Service Assurance through VMware Telco Cloud Automation
- Perform the common prerequisites tasks specified for deploying VMware Telco Cloud Service Assurance.
- A VMware Telco Cloud Automation cluster and supported VMware Tanzu Kubernetes Grid template images for VMware Tanzu Kubernetes Grid version.
- A VMware Tanzu Kubernetes Grid workload cluster that is configured with the VMware Telco Cloud Automation setup and connected to the secure Harbor registry. When creating a workload cluster, ensure that you refer the VMware Telco Cloud Service Assurance Sizing Sheet for calculating the number of VMs based on the flexible deployment.
- Supported versions of Harbor are from 2.2 to 2.8.2. Ensure that you deploy Harbor and you have access permissions to it.
- Chartmuseum package must be installed in the Harbor setup.
Note: The Chartmuseum-based deployment is supported for VMware Telco Cloud Service Assurance 2.3 with VMware Telco Cloud Automation 2.3. If you are using VMware Telco Cloud Automation 3.0, you can use any Harbor version from 2.6 through 2.8.2 and Chartmuseum is not required.
- It is recommended to use FQDN for Harbor certificates.
- A secure Harbor registry that is registered as a partner system with the VMware Telco Cloud Automation setup.
- Ensure that you have a secure Harbor registry configured for VMware Tanzu Kubernetes Grid. For more information, see Secure Harbor Registry section.