Deploy to VMware vSphere
This guide provides you with the steps to deploy a PCG cluster to a VMware vSphere environment. Before you begin the installation, carefully review the Prerequisites section.
Refer to our Deploy App Workloads with a PCG tutorial for detailed guidance on how to deploy app workloads with a PCG.
Prerequisites
If you are using a self-hosted Palette instance or Palette VerteX, and you deployed the instance to a VMware vSphere environment, then you already have all the required permissions and roles. Proceed to the installation steps in the Deploy PCG guide.
-
Palette version 4.0.X or greater.
-
A Palette API key. Refer to the Create API Key page for guidance.
warningThe installation does not work with Single Sign-On (SSO) credentials. You must use an API key from a local tenant admin account in Palette to deploy the PCG. After the PCG is configured and functioning, this local account is no longer used to keep the PCG connected to Palette, so you can deactivate the account if desired.
-
Download and install the Palette CLI from the Downloads page. Refer to the Palette CLI Install guide to learn more.
The following system requirements must be met to install a PCG in VMware vSphere:
-
PCG IP address requirements:
- One IP address for a single-node PCG or three IP addresses for a three-node PCG. Refer to the PCG Sizing section for more information on sizing.
- One IP address reserved for cluster repave operations.
- One IP address for the Virtual IP (VIP).
- DNS can resolve the domain
api.spectrocloud.com
. - NTP server is reachable from the PCG.
-
A PCG requires the following minimum resources:
- CPU: 4
- Memory: 4 GiB
- Storage: 60 GiB
For production environments, we recommend using three nodes, each with 8 CPU, 8 GiB of memory, and 100 GiB of storage. Nodes can exhaust the 60 GiB storage with prolonged use. If you initially set up the gateway with one node, you can resize it at a later time.
-
An x86 Linux environment with an installed Docker daemon and connections to Palette and the VMware vSphere endpoint. The Palette CLI installation must be invoked on an up-to-date Linux system with an x86-64 architecture.
Before installing the PCG on VMware, review the following system requirements and permissions. The vSphere user account used to deploy the PCG must have the required permissions to access the proper roles and objects in vSphere.
Start by reviewing the required action items below:
-
Create two custom vSphere roles. Check out the Create Required Roles section to create the required roles in vSphere.
-
Review the vSphere Permissions section to ensure the created roles have the required vSphere privileges and permissions.
-
Create node zones and regions for your Kubernetes clusters. Refer to the Zone Tagging section to ensure that the required tags are created in vSphere to ensure proper resource allocation across fault domains.
Create Required Roles
Palette requires two custom roles to be created in vSphere before the PCG installation. Refer to the Create a Custom Role guide if you need help creating a custom role in vSphere. The required custom roles are:
-
A root-level role with access to higher-level vSphere objects. This role is referred to as the Spectro root role. Check out the Root-Level Role Privileges table for the list of privileges required for the root-level role.
-
A role with the required privileges for deploying VMs. This role is referred to as the Spectro role. Review the Spectro Role Privileges table for the list of privileges required for the Spectro role.
The user account you use to deploy the PCG must have access to both roles. Each vSphere object required by Palette must have a Permission entry for the respective Spectro role. The following tables list the privileges required for each custom role.
For an in-depth explanation of vSphere authorization and permissions, check out the Understanding Authorization in vSphere resource.