Skip to main content

Deploy a PCG with Palette CLI

Palette Private Cloud Gateway (PCG) is a crucial infrastructure support component that acts as a bridge between your private cloud environment or data center and Palette.

A PCG is required in environments lacking direct network access to Palette. For example, many infrastructure environments reside within private networks that restrict external connections, preventing internal devices and resources from reaching Palette directly.

Upon installation, the PCG initiates a connection from inside the private network to Palette, serving as an endpoint for Palette to communicate with the infrastructure environment. The PCG continuously polls Palette for instructions to either deploy or delete Kubernetes clusters within the environment. This connection uses a secure communication channel that is encrypted using the Transport Layer Security (TLS) protocol. Once a cluster is deployed, the PCG is no longer involved in the communication between Palette and the deployed cluster. The cluster then communicates directly with Palette through the Palette agent available within each cluster, which originates all network requests outbound toward Palette. Refer to the PCG Architecture section for more information.

In this tutorial, you will deploy a VMware PCG using Palette CLI.

Prerequisites

Follow the steps described in the Set up Palette with VMware guide to authenticate Palette for use with your VMware user account.

You will need a Linux x86-64 machine with access to a terminal and Internet, as well as connection to both Palette and VMware vSphere.

  • The following IP address requirements must be met in your VMware vSphere environment:

    • One IP address available for the single-node PCG deployment. Refer to the PCG Sizing section for more information on sizing.
    • One IP address reserved for cluster repave operations.
    • One IP address for the Virtual IP (VIP).
    • DNS must be able to resolve the domain api.spectrocloud.com.
    • NTP server must be reachable from the PCG.
  • The following minimum resources must be available in your VMware vSphere environment:

    • CPU: 4 cores.
    • Memory: 4 GiB.
    • Storage: 60 GiB.

    info

    In production environments, we recommend deploying a three-node PCG, each node with 8 cores of CPU, 8 GiB of memory, and 100 GiB of storage.

  • Ensure the following software is installed and available on your Linux machine.

Authenticate with Palette

The initial step to deploy a PCG using Palette CLI involves authenticating with your Palette environment using the palette login command. In your terminal, execute the following command.

palette login

Once issued, you will be prompted for several parameters to complete the authentication. The table below outlines the required parameters along with the values that will be utilized in this tutorial. If a parameter is specific to your environment and Palette account, such as your Palette API key, ensure to input the value according to your environment. Check out the Deploy a PCG to VMware vSphere guide for more information. option.

ParameterValueEnvironment-Specific
Spectro Cloud Consolehttps://console.spectrocloud.com. If using a self-hosted instance of Palette, enter the URL for that instance.No
Allow Insecure ConnectionY. Enabling this option bypasses x509 CA verification. In production environments, enter Y if you are using a self-hosted Palette or VerteX instance with self-signed TLS certificates and need to provide a file path to the instance CA. Otherwise, enter N.No
Spectro Cloud API KeyEnter your Palette API Key.Yes
Spectro Cloud OrganizationSelect your Palette Organization name.Yes
Spectro Cloud ProjectNone (TenantAdmin)No
AcknowledgeAccept the login banner message. Login banner messages are only displayed if the tenant admin enabled a login banner.Yes

After accepting the login banner message, you will receive the following output confirming you have successfully authenticated with Palette.

Welcome to Spectro Cloud Palette

The video below demonstrates Palette's authentication process. Ensure you utilize values specific to your environment, such as the correct Palette URL. Contact your Palette administrator for the correct URL if you use a self-hosted Palette or VerteX instance.

Deploy a PCG

After authenticating with Palette, you can proceed with the PCG creation process. Issue the command below to start the PCG installation.

palette pcg install

The palette pcg install command will prompt you for information regarding your PCG cluster, vSphere environment, and resource configurations. The following tables display the required parameters along with the values that will be used in this tutorial. Enter the provided values when prompted. If a parameter is specific to your environment, such as your vSphere endpoint, enter the corresponding value according to your environment. For detailed information about each parameter, refer to the Deploy a PCG to VMware vSphere guide.

info

The PCG to be deployed in this tutorial is intended for educational purposes only and is not recommended for production environments.

  1. PCG General Information

    Configure the PCG general information, including the Cloud Type and Private Cloud Gateway Name, as shown in the table below.

    ParameterValueEnvironment-Specific
    Management Plane TypePaletteNo
    Enable Ubuntu Pro (required for production)NNo
    Select an image registry typeDefaultNo
    Cloud TypeVMware vSphereNo
    Private Cloud Gateway Namegateway-tutorialNo
    Share PCG Cloud Account across platform ProjectsYNo
  2. Environment Configuration

    Enter the environment configuration information, such as the Pod CIDR and Service IP Range according to the table below.

    ParameterValueEnvironment-Specific
    HTTPS ProxySkip.No
    HTTP ProxySkip.No
    Pod CIDR172.16.0.0/20. The pod IP addresses should be unique and not overlap with any machine IPs in the environment.No
    Service IP Range10.155.0.0/24. The service IP addresses should be unique and not overlap with any machine IPs in the environment.No
  3. vSphere Account Information

    Enter the information specific to your vSphere account.

    ParameterValueEnvironment-Specific
    vSphere EndpointYour vSphere endpoint. You can specify a Full Qualified Domain Name (FQDN) or an IP address. Make sure you specify the endpoint without the HTTP scheme https:// or http://. Example: vcenter.mycompany.com.Yes
    vSphere UsernameYour vSphere account username.Yes
    vSphere PasswordYour vSphere account password.Yes
    Allow Insecure Connection (Bypass x509 Verification)Y. Enabling this option bypasses x509 CA verification. In production environments, enter N if using a custom registry with self-signed SSL certificates. Otherwise, enter Y.No
  4. vSphere Cluster Configuration

    Enter the PCG cluster configuration information. For example, specify the vSphere Resource Pool to be targeted by the PCG cluster.

    ParameterValueEnvironment-Specific
    DatacenterThe vSphere data center to target when deploying the PCG cluster.Yes
    FolderThe vSphere folder to target when deploying the PCG cluster.Yes
    NetworkThe port group to which the PCG cluster will be connected.Yes
    Resource PoolThe vSphere resource pool to target when deploying the PCG cluster.Yes
    ClusterThe vSphere compute cluster to use for the PCG deployment.Yes
    Select specific Datastore or use a VM Storage PolicyDatastoreNo
    DatastoreThe vSphere datastore to use for the PCG deployment.Yes
    Add another Fault DomainNNo
    NTP ServersSkip.No
    SSH Public KeysProvide a public OpenSSH key to be used to connect to the PCG cluster.Yes
  5. PCG Cluster Size

    This tutorial will deploy a one-node PCG with dynamic IP placement (DDNS). If needed, you can convert a single-node PCG to a multi-node PCG to provide additional capacity. Refer to the Increase PCG Node Count guide for more information.

    ParameterValueEnvironment-Specific
    Number of Nodes1No
    Placement TypeDDNSNo
    Search domainsComma-separated list of DNS search domains. For example, spectrocloud.dev.Yes
  6. Cluster Settings

    Set the parameter Patch OS on boot to N, meaning the OS of the PCG hosts will not be patched on the first boot.

    ParameterValueEnvironment-Specific
    Patch OS on bootNNo
  7. vSphere Machine Configuration

    Set the size of the PCG as small (S) as this PCG will not be used in production environments.

    ParameterValueEnvironment-Specific
    S4 CPU, 4 GB of Memory, and 60 GB of StorageNo
  8. Node Affinity Configuration Information

    Set Node Affinity to N, indicating no affinity between Palette pods and control plane nodes.

    ParameterValueEnvironment-Specific
    Node AffinityNNo

After answering the prompts of the pcg install command, a new PCG configuration file is generated, and its location is displayed on the console.

==== PCG config saved ==== Location: /home/ubuntu/.palette/pcg/pcg-20240313152521/pcg.yaml

Next, Palette CLI will create a local kind cluster that will be used to bootstrap the PCG cluster deployment in your VMware environment. Once installed, the PCG registers itself with Palette and creates a VMware cloud account with the same name as the PCG.

The following recording demonstrates the pcg install command with the --config-only flag. When using this flag, a reusable configuration file named pcg.yaml is created under the path .palette/pcg. You can then utilize this file to install a PCG with predefined values using the command pcg install with the --config-file flag. Refer to the Palette CLI PCG Command page for further information about the command.



You can monitor the PCG cluster creation by logging into Palette and switching to the Tenant Admin scope. Next, click on Tenant Settings from the left Main Menu and select Private Cloud Gateways. Then, click on the PCG cluster you just created and check the deployment progress under the Events tab.

PCG Events page.

You can also track the PCG deployment progress from your terminal. Depending on the PCG size and infrastructure environment, the deployment might take up to 30 minutes. Upon completion, the local kind cluster is automatically deleted from your machine.

Palette CLI PCG deployment

Next, log in to Palette as a tenant admin. Navigate to the left Main Menu and select Tenant Settings. Click on Private Cloud Gateways from the Tenant Settings Menu and select the PCG you just created. Ensure that the PCG cluster status is Running and Healthy before proceeding.

PCG Overview page.

Next Steps

In this tutorial, you deployed a PCG to connect Palette to your VMware vSphere environment. To learn how to get started with deploying Kubernetes clusters to VMware, we recommend that you continue to the Create a Cluster Profile tutorial to create a full cluster profile for your host cluster.