vSphere Supervisor Services

• Supervisor Services Catalog
  • vSphere Kubernetes Service (VKS)
    • vSphere Kubernetes Service (VKS) Versions
  • Consumption Interface
    • Consumption Interface Versions
  • vSAN Data Persistence Platform (vDPP) Services:
  • Backup & Recovery Service
    • Velero vSphere Operator CLI Versions
    • Velero Versions
  • Certificate Management Service
    • CA Cluster Issuer Versions
  • Cloud Native Registry Service
    • Harbor Versions
  • Kubernetes Ingress Controller Service
    • Contour Versions
  • External DNS Service
    • ExternalDNS Versions
  • NSX Management Proxy
    • NSX Management Proxy Versions
  • Data Services Manager Consumption Operator
    • Data Services Manager Consumption Operator Versions
  • Secret Store Service
    • Secret Store Service versions

---

• Supervisor Services Labs Catalog
  • ArgoCD Operator
    • ArgoCD Operator Versions
  • External Secrets Operator
    • External Secrets Operator Versions
  • RabbitMQ Cluster Kubernetes Operator
    • RabbitMQ Cluster Kubernetes Operator Versions
  • Redis Operator
    • Redis Operator Versions
  • KEDA
    • KEDA Versions

Supervisor Services Catalog

Discover current Supervisor Services offered to support modern applications through vSphere Services. New services will be added over time with the goal to continue to empower your DevOps communities.

Prior to vSphere 8 Update 1, the Supervisor Services are only available with Supervisor Clusters enabled using VMware NSX-T. With vSphere 8 U1, Supervisor Services are also supported when using the vSphere Distributed Switch (VDS) networking stack.

Supervisor Service	vSphere 7	vSphere 8
vSphere Kubernetes Service	❌ *	✅ requires vSphere 8.0 Update 3 or later
Consumption Interface	❌	✅ requires vSphere 8.0 Update 3 or later
vSAN Data Persistence Platform Services - MinIO	✅	✅
Backup & Recovery Service - Velero	✅	✅
Certificate Management Service - cert-manager	❌	✅
Cloud Native Registry Service - Harbor	❌ *	✅
Kubernetes Ingress Controller Service - Contour	❌	✅
External DNS Service - ExternalDNS	❌	✅
NSX Management Proxy	❌	✅ requires vSphere 8.0 Update 3 or later with Supervisor Clusters enabled using VMware NSX-T
Data Services Manager Consumption Operator	❌	✅ requires vSphere 8.0 Update 3 or later with additional configuration. Please contact Global Support Services (GSS) for the additional configuration
* The embedded Harbor Registry and vSphere Kubernetes Service features are still available and supported on vSphere 7 and onwards.

How to find the Supervisor Services

Download a service definition from support.broadcom.com. To find a service definition:

1. Log in to support.broadcom.com, Go to Enterprice Sofware.

2. Select My Downloads on the left hand side navigation.

3. If you are looking to download VMware Private AI Services search that term, alternatively search for vSphere Supervisor Services.

4. Next navigate to the service of choice and version you are looking to install.

5. Click on the download icon on the service definition as well as any additional files (such as values.yaml files, etc.)

6. You can now proceed to install your service.

Please check Interoperability Matrix to find out which version is compatible with which Supervisor version.

vSphere Kubernetes Service

VMware vSphere Kubernetes Service (VKS, formerly known as the VMware Tanzu Kubernetes Grid Service or TKG Service) lets you deploy Kubernetes workload clusters on the vSphere Supervisor (formerly known as the vSphere IaaS control plane). Starting with vSphere 8.0 Update 3, VKS is installed as a Supervisor Service. This architectural change decouples VKS from Supervisor releases and lets you upgrade VKS independently of vCenter Server and Supervisor.

• Service install documentation

vSphere Kubernetes Service Versions

The Interoperability Matrix shows each VKS version below, including compatible Kubernetes releases and the vCenter Server versions containing compatible Supervisor versions. Note that some compatible Kubernetes releases may have reached End of Service; refer to the Product Lifecycle tool (Division: "VMware Cloud Foundation", Product Name: "vSphere Kubernetes releases") to view End of Service dates for Kubernetes releases.

• VKS v3.4.0
  • Release Notes
• VKS v3.3.3
  • Release Notes
  • OSS Information
• VKS v3.3.2
  • Release Notes
  • OSS Information
• VKS v3.3.1
  • Release Notes
  • OSS Information
• VKS v3.3.0
  • Release Notes
  • OSS Information
• VKS v3.2.0
  • Release Notes
  • OSS Information
• VKS v3.1.1
  • Release Notes
  • OSS Information
• VKS v3.1.0
  • Release Notes
  • OSS Information

Consumption Interface

Provides the Local Consumption Interface (LCI) for Namespaces within vSphere Client. This also includes the Single Sign On (SSO) component required by the Cloud Consumption Interface (CCI) in Aria Automation within VMware Cloud Foundation.

The minimum required version for using this interface is vSphere 8 Update 3.

Consumption Interface Versions

Installation instructions can be found here in VMware documentation.

IMPORTANT NOTICE: Occasionally, the plug-in may fail to load on the initial attempt. To check if the plug-in has loaded correctly, click the vSphere Client menu icon, then to Administration -> Client -> Plug-ins. Check the Status column of the Namespace UI plug-in, and in case you see a "Plug-in configuration with Reverse Proxy failed." Message, reinstall the plug-in.

• Version:
  • 9.0.0
  • v1.0.2 Release notes

OSS information

LCI OSS

SSO OSS Refer to the Open Source Tab

vSAN Data Persistence Platform (vDPP) Services:

vSphere with Tanzu offers the vSAN Data Persistence platform. The platform provides a framework that enables third parties to integrate their cloud native service applications with underlying vSphere infrastructure, so that third-party software can run on vSphere with Tanzu optimally.

• Using vSAN Data Persistence Platform (vDPP) with vSphere with Tanzu documentation
• Enable Stateful Services in vSphere with Tanzu documentation

Available vDPP Services

• MinIO partner documentation
  • Version:
    • 2.0.10

Backup & Recovery Service

Velero vSphere Operator helps users install Velero and its vSphere plugin on a vSphere with Kubernetes Supervisor cluster. Velero is an open source tool to safely backup and restore, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes.

• Service install documentation

Velero vSphere Operator CLI Versions

This is a prerequisite for a cluster admin install.

• Velero vSphere Operator CLI versions:
  • v1.8.0
  • v1.6.1
  • v1.6.0
  • v1.5.0
  • v1.4.0
  • v1.3.0
  • v1.2.0
  • v1.1.0

Velero Versions

• Velero vSphere Operator versions:
  • v1.8.0
  • v1.6.1
  • v1.6.0
  • v1.5.0
  • v1.4.0
  • v1.3.0
  • v1.2.0
  • v1.1.0

Certificate Management Service

ClusterIssuers are Kubernetes resources that represent certificate authorities (CAs) that are able to generate signed certificates by honoring certificate signing requests. All cert-manager certificates require a referenced issuer that is in a ready condition to attempt to honor the request.

• Service install - Follow steps 1 - 5 in the documentation then continue to the bullet point below.
• Read Service Configuration to understand how to install your root CA into the ca-clusterissuer.

CA Cluster Issuer Versions

• v0.0.2
• v0.0.1

CA Cluster Issuer Sample values.yaml

• We do not provide any default values for this package. Instead, we encourage that you generate certificates. Please read How-To Deploy a self-signed CA Issuer and Request a Certificate for information on how to create a self-signed certificate.

Cloud Native Registry Service

Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. Harbor extends the open source Docker Distribution by adding the functionalities usually required by users such as security, identity and management. Having a registry closer to the build and run environment can improve the image transfer efficiency. Harbor supports replication of images between registries, and also offers advanced security features such as user management, access control and activity auditing.

• The contour package is a prerequisite for Harbor v2.9.x, so that must be installed first if you are using v2.9.x.
• Harbor v2.11.2 supports exposing the registry using loadbalancer, and contour is not required.
• Follow the instructions under Installing and Configuring Harbor on a Supervisor.

Harbor Versions

• v2.13.1
• v2.12.4
• v2.11.2
• v2.9.1

Harbor Sample values.yaml Sample values can be downloaded from the same location as Service yamls.

• Version: values for v2.12.4 - For details about each of the required properties, see the configuration details page.
• Version: values for v2.11.2 - For details about each of the required properties, see the configuration details page.
• Version: values for v2.9.1 - For details about each of the required properties, see the configuration details page.

Kubernetes Ingress Controller Service

Contour is an Ingress controller for Kubernetes that works by deploying the Envoy proxy as a reverse proxy and load balancer. Contour supports dynamic configuration updates out of the box while maintaining a lightweight profile.

• Service install - Follow steps 1 - 5 in the documentation.

Contour Versions

• v1.29.3
• v1.28.2
• v1.24.4
• v1.18.2

Contour Sample values.yaml

• Sample values can be downloaded from the same location as service yaml. These values can be used as-is and require no configuration changes.

External DNS Service

ExternalDNS publishes DNS records for applications to DNS servers, using a declarative, Kubernetes-native interface. This operator connects to your DNS server (not included here). For a list of supported DNS providers and their corresponding configuration settings, see the upstream external-dns project.

• On Supervisors where Harbor is deployed with Contour, ExternalDNS may be used to publish a DNS hostname for the Harbor service.

ExternalDNS Versions

• v0.14.2
• v0.13.4
• v0.11.0

ExternalDNS data values.yaml

• Because of the large list of supported DNS providers, we do not supply complete sample configuration values here. If you're deploying ExternalDNS with Harbor and Contour, make sure to include source=contour-httpproxy in the configuration values. An incomplete example of the service configuration is included below. Make sure to setup API access to your DNS server and include authentication details with the service configuration.

deployment:
  args:
  - --source=contour-httpproxy
  - --source=service
  - --log-level=debug

Validated Supported DNS Server Example:

• RFC2136 BIND DNS Server: Sample values can be downloaded from the same location as service.yaml. Replace the values indicated by the comments with your own DNS server details.

NSX Management Proxy

NSX Management Proxy is for Antrea-NSX adapter in Kubernetes clusters deployed by VKS to reach NSX manager. We recommend to use NSX Management Proxy when there is isolation between management network and workload network and the Kubernetes clusters cannot reach NSX manager.

NSX Management Proxy Versions

• For vSphere 8.0 Update 3 or later
  • v0.2.2
• For vSphere 8.0 Update 3
  • v0.2.1
  • v0.2.0
  • v0.1.1

NSX Management Proxy Sample values.yaml

• Download sample values.yaml from the same location as Service yaml. Make sure to fill the property nsxManagers with your NSX Manager IP(s).

Note: NSX Management Proxy is supported in vSphere 8.0 Update 3 when Supervisor Clusters are enabled using VMware NSX-T networking stack under following configurations:

• NSX Load Balancer is configured as load balancing solution.
• NSX Gateway Firewall is enabled.

Data Services Manager Consumption Operator

The Data Services Manager(DSM) Consumption Operator facilitates native, self-service access to DSM within a Kubernetes environment. It exposes a selection of resources supported by the DSM provider, allowing customers to connect to the DSM provider from Kubernetes. Although the DSM provider does not currently support tenancy natively, the DSM Consumption Operator enables customers to seamlessly integrate their existing tenancy model, effectively introducing tenancy into the DSM provider.

• The DSM provider is a prerequisite for DSM consumption operator, so that must be installed first.
• Installation instructions can be found here in VMware documentation
• Configuration instructions can be found here in VMware documentation.

Data Services Manager Consumption Operator Versions

• v9.0.0.0
• v2.2.1
• v2.2.0
• v1.2.0
• v1.1.2
• v1.1.1
• v1.1.0

Data Services Manager Consumption Operator Sample values. yaml

• Sample values can be found at the same location as service yaml

• v9.0.0.0: For details about each of the required properties, see the configuration details page.

• v2.2.1 For details about each of the required properties, see the configuration details page.

• v2.2.0 For details about each of the required properties, see the configuration details page.

• v1.2.0 For details about each of the required properties, see the configuration details page.

Installation Note:

• DSM Consumption Operator v9.0.0.0
  You should add a new field isSupervisor in dsm section of the values yaml and its value should always be bool true. If you encounter any issues related to the Service-id, please contact Global Support Services (GSS) for immediate assistance.
• DSM Consumption Operator v2.2.X
  When installing DSM Consumption Operator v2.2.X as a Supervisor Service, if you encounter any issues related to the Service-id, please contact Global Support Services (GSS) for immediate assistance.

Upgrade Note:

• DSM Consumption Operator v9.0.0.0
  If you are upgrading from v2.2.X to 9.0.0.0, do not uninstall the existing version and do not change the values yaml. Instead, we highly recommend contacting GSS for guidance and support. This will ensure a smooth upgrade process and prevent potential disruptions. For additional help, please refer to the support documentation or reach out to our technical support team.
• DSM Consumption Operator v2.2.X
  Earlier versions of the DSM Consumption Operator, including v1.1.0, v1.1.1, v1.1.2 and v1.2.0 are deprecated and should not be used for new Supervisor Service installation. If you are upgrading from these older versions to v2.2.X, do not uninstall the existing version. Instead, we highly recommend contacting GSS for guidance and support. This will ensure a smooth upgrade process and prevent potential disruptions. For additional help, please refer to the support documentation or reach out to our technical support team.

Secret Store Service

Secret Store Service is a comprehensive solution for managing secrets in vSphere, ensuring the security and integrity of the environment and providing a robust and scalable solution for securely injecting secrets into workloads.

Secret Store Service Versions

• v9.0.0

Secret Store Service sample values.yaml

• Sample values can be downloaded from the same location as service yaml. Make sure to fill the property storageClassName with storage policy name.

---

Supervisor Services Labs Catalog

Experimental

The following Supervisor Services Labs catalog is only provided for testing and educational purposes. Please do not use these services in a production environment. These services are intended to demonstrate Supervisor Services' capabilities and usability. VMware will strive to provide regular updates to these services. The Labs services have been tested starting from vSphere 8.0. Over time, depending on usage and customer needs, some of these services may be included in the core product.

WARNING - By downloading and using these solutions from the Supervisor Services Labs catalog, you explicitly agree to the conditional use license agreement.

ArgoCD Operator

The Argo CD Operator manages the entire lifecycle of Argo CD and its components. The operator aims to automate the tasks required to operate an Argo CD deployment. Beyond installation, the operator helps automate the process of upgrading, backing up, and restoring as needed and removes the human toil as much as possible. For a detailed description of how to consume the ArgoCD Operator, see the ArgoCD Operator project.

ArgoCD Operator Versions

• Download the latest version: ArgoCD Operator v0.12.0
• Download previous v0.8.0: ArgoCD Operator v0.8.0

ArgoCD Operator Sample values.yaml for v0.12.0 - values.yaml ArgoCD Operator Sample values.yaml for v0.8.0 - None

• The sample values.yaml for the latest version has been provided above. This operator requires minimal configurations, and the necessary pods get deployed in the svc-argocd-operator-domain-xxx namespace.

Usage:

• Check out this example on deploying an ArgoCD instance with the Argo CD Operator here.
• For advanced configurations, check the detailed reference and sample usage

External Secrets Operator

External Secrets Operator is a Kubernetes operator that integrates external secret management systems like AWS Secrets Manager, HashiCorp Vault, Google Secrets Manager, Azure Key Vault, IBM Cloud Secrets Manager, CyberArk Conjur, etc. The operator reads information from external APIs and automatically injects the values into a Kubernetes Secret. For a detailed description of how to consume External Secrets Operator, visit External Secrets Operator project

External Secrets Operator Versions

• Download latest version: External Secrets Operator v0.9.14

External Secrets Operator Sample values.yaml - None

• We do not provide this package's default values.yaml. This operator requires minimal configurations, and the necessary pods get deployed in the svc-external-secrets-operator-domain-xxx namespace.

Usage:

• Check out this example on how to access a secret from GCP Secret Manager using External Secrets Operator here

RabbitMQ Cluster Kubernetes Operator

The RabbitMQ Cluster Kubernetes Operator provides a consistent and easy way to deploy RabbitMQ clusters to Kubernetes and run them, including "day two" (continuous) operations. RabbitMQ clusters deployed using the Operator can be used by applications running on or outside Kubernetes. For a detailed description of how to consume the RabbitMQ Cluster Kubernetes Operator, see the RabbitMQ Cluster Kubernetes Operator project.

RabbitMQ Cluster Kubernetes Operator Versions

• Download latest version: RabbitMQ Cluster Kubernetes Operator v2.8.0

RabbitMQ Cluster Kubernetes Operator Sample values.yaml -

• Modify the latest values.yaml by providing a new location for the RabbitMQ Cluster Kubernetes Operator image. This may be required to overcome DockerHub's rate-limiting issues. The RabbitMQ Cluster Kubernetes Operator pods and related artifacts get deployed in the svc-rabbitmq-operator-domain-xx namespace.

Usage:

• Check out this example on how to deploy a RabbitMQ cluster using the RabbitMQ Cluster Kubernetes Operator here
• For advanced configurations, check the detailed reference.

Redis Operator

A Golang-based Redis operator that oversees Redis standalone/cluster/replication/sentinel mode setup on top of Kubernetes. It can create a Redis cluster setup using best practices. It also provides an in-built monitoring capability using Redis-exporter. For a detailed description of how to consume the Redis Operator, see the Redis Operator project.

Redis Operator Versions

• Download latest version: Redis Operator v0.16.0

Redis Operator Sample values.yaml -

• We do not provide this package's default values.yaml. This operator requires minimal configurations, and the necessary pods get deployed in the svc-redis-operator-domain-xxx namespace.

Usage:

• View an example of how to use the Redis Operator to deploy a Redis standalone instance here
• For advanced configurations, check the detailed reference.

KEDA

KEDA is a single-purpose and lightweight component that can be added into any Kubernetes cluster. KEDA works alongside standard Kubernetes components like the Horizontal Pod Autoscaler and can extend functionality without overwriting or duplication. With KEDA you can explicitly map the apps you want to use event-driven scale, with other apps continuing to function. This makes KEDA a flexible and safe option to run alongside any number of any other Kubernetes applications or frameworks. For a detailed description of how to use KEDA, see the Keda project.

KEDA Versions

• Download latest version: KEDA v2.13.1 Note: This version supports Kubernetes v1.27 - v1.29.

KEDA Sample values.yaml -

• We do not provide this package's default values.yaml. This operator requires minimal configurations, and the necessary pods get deployed in the svc-kedaxxx namespace.

Usage:

• View an example of how to use KEDA ScaledObject to scale an NGINX deployment here.
• For additonal examples, check the detailed reference.