This section details how to expose Native and TKGm clusters.

To grant Internet access to the cluster virtual machines and maintain accessibility to the clusters, VMware Cloud Director Container Service Extension offers an option to expose the cluster. The NSX routed organization VDC networks that are used to deploy Tanzu Kubernetes Grid clusters and Native clusters allow expose functionality for clusters. This ensures that the cluster virtual machines are accessible from outside the scope of the NSX organization VDC networks.

To use the expose functionality, it is necessary for users to have the following rights:
  • Gateway View
  • NAT View only
  • NAT Configure
Note: If you are missing any of the required rights, VMware Cloud Director Container Service Extension ignores the request to expose a Kubernetes cluster.

These rights are granted by default to all new organizations, and the Organization Administrator can edit the cse:nativeCluster entitlement right bundle to apply these rights to tenant users in the VMware Cloud Director UI. For instructions to perform this task, refer to View and Edit a Rights Bundle.

Note: The cse:nativeCluster entitlement right bundle is applicable to both Native and TKGm clusters. For more information, see Managing Tenant User Roles and Rights.