VMware Cloud Director Container Service Extension Requirements for Service Providers

To use VMware Cloud Director Container Service Extension 4.0 and later, ensure you are satisfying the following prerequisites.

Service Provider Requirements

Ensure the VMware Cloud Director Container Service Extension server that resides in the solution organization can reach VMware Cloud Director load balancer endpoint.
Ensure you are using the following network configuration.
- Use the reference architecture to configure NSX and NSX Advanced Load Balancer correctly.
- Deploy a test virtual service in a tenant organization to test the NSX and NSX Advanced Load Balancer configuration before you allow tenant users to begin cluster creation.
- Ensure MTU (9000) values are correctly set on NSX, VMware ESX^® VMkernel, adapters, and NSX Advanced Load Balancer.
- Ensure MTU (9000) configuration is set correctly for the VMware Cloud Director Container Service Extension server to communicate to VMware Cloud Director load balancer endpoint. For more information, see https://kb.vmware.com/s/article/90850?lang=en_US&queryTerm=90850.
- Ensure enough NSX Advanced Load Balancer licenses are available.
- Ensure you are not using the 172.17.0.0/16 and 172.18.0.0/16 CIDR ranges or IP addresses from these ranges in the following network assets. These CIDR ranges are reserved by Docker and are used during the creation of bootstrap clusters.
  - Organization VDC network ranges where your Tanzu Kubernetes Grid clusters are deployed.
  - External IP allocations and ranges that are used by the Orgаnization Edge Gateway and the associated Load Balancer.
  - Infrastructure networks where your DNS servers are connected.
  - The IP address, which the VMware Cloud Director public API endpoint URL resolves to.
Ensure the VMware Cloud Director Container Service Extension server started successfully. Log into the VMware Cloud Director Container Service Extension server, and use one of the following commands to check the server status: systemctl status cse.service or cse.log.
Ensure you input Github personal access token to avoid github API rate limit errors during cluster creation. Otherwise, cluster creation fails, particularly in concurrent attempts. For air-gapped environments, dot not input a Github personal access token.
For a setup with multiple vCenter instances in VMware Cloud Director, ensure the Tanzu Kubernetes Grid OVA catalog syncs across the vCenter instances so that latency is not problematic during cluster operations.
Ensure you manually update Custom roles that are cloned from the CSE Admin Role or Kubernetes Cluster Author role.