You can add an organization VDC Kubernetes policy by using a provider VDC Kubernetes policy. Tenants can use the organization VDC Kubernetes policy to create Tanzu Kubernetes clusters.
When you add or publish a provider VDC Kubernetes policy to an organization VDC, you make the policy available to tenants. The tenants can use the available organization VDC Kubernetes policies to leverage the Kubernetes capacity while creating Tanzu Kubernetes clusters. A Kubernetes policy encapsulates placement, infrastructure quality, and persistent volume storage classes. Kubernetes policies can have different compute limits.
You can add multiple organization VDC Kubernetes policies to a single organization VDC. You can use a single provider VDC Kubernetes policy to create multiple organization VDC Kubernetes policies. You can use the organization VDC Kubernetes policies as an indicator of the service quality. For example, you can publish a Gold Kubernetes policy that allows a selection of the guaranteed machine classes and a fast storage class or a Silver Kubernetes policy that allows a selection of the best effort machine classes and a slow storage class.
- Verify that you have at least one flex organization VDC in your environment. See Create an Organization Virtual Data Center.
- Verify that your environment has at least one provider VDC backed by a Supervisor Cluster. The provider VDCs backed by a Supervisor Cluster are marked with a Kubernetes icon on the Provider VDCs tab. For more information on vSphere with VMware Tanzu in VMware Cloud Director, see Using Kubernetes with VMware Cloud Director.
- Familiarize yourself with the virtual machine class types for Tanzu Kubernetes clusters. See the vSphere with Kubernetes Configuration and Management guide in the vSphere documentation.
- From the top navigation bar, select Resources and click Cloud Resources.
- In the left panel, select Organization VDCs, and click the name of a flex organization VDC.
- Under Policies, select Kubernetes, and click Add.
The Publish to Organization VDC wizard appears.
- Enter a tenant-visible name and description for the organization VDC Kubernetes policy and click Next.
- Select the provider VDC Kubernetes policy that you want to use and click Next.
- Select CPU and Memory limits for the Tanzu Kubernetes clusters created under this policy.
The maximum limits depend on the CPU and Memory allocations of the organization VDC. When you add the policy, the selected limits act as maximums for the tenants.
- Choose whether you want to reserve CPU and memory for the Tanzu Kubernetes cluster nodes created in this policy and click Next.
There are two editions for each class type: guaranteed and best effort. A guaranteed class edition fully reserves its configured resources, while a best effort edition allows resources to be overcommitted. Depending on your selection, on the next page of the wizard, you can select between VM class types of the guaranteed or best effort edition.
- Select Yes for VM class types of the guaranteed edition for full CPU and Memory reservations.
- Select No for VM class types of the best effort edition with no CPU and memory reservations.
- On the Machine classes page of the wizard, select one or more VM class types available for this policy.
The selected machine classes are the only class types available to tenants when you add the policy to the organization VDC.
- Select one or more storage policies.
- Review your choices and click Publish.
The information about the published policy appears in the list of Kubernetes policies. The published policy creates a Supervisor Namespace on the Supervisor Cluster with the specified resource limits from the policy.
The tenants can start using the Kubernetes policy to create Tanzu Kubernetes clusters. VMware Cloud Director places each Tanzu Kubernetes cluster created under this Kubernetes policy in the same Supervisor Namespace. The policy resource limits become resource limits for the Supervisor Namespace. All tenant-created Tanzu Kubernetes clusters in the Supervisor Namespace compete for the resources within these limits.