You can create Tanzu Kubernetes clusters by using the Kubernetes Container Clusters plug-in.

For more information about the different Kubernetes runtime options for the cluster creation, see Working with Kubernetes Clusters in the VMware Cloud Director Tenant Portal.

You can manage Kubernetes clusters also by using the VMware Cloud Director Container Service Extension CLI. See the VMware Cloud Director Container Service Extension documentation.

VMware Cloud Director provisions Tanzu Kubernetes clusters with the PodSecurityPolicy Admission Controller enabled. You must create a pod security policy to deploy workloads. For information about implementing the use of pod security policies in Kubernetes, see the Using Pod Security Policies with Tanzu Kubernetes Clusters topic in the vSphere with Kubernetes Configuration and Management guide.

Prerequisites

  • Verify that your service provider published the Kubernetes Container Clusters plug-in to your organization. You can find the plug-in on the top navigation bar under More > Kubernetes Container Clusters.
  • Verify that you have at least one organization VDC Kubernetes policy in your organization VDC. To add an organization VDC Kubernetes policy, see Add a Kubernetes Policy to an Organization VDC in the VMware Cloud Director Tenant Portal.
  • Verify that your service provider published the vmware:tkgcluster Entitlement rights bundle to your organization and granted you the Edit: Tanzu Kubernetes Guest Cluster right to create and modify Tanzu Kubernetes clusters. For the ability to delete clusters, you must have the Full Control: Tanzu Kubernetes Guest Cluster right.
  • Verify that your service provider created an Access Control List (ACL) entry for you with information about your access level.

Procedure

  1. From the top navigation bar, select More > Kubernetes Container Clusters.
  2. (Optional) If the organization VDC is enabled for TKGI cluster creation, on the Kubernetes Container Clusters page, select the vSphere with Tanzu & Native tab.
  3. Click New.
  4. Select the vSphere with Tanzu runtime option and click Next.
  5. Enter a name for the new Kubernetes cluster and click Next.
  6. Select the organization VDC to which you want to deploy a Tanzu Kubernetes cluster and click Next.
  7. Select an organization VDC Kubernetes policy and a Kubernetes version, and click Next.
    VMware Cloud Director displays a default set of Kubernetes versions that are not tied to any organization VDC or Kubernetes policy. These versions are a global setting. To change the list of available versions, use the cell management tool to run the ./cell-management-tool manage-config --name wcp.supported.kubernetes.versions -v version_numbers command with comma-separated version numbers.
  8. Select the number of control plane and worker nodes in the new cluster.
  9. Select machine classes for the control plane and worker nodes, and click Next.
  10. Select a Kubernetes policy storage class for the control plane and worker nodes, and click Next.
  11. (Optional) Specify a range of IP addresses for Kubernetes services and a range for Kubernetes pods, and click Next.

    Classless Inter-Domain Routing (CIDR) is a method for IP routing and IP address allocation.

    Option Description
    Pods CIDR Specifies a range of IP addresses to use for Kubernetes pods. The default value is 192.168.0.0/16. The pods subnet size must be equal to or larger than /24. This value must not overlap with the Supervisor Cluster settings. You can enter one IP range.
    Services CIDR Specifies a range of IP addresses to use for Kubernetes services. The default value is 10.96.0.0/12. This value must not overlap with the Supervisor Cluster settings. You can enter one IP range.
  12. Review the cluster settings and click Finish.

What to do next

  • Resize the Kubernetes cluster if you want to change the number of worker nodes.
  • Download the kubeconfig file. The kubectl command-line tool uses kubeconfig files to obtain information about clusters, users, namespaces, and authentication mechanisms.
  • Delete a Kubernetes cluster.