To complete the configuration of the vSphere with Tanzu environment, after the Supervisor is configured, deploy a Tanzu Kubernetes cluster on the Supervisor using kubectl via command-line.
Deploy a Namespace for the Tanzu Kubernetes Cluster for Developer Ready Infrastructure for VMware Cloud Foundation
To run applications that require upstream Kubernetes compliance, you must provision a Tanzu Kubernetes Cluster. Tanzu Kubernetes clusters are fully upstream-compliant Kubernetes clusters that run on top of your Supervisor.
To help you to organize and manage your development projects, you can optionally divide the clusters into Kubernetes namespaces. If you do not create additional namespaces, Tanzu Kubernetes Grid creates all Tanzu Kubernetes clusters in the default namespace.
UI Procedure
- Log in to the VI workload domain vCenter Server at https://<vi_workload_vcenter_server_fqdn>/ui as [email protected].
From the vSphere Client menu, select Workload Management.
On the Workload Management page, click the Namespaces tab and click New Namespace .
In the Create Namespace dialog box, select the VI workload domain cluster, enter name for the namespace, and click Create.
On the new_namespace_name page, click the Storage tab.
Under Storage Policies, click Edit.
In the Select Storage Policies dialog box, select the storage policy that you created earlier and click OK.
PowerShell Procedure
Start PowerShell.
Replace the values in the sample code with values from your VMware Cloud Foundation Planning and Preparation Workbook and run the commands in the PowerShell console.
$sddcManagerFqdn = "sfo-vcf01.sfo.rainpole.io" $sddcManagerUser = "[email protected]" $sddcManagerPass = "VMw@re1!" $sddcDomainName = "sfo-w01" $wmClusterName = "sfo-w01-cl01" $wmTkcNamespaceName = "sfo-w01-tkc01" $spbmPolicyName = "vsphere-with-tanzu-storage-policy"
Perform the configuration by running the command in the PowerShell console.
Add-Namespace -Server $sddcManagerFqdn -User $sddcManagerUser -Pass $sddcManagerPass -Domain $sddcDomainName -Cluster $wmClusterName -Namespace $wmTkcNamespaceName -StoragePolicy $spbmPolicyName
Assign the New Tanzu Cluster Namespace Roles to Active Directory Groups for VMware Cloud Foundation
You assign roles for the Namespace to Active Directory groups. You can later assign access to users by adding them to these groups. You assign access to separate Active Directory groups for the edit and view roles in the Namespace.
UI Procedure
- Log in to the VI workload domain vCenter Server at https://<vi_workload_vcenter_server_fqdn>/ui as [email protected].
-
From the vSphere Client menu, select Workload Management.
On the Workload management page, under the Namespaces tab and click the new Namespace.
Click the Permissions tab.
Provide edit permissions to your Active Directory group intended for admins for the namespace.
On the new_namespace page, click Add permissions.
In the Add Permissions dialog box, enter the Identity source and User/Group for edit access according to your values in the VMware Cloud Foundation Planning and Preparation Workbook, set the Role to Can edit, and click OK.
Provide read-only permissions to your Active Directory group intended for viewers for the namespace.
On the new_namespace page, click Manage permissions.
Under Permissions click Add.
In the Add Permissions dialog box, enter the Identity source and User/Group for read-only access according to your values in the VMware Cloud Foundation Planning and Preparation Workbook, set the Role to Can view, and click OK.
PowerShell Procedure
-
Start PowerShell.
-
Replace the values in the sample code with values from your VMware Cloud Foundation Planning and Preparation Workbook and run the commands in the PowerShell console.
$sddcManagerFqdn = "sfo-vcf01.sfo.rainpole.io" $sddcManagerUser = "[email protected]" $sddcManagerPass = "VMw@re1!" $sddcDomainName = "sfo-w01" $domainFqdn = "sfo.rainpole.io" $domainBindUser = "svc-vsphere-ad" $domainBindPass = "VMw@re1!" $wmTkcNamespaceName = "sfo-w01-tkc01" $wmNamespaceEditUserGroup = "gg-kub-admins" $wmNamespaceViewUserGroup = "gg-kub-readonly"
-
Perform the configuration by running the command in the PowerShell console.
Add-NamespacePermission -server $sddcManagerFqdn -user $sddcManagerUser -pass $sddcManagerPass -sddcDomain $sddcDomainName -domain $domainFqdn -domainBindUser $domainBindUser -domainBindPass $domainBindPass -namespace $wmTkcNamespaceName -principal $wmNamespaceEditUserGroup -role edit -type group Add-NamespacePermission -server $sddcManagerFqdn -user $sddcManagerUser -pass $sddcManagerPass -sddcDomain $sddcDomainName -domain $domainFqdn -domainBindUser $domainBindUser -domainBindPass $domainBindPass -namespace $wmTkcNamespaceName -principal $wmNamespaceViewUserGroup -role view -type group
Add a Virtual Machine Class for the Tanzu Kubernetes Cluster for Developer Ready Infrastructure for VMware Cloud Foundation
To deploy a Tanzu Kubernetes cluster using Tanzu Kubernetes Grid Service within a Supervisor, you must add the virtual machine class or classes that will be used to deploy the cluster.
To help you to organize and manage your development projects, you can optionally divide the clusters into Kubernetes namespaces. If you do not create additional namespaces, Tanzu Kubernetes Grid creates all Tanzu Kubernetes clusters in the default namespace. This example uses a guaranteed-small configuration for both the control plane and worker nodes. You can define these based on any virtual machine class available.
UI Procedure
- Log in to the VI workload domain vCenter Server at https://<vi_workload_vcenter_server_fqdn>/ui as [email protected].
From the vSphere Client menu, select Workload Management.
On the Workload Management page, click the Namespaces tab and select the vSphere Namespace deployed for your Tanzu Kubernetes cluster.
On the Summary tab, click the Add VM Class link on the VM Service card.
Check the virtual machine class or classes you intend to use for deployment of your Tanzu Kubernetes cluster and click OK.
PowerShell Procedure
Start PowerShell.
Replace the values in the sample code with values from your VMware Cloud Foundation Planning and Preparation Workbook and run the commands in the PowerShell console.
$sddcManagerFqdn = "sfo-vcf01.sfo.rainpole.io" $sddcManagerUser = "[email protected]" $sddcManagerPass = "VMw@re1!" $sddcDomainName = "sfo-w01" $wmNamespaceName = "sfo-w01-tkc01" $vmClass = "guaranteed-small"
Perform the configuration by running the command in the PowerShell console.
Add-NamespaceVmClass -server $sddcManagerFqdn -user $sddcManagerUser -pass $sddcManagerPass -domain $sddcDomainName -Namespace $wmNamespaceName -VMClass $vmClass
Provision a Tanzu Kubernetes Cluster for Developer Ready Infrastructure for VMware Cloud Foundation
Provision a Tanzu Kubernetes cluster by using kubectl and a YAML file for input. The command prompt procedure uses example values from the VMware Cloud Foundation Planning and Preparation Workbook.
Prerequisites
- Install the kubectl.exe and kubectl-vsphere.exe CLI tools, see Download and Install the Kubernetes CLI Tools for vSphere in the vSphere product documentation.
For VMware Cloud Foundation 4.5.2 or earlier, verify that the subscribed content library that you created earlier has finished downloading the required content.
For the PowerShell procedure, you must know the path where kubectl.exe and kubectl-vsphere.exe binaries are located. They must both be in the same folder. The path will be defined in the variable $kubectlBinLocation.
Command Prompt Procedure
In a command prompt, log in to the Supervisor by using
kubectl.kubectl vsphere login --server 192.168.21.2 --vsphere-username Supervisor_Cluster_Admin --insecure-skip-tls-verify
Switch the
kubectlcontext to thesfo-w01-tkc01namespace.kubectl config use-context Tanzu_Kubernetes_Cluster_Name
Create a sfo-w01-tkc01.yaml text file with the following specifications.
apiVersion: run.tanzu.vmware.com/v1alpha1 kind: TanzuKubernetesCluster metadata: name: sfo-w01-tkc01 namespace: Tanzu_Kubernetes_Namespace spec: topology: controlPlane: count: 3 class: guaranteed-small storageClass: vsphere-with-tanzu-storage-policy workers: count: 3 class: guaranteed-small storageClass: vsphere-with-tanzu-storage-policy distribution: version: v1.24 settings: network: cni: name: antrea services: cidrBlocks: ["198.51.100.0/12"] pods: cidrBlocks: ["192.0.2.0/16"]Use
kubectlto deploy the Tanzu Kubernetes Cluster from your YAML file input.kubectl apply -f ./sfo-w01-tkc01.yaml
After the deployment of the Tanzu Kubernetes Cluster completes, run
kubectlto get the Tanzu Kubernetes cluster status.You see similar output that indicates that the cluster deployment is successful.
kubectl describe tanzukubernetescluster sfo-w01-tkc01 <snip> Node Status: Tk - Cluster - 01 - Control - Plane - 7 Q 2 Dk: ready Tk - Cluster - 01 - Control - Plane - Pt 87 M: ready Tk - Cluster - 01 - Control - Plane - Txjbm: ready Tk - Cluster - 01 - Workers - Mhmrx - 7 F 8794 D 878 - 2 Wtlk: ready Tk - Cluster - 01 - Workers - Mhmrx - 7 F 8794 D 878 - 5 Qd 49: ready Tk - Cluster - 01 - Workers - Mhmrx - 7 F 8794 D 878 - Bk 7 Db: ready Phase: running Vm Status: Tk - Cluster - 01 - Control - Plane - 7 Q 2 Dk: ready Tk - Cluster - 01 - Control - Plane - Pt 87 M: ready Tk - Cluster - 01 - Control - Plane - Txjbm: ready Tk - Cluster - 01 - Workers - Mhmrx - 7 F 8794 D 878 - 2 Wtlk: ready Tk - Cluster - 01 - Workers - Mhmrx - 7 F 8794 D 878 - 5 Qd 49: ready Tk - Cluster - 01 - Workers - Mhmrx - 7 F 8794 D 878 - Bk 7 Db: ready
PowerShell Procedure
Start PowerShell.
Replace the values in the sample code with values from your VMware Cloud Foundation Planning and Preparation Workbook and run the commands in the PowerShell console.
$sddcManagerFqdn = "sfo-vcf01.sfo.rainpole.io" $sddcManagerUser = "[email protected]" $sddcManagerPass = "VMw@re1!" $sddcDomainName = "sfo-w01" $wmClusterName = "sfo-w01-cl01" $wmTkcNamespaceName = "sfo-w01-tkc01" $spbmPolicyName = "vsphere-with-tanzu-storage-policy" $kubectlBinLocation = "c:\kube\bin\" $env:PATH = "$kubectlBinLocation;$env:PATH" $YAML = "$kubectlBinLocation\sfo-w01-tkc01.yaml"
Create the YAML input for the Tanzu Kubernetes cluster creation by entering the following commands.
$content = @" apiVersion: run.tanzu.vmware.com/v1alpha1 kind: TanzuKubernetesCluster metadata: name: $wmTkcNamespaceName namespace: $wmTkcNamespaceName spec: topology: controlPlane: count: 3 class: guaranteed-small storageClass: $spbmPolicyName workers: count: 3 class: guaranteed-small storageClass: $spbmPolicyName distribution: version: v1.24 settings: network: cni: name: antrea services: cidrBlocks: ["198.51.100.0/12"] pods: cidrBlocks: ["192.0.2.0/16"] "@ $content | Out-File $YAMLPerform the configuration by running the command in the PowerShell console.
Add-TanzuKubernetesCluster -Server $sddcManagerFqdn -User $sddcManagerUser -Pass $sddcManagerPass -Domain $sddcDomainName -Cluster $wmClusterName -YAML $YAML
