check-circle-line exclamation-circle-line close-line

<

This topic describes how to use the Tanzu Kubernetes Grid installer interface to deploy a management cluster to Amazon Elastic Compute Cloud (Amazon EC2). The Tanzu Kubernetes Grid installer interface guides you through the deployment of the management cluster, and provides different configurations for you to choose.

Prerequisites

Procedure

The values that you set as environment variables in Prepare to Deploy Management Clusters to Amazon EC2 are prepopulated in the relevant fields of the installer interface.

IMPORTANT:

Do not run multiple management cluster deployments on the same bootstrap environment machine at the same time. Do not change context or edit the .kube-tkg/config file while Tanzu Kubernetes Grid operations are running.

Tanzu Kubernetes Grid does not support IPv6 addresses. This is because upstream Kubernetes only provides alpha support for IPv6. Always provide IPv4 addresses in the procedures in this topic.

The images in this topic reflect the installer interface in Tanzu Kubernetes Grid 1.1.2 and later.

  1. On the machine on which you downloaded and installed the Tanzu Kubernetes Grid CLI, run the tkg init command with the --ui option.

    tkg init --ui
    

    By default Tanzu Kubernetes Grid creates a folder called $HOME/.tkg and creates the cluster configuration file, config.yaml in that folder. To create config.yaml in a different location or with a different name, specify the --config option. It might be useful to do this if you want to use different management clusters to deploy Tanzu Kubernetes clusters with different configurations, for example so that they can share a VPC. If you specify the --config option, Tanzu Kubernetes Grid only creates the YAML file in the specified location. Other files are still created in the $HOME/.tkg folder.

    tkg init --ui --config=/path/my-config.yaml
    

    By default Tanzu Kubernetes Grid saves the kubeconfig for all management clusters in the $HOME/.kube-tkg/config.yaml file. If you want to keep the kubeconfig file for a management cluster separate from the kubeconfig file for other management clusters, for example so that you can share it, specify the --kubeconfig command.

    tkg init --ui --kubeconfig=/path/my-kubeconfig.yaml
    

    When you run the tkg init --ui command, it validates that your system meets the prerequisites:

    • NTP is running on the bootstrap environment machine on which you are running tkg init and on the hypervisor.
    • A DHCP server is available.
    • The CLI can connect to the location from which it pulls the required images.

    If the prerequisites are met, tkg init opens http://127.0.0.1:8080 in your default browser to display the Tanzu Kubernetes Grid installer interface.

    Tanzu Kubernetes Grid installer interface welcome page with Deploy to AWS button

  2. Click the Deploy button for AWS EC2.

  3. In the IaaS Provider section, enter the access key ID and secret access key for your Amazon EC2 account, and the name of an SSH key that is already registered with your Amazon EC2 account.
  4. Select the AWS region in which to deploy the management cluster and click Connect.

    In Tanzu Kubernetes Grid 1.1.2 and later, in addition to the regular AWS regions, you can also select the us-gov-east and us-gov-west regions in AWS GovCloud.

  5. If the connection is successful, click Next.

    Configure the connection to AWS

  6. In the VPC for AWS section, select either the Create new VPC on AWS or the Select an existing VPC radio button.

    • To create a new Virtual Private Cloud, select Create new VPC on AWS, check that the pre-filled network ranges are available, and click Next.

      If the recommended CIDR ranges are not available, enter new IP ranges in CIDR format for the management cluster to use. The recommended ranges are as follows:

      • VPC CIDR: 10.0.0.0/16
      • Public Node CIDR: 10.0.1.0/24
      • Private Node CIDR: 10.0.0.0/24

      Configure the connection to AWS

    • To use an existing Virtual Private Cloud, select Select an existing VPC and select the VPC ID from the drop-down menu.

      Configure the connection to AWS

      NOTE: If you select an existing VPC, a bastion node is not created by default.

  7. In the Management Cluster Settings section, select the Development or Production tile.

    • If you select Development, the installer deploys a single control plane node.
    • If you select Production, the installer deploys three control plane nodes.
  8. In either of the Development or Production tiles, use the Instance type drop-down menu to select the configuration for the control plane node VM or VMs.

    Select a small, medium, large, or xlarge AWS T3 instance for the control plane node VMs, depending on the expected workloads that you will run in the cluster. For information about the configuration of the different sizes of T3 instances, see Amazon EC2 Instance Types.

    Select the control plane node configuration

  9. Optionally enter a name for your management cluster.

    If you do not specify a name, Tanzu Kubernetes Grid generates one automatically. If you do specify a name, that name must be compliant with DNS hostname requirements as outlined in RFC 952 and amended in RFC 1123.

  10. Use the Worker Node Instance Type drop-down menu to select the VM instance type for the worker nodes for the management cluster.

    Select an AWS M5, R4, or I3 instance for the worker nodes depending on the expected CPU, memory, and storage consumption of the workloads that the cluster will run. For information about the configuration of the different sizes of the instances, see Amazon EC2 Instance Types.

  11. Use the Availability Zone drop-down menu to select an availability zone for the management cluster.
  12. Optionally disable the Bastion Host check box if a bastion host already exists in the availability zone in which you are deploying the management cluster.

    If you leave this option enabled, Tanzu Kubernetes Grid creates a bastion host for you. This option is available in Tanzu Kubernetes Grid 1.1.2 and later.

    Select the availability zone

  13. If you created a new VPC, click Next.

  14. If you selected an existing VPC, use the VPC public subnet and VPC private subnet drop-down menus to select existing subnets on the VPC, and click Next.

    Set the VPC subnets

  15. In the Kubernetes Network section, if recommended CIDR range of 100.96.0.0/11 for the Cluster Pod CIDR is unavailable, enter a different CIDR range to use for pods and click Next.

    Set the Kubernetes network

  16. Click Review Configuration to see the details of the management cluster that you have configured.

    In Tanzu Kubernetes Grid 1.1.2 and later, when you click Review Configuration, Tanzu Kubernetes Grid populates the .tkg/config.yaml file with the settings that you specified in the interface. You can optionally copy the .tkg/config.yaml file without completing the deployment. You can copy .tkg/config.yaml to another bootstrap environment machine and deploy the management cluster from that machine. For example, you might do this so that you can deploy the management cluster from a bootstrap environment machine that does not have a Web browser. In earlier versions of Tanzu Kubernetes Grid, the .tkg/config.yaml file is populated when you deploy the management cluster.

    Review the management cluster configuration

  17. (Optional) Under CLI Command Equivalent, click the Copy button to copy the CLI command for the configuration that you specified.

    Copy CLI command

    Copying the CLI command allows you to reuse the command at the command line to deploy management clusters with the configuration that you specified in the interface. This can be useful if you want to automate management cluster deployment. This option is available in Tanzu Kubernetes Grid 1.1.2 and later.

  18. (Optional) Click Edit Configuration to return to the installer wizard to modify your configuration.
  19. Click Deploy Management Cluster and follow the progress of the deployment of the management cluster in the installer interface.

    Deployment of the management cluster can take several minutes. The first run of tkg init takes longer than subsequent runs because it has to pull the required Docker images into the image store on your bootstrap environment. Subsequent runs do not require this step, so are faster. You can follow the progress of the deployment of the management cluster in the installer interface or in the terminal in which you ran tkg init --ui. If you inadvertently close the browser or browser tab in which the deployment is running before it finishes, the deployment continues in the terminal.

    Review the management cluster configuration

What to Do Next