You can connect the Tanzu Kubernetes Grid CLI to a vSphere with Tanzu Supervisor Cluster that is running in a vSphere 7 instance. In this way, you can deploy Tanzu Kubernetes clusters to vSphere with Tanzu and manage their lifecycle directly from the Tanzu Kubernetes Grid CLI.

vSphere with Tanzu provides a vSphere Plugin for kubectl. The vSphere Plugin for kubectl extends the standard kubectl commands so that you can connect to the Supervisor Cluster from kubectl by using vCenter Single Sign-On credentials. Once you have installed the vSphere Plugin for kubectl, you can connect the Tanzu Kubernetes Grid CLI to the Supervisor Cluster. Then, you can use the Tanzu Kubernetes Grid CLI to deploy and manage Tanzu Kubernetes clusters running in vSphere.

NOTE: On VMware Cloud on AWS and Azure VMware Solution, you cannot create a Supervisor Cluster, and need to deploy a management cluster to run tkg commands.

Prerequisites

Procedure

Step 1: Add the Supervisor Cluster

Connect to the Supervisor Cluster and add it as a management cluster to the tkg CLI:

  1. From vCenter Hosts and Clusters view, in the left column, expand the nested Datacenter, the vCenter cluster that hosts the Supervisor Cluster, and its Namespaces object.

  2. Under Namespaces, select the cluster containing the three SupervisorControlPlaneVM instances. In the main pane, select the Summary tab.

  3. Under Summary > Status > Link to CLI Tools click Copy link and record the URL, for example https://192.168.123.3. This is the Supervisor Cluster API endpoint, SUPERVISOR_IP below, which serves the download page for the Kubernetes CLI tools.

  4. On the bootstrap machine, run the kubectl vsphere login command to log in to vSphere 7 with your vCenter Single Sign-On user account.

    Specify a vCenter Single Sign-On user account with the required privileges for Tanzu Kubernetes Grid operation, and the virtual IP (VIP) address for the control plane of the Supervisor Cluster. For example:

    kubectl vsphere login --vsphere-username administrator@vsphere.local --server=SUPERVISOR_IP --insecure-skip-tls-verify=true
    
  5. Enter the password you use to log in to your vCenter Single Sign-On user account.

    When you have successfully logged in, kubectl vsphere displays all of the contexts to which you have access. The list of contexts should include the IP address of the Supervisor Cluster.

  6. Set the context of kubectl to the Supervisor Cluster.

    kubectl config use-context SUPERVISOR_IP
    
  7. Add the Supervisor Cluster to your Tanzu Kubernetes Grid instance.

    tkg add management-cluster 
    
  8. Run tkg get management-cluster to see the list of management clusters that your tkg CLI can access.

    tkg get management-cluster
    

    The output should list the Supervisor Cluster by its IP address, as both the management cluster name and context.

    MANAGEMENT-CLUSTER-NAME       CONTEXT-NAME                             STATUS
    vsphere-mc                    vsphere-mc-admin@vsphere-mc              Success
    aws-mc *                      aws-mc-admin@aws-mc                      Success  
    SUPERVISOR_IP                 SUPERVISOR_IP                            Success   
    
  9. Set the context of the Tanzu Kubernetes Grid CLI to the Supervisor Cluster.

    tkg set management-cluster SUPERVISOR_IP
    

Step 2: Configure Cluster Parameters

Configure the Tanzu Kubernetes clusters that the tkg CLI calls the Supervisor Cluster to create:

  1. Obtain information about the storage classes that are defined in the Supervisor Cluster.

    kubectl get storageclasses
    
  2. Set variables to define the storage classes, VM classes, and service domain with which to create your cluster. For information about all of the configuration parameters that you can set when deploying Tanzu Kubernetes clusters to vSphere with Tanzu, see Configuration Parameters for Provisioning Tanzu Kubernetes Clusters in the vSphere with Tanzu documentation.

    The following table lists the required variables:

    Option Value Description
    CONTROL_PLANE_STORAGE_CLASS Value returned from CLI: kubectl get storageclasses Default storage class for control plane nodes
    WORKER_STORAGE_CLASS Default storage class for worker nodes
    DEFAULT_STORAGE_CLASS Empty string "" for no default, or value from CLI, as above. Default storage class for control plane or workers
    STORAGE_CLASSES Empty string "" lets clusters use any storage classes in the namespace, or comma-separated list string of values from CLI, "SC-1,SC-2,SC-3" Storage classes available for node customization
    CONTROL_PLANE_VM_CLASS A standard VM class for vSphere with Tanzu, for example guaranteed-large.
    See Virtual Machine Class Types for Tanzu Kubernetes Clusters in the vSphere with Tanzu documentation.
    VM class for control plane nodes
    WORKER_VM_CLASS VM class for worker nodes
    SERVICE_CIDR CIDR range The CIDR range to use for the Kubernetes services. The recommended range is 100.64.0.0/13. Change this value only if the recommended range is unavailable.
    CLUSTER_CIDR CIDR range The CIDR range to use for pods. The recommended range is 100.96.0.0/11. Change this value only if the recommended range is unavailable.
    SERVICE_DOMAIN Domain e.g. my.example.com, or cluster.local if no DNS. If you are going to assign FQDNs with the nodes, DNS lookup is required.

    You can set the variables above by doing either of the following:

    • Include them in ~/.tkg/config.yaml, or other file passed to tkg CLI --config option. For example:

      CONTROL_PLANE_VM_CLASS: guaranteed-large
      
    • From command line, set them as local environment variables by running export (on Linux and macOS) or SET (on Windows) on the command line. For example:

      CONTROL_PLANE_VM_CLASS=guaranteed-large
      

Step 3: Create a Cluster

Run tkg create cluster to create a Tanzu Kubernetes cluster.

  1. Determine the versioned Tanzu Kubernetes release (tkr) for the cluster:

    1. Obtain the list of Tanzu Kubernetes releases that are available in the Supervisor Cluster.

      kubectl get tkr
      
      • Use the -l flag to narrow down the tkr list by Kubernetes version, for example:
        • kubectl get tkr -l v1.17 returns all 1.17 versions
        • kubectl get tkr -l v1.17.7=latest returns the latest 1.17.7 version
      • This list differs from the output of tkg get kubernetesversions, which lists Kubernetes versions that ship with tkg for management clusters that are not vSphere 7 Supervisor Clusters.
    2. From the command output, record the desired value listed under VERSION, for example 1.18.9+vmware.1-tkg.1.a87f261.

  2. Determine the namespace for the cluster.

    1. Obtain the list of namespaces.
      kubectl get namespaces
      
    2. From the command output, record the namespace that includes the Supervisor cluster, for example test-gc-e2e-demo-ns.
  3. Decide on the cluster plan: dev, prod, or a custom plan.

  4. Run tkg create cluster with the namespace and tkr values above to create a Tanzu Kubernetes cluster:

    tkg create cluster my-vsphere7-cluster --plan=dev --namespace=NAMESPACE --kubernetes-version=TANZU-KUBERNETES-RELEASE
    

What to Do Next

You can now use the Tanzu Kubernetes Grid CLI to deploy more Tanzu Kubernetes clusters to the vSphere with Tanzu Supervisor Cluster. You can also use the Tanzu Kubernetes Grid CLI to manage the lifecycles of clusters that are already running there. For information about how to manage the lifecycle of clusters, see the other topics in Deploying Tanzu Kubernetes Clusters and Managing their Lifecycle.

check-circle-line exclamation-circle-line close-line
Scroll to top icon