You can use Tanzu CLI with a vSphere with Tanzu Supervisor Cluster that is running in a vSphere 7 instance. In this way, you can deploy Tanzu Kubernetes clusters to vSphere with Tanzu and manage their lifecycle directly from the Tanzu CLI.
vSphere with Tanzu provides a vSphere Plugin for
kubectl. The vSphere Plugin for
kubectl extends the standard
kubectl commands so that you can connect to the Supervisor Cluster from
kubectl by using vCenter Single Sign-On credentials. Once you have installed the vSphere Plugin for
kubectl, you can connect the Tanzu CLI to the Supervisor Cluster. Then, you can use the Tanzu CLI to deploy and manage Tanzu Kubernetes clusters running in vSphere.
NOTE: On VMware Cloud on AWS and Azure VMware Solution, you cannot create a Supervisor Cluster, and need to deploy a management cluster to run
Download and install the
kubectl vsphere CLI plugin on the bootstrap machine on which you run Tanzu CLI commands.
For information about how to obtain and install
kubectl vsphere plugin, see Download and Install the Kubernetes CLI Tools for vSphere in the vSphere with Tanzu documentation.
(Optional) For secure login, configure the
kubectl vsphere plugin with a TLS certificate as described in Configure Secure Login for vSphere with Tanzu Clusters in the vSphere with Tanzu documentation.
Connect to the supervisor cluster and add it as a management cluster to the
From vCenter Hosts and Clusters view, in the left column, expand the nested Datacenter, the vCenter cluster that hosts the supervisor cluster, and its Namespaces object.
Under Namespaces, select the namespace containing or adjacent to the three SupervisorControlPlaneVM instances. In the main pane, select the Summary tab.
Under Summary > Status > Link to CLI Tools click Copy link and record the URL, for example
https://192.168.123.3. Remove the
https:// to obtain the supervisor cluster API endpoint,
SUPERVISOR_IP below, which serves as the download page for the Kubernetes CLI tools.
On the bootstrap machine, run the
kubectl vsphere login command to log in to vSphere 7 with your vCenter Single Sign-On user account.
Specify a vCenter Single Sign-On user account with the required privileges for Tanzu Kubernetes Grid operation, and the virtual IP (VIP) address for the control plane of the supervisor cluster. For example:
kubectl vsphere login --vsphere-username firstname.lastname@example.org --server=SUPERVISOR_IP
If you did not configure the
kubectl vsphere plugin with a trusted certificate, you can log in insecurely by appending
--insecure-skip-tls-verify=true to the command above.
Warning: Only use insecure login in a development environment.
Enter the password you use to log in to your vCenter Single Sign-On user account.
When you have successfully logged in,
kubectl vsphere displays all of the contexts to which you have access. The list of contexts should include the IP address of the supervisor cluster.
Set the context of
kubectl to the supervisor cluster.
kubectl config use-context SUPERVISOR_IP
Collect information to run the
tanzu login command, which adds the supervisor cluster to your Tanzu Kubernetes Grid instance:
tanzuCLI to use for the supervisor cluster, serving as a Tanzu Kubernetes Grid management cluster.
kubeconfigfile, which defaults to
~/.kube/configand is set by the
tanzu login command, passing in the values above.
In the example below, the
KUBECONFIG_PATH defaults to
~/.kube/config if the
KUBECONFIG env variable is not set.
$ tanzu login --name my-super --kubeconfig <KUBECONFIG_PATH> --context 10.161.90.119 ✔ successfully logged in to management cluster using the kubeconfig my-super
Check that the supervisor cluster was added by running
tanzu login again.
The supervisor cluster should be listed by the name that you provided in the preceding step:
tanzu login ? Select a server [Use arrows to move, type to filter] > my-vsphere-mgmt-cluster () my-aws-mgmt-cluster () SUPERVISOR_IP () + new server
Configure the Tanzu Kubernetes clusters that the
tanzu CLI calls the supervisor cluster to create:
Obtain information about the storage classes that are defined in the Supervisor Cluster.
kubectl get storageclasses
Set variables to define the storage classes, VM classes, service domain, namespace, and other required values with which to create your cluster. For information about all of the configuration parameters that you can set when deploying Tanzu Kubernetes clusters to vSphere with Tanzu, see Configuration Parameters for Provisioning Tanzu Kubernetes Clusters in the vSphere with Tanzu documentation.
The following table lists the required variables:
|Option||Value Type or Example||Description|
||Value returned from CLI:
||Default storage class for control plane nodes|
||Default storage class for worker nodes|
||Default storage class for control plane or workers|
||Storage classes available for node customization|
||A standard VM class for vSphere with Tanzu, for example
See Virtual Machine Class Types for Tanzu Kubernetes Clusters in the vSphere with Tanzu documentation.
|VM class for control plane nodes|
||VM class for worker nodes|
||CIDR range||The CIDR range to use for the Kubernetes services. The recommended range is
||CIDR range||The CIDR range to use for pods. The recommended range is
||Namespace||The namespace in which to deploy the cluster.|
||See Tanzu CLI Configuration File Variable Reference for variables required for all Tanzu Kubernetes cluster configuration files.|
You can set the variables above by doing either of the following:
Include them in the cluster configuration file passed to the
--file option. For example:
From command line, set them as local environment variables by running
export (on Linux and macOS) or
SET (on Windows) on the command line. For example:
Note: If you want to configure unique proxy settings for a Tanzu Kubernetes cluster, you can set
NO_PROXY as environment variables and then use the Tanzu CLI to create the cluster. These variables take precedence over your existing proxy configuration in vSphere with Tanzu.
tanzu cluster create to create a Tanzu Kubernetes cluster.
Determine the versioned Tanzu Kubernetes release (TKr) for the cluster:
Obtain the list of TKr that are available in the supervisor cluster.
tanzu kubernetes-release get
From the command output, record the desired value listed under
NAME, for example
NAME is the same as its
VERSION but with
+ changed to
Determine the namespace for the cluster.
kubectl get namespaces
Decide on the cluster plan:
prod, or a custom plan.
~/.tanzu/tkg/providers/infrastructure-tkg-service-vspheredirectory. See Configure Tanzu Kubernetes Plans and Clusters for details.
tanzu cluster create with the namespace and
NAME values above to create a Tanzu Kubernetes cluster:
tanzu cluster create my-vsphere7-cluster --tkr=TKR-NAME
#! --------------------------------------------------------------------- #! Settings for creating clusters on vSphere with Tanzu #! --------------------------------------------------------------------- #! Identifies the storage class to be used for storage of the disks that store the root file systems of the worker nodes. CONTROL_PLANE_STORAGE_CLASS: #! Specifies the name of the VirtualMachineClass that describes the virtual #! hardware settings to be used each control plane node in the pool. CONTROL_PLANE_VM_CLASS: #! Specifies a named storage class to be annotated as the default in the #! cluster. If you do not specify it, there is no default. DEFAULT_STORAGE_CLASS: #! Specifies the service domain for the cluster SERVICE_DOMAIN: #! Specifies named persistent volume (PV) storage classes for container #! workloads. Storage classes associated with the Supervisor Namespace are #! replicated in the cluster. In other words, each storage class listed must be #! available on the Supervisor Namespace for this to be a valid value STORAGE_CLASSES: #! Identifies the storage class to be used for storage of the disks that store the root file systems of the worker nodes. WORKER_STORAGE_CLASS: #! Specifies the name of the VirtualMachineClass that describes the virtual #! hardware settings to be used each worker node in the pool WORKER_VM_CLASS: NAMESPACE:
You can now use the Tanzu CLI to deploy more Tanzu Kubernetes clusters to the vSphere with Tanzu Supervisor Cluster. You can also use the Tanzu CLI to manage the lifecycles of clusters that are already running there. For information about how to manage the lifecycle of clusters, see the other topics in Deploying Tanzu Kubernetes Clusters.