Standalone Management Cluster Requirements

Before you can deploy Tanzu Kubernetes Grid (TKG) with a standalone management cluster, you must provision resources and permissions on your infrastructure to accommodate the management cluster and the workload clusters that it creates.

External Identity Management

For production deployments, VMware recommends enabling external identity management on each management cluster, to control access to it and its workload clusters.

FIPS-Enabled Versions

You can deploy a FIPS-enabled versions of Tanzu Kubernetes Grid v2.1.0 and v2.1.1 to your vSphere, AWS, or Azure environment. The Bill of Materials (BoM) for FIPS only lists components that are compiled with and use FIPS-enabled cryptography modules.

For vSphere, the FIPS-enabled OVAs are listed on the Tanzu Kubernetes Grid downloads page. The FIPS-enabled AMI and Azure images are available in AWS and Azure respectively.

For how to use FIPS-enabled OVAs to deploy FIPS-enabled versions of TKG on vSphere, see FIPS-Enabled Versions in VMware Tanzu Compliance.

Internet-Restricted Environments

For how to deploy a standalone management cluster in a proxied or airgapped environment, see Prepare an Internet-Restricted Environment.

VMware Cloud on AWS and Azure VMware Solution

To deploy Tanzu Kubernetes Grid to VMware Cloud on AWS or to Azure VMware Solution, see Prepare to Deploy Management Clusters to a VMware Cloud Environment.

check-circle-line exclamation-circle-line close-line
Scroll to top icon