Creating Workload Clusters

The topics in this section explain how to configure workload clusters and use the Tanzu CLI to create the clusters when using Tanzu Kubernetes Grid with a management cluster.

Important

If you are using TKG with a vSphere IaaS control plane (formerly vSphere with Tanzu) Supervisor, see the vSphere IaaS control plane docs.

What Are Workload Clusters?

In VMware Tanzu Kubernetes Grid, workload clusters are the Kubernetes clusters in which your application workloads run.

Tanzu Kubernetes Grid automatically deploys clusters to the platform on which you deployed the management cluster. Tanzu Kubernetes Grid automatically deploys clusters from whichever management cluster you have set as the context for the CLI.

You can create two types of workload clusters:

  • Class-based clusters (default)
  • Plan-based clusters (legacy)

These workload cluster types are described in Workload Cluster Types.

Supported Infrastructure Platforms

You can deploy workload clusters with the Tanzu CLI after you have deployed a standalone management cluster to vSphere.

Important

From v2.5.1 onwards, Tanzu Kubernetes Grid does not support creating workload clusters on vSphere 6.7. For more information, see End of Support for TKG Management and Workload Clusters on vSphere 6.7.

Prerequisites for Cluster Deployment

Before starting the deployment workflow described in this section, ensure:

  • You have followed the procedures in Install the Tanzu CLI and Kubernetes CLI for Use with Standalone Management Clusters.
  • You have deployed a standalone management cluster to vSphere 7 or vSphere 8. For instructions on deploying a standalone management cluster, see Deploying and Managing TKG 2.5 Standalone Management Clusters on vSphere.

  • If you are deploying workload clusters to vSphere, each cluster requires one static virtual IP address to provide a stable endpoint for Kubernetes. Make sure that this IP address is not in the DHCP range, but is in the same subnet as the DHCP range.

    Mac OS Bootstrap Machine: If your bootstrap machine runs Mac OS and you deploy a workload cluster using thumbprint verification with a self-signed certificate, as set by configuring VSPHERE_INSECURE: false and VSPHERE_TLS_THUMBPRINT, add the vCenter certificate to the machine’s trust store:

    1. From vSphere, download the vCenter certificate .pem file:

    2. Double-click the downloaded file and add it to the MacOS system Keychain as a trusted certificate:

    3. During the cluster deployment process, if MacOS pops up an alert message that the certificate is not trusted, change its policy to Always Trust:

Steps for Cluster Deployment

To create a workload cluster with the Tanzu CLI, you:

  1. Complete the prerequisites in Prerequisites for Cluster Deployment above.

  2. Configure the cluster as described in Configuration Files and Object Specs and in vSphere with Standalone Management Cluster Configuration Files.

  3. Create the cluster as described in Create Workload Clusters.

To create workload clusters in other ways, without the Tanzu CLI, see Provisioning Workload Clusters in the Tanzu Mission Control documentation.

What to Do Next

Proceed to Configuration Files and Object Specs.

check-circle-line exclamation-circle-line close-line
Scroll to top icon