Management Clusters: Supervisors and Standalone

Tanzu Kubernetes Grid users log in to the management cluster with the Tanzu CLI and the Kubernetes CLI (kubectl) and issue commands like tanzu cluster create to create a workload cluster, or tanzu package install to install a packaged service to the cluster for hosted apps to consume.

The management cluster runs Cluster API, Carvel tools, and other software to process these commands.

The management cluster is purpose-built for managing workload clusters and packaged services, and for running container networking and other system-level agents.

Important

From v2.5.x onwards, Tanzu Kubernetes Grid does not support the management of standalone TKG management clusters on AWS and Azure. For more information, see End of Support for TKG Management and Workload Clusters on AWS and Azure in the VMware Tanzu Kubernetes Grid v2.5.x Release Notes.

Management Cluster Deployment Options

The management cluster has two deployment options that run on different infrastructures using different sets of components:

  • Supervisor is a management cluster that runs directly on existing ESXi hosts, as part of the vSphere with Tanzu solution. Supervisor provides a platform for natively hosting various types of Kubernetes workloads on vSphere, including vSphere Pods, VM Service VMs, Supervisor Services, and TKG clusters. If a vSphere with Tanzu Supervisor is available in your vSphere 7 or 8 instance, you do not need to deploy a standalone management cluster.
  • Standalone management cluster is a management cluster that runs as dedicated VMs, to support TKG on multiple cloud infrastructures. With this option, “Deploying TKG” means deploying a management cluster to an infrastructure such as vSphere (all TKG versions), or on AWS and Azure (TKG versions up to and including v2.4 only).

In both cases, the management cluster publishes an API that wraps and adds higher-level functionality to Cluster API. On the client side, the Tanzu CLI wraps and adds higher-level functionality to kubectl and clusterctl, the Kubernetes and Cluster API CLIs.

When to Use a vSphere with Tanzu Supervisor

For TKG deployments to vSphere 7 or 8, the best option for most use-case scenarios is to use the vSphere with Tanzu Supervisor.

In particular, the Supervisor:

  • Provides a fully integrated experience for VI Admins with application-centric management in vSphere 7 and vSphere 8
  • Allows delegation of access to vSphere Namespaces directly from vCenter Server
  • Includes quotas for resources consumed by a vSphere Namespace, as guardrails for self-service consumption
  • Displays vSphere Namespaces, Tanzu Kubernetes clusters, and Tanzu Kubernetes cluster nodes as a part of the vSphere Client
  • Connects Tanzu Kubernetes clusters to infrastructure without exposing infrastructure credentials to cluster administrators
  • Separates Tanzu Kubernetes clusters from the vSphere management network
  • Integrates with Content Library for automatic replication of VM images for new versions of Kubernetes
  • Allows you to manage traditional VMs and Kubernetes clusters through a common API and the vSphere Client

When to Use a Standalone Management Cluster

You must use a standalone management cluster in the following circumstances:

  • For deployments to vSphere 6.7. vSphere with Tanzu is available from vSphere 7 onwards.

    Important

    From v2.5.1 onwards, Tanzu Kubernetes Grid does not support creating workload clusters on vSphere 6.7. For more information, see End of Support for TKG Management and Workload Clusters on vSphere 6.7.

  • For existing deployments on AWS and Azure (TKG versions up to and including v2.4 only).

    Important

    VMware recommends that you use Tanzu Mission Control to create native AWS EKS and Azure AKS clusters instead of deploying new TKG clusters on AWS and Azure. For information about how to create native AWS EKS and Azure AKS clusters with Tanzu Mission Control, see Managing the Lifecycle of AWS EKS Clusters and Managing the Lifecycle of Azure AKS Clusters in the Tanzu Mission Control documentation.

On vSphere 7 and 8, consider using TKG with a standalone management cluster rather than Supervisor if you need the following features that Supervisor does yet not provide:

  • Windows containers
  • IPv6 networking
  • IPv4/IPv6 dual stack networking
  • The ability to create workload clusters in a remote (Edge) location from a centralized vCenter Server instance

Supervisors, Standalone Management Clusters, and Tanzu Kubernetes Grid 2.x

TKG 2.x unifies the Tanzu CLI and underlying object definitions for the two management cluster deployment options, Supervisor and standalone management cluster, but Tanzu CLI version compatibility differs between the two.

See the Compatibility with VMware Tanzu Products table in VMware Tanzu CLI Documentation for the Tanzu CLI versions and vSphere versions that work with the two deployment options for TKG.

Important

The version of the TKG API that is embedded in vSphere with Tanzu may lag behind the version in the Tanzu CLI management-cluster plugin that creates standalone management clusters. This means that newer Tanzu CLI versions may support functionality in a compatible standalone management cluster that they do not support in a compatible Supervisor.

check-circle-line exclamation-circle-line close-line
Scroll to top icon