This section provides an overview of packages you can install and configure on workload clusters in Tanzu Kubernetes Grid.
Installing a package on a workload cluster created by Tanzu Kubernetes Grid adds a functionality to the cluster. This functionality typically provides services to the workloads that the cluster hosts. For example, the Antrea package provides the Antrea container network interface (CNI), the Contour package ingress control services, the Harbor package a private container registry, and so on. Some packages support the operation of the cluster itself.
Internally, a package consists of configuration metadata and image references that inform the package manager what software the package contains and how to install it into a Kubernetes cluster. Packages are grouped into package repositories. Some packages are enabled in clusters automatically while others are installed explicitly by using the Tanzu CLI. For more information about how packages and package repositories are implemented in Tanzu Kubernetes Grid, see Carvel API Resources below.
Tanzu Kubernetes Grid includes the following types of packages:
tanzu-standardpackage repository or in other repositories that you add to your clusters. See the CLI-Managed Packages section below.
These packages are typically required for basic cluster functionality. Tanzu Kubernetes Grid installs and upgrades them automatically when you create and upgrade a Kubernetes cluster.
tanzu package CLI plugin is intended only for CLI-managed packages. Do not use the
tanzu package CLI plugin to install and manage auto-managed packages. Their lifecycle is managed by Tanzu Kubernetes Grid.
Tanzu Kubernetes Grid manages the lifecycle of auto-managed packages. This includes automatic package installation and version updates.
Auto-managed packages are installed during cluster creation. To determine which auto-managed packages to install in a workload cluster, Tanzu Kubernetes Grid reads the Tanzu Kubernetes release that is used to create the cluster and cluster-specific configuration information. When you upgrade a workload cluster, as part of the upgrade process, Tanzu Kubernetes Grid updates the versions of the auto-managed packages that are installed in the cluster.
The table below lists the auto-managed packages that TKG installs and what types of clusters they are installed in.
Auto-managed packages are installed from the
tanzu-core repository and run in the following namespace, depending on TKG deployment type:
|Package||Installed in (with Supervisor)||Installed in (with standalone management cluster)||Description|
||Not installed||Management (vSphere with NSX ALB only)||Provides VMware NSX Advanced Load Balancer. This package is installed if NSX Advanced Load Balancer is enabled.|
||Workload||Management and workload||Enables pod networking and enforces network policies for Kubernetes clusters. Installed by default, unless Calico is selected as the CNI provider.|
||Workload||Management and workload||Enables pod networking and enforces network policies for Kubernetes clusters. Installed if Calico is selected as the CNI provider|
||Workload||Workload||Enables the Capabilities API|
||Workload||Not installed||Manages vSphere single sign-on (SSO), which enables vSphere SSO users to access the target workload cluster|
||Workload||Management and workload||Manages packages.|
||Not installed||Management and workload (vSphere with NSX ALB only)||Provides L4+L7 load balancing for applications running in clusters created by Tanzu Kubernetes Grid; used for north-south traffic. This package is installed if NSX Advanced Load Balancer is enabled.|
||Workload||Management and workload||Provides Metrics Server|
||Workload||Management and workload||Provides user authentication. Installed only if an identity provider is configured. Can be installed in a standalone management cluster after it is already created; see Enable and Configure Identity Management in an Existing Deployment.|
||Management||Management||Manages the lifecycle of
||Workload||Management and workload (vSphere only)||Provides the vSphere Cloud Provider Interface|
||Workload||Not installed||Provides the vSphere Cloud Storage Interface|
CLI-managed packages extend Kubernetes clusters created by Tanzu Kubernetes Grid. After creating a cluster, you can install packages from the
tanzu-standard package repository or from package repositories that you add to the cluster.
For a list of CLI-managed packages, the package repositories where they are published, and how to install them, see Installing and Managing Packages with the Tanzu CLI in Creating and Managing TKG 2.1 Workload Clusters with the Tanzu CLI.
To make packages available in Kubernetes clusters, Tanzu Kubernetes Grid creates the following API resources in the target cluster:
pkgr, represents a single package repository. It points
kapp-controller, a package manager, to the package repository that is defined in the resource. A package repository contains
PackageMetadataresources. After a
PackageRepositoryis created in your target cluster,
kapp-controllercan install any of the packages that the package repository contains. This API resource is used only for CLI-managed packages.
pkg, contains version-specific information about a given package and defines how to install the package.
Packageresource when installing the package.
pkgm, contains version-agnostic information about a given package.
pkgi, represents an installed package in your target cluster. It also references the
Packageresource that was used to install the package.
You can list and view these resources by using the
kubectl api-resources and
kubectl get commands. For more information about the Carvel API resources, see Packaging in the Carvel documentation.