Use VMware Tanzu Mission Control to provision the necessary resources and create a new Tanzu Kubernetes cluster.


Log in to the Tanzu Mission Control console, as described in Log In to the Tanzu Mission Control Console.

Before you can create new clusters using Tanzu Mission Control, you must first establish a connection with your management cluster.
  1. Create a provisioner into which you will provision the cluster, as described in Create a Provisioner
  2. Set up a cloud provider account connection. For more information, see Connect an AWS Account for Cluster Lifecycle Management in Your aws-hosted Management Cluster.
Make sure you have the appropriate permissions to create a Tanzu Kubernetes cluster.
  • To provision a cluster, you must be associated with the clustergroup.edit role on the cluster group in which you want to put the new cluster.
  • To see and use a cloud provider account connection for creating a cluster, you must be associated with the organization.credential.view role.
  • You must also have admin privileges on the management cluster to provision resources within it.


  1. In the left navigation pane of the Tanzu Mission Control console, click Clusters.
  2. On the Clusters page, click Create Cluster, and then choose where to create the workload cluster.
    • Choose Tanzu Kubernetes Grid on AWS to provision a cluster into your aws-hosted management cluster.
  3. For clusters not in your aws-hosted management cluster, select the management cluster in which you want to create the cluster.
  4. Select the provisioner in which you want to create the cluster, and then select the AWS account credential to use.
  5. Enter the name, group, and other details for the cluster.
    1. Enter a name for the cluster.
      Cluster names must be unique within an organization.
    2. Select the cluster group to which you want to attach your cluster and make sure the appropriate account is selected.
    3. You can optionally enter a description and apply labels.
    4. Click Next.
  6. Select your configuration options.
    1. Select the region in which to create the cluster.
      You can optionally choose a region other than the default selection, if you have already created an SSH key pair for that region, as described in Managing Cloud Provider Accounts.
    2. Select the SSH key to use for the connection.
      The dropdown displays the key pairs that exist in the selected region. After you define a key pair in your cloud provider, it may be a few minutes before the key is displayed here.
      Note: To provision a cluster and to subsequently SSH to that cluster, you must have the secret key available to you locally.
    3. Select the Kubernetes version to use for the cluster.
      The latest supported version is preselected for you.
    4. Specify a VPC to use for the cluster.
      You can create a new VPC or use an existing one.
      If you want to use an existing VPC, make sure it satisfies the requirements listed in Requirements for Using an Existing VPC to Provision a Cluster.
    5. If you choose to create a new VPC, you can optionally define an alternative CIDR for the VPC.
    6. You can optionally define an alternative CIDR for the pod and service.
      The Pod CIDR and Service CIDR cannot be change after the cluster is created.
    7. Click Next.

  7. Select the type of cluster you want to create.
    The primary difference between the two is that the highly available cluster is deployed in multiple availability zones.
    • You can optionally select a different instance type for the cluster's control plane node.
  8. Specify the availabillity zones in which to deploy the cluster.
    For highly available clusters, you can choose multiple availability zones.

    If you are creating a cluster in an existing VPC, rather than creating a new one, you must also specify a public subnet and a private subnet for each availability zone.

  9. Click Next.
  10. You can optionally define a node pool for your cluster.
    For more information about node pools, see Create a Node Pool.
  11. When you ready to provision the new cluster, click Create Cluster.


When you click Create Cluster, you are directed to the cluster detail page where you can see its status is Unknown while it is being created. Tanzu Mission Control provisions the resources necessary for your cluster in your management cluster. It then creates the workload cluster and attaches it to your organization in the cluster group that you specified. This process takes a few minutes.