Kubernetes is a great platform that provides development teams with a single API to deploy, manage, and run applications. However, running, maintaining, and securing Kubernetes is a complex task. VMware Tanzu for Kubernetes Operations simplifies Kubernetes operations. It determines what base OS instances to use, which Kubernetes Container Network Interface (CNI) and Container Storage Interfaces (CSI) to use, how to secure the Kubernetes API, and much more. It monitors, upgrades, and backs up clusters and helps teams provision, manage, secure, and maintain Kubernetes clusters on a day-to-day basis.
Note: This reference architecture is tested to work with Tanzu Kubernetes Grid 2.1. This reference architecture will be refreshed shortly to capture new features and capabilities introduced in Tanzu Kubernetes Grid 2.1.
The following diagram provides a high-level reference architecture for deploying the components available with Tanzu for Kubernetes Operations as a solution.
The reference architecture documentation provides several reference designs and the instructions for deploying the reference designs. The reference designs are based on the high-level reference architecture and they are tailored for deploying Tanzu for Kubernetes Operations on your IaaS or infrastructure of choice.
The reference architecture and the reference designs are tested and supported by VMware.
The following components are used in the reference architecture:
VMware Tanzu Kubernetes Grid - Enables creation and lifecycle management operations of Kubernetes clusters.
vSphere with Tanzu - Transforms vSphere into a platform for running Kubernetes workloads natively on the hypervisor layer. When enabled on a vSphere cluster, vSphere with Tanzu provides the capability to run Kubernetes workloads directly on ESXi hosts and to create upstream Kubernetes clusters within dedicated resource pools.
VMware Tanzu Mission Control - Provides a global view of Kubernetes clusters and allows for centralized policy management across all deployed and attached clusters.
VMware Tanzu Observability by Wavefront - Provides a centralized management platform for consistently operating and securing your Kubernetes infrastructure and modern applications across multiple teams and clouds.
VMware Tanzu Service Mesh - Provides consistent control and security for microservices, end users, and data, across all your clusters and clouds.
VMware NSX Advanced Load Balancer Enterprise Edition - Provides layer 4 service type load balancer support. NSX Advanced Load Balancer is recommended for vSphere deployments without NSX-T, or which have unique scale requirements.
Pinniped - Provides identity services to Kubernetes. It is an authentication service for Kubernetes to set up integration with identity providers such as OKTA, Dex, and LDAP.
User-managed packages - Provides in-cluster and shared services to the Kubernetes clusters that are running in your Tanzu Kubernetes Grid environment.