Deploying Tanzu for Kubernetes Operations
Because Tanzu for Kubernetes Operations (TKO) is a set of discrete product components from the Tanzu portfolio, you will deploy and configure each of the components separately.
For ease of deployment, use the following basic workflow.
The specifics of your deployment may vary depending on the platform, such as vSphere, VMware Cloud, or a public cloud, and the outcome you want to achieve, such as setting up a unified plane of glass to manage your Kubernetes environment or setting up a Kubernetes cluster at the edge.
Prerequisites
Before you deploy Tanzu for Kubernetes Operations,
- Identify the deployment option that you will use. See Deployment options.
- Review these prerequisites.
Supported component versions
For the component versions supported in this getting started guide, see Component versions.
Overview of the deployment steps
The following link to high-level overviews of the deployment steps that are tailored to the specific deployment option.
| Deployment Option | Deployment Steps |
|---|---|
| I want to create Kubernetes clusters on my vSphere environment | Deploy Kubernetes cluster on vSphere |
| I want to manage my existing Kubernetes environment on vSphere and extend it to a public cloud | Deploy Tanzu Kubernetes Grid management cluster on public cloud |
| I want to apply my security policies in Kubernetes environment on public cloud including the provider native Kubernetes services | Deploy and manage security policies to Kubernetes environments |
| I want to create Kubernetes clusters in an air-gapped environment | Deploy Kubernetes clusters in an air-gapped environment |
| I want to create Kubernetes clusters at an edge site | Deploy Kubernetes clusters at an edge site |
Deploy Kubernetes clusters on vSphere
You can deploy Kubernetes clusters on vSphere using Supervisor or a standalone management cluster.
NoteSetting up Tanzu Mission Control provides a single pane of glass user interface to create and manage workload clusters and set up access and security policies. For ease of deployment, we recommend configuring Tanzu Mission Control.
Supervisor
The following provides the high-level steps for deploying Tanzu Kubernetes Grid clusters on a Supervisor. A Supervisor is automatically created when you enable vSphere with Tanzu. This use case is common in software-defined data center (SDDC) deployments.
- (Optional)Configure SaaS services.
- Deploy VMware NSX Advanced Load Balancer.
- Enable Workload Management with vSphere Networking.
- Deploy Tanzu Kubernetes Grid clusters.
- If you set up Tanzu Mission Control, you can Provision a New Cluster in Tanzu Mission Control.
- (Optional)Manage clusters in Tanzu Mission Control.
- (Optional)Set up Access Policies in Tanzu Mission Control.
Standalone management cluster
You can also deploy a Tanzu Kubernetes Grid standalone management cluster on vSphere. This use case is common in edge deployments. The following provides an overview of the steps for deploying Tanzu Kubernetes Grid standalone management cluster and workload clusters on vSphere.
If you are deploying in an edge site, also see Deploy Kubernetes clusters at an edge site.
- (Optional)Configure SaaS services.
- Deploy VMware NSX Advanced Load Balancer.
- Install the VMware Tanzu CLI.
- Deploy standalone management cluster.
- Create workload clusters.
- If you set up Tanzu Mission Control, you can Provision a New Cluster in Tanzu Mission Control.
- If did not set up Tanzu Mission Control, you can use Tanzu CLI to create workload clusters. See Deploy workload cluster.
- (Optional)Manage clusters in Tanzu Mission Control.
- (Optional)Set up Access Policies in Tanzu Mission Control.
Deploy Tanzu Kubernetes Grid management cluster on public cloud
The following provides a high-level overview of the deployment steps for deploying Tanzu Kubernetes on a public cloud environment such as AWS or Azure or on vSphere on VMware Cloud (VMC). You can use Tanzu Mission Control to create and manage workload clusters and set up access and security policies. If you have an existing Tanzu Kubernetes environment on vSphere, you can manage your on-premises environment and your cloud Kubernetes environment on Tanzu Mission Control.
- Configure SaaS services.
- Deploy VMware NSX Advanced Load Balancer.
- Install the VMware Tanzu CLI.
- Deploy VMware Tanzu Kubernetes Grid.
- Provision a New Cluster in Tanzu Mission Control.
- Manage clusters in Tanzu Mission Control.
- Set up Access Policies in Tanzu Mission Control.
Deploy and manage security policies to Kubernetes environments
You can manage access policies, authentication, and security for your Kubernetes fleet across clouds, on-premises, and hybrid environments from the Tanzu Mission Control user interface.
To start using Tanzu Mission Control, see Getting Started with VMware Tanzu Mission Control.
Deploy Kubernetes clusters in an air-gapped environment
An air-gapped environment has no physical connection to the Internet.
If you are deploying Tanzu Kubernetes Grid in an air-gapped environment, see the following documentation:
- Prepare an Internet-Restricted Environment in the Tanzu Kubernetes Grid product documentation.
- Attach a Cluster Running Behind a Proxy Server in the Tanzu Mission Control product documentation.
Deploy Kubernetes clusters at an edge site
You may need to deploy Kubernetes on the edge for reasons such as, to avoid latency, due to data volume and bandwidth considerations, the need for autonomous disconnected operations, privacy, and security.
VMware Tanzu Edge Solution Reference Architecture 1.0 provides a best practice for running Tanzu at edge sites where the VMware Edge Compute Stack is already deployed. It also documents how to deploy the reference architecture.
