You provision a Tanzu Kubernetes cluster using a declarative YAML file that invokes the Tanzu Kubernetes Grid Service API.

Prerequisites

  • Review the cluster provisioning workflow and prerequisites. See Workflow for Creating Tanzu Kubernetes Clusters.
  • Get the IP address of the Supervisor Cluster control plane.
  • Get the name of the Supervisor Namespace where you plan to deploy the Tanzu Kubernetes cluster.

Procedure

  1. Using the vSphere Plugin for kubectl, authenticate with the Supervisor Cluster. See Connect to the Supervisor Cluster as a vCenter Single Sign-On User.
    kubectl vsphere login --server=IP-ADDRESS --vsphere-username USERNAME
  2. Switch context to the namespace where you want to deploy the Tanzu Kubernetes cluster.
    kubectl config use-context SUPERVISOR-NAMESPACE
    For example:
    kubectl config get-contexts
    kubectl config use-context tkgs-ns-2
  3. Select an image version.
    1. Decide the Kubernetes version that you want to use by listing the available content images using either of the following commands.
      kubectl get tanzukubernetesreleases
      kubectl get virtualmachineimages
    2. View more information about the available images using either of the following commands.
      kubectl describe tanzukubernetesreleases
      kubectl describe virtualmachineimages
      Note: See also the topic Supported Update Path for more information about the available images.
  4. Create a YAML file with the required configuration parameters to define the cluster.
    1. Start with one of the example YAML files. See Example YAML Files for Provisioning Tanzu Kubernetes Clusters.
    2. Craft the YAML to suit your specifications by referring to the list supported parameters. See Configuration Parameters for Tanzu Kubernetes Clusters.
    Note: Version shortcuts are supported, such as version: v1.18.5 and version: v1.18.
  5. Provision the Tanzu Kubernetes cluster using the following kubectl command.
    kubectl apply -f CLUSTER-NAME.yaml
  6. Monitor cluster provisioning using the vSphere Client. See Monitor Tanzu Kubernetes Cluster Status Using the vSphere Client.
  7. Verify cluster provisioning using the following kubectl commands.
    1. Verify that the cluster is provisioned.
      kubectl get tanzukubernetesclusters
      For example:
      kubectl get tanzukubernetesclusters
      NAME             CONTROL PLANE   WORKER   DISTRIBUTION                     AGE   PHASE
      tkgs-cluster-2   3               3        v1.18.5+vmware.1-tkg.1.c40d30d   18h   running
    2. Get details on the cluster.
      kubectl describe tanzukubernetescluster CLUSTER-NAME
    3. Run additional commands to verify cluster provisioning. See Tanzu Kubernetes Cluster Operational Commands.
    4. If necessary, debug the provisioning of the cluster using the following command.
      kubectl get tanzukubernetescluster,cluster-api,virtualmachinesetresourcepolicy,virtualmachineservice,virtualmachine
      Note: For additional troubleshooting, see Troubleshooting Tanzu Kubernetes Clusters.
  8. Log in to the cluster. See Connect to a Tanzu Kubernetes Cluster as a vCenter Single Sign-On User.
    kubectl vsphere login --server=IP-ADDRESS --vsphere-username USERNAME 
    --tanzu-kubernetes-cluster-name CLUSTER-NAME --tanzu-kubernetes-cluster-namespace NAMESPACE
  9. Verify cluster provisioning using the following kubectl commands.
    kubectl cluster-info
    kubectl get nodes
    kubectl get namespaces
    kubectl api-resources
  10. Deploy an example workload and verify cluster creation. See Deploying Workloads to Tanzu Kubernetes Clusters.
    Note: Tanzu Kubernetes clusters have pod security policy enabled. Depending on the workload and user, you might need to create an appropriate RoleBinding or custom PodSecurityPolicy. See Using Pod Security Policies with Tanzu Kubernetes Clusters.