The Tanzu Kubernetes Grid Service v1alpha2 API lets you declaratively provision Tanzu Kubernetes clusters. Refer to the list and description of all parameters and usage guidelines to create and customize your clusters.
Tanzu Kubernetes Grid Service v1alpha2 API Specification for Provisioning Tanzu Kubernetes Clusters
The YAML specification lists all available parameters for provisioning a
Tanzu Kubernetes cluster using the
Tanzu Kubernetes Grid Service v1alpha2 API.
Important: A valid key name must consist only of alphanumeric characters, a dash (such as key-name), an underscore (such as KEY_NAME) or a dot (such as key.name). You cannot use the space character in a key name.
apiVersion: run.tanzu.vmware.com/v1alpha2
kind: TanzuKubernetesCluster
metadata:
name: string
namespace: string
spec:
topology:
controlPlane:
replicas: int32
vmClass: string
storageClass: string
volumes:
- name: string
mountPath: string
capacity:
storage: size in GiB
tkr:
reference:
name: string
nodeDrainTimeout: string
nodePools:
- name: string
labels: map[string]string
taints:
- key: string
value: string
effect: string
timeAdded: time
replicas: int32
vmClass: string
storageClass: string
volumes:
- name: string
mountPath: string
capacity:
storage: size in GiB
tkr:
reference:
name: string
nodeDrainTimeout: string
settings:
storage:
classes: [string]
defaultClass: string
network:
cni:
name: string
pods:
cidrBlocks: [string]
services:
cidrBlocks: [string]
serviceDomain: string
proxy:
httpProxy: string
httpsProxy: string
noProxy: [string]
trust:
additionalTrustedCAs:
- name: string
data: string
Annotated Tanzu Kubernetes Grid Service v1alpha2 API Specification for Provisioning Tanzu Kubernetes Clusters
The annotated YAML specification lists all available parameters for provisioning a
Tanzu Kubernetes cluster using the
Tanzu Kubernetes Grid Service v1alpha2 API with documentation for each field.
Note: Currently all
tkr.reference.name fields must match. In the future different
Tanzu Kubernetes releases for node pools may be supported.
apiVersion: run.tanzu.vmware.com/v1alpha2
kind: TanzuKubernetesCluster
#valid config key must consist of alphanumeric characters, '-', '_' or '.'
#metadata defines cluster information
metadata:
#name for this Tanzu Kubernetes cluster
name: string
#namespace vSphere Namespace where to provision this cluster
namespace: string
#spec defines cluster configuration
spec:
#topology describes the number, purpose, organization
#of nodes and the resources allocated for each
#nodes are grouped into pools based on their purpose
#`controlPlane` is special kind of a node pool
#`nodePools` is for groups of worker nodes
#each node pool is homogeneous: its nodes have the same
#resource allocation and use the same storage
topology:
#controlPlane defines the topology of the cluster
#controller, including the number of nodes and
#the resources allocated for each
#control plane must have an odd number of nodes
controlPlane:
#replicas is the number of nodes in the pool
#the control plane can have 1 or 3 nodes
#defaults to 1 if `nil`
replicas: int32
#vmClass is the name of the VirtualMachineClass
#which describes the virtual hardware settings
#to be used for each node in the node pool
#vmClass controls the CPU and memory available
#to the node and the requests and limits on
#those resources; to list available vm classes run
#`kubectl describe virtualmachineclasses`
vmClass: string
#storageClass to be used for storage of the disks
#which store the root filesystems of the nodes
#to list available storage classes run
#`kubectl describe storageclasses`
storageClass: string
#volumes is the optional set of PVCs to create
#and attach to each node; use for high-churn
#control plane components such as etcd
volumes:
#name of the PVC to be used as the suffix (node.name)
- name: string
#mountPath is the directory where the volume
#device is mounted; takes the form /dir/path
mountPath: string
#capacity is the PVC capacity
capacity:
#storage to be used for the disk
#volume; if not specified defaults to
#`spec.controlPlane.storageClass`
storage: size in GiB
#tkr.reference.name is the TKR NAME
#to be used by control plane nodes; supported
#format is `v1.21.2---vmware.1-tkg.1.ee25d55`
#currently all `tkr.reference.name` fields must match
tkr:
reference:
name: string
#nodeDrainTimeout is the total amount of time
#the controller will spend draining a node
#the default value is 0 which means the node is
#drained without any time limit
nodeDrainTimeout: string
#nodePools is an array that describes a group of
#worker nodes in the cluster with the same configuration
nodePools:
#name of the worker node pool
#must be unique in the cluster
- name: string
#labels are an optional map of string keys and values
#to organize and categorize objects
#propagated to the created nodes
labels: map[string]string
#taints specifies optional taints to register the
#Node API object with; user-defined taints are
#propagated to the created nodes
taints:
#key is the taint key to be applied to a node
- key: string
#value is the taint value corresponding to the key
value: string
#effect is the effect of the taint on pods
#that do not tolerate the taint; valid effects are
#`NoSchedule`, `PreferNoSchedule`, `NoExecute`
effect: string
#timeAdded is the time when the taint was added
#only written by the system for `NoExecute` taints
timeAdded: time
#replicas is the number of nodes in the pool
#worker nodePool can have from 0 to 150 nodes
#value of `nil` means the field is not reconciled,
#allowing external services like autoscalers
#to choose the number of nodes for the nodePool
#by default CAPI's `MachineDeployment` will pick 1
#NOTE: a cluster provisioned with 0 worker nodes/nodepools
#is not assigned any load balancer services
replicas: int32
#vmClass is the name of the VirtualMachineClass
#which describes the virtual hardware settings
#to be used for each node in the pool
#vmClass controls the CPU and memory available
#to the node and the requests and limits on
#those resources; to list available vm classes run
#`kubectl describe virtualmachineclasses`
vmClass: string
#storageClass to be used for storage of the disks
#which store the root filesystems of the nodes
#to list available storage classes run
#`kubectl describe ns`
storageClass: string
#volumes is the optional set of PVCs to create
#and attach to each node for high-churn worker node
#components such as the container runtime
volumes:
#name of this PVC to be used as the suffix (node.name)
- name: string
#mountPath is the directory where the volume
#device is mounted; takes the form /dir/path
mountPath: string
#capacity is the PVC capacity
capacity:
#storage to be used for the disk
#volume; if not specified defaults to
#`topology.nodePools[*].storageClass`
storage: size in GiB
#tkr.reference.name points to the TKR NAME
#to be used by `spec.topology.nodePools[*]` nodes; supported
#format is `v1.21.2---vmware.1-tkg.1.ee25d55`
#currently all `tkr.reference.name` fields must match
tkr:
reference:
name: string
#nodeDrainTimeout is the total amount of time
#the controller will spend draining a node
#the default value is 0 which means the node is
#drained without any time limit
nodeDrainTimeout: string
#settings are optional runtime configurations
#for the cluster, including persistent storage
#for pods and node network customizations
settings:
#storage defines persistent volume (PV) storage entries
#for container workloads; note that the storage used for
#node disks is defined by `topology.controlPlane.storageClass`
#and by `spec.topology.nodePools[*].storageClass`
storage:
#classes is a list of persistent volume (PV) storage
#classes to expose for container workloads on the cluster
#any class specified must be associated with the
#vSphere Namespace where the cluster is provisioned
#if omitted, all storage classes associated with the
#namespace will be exposed in the cluster
classes: [string]
#defaultClass treats the named storage class as the default
#for the cluster; because all namespaced storage classes
#are exposed if specific `classes` are not named,
#classes is not required to specify a defaultClass
#many workloads, including TKG Extensions and Helm,
#require a default storage class
#if omitted, no default storage class is set
defaultClass: string
#netowrk defines custom networking for cluster workloads
network:
#cni identifies the CNI plugin for the cluster
#use to override the default CNI set in the
#tkgservicesonfiguration spec, or when customizing
#network settings for the default CNI
cni:
#name is the name of the CNI plugin to use; supported
#values are `antrea`, `calico`, `antrea-nsx-routed`
name: string
#pods configures custom networks for pods
#defaults to 192.168.0.0/16 if CNI is `antrea` or `calico`
#defaults to empty if CNI is `antrea-nsx-routed`
#custom subnet size must equal or exceed /24
#use caution before seeting CIDR range other than /16
#cannot overlap with Supervisor Cluster workload network
pods:
#cidrBlocks is an array of network ranges; supplying
#multiple ranges may not be supported by all CNI plugins
cidrBlocks: [string]
#services configures custom network for services
#defaults to 10.96.0.0/12
#cannot overlap with Supervisor Cluster workload network
services:
#cidrBlocks is an array of network ranges; supplying
#multiple ranges many not be supported by all CNI plugins
cidrBlocks: [string]
#serviceDomain specifies the service domain for the cluster
#defaults to `cluster.local`
serviceDomain: string
#proxy configures proxy server to be used inside the cluster
#if omitted no proxy is configured
proxy:
#httpProxy is the proxy URI for HTTP connections
#to endpoints outside the cluster
#takes form `http://<user>:<pwd>@<ip>:<port>`
httpProxy: string
#httpsProxy is the proxy URL for HTTPS connections
#to endpoints outside the cluster
#takes the frorm `http://<user>:<pwd>@<ip>:<port>`
httpsProxy: string
#noProxy is the list of destination domain names, domains,
#IP addresses, and other network CIDRs to exclude from proxying
#must include Supervisor Cluster Pod, Egress, Ingress CIDRs
noProxy: [string]
#trust configures additional certificates for the cluster
#if omitted no additional certificate is configured
trust:
#additionalTrustedCAs are additional trusted certificates
#can be additional CAs or end certificates
additionalTrustedCAs:
#name is the name of the additional trusted certificate
#must match the name used in the filename
- name: string
#data holds the contents of the additional trusted cert
#PEM Public Certificate data encoded as base64 string
#such as `LS0tLS1C...LS0tCg==` where "..." is the
#middle section of the long base64 string
data: string
