The Tanzu Kubernetes Grid Service v1alpha2 API lets you declaratively provision Tanzu Kubernetes clusters. Refer to the list and description of all parameters and usage guidelines to create and customize your clusters.
Tanzu Kubernetes Grid Service v1alpha2 API Specification for Provisioning Tanzu Kubernetes Clusters
The YAML specification lists all available parameters for provisioning a
Tanzu Kubernetes cluster using the
Tanzu Kubernetes Grid Service v1alpha2 API.
Important: A valid key name must consist only of alphanumeric characters, a dash (such as key-name), an underscore (such as KEY_NAME) or a dot (such as key.name). You cannot use the space character in a key name.
apiVersion: run.tanzu.vmware.com/v1alpha2 kind: TanzuKubernetesCluster metadata: name: string namespace: string spec: topology: controlPlane: replicas: int32 vmClass: string storageClass: string volumes: - name: string mountPath: string capacity: storage: size in GiB tkr: reference: name: string nodeDrainTimeout: string nodePools: - name: string labels: map[string]string taints: - key: string value: string effect: string timeAdded: time replicas: int32 vmClass: string storageClass: string volumes: - name: string mountPath: string capacity: storage: size in GiB tkr: reference: name: string nodeDrainTimeout: string settings: storage: classes: [string] defaultClass: string network: cni: name: string pods: cidrBlocks: [string] services: cidrBlocks: [string] serviceDomain: string proxy: httpProxy: string httpsProxy: string noProxy: [string] trust: additionalTrustedCAs: - name: string data: string
Annotated Tanzu Kubernetes Grid Service v1alpha2 API Specification for Provisioning Tanzu Kubernetes Clusters
The annotated YAML specification lists all available parameters for provisioning a
Tanzu Kubernetes cluster using the
Tanzu Kubernetes Grid Service v1alpha2 API with documentation for each field.
Note: Currently all
tkr.reference.name
fields must match. In the future different
Tanzu Kubernetes releases for node pools may be supported.
apiVersion: run.tanzu.vmware.com/v1alpha2 kind: TanzuKubernetesCluster #valid config key must consist of alphanumeric characters, '-', '_' or '.' #metadata defines cluster information metadata: #name for this Tanzu Kubernetes cluster name: string #namespace vSphere Namespace where to provision this cluster namespace: string #spec defines cluster configuration spec: #topology describes the number, purpose, organization #of nodes and the resources allocated for each #nodes are grouped into pools based on their purpose #`controlPlane` is special kind of a node pool #`nodePools` is for groups of worker nodes #each node pool is homogeneous: its nodes have the same #resource allocation and use the same storage topology: #controlPlane defines the topology of the cluster #controller, including the number of nodes and #the resources allocated for each #control plane must have an odd number of nodes controlPlane: #replicas is the number of nodes in the pool #the control plane can have 1 or 3 nodes #defaults to 1 if `nil` replicas: int32 #vmClass is the name of the VirtualMachineClass #which describes the virtual hardware settings #to be used for each node in the node pool #vmClass controls the CPU and memory available #to the node and the requests and limits on #those resources; to list available vm classes run #`kubectl describe virtualmachineclasses` vmClass: string #storageClass to be used for storage of the disks #which store the root filesystems of the nodes #to list available storage classes run #`kubectl describe storageclasses` storageClass: string #volumes is the optional set of PVCs to create #and attach to each node; use for high-churn #control plane components such as etcd volumes: #name of the PVC to be used as the suffix (node.name) - name: string #mountPath is the directory where the volume #device is mounted; takes the form /dir/path mountPath: string #capacity is the PVC capacity capacity: #storage to be used for the disk #volume; if not specified defaults to #`spec.controlPlane.storageClass` storage: size in GiB #tkr.reference.name is the TKR NAME #to be used by control plane nodes; supported #format is `v1.21.2---vmware.1-tkg.1.ee25d55` #currently all `tkr.reference.name` fields must match tkr: reference: name: string #nodeDrainTimeout is the total amount of time #the controller will spend draining a node #the default value is 0 which means the node is #drained without any time limit nodeDrainTimeout: string #nodePools is an array that describes a group of #worker nodes in the cluster with the same configuration nodePools: #name of the worker node pool #must be unique in the cluster - name: string #labels are an optional map of string keys and values #to organize and categorize objects #propagated to the created nodes labels: map[string]string #taints specifies optional taints to register the #Node API object with; user-defined taints are #propagated to the created nodes taints: #key is the taint key to be applied to a node - key: string #value is the taint value corresponding to the key value: string #effect is the effect of the taint on pods #that do not tolerate the taint; valid effects are #`NoSchedule`, `PreferNoSchedule`, `NoExecute` effect: string #timeAdded is the time when the taint was added #only written by the system for `NoExecute` taints timeAdded: time #replicas is the number of nodes in the pool #worker nodePool can have from 0 to 150 nodes #value of `nil` means the field is not reconciled, #allowing external services like autoscalers #to choose the number of nodes for the nodePool #by default CAPI's `MachineDeployment` will pick 1 #NOTE: a cluster provisioned with 0 worker nodes/nodepools #is not assigned any load balancer services replicas: int32 #vmClass is the name of the VirtualMachineClass #which describes the virtual hardware settings #to be used for each node in the pool #vmClass controls the CPU and memory available #to the node and the requests and limits on #those resources; to list available vm classes run #`kubectl describe virtualmachineclasses` vmClass: string #storageClass to be used for storage of the disks #which store the root filesystems of the nodes #to list available storage classes run #`kubectl describe ns` storageClass: string #volumes is the optional set of PVCs to create #and attach to each node for high-churn worker node #components such as the container runtime volumes: #name of this PVC to be used as the suffix (node.name) - name: string #mountPath is the directory where the volume #device is mounted; takes the form /dir/path mountPath: string #capacity is the PVC capacity capacity: #storage to be used for the disk #volume; if not specified defaults to #`topology.nodePools[*].storageClass` storage: size in GiB #tkr.reference.name points to the TKR NAME #to be used by `spec.topology.nodePools[*]` nodes; supported #format is `v1.21.2---vmware.1-tkg.1.ee25d55` #currently all `tkr.reference.name` fields must match tkr: reference: name: string #nodeDrainTimeout is the total amount of time #the controller will spend draining a node #the default value is 0 which means the node is #drained without any time limit nodeDrainTimeout: string #settings are optional runtime configurations #for the cluster, including persistent storage #for pods and node network customizations settings: #storage defines persistent volume (PV) storage entries #for container workloads; note that the storage used for #node disks is defined by `topology.controlPlane.storageClass` #and by `spec.topology.nodePools[*].storageClass` storage: #classes is a list of persistent volume (PV) storage #classes to expose for container workloads on the cluster #any class specified must be associated with the #vSphere Namespace where the cluster is provisioned #if omitted, all storage classes associated with the #namespace will be exposed in the cluster classes: [string] #defaultClass treats the named storage class as the default #for the cluster; because all namespaced storage classes #are exposed if specific `classes` are not named, #classes is not required to specify a defaultClass #many workloads, including TKG Extensions and Helm, #require a default storage class #if omitted, no default storage class is set defaultClass: string #netowrk defines custom networking for cluster workloads network: #cni identifies the CNI plugin for the cluster #use to override the default CNI set in the #tkgservicesonfiguration spec, or when customizing #network settings for the default CNI cni: #name is the name of the CNI plugin to use; supported #values are `antrea`, `calico`, `antrea-nsx-routed` name: string #pods configures custom networks for pods #defaults to 192.168.0.0/16 if CNI is `antrea` or `calico` #defaults to empty if CNI is `antrea-nsx-routed` #custom subnet size must equal or exceed /24 #use caution before seeting CIDR range other than /16 #cannot overlap with Supervisor Cluster workload network pods: #cidrBlocks is an array of network ranges; supplying #multiple ranges may not be supported by all CNI plugins cidrBlocks: [string] #services configures custom network for services #defaults to 10.96.0.0/12 #cannot overlap with Supervisor Cluster workload network services: #cidrBlocks is an array of network ranges; supplying #multiple ranges many not be supported by all CNI plugins cidrBlocks: [string] #serviceDomain specifies the service domain for the cluster #defaults to `cluster.local` serviceDomain: string #proxy configures proxy server to be used inside the cluster #if omitted no proxy is configured proxy: #httpProxy is the proxy URI for HTTP connections #to endpoints outside the cluster #takes form `http://<user>:<pwd>@<ip>:<port>` httpProxy: string #httpsProxy is the proxy URL for HTTPS connections #to endpoints outside the cluster #takes the frorm `http://<user>:<pwd>@<ip>:<port>` httpsProxy: string #noProxy is the list of destination domain names, domains, #IP addresses, and other network CIDRs to exclude from proxying #must include Supervisor Cluster Pod, Egress, Ingress CIDRs noProxy: [string] #trust configures additional certificates for the cluster #if omitted no additional certificate is configured trust: #additionalTrustedCAs are additional trusted certificates #can be additional CAs or end certificates additionalTrustedCAs: #name is the name of the additional trusted certificate #must match the name used in the filename - name: string #data holds the contents of the additional trusted cert #PEM Public Certificate data encoded as base64 string #such as `LS0tLS1C...LS0tCg==` where "..." is the #middle section of the long base64 string data: string