Tanzu Kubernetes Grid Service Components

The Tanzu Kubernetes Grid Service exposes three layers of controllers to manage the lifecycle of a Tanzu Kubernetes cluster.

• The Tanzu Kubernetes Grid Service provisions clusters that include the components necessary to integrate with the underlying vSphere Namespace resources. These components include a Cloud Provider Plugin that integrates with the Supervisor Cluster. In addition, a Tanzu Kubernetes cluster passes requests for persistent volumes to the Supervisor Cluster, which is integrated with VMware Cloud Native Storage (CNS). See Using Persistent Storage in vSphere with Tanzu.
• The Cluster API provides declarative, Kubernetes-style APIs for cluster creation, configuration, and management. The inputs to Cluster API include a resource describing the cluster, a set of resources describing the virtual machines that make up the cluster, and a set of resources describing cluster add-ons.
• The Virtual Machine Service provides a declarative, Kubernetes-style API for management of VMs and associated vSphere resources. The Virtual Machine Service introduces the concept of a virtual machine class that represents an abstract reusable hardware configuration. The functionality provided by the Virtual Machine Service is used to manage the lifecycle of the control plane and worker node VMs hosting a Tanzu Kubernetes cluster.

Tanzu Kubernetes Cluster Components

The components that run in a Tanzu Kubernetes cluster span four areas: Authentication and authorization, storage integration, pod networking, and load balancing.

• Authentication webhook: A webhook running as a pod inside the cluster to validate user authentication tokens.
• Container Storage Interface Plugin: A Paravirtual CSI plug-in that integrates with CNS through the Supervisor Cluster.
• Container Network Interface Plug-in: A CNI plugin that provides pod networking.
• Cloud Provider Implementation: Supports creating Kubernetes load balancer services.

Tanzu Kubernetes Grid Service API

You use the Tanzu Kubernetes Grid Service API to provision and manage Tanzu Kubernetes clusters. It is a declarative API that you invoke using kubectl and YAML.

With a declarative API, instead of making imperative commands to the system, you specify the desired state of the Tanzu Kubernetes cluster: how many nodes, available storage, VM sizes, Kubernetes software version. The Tanzu Kubernetes Grid Service does the work to provision a cluster that matches the desired state.

To call the Tanzu Kubernetes Grid Service API, you invoke kubectl using a YAML file, which in turn invokes the API. After the cluster is created, you update the YAML to update the cluster.

Tanzu Kubernetes Grid Service Interfaces

vSphere administrators use the vSphere Client to configure the vSphere Namespace and grant permissions. They can also monitor the resources used by cluster components and to view relevant information from those resources in the vSphere inventory.

DevOps engineers use the vSphere Plugin for kubectl to connect to the vSphere Namespace with their vCenter Single Sign-On credentials. After connecting, DevOps engineers use kubectl to provision Tanzu Kubernetes clusters.

Developers can connect to a provisioned cluster using the vSphere Plugin for kubectl and their vCenter Single Sign-On credentials. Alternatively, if the cluster administrator configured a supported Kubernetes authentication provider, developers can connect using kubectl. To deploy workloads in Kubernetes and interact with the cluster environment, developers use kubectl.

Tanzu Kubernetes Grid Service Demo

Watch the following video to learn how you can use the Tanzu Kubernetes Grid Service to create and operate Tanzu Kubernetes clusters: vSphere 7 with Kubernetes - Tanzu Kubernetes cluster - Technical Overview.