Prerequisites for Configuring vSphere with Tanzu on a vSphere Cluster

Check out the prerequisites for enabling vSphere with Tanzu in your vSphere environment. To run container-based workloads natively on vSphere, as a vSphere administrator you enable Workload Management on a vSphere cluster. The result is a Kubernetes management cluster known as a Supervisor Cluster where you run vSphere Pods, provision Tanzu Kubernetes clusters, and VMs.

Create and Configure a vSphere Cluster

A vSphere cluster is a collection of ESXi hosts managed by a vCenter Server system. The Supervisor Cluster runs on a vSphere cluster. Create a vSphere cluster that meets the following requirements so that you can enable Workload Management on it:

Create and configure a vSphere cluster with at least three ESXi hosts. If you are using vSAN, it is recommended but not required to use four ESXi hosts. See Creating and Configuring Clusters.
Configure the cluster with shared storage such as vSAN. Shared storage is required for vSphere HA, DRS, and for storing persistent container volumes. See Creating a vSAN Cluster.
If you plan to use persistent volumes in ReadWriteMany mode, enable File Services on the vSAN cluster. See Creating ReadWriteMany Persistent Volumes in vSphere with Tanzu.
Enable the cluster with vSphere HA. See Creating and Using vSphere HA Clusters.
Enable the cluster with vSphere DRS in fully-automated mode. See Creating a DRS Cluster.
Verify that your user account has the Modify cluster-wide configuration on the vSphere cluster so that you can enable the Workload Management functionality.
If you want to use vSphere Lifecycle Manager images with the Supervisor Cluster, switch the vSphere cluster where you want to activate Workload Management to use vSphere Lifecycle Manager images before activating Workload Management. You can manage the lifecycle of a Supervisor Cluster with either vSphere Lifecycle Manager baselines or vSphere Lifecycle Manager images. However, you cannot convert a Supervisor Cluster that uses vSphere Lifecycle Manager baselines to a Supervisor Cluster that uses vSphere Lifecycle Manager images. Therefore, switching the vSphere cluster to using vSphere Lifecycle Manager images before you activate Workload Management is required.

Caution: Do not disable vSphere DRS after you configure the Supervisor Cluster. Having DRS enabled at all times is a mandatory prerequisite for running workloads on the Supervisor Cluster. Disabling DRS leads to breaking your Tanzu Kubernetes clusters.

Choose and Configure the Networking Stack

To enable Workload Management on a vSphere cluster, you must configure the networking stack to be used for the Supervisor Cluster. You have two options: NSX or vSphere Distributed Switch (vDS) networking with a load balancer. You can configure the NSX Advanced Load Balancer or the HAProxy load balancer.

The table lists the high-level differences between the two supported networking stacks. For more information about the architectural differences, see Supervisor Cluster Configured with the vSphere Networking Stack.

Functionality	NSX-T Networking	vDS Networking
vSphere Pods	Yes	No
Tanzu Kubernetes clusters	Yes	Yes
Embedded Harbor Registry	Yes	No
Load Balancing	Yes	Yes, by installing and configuring the NSX Advanced Load Balancer or the HAProxy load balancer.

To use NSX networking for the Supervisor Cluster:

Review the system requirements and topologies for NSX-T networking. See System Requirements for Setting Up vSphere with Tanzu with NSX.
Install and configure NSX-T Data Center for vSphere with Tanzu. See Install and Configure NSX for vSphere with Tanzu.

To use vSphere vDS networking with the NSX Advanced Load Balancer for the Supervisor Cluster:

Review the NSX Advanced Load Balancer requirements. See System Requirements for Setting Up vSphere with Tanzu with vSphere Networking and NSX Advanced Load Balancer.
Create a vSphere Distributed Switch (vDS) and add all ESXi hosts from the cluster to the vDS and create port groups for Workload Networks. See Create a vSphere Distributed Switch for a Supervisor Cluster for Use with NSX Advanced Load Balancer.
Deploy and configure the NSX Advanced Load Balancer. See Deploy the Controller.

Note: vSphere with Tanzu supports the NSX Advanced Load Balancer with vSphere 7 U2 and later.

To use vSphere vDS networking with HAProxy load balancing for the Supervisor Cluster:

Review the system requirements and network topologies for vSphere networking with an external load balancer. See System Requirements for Setting Up vSphere with Tanzu with vSphere Networking and HAProxy Load Balancer and Topologies for Deploying the HAProxy Load Balancer.
Create a vSphere Distributed Switch (vDS) and add all ESXi hosts from the cluster to the vDS and create port groups for Workload Networks. See Create a vSphere Distributed Switch for a Supervisor Cluster for Use with HAProxy Load Balancer.
Install and configure HAProxy load balancer instance that is routable to the vSphere Distributed Switch that is connected to the hosts from the vSphere cluster. The HAProxy load balancer supports the network connectivity to workloads from client networks and to load balance traffic between Tanzu Kubernetes clusters. See Install and Configure the HAProxy Load Balancer.

Note: vSphere with Tanzu supports the HAProxy load balancer with vSphere 7 U1 and later.

Create Storage Policy

You must create storage policies that will determine the datastore placement of the Kubernetes control plane VMs, containers, and images. You can create storage policies associated with different storage classes.

Before enabling Workload Management on a vSphere cluster, create a storage policy for the placement of Kubernetes control plane VMs. See Create Storage Policies for vSphere with Tanzu.

Create a Content Library

To provision Tanzu Kubernetes clusters and VMs, you need a Content Library created in the vCenter Server that manages the vSphere cluster where the Supervisor Cluster runs.

The Content Library provides the system with the distributions of Tanzu Kubernetes releases in the form of OVA templates. When you provision a Tanzu Kubernetes cluster, the OVA template for the selected version is used to create the Kubernetes cluster nodes.

You can create a Subscribed Content Library to automatically pull the latest released images, or you can create a Local Content Library and manually upload the images, which may be required for air-gapped provisioning of Tanzu Kubernetes clusters.

See Creating and Managing Content Libraries for Tanzu Kubernetes releases.

Watch vSphere with Tanzu Demos

Although not a hard requirement, before you embark it may be helpful to watch some demonstrations of vSphere with Tanzu, including setting up the vSphere environment in preparation for deploying the Supervisor Cluster, enabling Workload Management, and provisioning Tanzu Kubernetes clusters. If this sounds useful, check out the series of vSphere with Tanzu Deep Dive videos on the VMware vSphere channel. You can also check the vSphere Tanzu Quick Bytes series of short videos for configuring Workload Management with vDS networking and HAProxy Load Balancer.