To provision vSphere Pods, or Tanzu Kubernetes clusters by using the Tanzu Kubernetes Grid Service, you connect to the Supervisor Cluster by using the vSphere Plugin for kubectl and authenticate with your vCenter Single Sign-On credentials.

After you log in to the Supervisor Cluster, the vSphere Plugin for kubectl generates the context for the cluster. In Kubernetes, a configuration context contains a cluster, a namespace, and a user. You can view the cluster context in the file .kube/config. This file is commonly called the kubeconfig file.
Note: If you have an existing kubeconfig file, it is appended with each cluster context. The vSphere Plugin for kubectl respects the KUBECONFIG environment variable that kubectl itself uses. Although not required, it can be useful to set this variable before running kubectl vsphere login ... so that the information is written to a new file, instead of being added to your current kubeconfig file.

Prerequisites

  • Get your vCenter Single Sign-On credentials.
  • Get the IP address of the Supervisor Cluster control plane.
  • Get the name of the Supervisor Namespace.
  • Get confirmation that you have Edit permissions on the Supervisor Namespace.
  • Download and Install the Kubernetes CLI Tools for vSphere.
  • Verify that the certificate served by the Kubernetes control plane is trusted on your system, either by having the signing CA installed as a Trust Root or by adding the certificate as a Trust Root directly.

Procedure

  1. To view the command syntax and options for logging in, run the following command.
    kubectl vsphere login --help
  2. To connect to the Supervisor Cluster, run the following command.
    kubectl vsphere login --server=<KUBERNETES-CONTROL-PLANE-IP-ADDRESS> --vsphere-username <VCENTER-SSO-USER>
    For example:
    kubectl vsphere login --server=10.92.42.13 --vsphere-username administrator@example.com
    This action creates a configuration file with the JSON Web Token (JWT) to authenticate to the Kubernetes API.
  3. To authenticate, enter the password for the user.
    After you connect to the Supervisor Cluster, you are presented with the configuration contexts can access. For example:
    You have access to the following contexts:
    tanzu-ns-1
    tkg-cluster-1
    tkg-cluster-2
    
  4. To view details of the configuration contexts which you can access to, run the following kubectl command:
    kubectl config get-contexts
    The CLI displays the details for each available context.
  5. To switch between contexts, use the following command:
    kubectl config use-context <example-context-name>

What to do next

Connect to a Tanzu Kubernetes Cluster as a vCenter Single Sign-On User.