The TKG provides self-service life cycle management of TKG clusters. You use the TKG to create and manage TKG clusters in a declarative manner that is familiar to Kubernetes operators and developers.

TKG Components

The TKG exposes three layers of controllers to manage the lifecycle of a TKG cluster.

  • The TKG provisions clusters that include the components necessary to integrate with the underlying vSphere Namespace resources. These components include a Cloud Provider Plug-in that integrates with the Supervisor. In addition, a TKG cluster passes requests for persistent volumes to the Supervisor, which is integrated with VMware Cloud Native Storage (CNS). See Persistent Storage for Workloads.
  • The Cluster API provides declarative, Kubernetes-style APIs for cluster creation, configuration, and management. The inputs to Cluster API include a resource describing the cluster, a set of resources describing the virtual machines that make up the cluster, and a set of resources describing cluster add-ons.
  • The Virtual Machine Service provides a declarative, Kubernetes-style API for management of VMs and associated vSphere resources. The Virtual Machine Service introduces the concept of a virtual machine class that represents an abstract reusable hardware configuration. The functionality provided by the Virtual Machine Service is used to manage the lifecycle of the control plane and worker node VMs hosting a TKG cluster.
Figure 1. TKG Architecture and Components
In the diagram, the Supervisor has service and user namespaces running on top of it, the namespaces contains different types of resources.

TKG Cluster Components

The components that run in a TKG cluster span four areas: Authentication and authorization, storage integration, pod networking, and load balancing.

  • Authentication webhook: A webhook running as a pod inside the cluster to validate user authentication tokens.
  • Container Storage Interface Plugin: A Paravirtual CSI plug-in that integrates with CNS through the Supervisor.
  • Container Network Interface Plug-in: A CNI plugin that provides pod networking.
  • Cloud Provider Implementation: Supports creating Kubernetes load balancer services.

TKG API

You use the TKG API to provision and manage TKG clusters. It is a declarative API that you invoke using kubectl and YAML. You can download the VMware expanded kubectl executable from theSupervisor API endpoint IP.

With a declarative API, instead of making imperative commands to the system, you specify the desired state of the TKG cluster: how many nodes, available storage, VM sizes, Kubernetes software version. The TKG does the work to provision a cluster that matches the desired state.

To call the TKG API, you invoke kubectl using a YAML file, which in turn invokes the API. After the cluster is created, you update the YAML to update the cluster.