Tanzu Kubernetes Grid Architecture

The Tanzu Kubernetes Grid provides self-service life cycle management of Tanzu Kubernetes Grid clusters. You use the Tanzu Kubernetes Grid to create and manage Tanzu Kubernetes Grid clusters in a declarative manner that is familiar to Kubernetes operators and developers.

Tanzu Kubernetes Grid Components

The Tanzu Kubernetes Grid exposes three layers of controllers to manage the lifecycle of a Tanzu Kubernetes Grid cluster.

The Tanzu Kubernetes Grid provisions clusters that include the components necessary to integrate with the underlying vSphere Namespace resources. These components include a Cloud Provider Plug-in that integrates with the Supervisor. In addition, a Tanzu Kubernetes Grid cluster passes requests for persistent volumes to the Supervisor, which is integrated with VMware Cloud Native Storage (CNS). See Persistent Storage for Workloads.
The Cluster API provides declarative, Kubernetes-style APIs for cluster creation, configuration, and management. The inputs to Cluster API include a resource describing the cluster, a set of resources describing the virtual machines that make up the cluster, and a set of resources describing cluster add-ons.
The Virtual Machine Service provides a declarative, Kubernetes-style API for management of VMs and associated vSphere resources. The Virtual Machine Service introduces the concept of a virtual machine class that represents an abstract reusable hardware configuration. The functionality provided by the Virtual Machine Service is used to manage the lifecycle of the control plane and worker node VMs hosting a Tanzu Kubernetes Grid cluster.

In the diagram, the Supervisor has service and user namespaces running on top of it, the namespaces contains different types of resources. — Figure 1. Tanzu Kubernetes Grid Architecture and Components

Tanzu Kubernetes Grid Cluster Components

The components that run in a Tanzu Kubernetes Grid cluster span four areas: Authentication and authorization, storage integration, pod networking, and load balancing.

Authentication webhook: A webhook running as a pod inside the cluster to validate user authentication tokens.
Container Storage Interface Plugin: A Paravirtual CSI plug-in that integrates with CNS through the Supervisor.
Container Network Interface Plug-in: A CNI plugin that provides pod networking.
Cloud Provider Implementation: Supports creating Kubernetes load balancer services.

Tanzu Kubernetes Grid API

You use the Tanzu Kubernetes Grid API to provision and manage Tanzu Kubernetes Grid clusters. It is a declarative API that you invoke using kubectl and YAML. You can download the VMware expanded kubectl executable from theSupervisor API endpoint IP.

With a declarative API, instead of making imperative commands to the system, you specify the desired state of the Tanzu Kubernetes Grid cluster: how many nodes, available storage, VM sizes, Kubernetes software version. The Tanzu Kubernetes Grid does the work to provision a cluster that matches the desired state.

To call the Tanzu Kubernetes Grid API, you invoke kubectl using a YAML file, which in turn invokes the API. After the cluster is created, you update the YAML to update the cluster.