Before you enable vSphere with Tanzu, create storage policies to be used in the Supervisor and namespaces. The policies represent datastores and manage storage placement of such components and objects as Supervisor control plane VMs, vSphere Podephemeral disks, and container images. You might also need policies for storage placement of persistent volumes and VM content libraries. If you use Tanzu Kubernetes clusters, the storage policies also dictate how the Tanzu Kubernetes cluster nodes are deployed.

Depending on your vSphere storage environment and the needs of DevOps, you can create several storage policies for different classes of storage. For example, if your vSphere storage environment has three classes of datastores, Bronze, Silver, and Gold, you can create storage policies for all datastore types.

When you enable a Supervisor and set up namespaces, you can assign different storage policies to be used by various objects, components, and workloads.
Note: Storage policies that you create for a Supervisor or for a namespace in a one-zone Supervisor do not need to be topology aware. Do not enable consumption domain for those policies.

Storage policies that you create for a namespace in a three-zone Supervisor must be topology aware and have the consumption domain enabled in Step 4b. The three-zone namespace prevents you from assigning storage policies that are not topology aware.

The following example creates the storage policy for the datastore tagged as Gold.


  • Be familiar with information about storage policies in vSphere with Tanzu, see About Storage Policies in vSphere with Tanzu Concepts and Planning.
  • If you use vSAN Data Persistence platform for persistent storage and need to create custom storage policies for vSAN Direct or vSAN SNA datastores, see Creating Custom Storage Policies for vSAN Data Persistence Platform in vSphere with Tanzu Services and Workloads.
  • If you need to create topology aware storage policies to use for persistent storage in a three-zone Supervisor, be familiar with the guidelines in Using Persistent Storage on a Three-Zone Supervisor in vSphere with Tanzu Services and Workloads.
  • Make sure that the datastore you reference in the storage policy is shared between all ESXi hosts in the cluster. Any shared datastores in your environment are supported, including VMFS, NFS, vSAN, or vVols.
  • Required privileges: VM storage policies. Update and VM storage policies. View.


  1. Add tags to the datastore.
    1. Right-click the datastore you want to tag and select Tags and Custom Attributes > Assign Tag.
    2. Click Add Tag and specify the tag's properties.
      Property Description
      Name Specify the name of the datastore tag, for example, Gold.
      Description Add the description of the tag. For example, Datastore for Kubernetes objects.
      Category Select an existing category or create a new category. For example, Storage for Kubernetes.
  2. In the vSphere Client, open the Create VM Storage Policy wizard.
    1. Click Menu > Policies and Profiles.
    2. Under Policies and Profiles, click VM Storage Policies.
    3. Click Create VM Storage Policy.
  3. Enter the policy name and description.
    Option Action
    vCenter Server Select the vCenter Server instance.
    Name Enter the name of the storage policy, for example, goldsp.
    Note: When vSphere with Tanzu converts storage policies that you assign to namespaces into Kubernetes storage classes, it changes all upper case letters into lower case and replaces spaces with dashes (-). To avoid confusion, use lower case and no spaces in the VM storage policy names.
    Description Enter the description of the storage policy.
  4. On the Policy structure page, select the following options and click Next.
    1. Under Datastore specific rules, enable tag-based placement rules.
    2. To create a topology aware policy, under Storage topology, select Enable consumption domain.
      This step is necessary only if you are creating topology aware policies to be used for persistent storage on a namespace in a three-zone Supervisor.
  5. On the Tag based placement page, create the tag rules.
    Select the options using the following example.
    Option Description
    Tag category From the drop-down menu, select the tag's category, such as Storage for Kubernetes.
    Usage option Select Use storage tagged with.
    Tags Click Browse Tags, and select the datastore tag, for example, Gold.
  6. If you enabled Storage topology, on the Consumption domain page, specify the storage topology type.
    Option Description
    Zonal Datastore is shared across all hosts in a single zone.
  7. On the Storage compatibility page, review the list of datastores that match this policy.
    In this example, only the datastore that is tagged as Gold is displayed.
  8. On the Review and finish page, review the storage policy settings and click Finish.


The new storage policy for the datastore tagged as Gold appears on the list of existing storage policies.

What to do next

After creating storage policies, a vSphere administrator can perform the following tasks:
  • Assign the storage policies to the Supervisor. The storage policies configured on the Supervisor ensure that the control plane VMs, pod ephemeral disks, and container images are placed on the datastores that the policies represent.
  • Assign the storage policies to the vSphere Namespace. Storage policies visible to the namespace determine which datastores the namespace can access and use for persistent volumes. The storage policies appear as matching Kubernetes storage classes in the namespace. They are also propagated to the Tanzu Kubernetes cluster on this namespace. DevOps engineers can use the storage classes in their persistent volume claim specifications. See Create and Configure a vSphere Namespace.