vSphere IaaS control plane workloads, including vSphere Pods, VMs, and Tanzu Kubernetes clusters, are deployed to a vSphere Namespace. A vSphere administrator defines the namespace on a Supervisor and configures it with resource quota and user permissions. Depending on the DevOps needs and workloads they plan to run, the vSphere administrator might also assign storage policies, VM classes, and content libraries for fetching VM images.
When initially created, the namespace has unlimited resources within the Supervisor. As a vSphere administrator, you can set limits for CPU, memory, storage, and the number of Kubernetes objects that can run within the namespace. Storage limitations are represented as storage quotas in Kubernetes. A resource pool is created in vSphere per each namespace on the Supervisor
In a Supervisor activated on vSphere Zones, a namespace resource pool is created on each vSphere cluster that is mapped to a zone. The resources utilized by the namespace on a three-zone Supervisor are taken from all three underlying vSphere clusters in equal parts. For example, if you dedicate 300 MHz of CPU, 100 MHz are taken from each vSphere cluster.
To provide access to namespaces to DevOps engineer, a vSphere administrator assigns permission to users or user groups available within an identity source that is associated with vCenter Single Sign-On or from an ODIC provider that is registered with the Supervisor. For more information, see vSphere IaaS Control Plane Identity and Access Management.
- For information about running Supervisor Services, see Managing Supervisor Services with vSphere IaaS Control Plane.
- For information about running vSphere Pods, see Deploying Workloads to vSphere Pods.
- For information about deploying VMs, see Deploying and Managing Virtual Machines in vSphere IaaS Control Plane.
