VMware Tanzu Kubernetes Grid Service (TKG Service) lets you deploy Kubernetes workload clusters on the vSphere IaaS control plane. The TKG Service provides independent releases and asynchronous upgrades without workload disruptions.
Introducing the TKG Service
Starting with vSphere 8.0 Update 3, Tanzu Kubernetes Grid is installed as a Supervisor Service. This architectural change decouples TKG from vSphere IaaS control plane releases and lets you upgrade the TKG Service independent of vCenter Server and Supervisor.
TKG Service 3.0 is installed and runs on Supervisor control plane nodes. The TKG Service is delivered as a nested collection of Carvel packages. As a Core Supervisor Service, the TKG Service can be upgraded, even in internet-restricted environments, but it cannot be uninstalled or downgraded. You can monitor and manage the TKG Service from the tab. See Upgrading the TKG Service Version.
TKG Service version 3.1 will be the first independent release that you upgrade to. TKG Service registration and upgrade are separate processes.
Installing TKG Service 3.0
Installing the TKG Service is done automatically when you upgrade vSphere IaaS control plane components to their required versions. Refer to the TKG Service release notes for details.
Registering New TKG Service Versions with vCenter
| Registration Method | Description |
|---|---|
| Synchronous with vCenter Update | Wait for an update to the latest vCenter Server release to auto-register a new version of the TKG Service, then update Supervisor to populate the embedded registry with the new versions. |
| Asynchronous Public | Download a new TKG Service version definition from the public registry, then manually register it with vCenter Server. |
| Asynchronous Private | Relocate the TKG Service package from the public registry to a private registry that you host, then manually register the service with vCenter Server. |
- Download the service definition YAML file from the public registry site for Supervisor Services.
- If air-gap installation is required, relocate the package to your private registry.
- Register the new version of the TKG Service by uploading the service definition to vCenter Server.
| TKG Service Property | vCenter Bundled | Registry |
|---|---|---|
| Registration of new versions | Auto-registered | Manual registration |
| Deletion of newly registered versions | Not allowed | Allowed |
| Image location | Supervisor control plane embedded registry | Public or private registry |
Upgrading the TKG Service Version
TKG Service version upgrades are performed at the Supervisor level. Once the TKG Service is registered, you upgrade the TKG Service by deploying it as a Supervisor Service on the target Supervisor. See Upgrade the TKG Service Version.
- WARNING which is non-blocking
- ERROR which is blocking
Air-Gapped Upgrades
To upgrade the TKG Service in an internet restricted environment ("air-gapped"), you have two choices: synchronously with a vCenter update or asynchronously when a new version is available.
For synchronous air-gapped updates, you wait for a vCenter Server release then register the new TKG Service version by updating vCenter Server. See Registering New TKG Service Versions with vCenter.
For asynchronous air-gapped updates, you relocate the TKG Service package from the public registry to a private registry, then register the new TKG Service version with vCenter Server. See Upgrade TKG Service from a Private Registry.
Once the new TKG Service version is registered, the system uses its local registry to upgrade the TKG Service.
