Kubernetes zones enable cloud administrators to define policy-based placement of Kubernetes clusters and namespaces and supervisor namespaces used in Cloud Assembly deployments. An administrator can use this page to specify what clusters are available for provisioning of Kubernetes namespaces and what properties are acceptable for clusters.

Cloud administrators can associate Kubernetes zones with TKGI cloud accounts configured for Cloud Assembly or with external Kubernetes clusters that are not associated with a project.

When you create a Kubernetes zone, you can assign multiple provider-specific resources to the zone, and these resources will dictate what properties can be set for the newly provisioned clusters in terms of the number of workers, masters, available CPU, memory, and other configuration settings. For TKGI providers, these correspond to TKGI plans. An administrator can also assign multiple clusters to a Kubernetes zone that will be used for placement of newly provisioned Kubernetes namespaces. The administrator can only assign clusters that are not onboarded, or not managed by CMX, and are provisioned via the preselected cluster provider. The administrator can assign multiple Kubernetes zones to a single project, thus making them all available for placement operations that happen within this project.

A cloud administrator can assign priorities on multiple levels.

  • Kubernetes zone priority within a project.
  • Resource priority within a Kubernetes zone.
  • Cluster priority within a Kubernetes zone.

The cloud administrator can also assign tags on multiple levels:

  • Capability tags per Kubernetes zone.
  • Tags per resource assignment.
  • Tags per cluster assignment.

You can create Kubernetes zones with supervisor namespaces on vSphere in the same way that you work with generic Kubernetes namespaces. To add a supervisor namespace to a Kubernetes zone, you must associate the zone with a vSphere 7 endpoint that contains the desired Pacific namespace resources.

Service Broker contains a version of the Kubernetes Zone page to enable Service Broker administrators to access existing Kubernetes zones so they can create placement policies for Kubernetes namespaces and clusters provisioned from the catalog.

Prerequisites

Configure integration with a suitable VMware Tanzu Kubernetes Grid Integrated Edition (TKGI) deployment. See Configure VMware Tanzu Kubernetes Grid Integrated Edition Integration in Cloud Assembly

Procedure

  1. Select Infrastructure > Configure > Kubernetes Zone and click New Kubernetes Zone.
  2. Enter the TKGI integration Account name to which you want this zone to apply.
    This defines the cloud account or endpoint that is associated with the zone. You can assign only one endpoint to each zone. If you are working with Supervisor Namespace on vSphere, you can only select vSphere instances here that contain Supervisor namespaces.
  3. Add a Name and Description for the Kubernetes Zone.
  4. Add capability tags if appropriate. See Using capability tags in Cloud Assembly for more information.
  5. Click Save.
  6. Click the On-demand tab and add TKGI plans as appropriate for the zone to use for cluster provisioning.
    You can select one or more plans and assign priorities to them. Lower numbers equal higher priority. Priority assignments are secondary to tag based selection.
  7. Click the Cluster tab and then click the Add Compute button to add Kubernetes or supervisor clusters to the zone. If you are working with an external cluster, it is automatically onboarded to Cloud Assembly when you select it.
    You can add Kubernetes namespaces to the cluster on the Kubernetes Clusters page in Cloud Assembly.

Results

Kubernetes zones are configured for use with Cloud Assembly deployments.

What to do next

Assign the Kubernetes zone to a project.

  1. Select Infrastructure > Administration > Projects and then select the project that you want to associate with your Kubernetes zone.
  2. Click the Kubernetes Provisioning tab on the Project page.
  3. Click Add Kubernetes Zone and add the zone that you just created. You can multiple zones if applicable, and you also set the priority on the zones.
  4. Click Save.

The Kubernetes Provisioning tab of the Cloud Assembly Project page enables you to set limits on the type and number of namespaces users can provision to a kubernetes zone. You can also select the type of namespaces that can be provisioned to a zone, either regular namespaces or supervisor namespaces. The Kubernetes Zones table on the Kubernetes Provisioning tab contains columns that show the current limit settings. To set limits, click the applicable zone on the table to open a dialog that enables you to choose namespace and supervisor namespace limits.

Click within the Supports column on the Kubernetes Zones table to select what type of namespace can be provisioned to the zone.

After you assign a Kubernetes zone to a project, you can use the Cloud Templates page under the Cloud Assembly Design tab to provision a deployment based on the Kubernetes zone and project configuration. This Cloud Templates page includes options to add a K8S Cluster, K8S Namespace and Supervisor Namespace. Select the appropriate option for the Kubernetes resource you are working with.