Cloud administrators can add, view, and manage the configuration of deployed Kubernetes clusters and namespaces, both generic and Pacific-based, in Cloud Assembly.

Users with cloud administrator privileges can view, add, and manage Kubernetes clusters and namespaces to which you are entitled access on the Infrastructure > Resources > Kubernetes page. This page contains tabs for Clusters, Namespaces, Supervisor Clusters and Supervisor Namespaces. You can select one of these tabs to view and manage the analogous resources. Most typically, this page facilitates management of deployed clusters and namespaces.

  • Cluster: A cluster is a group of Kubernetes nodes distributed across one or more physical machines. This page shows provisioned and undeployed clusters that have been configured for use on your Cloud Assembly instance. You can click on a cluster to view information about its current status. When you deploy a cluster, it includes a link to a Kubconfig file that is accessible only for cloud administrators. This file grants full admin privileges over the cluster including a list of namespaces.

    Supervisor clusters are unique to vSphere instances and use ESXI as their worker nodes instead of Linux.

  • Namespaces: Namespaces are virtual clusters that provide administrators with a way to group or separate cluster resources. They facilitate management of resources among large groups of users and organizations. As a form of role-based access control, a cloud administrator can allow users to add namespaces to a project when they request a deployment and then later manage those namespaces from the Kubernetes Clusters page. When you deploy a namespace, it includes a link to a kubeconfig file that allows valid users, such as developers, to view and manage some aspects of that namespace.

    Supervisor clusters and supervisor namespaces exist only on vSphere instances and provide Kubernetes-like access to vSphere objects.

A cloud administrator can change the project associated with a Kubernetes namespace or cluster on this page so that the administrator can provision Kubernetes resources from cloud templates and Service Broker and then assign them to specific projects for consumption. The administrator can change the scope of a cluster to make it global or project specific. Global clusters appear Clusters tab for all Kubernetes zones and are available for selection and provisioning. If a cluster is global, it can be added to a Kubernetes zone and then used to provision namespaces from the catalog.

If you are configuring new or existing cluster, you must select whether to connect with a primary IP address or a primary hostname.

Working with generic Kubernetes Clusters in Cloud Assembly

You can add new, existing, or external clusters to Cloud Assembly using the options on this page.

  1. Select Infrastructure > Resources > Kubernetes and confirm that the Clusters tab is active.

    If there are any clusters currently configured for your Cloud Assembly instance, they appear on this page.

  2. If you are adding a new or existing cluster, or deploying a cluster, select the appropriate option according to the following table.
    Option Description Details
    Deploy Add new clusters to Cloud Assembly You must specify the TKGI cloud account that to which this cluster will be deployed as well as the desired plan and the number of nodes.
    Add Existing Configure an existing cluster to work with your project. You must specify the TKGI cloud account, the cluster to use, and the appropriate project for the targeted developer. Also, you need to specify the sharing scope. If you want to share globally, you must configure your Kubernetes zones and namespaces appropriately.
    Add External Add a vanilla Kubernetes cluster, that might not be associated with TKGI, to Cloud Assembly. You must designate a project to which the cluster is associated, enter the IP address for the desired cluster and select a cloud proxy and certificate information required to connect to this cluster.
  3. Click Add to make the cluster available within Cloud Assembly.

Working with Kubernetes Namespaces in Cloud Assembly

If you are a cloud administrator, namespaces help you group and manage Kubernetes cluster resources. If you are a user, namespaces are the area in Kubernetes clusters for your deployments. Administrators and users can access namespaces using the Namespaces tab located on the Infrastructure > Resources > Kubernetes page.

There are several ways to add Kubernetes namespaces to resources in Cloud Assembly. The following procedure outlines one typical method.
  1. Select Infrastructure > Resources > Kubernetes and click the Namespaces tab.
  2. To add a new namespace, click New Namespace. To add an existing namespace click Add Namespace.
  3. Enter a Name and Description for the namespace.

    At this point you have added a namespace for use with Kubernetes resources, but it is not associated with anything in particular.

  4. Specify the Cluster that you want to associate with this namespace.
  5. Click Create to add the namespace to Cloud Assembly.

You can add custom properties on Kubernetes namespaces to support extensibility in several different ways. You add custom properties when you provision a namespace by creating a Cloud Assembly cloud template. When you specify a Kubernetes namespace in a cloud template you can add properties to the namespace. First, you can right click on the properties in the template to access the default properties that are part of the cloud template schema. As a second option, you can add user-defined properties in the properties section of the namespace in the cloud template.

After deployment, these custom properties appear on the Deployments page in Cloud Assembly for the applicable deployment.

Finally, you can also add custom properties to a namespace using actions configured on the Extensibility > Actions page in Cloud Assembly.

Working with Supervisor clusters and Supervisor namespaces

Cloud administrators can view and change the configuration of supervisor clusters and namespaces on the Kubernetes page in Cloud Assembly.

  1. Select Infrastructure > Resources > Kubernetes in Cloud Assembly.
  2. Select Add Supervisor Cluster.
  3. Specify the Account details for the target vSphere cloud account.
  4. Click the Search icon in the Supervisor cluster text box to either view all supervisor clusters or search for a cluster by name.
  5. Select the desired cluster and click Add.
  6. Select the Supervisor Namespaces tab and click the New Supervisor Namespace button to add a new namespace.
  7. Select the Supervisor Namespaces tab and click the New Supervisor Namespace button to add a new namespace.
    1. If you are creating a new namespace, add a Name and Description.
    2. Select the appropriate cloud Account to associate with the namespace.
    3. Select the Supervisor cluster to associate with this namespace.
    4. Select the Project to associate with the namespace.
    5. Use the Available storage policies selection to add storage policies for use with the namespace.

      You can add all available storage policies or select specific policies for use with the supervisor namespace. Also, you can optionally set a limit on the storage size available with each available storage policy.

    6. Click Create.
  8. Review the relevant details for the new namespace. You can change the storage policy configuration if needed.
    Users and groups that currently have access to the namespace in vSphere are listed on the Users tab. If new users or groups are added to the project, click the Update Users button on this tab to update the list. The list is not updated automatically, so you must use the button to update.
    Note: Synchronization of users makes sense only if Cloud Assembly and vCenter are configured with a common Active Directory/LDAP service.

After a cluster or namespace is configured, the Infrastructure > Resources > Kubernetes page in Cloud Assembly displays the clusters and namespaces available to the user. You can click an individual namespace or cluster to open a page that contains a number of tabs that show statistics and other information for the resource, and allows you to configure various options.

The Summary tab for clusters on the Kubernetes page allows administrators to view and, in some cases, update configuration of a cluster including changing the scope. The Sharing radio buttons allow you to select either Global (shareable within the Kubernetes Zone) or Project (access limited to a single project). If you select Project, you must also specify the applicable project in the following Project selection.
Note: Changing the sharing configuration can affect the namespaces that are available on the cluster.

Users can click the Address link on the Summary tab to open the vSphere Kubernetes CLI Tools to manage the namespace. Users must be a cloud administrator or a member of the namespace for the designated project to access a link to the Supervisor namespace details. Also users can download a customized Kubectl to use the Supervisor namespace. Users can log in to the supervisor namespace and use it as they would any other namespace, and then create cloud templates and deploy applications.