Requirements for Tanzu Deployment on vSphere: –
- vCenter min version – v7.0U1
- Officially recommend 3 ESXi hosts
- HA and DRS enabled
- Three networks (VDS or NSX-T)
- Ha proxy or AVi Load Balancer
- Storage
- Tanzu License (You can try with 60 Days Evaluation License )
My Tanzu Deployment Environment: –
- vSphere – 8.0
- Single ESXi Host – ESXi 8.0
- HA and DRA enabled
- VDS Network – Three Ports Configured – HAProxy-LB-92, TKG-Frontend-93, TKG-WKLD-91
- HA Proxy
Networks CIDRs: –
| VDS Port Name | CIDR |
| HAProxy-LB-92 | 172.92.0.0/24 |
| TKG-WKLD-91 | 172.91.0.0/24 |
| TKG-Frontend-93 | 172.93.0.0/24 |
IP Configuration: –
| IP | Use | Comment |
| 172.92.0.5 | HA Proxy VM IP | |
| 172.92.0.20 – 172.92.0.25 | Supervisor VM’s IP | 3-node Supervisor cluster deployed as part of workload management cluster deployment. |
| 172.93.0.150-172.92.0.180 | VIP | Each Tanzu cluster needs One VIP. Using VIP only, we can access Cluster. |
| 172.91.0.20-172.91.0.100 | Workload | For Deploying Workload Kubernetes clusters |
| 192.168.5.150 | DNS | DNS name – kdinesh.in |
| 0.in.pool.ntp.org | NTP |
Deployment Steps: –
- Configure Storage policy and Tags
- Configure Tanzu Content Library
- Downloading Ha proxy Ova and deploying Ha proxy OAV
- Enabling Tanzu Workload Management
- Creating Namespace and deploying Tanzu workload Kubernetes cluster
- Configure Storage Policy and Tags
Login to vSphere > Tags & Custom Attributes
Categories > new
Category Name and Select all objects > Create
Tags > new
Tag name > Select Category > Create
Select datastores (Which datastore want to use for tkg deployments)> Right Click on datastore > Tags & Custom Attributes
Select the newly created tag > Assign
Check tag is assigned to the datastore or not
Select the policy and profiles option
Select VM Storage and Policies > Create
Enter Policy Name > Next
Select Enable Tag Based Placement rules option > Next
Browse previously created tag > Next
Check tagged Datastore is showing in the compatible list or not > next
Finish
- Configure Tanzu Content Library
Select the Content Libraries option
Create
Enter Name > Next
Select Subscribed content library – URL – https://wp-content.vmware.com/v2/latest/lib.json >
Choose the immediately option (automatically, it will download all Tanzu templates) > Next.
Yes
Next
Select datastore (where you want to store Tanzu templates/ova – approx. size – 125+ GB) > Next.
Finish
Downloading Tanzu OVA/templates take a few minutes, based on your internet speed.
You can check the status – Total of 31 Tanzu templates,125.27Gb.
- Downloading Ha proxy Ova and Deploying HA Proxy LB
You can download Ha proxy OAV from – https://github.com/haproxytech/vmware-haproxy#download
After downloading Deploy Ha proxy OVA on vSphere
Right-click on host or cluster > Deploy OVF Template
Upload Local file > select Downloaded Ha proxy Ova File > Next
Enter Virtual machine name > Select Location >Next
Select Compute Resource > Next
Next
Accept License > Next
Select Frontend Network > Next
Select datastore (Where you want to deploy VM) > next
Select management, Workload, and Frontend Network > Next
Enter Required details (Host name, Mgmt Ip, gateway, Workload IP, Gateway, Frontend IP, VIP.etc.) > Next
Finish
Power on Ha proxy VM
After power on > Login to Ha proxy and copy ca.crt
Cmd – cat /etc/haproxy/ca.crt
- Tanzu Workload Management Deployment
Select Workload Management Option > get started
Select vCenter > select vDS > Next
Select cluster Deployment >Enter Supervisor name > Select cluster > next
Select Previously created Storage policy > Next
Enter required details (lb name, IP, username and password (during ha proxy deployment configured), VIP Range, paste previously copied ha proxy certificate on tls certificate section > next
Select network based on network type (In my case, it’s static)>Specify stating IP (Usually it will use 4 IPs for supervisor nodes) ..etc. details > next
Select Workload Network > enter IP pool…. etc. > Next
Select previously created Tanzu content library > Next
Select Control plane size based on your requirement > Finish
Cluster Provision will take a few minutes. Once Cluster is up, you can check the status
You can check on the vSphere three-node supervisor cluster created
- Creating Namespace and deploying workload Kubernetes cluster
Select Namespaces > Create Namespace (Once Supervisor cluster deployment is completed, you need to create a namespace, in namespaces, you can deploy multiple workload clusters based on your requirements) > Enter Cluster name > Select workload network > Create
Once the namespace is configured > you need to configure permissions, storage, VM classes, and content library to the namespace.> Select ADD permission
Select Identity source, Group/user, Role (Owner, can edit or Can view)> Ok
Next, Select Storage policy (Previous steps created policy, select policy) > Ok
Select ADD VM Class > select based on your requirements VM classes (For deploying the workload cluster, you can choose these VM classes > Ok
Next, Add content lib > Select previously created lib > OK
Check whether all are configured or not
Open Browser and Enter Supervisor Cluster VIP > Based on your OS, you can download CLI Plugin (for access the deployed cluster and deploying new workload clusters)
Downloaded and extracted CLI plugin on windows > you can see two files, kubectl and kubectl-vSphere files > Open CMD and go to the path
Connect to vSphere Cluster
CMD – kubectl vsphere login –server=” Supervisor cluster VIP” –insecure-skip-tls-verify –vsphere-username “vsphere username “
You switch back to the previously configured cluster
CMD – Kubectl config use-context clustername
Created Workload deployment yaml file with workload specifications (one master, one worker node with small class)– wkld1.yaml (based on your requirement, you can create)
Run wkld1.yaml file (kubectl apply -f filename). It will provision workload cluster based on the file.
You can check recent tasks on vsphere, Workload deployment stated. It will take a few minutes to provision the cluster.
Once deployment is completed you can check the status of running or fail
You can also check through CLI
You can also check in vSphere two Node workload cluster configured (because I specified in yaml file, 2 nodes cluster)
Similarly, way you can deploy multiple clusters based on requirements and once the cluster Is ready you can deploy pods on workload clusters.