vSphere with Tanzu – new TKG 2.0 ClusterClass Preview

One of the key features of the TKG 2.0 on vSphere 8 announcement at VMware Explore 2022 is the consolidation of our the Tanzu Kubernetes offerings into a single unified Kubernetes runtime. This can be considered the second edition of VMware Tanzu Kubernetes Grid. It will still come in two flavors.  One flavor is as a VM-based standalone management cluster whilst the other flavor will be Supervisor-based, integrated into vSphere with Tanzu. However, the important point is that both flavors now have the same APIs for cluster provisioning, same tooling for extension management, and the same model for release distribution.…

vSphere with Tanzu – TKG SSH and Harbor Registry access [Videos]

I created a couple of new videos to compliment some of my recent posts. The first shows how to get SSH access to a TKG cluster that resides on an NSX-T network segment. The second demonstrates how to enable a TKG cluster to authenticate against the embedded Harbor Image Registry project that is created for the vSphere Namespace within which the TKG cluster has been provisioned. Hope you find them useful. Please note that the embedded Harbor Image Registry is only available on vSphere with Tanzu and NSX-T. vSphere with Tanzu with NSX-T networking is available for both on-premises deployments…

How to access embedded shared image registry from TKG cluster

vSphere with Tanzu ships with an embedded Harbor Image Registry to store container images. However, by default, TKG clusters deployed in a vSphere Namespace cannot access the registry. In this post, I will demonstrate how to allow a TKG guest / workload cluster to access the Harbor Image Registry. To do that, the image registry secret is retrieved at the vSphere Namespace level, and a new secret matching the Harbor Image Registry secret is created in the TKG cluster. Once created, this TKG level secret can be used to authenticate and pull container images for pods in the TKG cluster.…

How to get SSH access to TKG nodes on vSphere with Tanzu and NSX-T

I have been spending a lot of time recently on vSphere with Tanzu and NSX-T. One of the tasks that I want to do is perform a network trace from a pod running on a TKG worker node. This will be for a future post. However, before running the trace, I need to secure shell (ssh) onto a TKG worker node in order to run the traceroute. This is more challenging with NSX-T compared to using vSphere networking. The reason why is because NSX-T provides “internal” network segments for the nodes which sit behind a tier-1 and tier-0 gateway. To…

Prometheus & Grafana Monitoring Stack on TKGS workload cluster in vSphere with Tanzu

In this post, we are going to build on the work already done when we deployed Carvel packages on a Tanzu Kubernetes workload cluster created by the TKG Service in vSphere with Tanzu. We saw in that post what the requirements are, how to use the tanzu command line to set context to a workload cluster, add the TKG v1.4 package repository. We also saw how to use the tanzu CLI to deploy our first package, which was cert manager. We will now continue with the deployment of a number of other packages, such as Contour (for Ingress), External-DNS (to…

Deploying Carvel packages on TKGS workload clusters in vSphere with Tanzu

I’ve posted a number of articles on this site which detail how to deploy TKG v1.4 Carvel packages on the multi-cloud version of TKG, often referred to as TKGm. But did you know that these packages can also be deployed to clusters provisioned by the TKG Service (TKGS) on vSphere with Tanzu? In this post, I will run through the steps on how to achieve this. You can find the official documentation here, which will be referred to from time to time during this post, especially for some of the manifests. It should also be noted that some of the…

TKG v1.4.1 – Some new features

This week, I have been looking at the new features in TKG v1.4.1 for vSphere which dropped very recently. You can find the TKG v1.4.1 Release Notes here. Probably the most notable feature is that TKG v1.4.1 is now supported in Tanzu Mission Control, so you can now add this to your suite of Kubernetes clusters that are centrally managed from TMC. Note that a few things have changed around how to register a TKG management cluster with TMC which I will cover shortly. The other item that caught my attention was the fact that the Identity Management components that…