VMware Tanzu Community Edition is a full-featured, easy to manage Kubernetes platform that is a freely available, community supported, open source distribution of VMware Tanzu.
The project enables the creation of application platforms through the use of Cluster API to provide declarative deployment and management of Kubernetes clusters.
This post covers a few tips and concepts for using and building with Tanzu Community Edition.
#1. Cluster Types
There are three primary types of clusters:
- Management Clusters, a “permanent” cluster that is your interface for deploying managed Workload Clusters, use to perform lifecycle operations on managed clusters
- Workload Clusters, a managed cluster, deployed via the Management Cluster, used to run workloads for services/apps, there can be multiple Workload Clusters under a single Management Cluster
- Standalone Clusters, deployed via a temporary Management Cluster that is automatically deleted after provisioning, reduces overall system requirements and a “faster time to cluster”.
Read more: https://tanzucommunityedition.io/docs/latest/architecture/
#2. Management Cluster Creation
There are two ways to deploy a Management Cluster:
- Through the Tanzu Community Edition UI, which you can start by running:
tanzu management-cluster create --ui
- Directly through the Tanzu CLU, by running;
tanzu management-cluster create --file FILE_PATH
- Add the verbosity flags to get more output;
-v
/--verbose
- You can create clusters in specific namespaces to keep them organised
#3. Delete Management Clusters
To delete a Management Cluster:
- If it’s still up and accessible:
tanzu management-cluster delete MGMT_CLUSTER_NAME
- If it’s stuck and won’t delete, try adding the
–force
flag - If it’s been manually deleted or inaccessible:
tanzu config server delete MGMT_CLUSTER_NAME
- Add the
--yes
flag to avoid confirmation prompts
#4. Delete Workload Clusters
To delete Workload Clusters:
- Delete them all;
tanzu cluster delete
- Delete a specific cluster:
tanzu cluster delete WORKLOAD_CLUSTER_NAME
- Add the
--yes
flag to avoid confirmation prompts
#5. Clusters on vSphere
If you are about to deploy your TCE clusters on vSphere, there are a few things to check:
- The target network for the Nodes (Management and Workload) has DHCP enabled
- A set of static IP addresses in the same subnet as DHCP but not in the DHCP range – the static IP’s are used by Kube-Vip for the API server endpoint
- All Nodes can reach vCenter (FQDN/IP) or port 443
- Traffic is allowed between the bootstrap machine and all Nodes on port 6433
- Add DHCP reservations for deployed Nodes after they have been created
#6. Tanzu Packages
Use tanzu package
to discover, configure and manage bundled software, known as packages, within clusters. Packages utilise a Package Repository that is installed into a cluster, this then allows the packages for installation. Some example packages include:
- cert-manager https://cert-manager.io/docs/
- Velero https://twitter.com/projectvelero
- Harbor https://twitter.com/project_harbor
- Contour https://twitter.com/projectcontour
- ExternalDNS https://github.com/kubernetes-sigs/external-dns
Read more: https://tanzucommunityedition.io/docs/latest/package-management/
#7. Scale Clusters
Management and Workload Clusters can both be scaled through the Tanzu CLI, with flags for scaling control plan and worker machine counts.
tanzu cluster scale WORKLOAD_CLUSTER_NAME --controlplane-machine-count 5 --worker-machine-count 10 --namespace NAMESPACE
tanzu cluster scale MGMT_CLUSTER_NAME --controlplane-machine-count 5 --worker-machine-count 10 --namespace NAMESPACE
- Clusters can be vertically scaled by modifying
MachineTemplates
: https://cluster-api.sigs.k8s.io/tasks/updating-machine-templates.html
#8. Cluster API
Tanzu Community Edition uses Cluster API for the lifecycle management of Kubernetes clusters. A few definitions to be aware of:
- Machine, an infrastructure component, such as a VM, hosting a Kubernetes Node.
- MachineDeployment, behaves similarly to a Kubernetes Deployment, provides declarative updates to Machines and MachineSets.
- MachineSet, like Kubernetes ReplicaSets, these form part of a MachineDeployment and ensure a stable set of Machines are running and in desired state.
- MachineHealthCheck, monitors the status of Nodes, if deemed unhealthy, and if part of a MachineSet, the unhealthy Machine is deleted and a new one is created to replace it
#9. Cluster Bootstrapping on Windows
When deploying a Management Cluster on Windows you might get an x509 certificate error: x509: certificate signed by unknown authority
. \
You can work around this by updating the Tanzu config file found at %USERPROFILE%.config\tanzu\tkg\config.yaml
Read more: https://tanzucommunityedition.io/docs/latest/faq-cluster-bootstrapping/