Installing Enterprise PKS on vSphere with NSX-T Data Center
This topic lists the procedures to follow to install Enterprise Pivotal Container Service (Enterprise PKS) on vSphere with NSX-T Data Center.
NOTE: This topic provides you with the traditional approach for installing Enterprise PKS on vSphere with NSX-T. As an alternative, you can use the VMware Enterprise PKS Management Console to install Enterprise PKS on vSphere with NSX-T. Refer to the Using the Enterprise PKS Management Console for details.
In preparation for installing Enterprise PKS on vSphere with NSX-T, review all of the topics in the subsection Preparing to Install Enterprise PKS on vSphere with NSX-T Data Center.
NSX-T Data Center must be installed and configured before you install Enterprise PKS.
For instructions, see Installing and Configuring NSX-T for Enterprise PKS.
Prepare the vSphere and NSX-T infrastructure for the Enterprise PKS Management Plane where the PKS API, Ops Manager, BOSH Director, and Harbor Registry VMs are deployed. This includes creating a vSphere resource pool for Enterprise PKS management components, an NSX Tier-1 (T1) Logical Switch, an NSX Tier-1 Logical Router and Port, and NAT rules (if you are using NAT mode).
For instructions, see Creating the Enterprise PKS Management Plane.
Create vSphere Resource Pools for the Availability Zones where you will deploy Kubernetes clusters. These resource pools map to the AZs you will create when you configure BOSH Director and reference when you install the Enterprise PKS tile.
Create a Floating IP Pool from which to assign routable IP addresses to components. This network provides your load balancing address space for each Kubernetes cluster created by Enterprise PKS. The network also provides IP addresses for Kubernetes API access and Kubernetes exposed services.
For instructions, see Creating the Enterprise PKS Compute Plane.
Deploy a supported version of Ops Manager on the NSX-T Management Plane network.
For instructions, see Deploying Ops Manager with NSX-T for Enterprise PKS.
Generate the CA Cert for the NSX Manager and import the certificate to NSX Manager.
For instructions, see Generating and Registering the NSX-T Management Root CA Certificate for Enterprise PKS.
Create BOSH availability zones (AZs) that map to the Management and Compute resource pools in vSphere, and the Management and Control plane networks in NSX-T.
For instructions, see Configuring BOSH Director with NSX-T for Enterprise PKS.
Step 8: Generate and Register the NSX-T Management Cluster Super User Principal Identity Certificate and Key
Generate the NSX Manager Super User Principal Identity Certificate and register it with the NSX Manager using the NSX API.
For instructions, see Generating and Registering the NSX Manager Superuser Principal Identity Certificate and Key.
At this point your NSX-T environment is prepared for Enterprise PKS installation using the Enterprise PKS tile in Ops Manager.
For instructions, see Installing Enterprise PKS on vSphere with NSX-T.
The VMware Harbor Registry is recommended for Enterprise PKS. Install Harbor in the NSX Management Plane with other Enterprise PKS components (PKS API, Ops Manager, and BOSH).
If you are using the NAT deployment topology, create a DNAT rule that maps the private Harbor IP address to a routable IP address from the floating IP pool on the PKS management network. See Create DNAT Rule.
For instructions, see Installing VMware Harbor Registry.
Create a Kubernetes cluster using the PKS CLI. For instructions, see Create a Kubernetes Cluster.
Deploy a simple workload to the Kubernetes cluster. For instructions, see Deploy Workloads on vSphere with NSX-T.
After you have installed Enterprise PKS on vSphere with NSX-T, refer to the following subsection for topics describing additional NSX-T configuration options: Advanced Configurations for Enterprise PKS on vSphere with NSX-T Data Center
Network profiles let you provide customized deployment templates for Kubernetes clusters. See Defining and Using Network Profiles for details.
Please send any feedback you have to firstname.lastname@example.org.