Installing Enterprise PKS on vSphere with NSX-T Data Center

Page last updated:

This topic lists the procedures to follow to install Enterprise Pivotal Container Service (Enterprise PKS) on vSphere with NSX-T Data Center.

NOTE: This topic provides you with the traditional approach for installing Enterprise PKS on vSphere with NSX-T. As an alternative, you can use the VMware Enterprise PKS Management Console to install Enterprise PKS on vSphere with NSX-T. Refer to the Using the Enterprise PKS Management Console for details.

Step 1: Prepare to Install Enterprise PKS on vSphere with NSX-T

In preparation for installing Enterprise PKS on vSphere with NSX-T, review all of the topics in the subsection Preparing to Install Enterprise PKS on vSphere with NSX-T Data Center.

Step 2: Install and Configure NSX-T Data Center for Enterprise PKS

NSX-T Data Center must be installed and configured before you install Enterprise PKS.

For instructions, see Installing and Configuring NSX-T for Enterprise PKS.

Step 3: Create the Management Plane for Enterprise PKS

Prepare the vSphere and NSX-T infrastructure for the Enterprise PKS Management Plane where the PKS API, Ops Manager, BOSH Director, and Harbor Registry VMs are deployed. This includes creating a vSphere resource pool for Enterprise PKS management components, an NSX Tier-1 (T1) Logical Switch, an NSX Tier-1 Logical Router and Port, and NAT rules (if you are using NAT mode).

For instructions, see Creating the Enterprise PKS Management Plane.

Step 4: Create the Compute Plane for Enterprise PKS

Create vSphere Resource Pools for the Availability Zones where you will deploy Kubernetes clusters. These resource pools map to the AZs you will create when you configure BOSH Director and reference when you install the Enterprise PKS tile.

Create IP blocks for the node networks and the pod networks. Typically the initial subnets for both nodes and pods will have a size of 256 (/16).

Create a Floating IP Pool from which to assign routable IP addresses to components. This network provides your load balancing address space for each Kubernetes cluster created by Enterprise PKS. The network also provides IP addresses for Kubernetes API access and Kubernetes exposed services.

For instructions, see Creating the Enterprise PKS Compute Plane.

Step 5: Deploy Ops Manager for Enterprise PKS with NSX-T

Deploy a supported version of Ops Manager on the NSX-T Management Plane network.

For instructions, see Deploying Ops Manager with NSX-T for Enterprise PKS.

Step 6: Generate the NSX-T Management Cluster Root CA Certificate and Key

Generate the CA Cert for the NSX Manager and import the certificate to NSX Manager.

For instructions, see Generating and Registering the NSX-T Management Root CA Certificate for Enterprise PKS.

Step 7: Configure BOSH Director for vSphere with NSX-T

Create BOSH availability zones (AZs) that map to the Management and Compute resource pools in vSphere, and the Management and Control plane networks in NSX-T.

For instructions, see Configuring BOSH Director with NSX-T for Enterprise PKS.

Step 8: Generate and Register the NSX-T Management Cluster Super User Principal Identity Certificate and Key

Generate the NSX Manager Super User Principal Identity Certificate and register it with the NSX Manager using the NSX API.

For instructions, see Generating and Registering the NSX Manager Superuser Principal Identity Certificate and Key.

Step 9: Install Enterprise PKS on vSphere with NSX-T

At this point your NSX-T environment is prepared for Enterprise PKS installation using the Enterprise PKS tile in Ops Manager.

For instructions, see Installing Enterprise PKS on vSphere with NSX-T.

Step 10: Install Harbor Harbor Registry for Enterprise PKS

The VMware Harbor Registry is recommended for Enterprise PKS. Install Harbor in the NSX Management Plane with other Enterprise PKS components (PKS API, Ops Manager, and BOSH).

If you are using the NAT deployment topology, create a DNAT rule that maps the private Harbor IP address to a routable IP address from the floating IP pool on the PKS management network. See Create DNAT Rule.

For instructions, see Installing VMware Harbor Registry.

Step 11: Install the PKS and Kubectl CLIs

See Installing the PKS CLI and Installing the Kubernetes CLI.

Step 12: Create Admin Users for Enterprise PKS

See Setting Up Enterprise PKS Admin Users on vSphere

Step 13: Verify the Installation of Enterprise PKS

Create a Kubernetes cluster using the PKS CLI. For instructions, see Create a Kubernetes Cluster.

Deploy a simple workload to the Kubernetes cluster. For instructions, see Deploy Workloads on vSphere with NSX-T.

Step 14: Perform Desired Post-Installation Configurations

After you have installed Enterprise PKS on vSphere with NSX-T, refer to the following subsection for topics describing additional NSX-T configuration options: Advanced Configurations for Enterprise PKS on vSphere with NSX-T Data Center

Step 15: Create Network Profiles to Customize Cluster Deployments

Network profiles let you provide customized deployment templates for Kubernetes clusters. See Defining and Using Network Profiles for details.


Please send any feedback you have to pks-feedback@pivotal.io.