Install Tanzu Kubernetes Grid Integrated Edition on vSphere with NSX-T Using Ops Manager

Note: As of v1.8, Enterprise PKS has been renamed to VMware Tanzu Kubernetes Grid Integrated Edition. Some screenshots in this documentation do not yet reflect the change.

Page last updated:

This topic lists the procedures to follow to install Tanzu Kubernetes Grid Integrated Edition on vSphere with NSX-T networking manually, using Ops Manager.

Note: The recommended method for installing Tanzu Kubernetes Grid Integrated Edition on vSphere with NSX-T is to use the Tanzu Kubernetes Grid Integrated Edition Management Console. For information, see Install on vSphere with the Management Console.

Step 1: Prepare to Install Tanzu Kubernetes Grid Integrated Edition on vSphere with NSX-T

In preparation for installing Tanzu Kubernetes Grid Integrated Edition on vSphere with NSX-T Data Center, review all of the topics in the subsection Preparing to Install Tanzu Kubernetes Grid Integrated Edition on vSphere with NSX-T Data Center.

Step 2: Install and Configure NSX-T Data Center for Tanzu Kubernetes Grid Integrated Edition

NSX-T Data Center must be installed and configured before you install Tanzu Kubernetes Grid Integrated Edition.

For instructions, see one of the following:

Step 3: Create the Management Plane for Tanzu Kubernetes Grid Integrated Edition

Prepare the vSphere and NSX-T infrastructure for the Tanzu Kubernetes Grid Integrated Edition Management Plane where Ops Manager, BOSH Director, Tanzu Kubernetes Grid Integrated Edition components, and Harbor Registry are deployed. This includes creating a vSphere resource pool for Tanzu Kubernetes Grid Integrated Edition management components, an NSX Tier-1 (T1) Logical Switch, an NSX Tier-1 Logical Router and Port, and NAT rules (if you are using NAT mode).

For instructions, see Create Management Plane in Installing and Configuring NSX-T Data Center v3.0 for TKGI.

Step 4: Create the Compute Plane for Tanzu Kubernetes Grid Integrated Edition

Create vSphere Resource Pools for the Availability Zones where you will deploy Kubernetes clusters. These resource pools map to the AZs you will create when you configure BOSH Director and reference when you install the Tanzu Kubernetes Grid Integrated Edition tile.

Create IP blocks for the node networks and the pod networks. Typically the initial subnets for both nodes and pods will have a size of 256 (/16).

Create a Floating IP Pool from which to assign routable IP addresses to components. This network provides your load balancing address space for each Kubernetes cluster created by Tanzu Kubernetes Grid Integrated Edition. The network also provides IP addresses for Kubernetes API access and Kubernetes exposed services.

For instructions, see Create IP Blocks and Pool for Compute Plane in Installing and Configuring NSX-T Data Center v3.0 for TKGI.

Step 5: Deploy Ops Manager for Tanzu Kubernetes Grid Integrated Edition with NSX-T

Deploy a supported version of Ops Manager on the NSX-T Management Plane network.

For instructions, see Deploying Ops Manager with NSX-T for Tanzu Kubernetes Grid Integrated Edition.

Step 6: Generate the NSX-T Management Cluster Root CA Certificate and Key

Generate the CA Cert for the NSX Manager and import the certificate to NSX Manager.

For instructions, see Generate and Register the NSX-T Management SSL Certificate and Private Key.

Step 7: Configure BOSH Director for vSphere with NSX-T

Create BOSH availability zones (AZs) that map to the Management and Compute resource pools in vSphere, and the Management and Control plane networks in NSX-T.

For instructions, see Configuring BOSH Director with NSX-T for Tanzu Kubernetes Grid Integrated Edition.

Step 8: Generate and Register the NSX-T Management Cluster Super User Principal Identity Certificate and Key

Generate the NSX Manager Super User Principal Identity Certificate and register it with the NSX Manager using the NSX API.

For instructions, see Generating and Registering the NSX Manager Superuser Principal Identity Certificate and Key.

Step 9: Install Tanzu Kubernetes Grid Integrated Edition on vSphere with NSX-T

At this point your NSX-T environment is prepared for Tanzu Kubernetes Grid Integrated Edition installation using the Tanzu Kubernetes Grid Integrated Edition tile in Ops Manager.

For instructions, see Installing Tanzu Kubernetes Grid Integrated Edition on vSphere with NSX-T.

Step 10: Install Harbor Harbor Registry for Tanzu Kubernetes Grid Integrated Edition

The VMware Harbor Registry is recommended for Tanzu Kubernetes Grid Integrated Edition. Install Harbor in the NSX Management Plane with other Tanzu Kubernetes Grid Integrated Edition components, such as the TKGI API and TKGI database, Ops Manager, and BOSH.

If you are using the NAT deployment topology, create a DNAT rule that maps the private Harbor IP address to a routable IP address from the floating IP pool on the TKGI management network. See Create DNAT Rule.

For instructions, see Installing VMware Harbor Registry.

Step 11: Install the TKGI and Kubectl CLIs

See Installing the TKGI CLI and Installing the Kubernetes CLI.

Step 12: Create Admin Users for Tanzu Kubernetes Grid Integrated Edition

See Setting Up Tanzu Kubernetes Grid Integrated Edition Admin Users on vSphere

Step 13: Verify the Installation of Tanzu Kubernetes Grid Integrated Edition

Create a Kubernetes cluster using the TKGI CLI. For instructions, see Create a Kubernetes Cluster.

Deploy a simple workload to the Kubernetes cluster. For instructions, see Deploy Workloads on vSphere with NSX-T.

Step 14: Perform Desired Post-Installation Configurations

After you have installed Tanzu Kubernetes Grid Integrated Edition on vSphere with NSX-T, refer to the following subsection for topics describing additional NSX-T configuration options: Advanced Configurations for Tanzu Kubernetes Grid Integrated Edition on vSphere with NSX-T Data Center

Step 15: Create Network Profiles to Customize Cluster Deployments

Network profiles let you provide customized deployment templates for Kubernetes clusters. See Network Profiles (NSX-T Only) for details.


Please send any feedback you have to pks-feedback@pivotal.io.