VMware Tanzu Header

Deploying Tanzu Kubernetes Grid Management Cluster to Microsoft Azure

In this blog post, we will detail a full technical run through on how to deploy Tanzu Kubernetes Grid (TKG) into Microsoft Azure,

This will be using the new Tanzu CLI (version 1.3) (Previously TKG CLI) released in March 2021, to deploy  both a new Management Cluster and Guest Cluster.

Tanzu Kubernetes Grid Cluster Types

TKG has two types of clusters, for the full information of TKG Concepts, please read this post.

  • Management Cluster

This is the first architectural components to be deployed for creating a TKG instance. The management cluster is a dedicated cluster for management and operation of your whole TKG instance infrastructure. A management cluster will have Antrea networking enabled by default. This runs cluster API to create the additional clusters for your workloads to run, as well as the shared and in-cluster services for all clusters within the instance to use.

It is not recommended that the management cluster be used as a general-purpose compute environment for your application workloads.

  • Tanzu Kubernetes (Guest) Clusters

Once you have deployed your management cluster, you can deploy additional CNCF conformant Kubernetes clusters and manage their full lifecycle. These clusters are designed to run your application workloads, managed via your management cluster. These clusters can run different Kubernetes versions as required. These clusters use Antrea networking by default.

These clusters are referred to as Workload Clusters when working with the Tanzu CLI.

I sometimes use the term “Guest” for these clusters, as a cross-over with the vSphere with Tanzu architecture, which has similar concepts as above however uses the terms “Supervisor Cluster” and “Guest Cluster”.

Pre-Requisites

For this blog post, I’ll be deploying everything from my local Mac OS X machine. You will need the following:

  • Docker installed with Kubernetes enabled
    • For Windows and macOS Docker clients, you must allocate at least 6 GB of memory in Docker Desktop to accommodate the kind container. See Settings for Docker Desktop in the kind documentation.
  • Install the Tanzu CLI and the Kubectl tool > Instructions here.
    • If you have used the TKG CLI before, then this is now deprecated.
    • You can find a full command line reference for Tanzu CLI and a comparison of the TKG CLI commands in this documentation link.
  • Install the Azure CLI.
  •  Register a Tanzu Kubernetes Grid App on Azure
    • The full details in the VMware docs for deploying TKG to Azure can be found here.
Login to the Azure CLI and accept the VM EULA

Before we get started, we need to log into the Azure CLI and accept the EULA for the images used for TKG in Azure. These images are updated with each release of the Tanzu CLI (TKG CLI).

az login

az vm image terms accept --publisher vmware-inc --offer tkg-capi --plan k8s-1dot20dot4-ubuntu-2004 --subscription {subscription_id}
az loginaz vm image terms accept --publisher vmware-inc --offer tkg-capi --plan k8s-1dot20dot4-ubuntu-2004 --subscription
Deploying a Management Cluster using the UI

From your terminal, run the following command:

tanzu management-cluster create --ui

tanzu management-cluster create --ui

This command will then launch your browser to a locally hosted web page.

  • Click on the button to deploy to Microsoft Azure

TKG UI - Deploy a management cluster on Microsoft Azure

  • Input your:
    • Tenant ID
    • Client ID
    • Client Secret
    • Subscription ID

Click the Connect button.

  • Select your region
  • Input your SSH Key, this allows you to SSH directly to the nodes, useful for troubleshooting
  • Select if you want to deploy to an existing or new resource group
  • Click next

Deploy Management cluster to Azure IaaS Provider

  • Fill out your VNET details as needed, either creating a new one or using an existing VNET.
  • Click next.

Deploy Management cluster to Azure - Azure VNET Setting

  • Select your control plane type:
    • Development – Single node deployed
    • Production – Three nodes deployed
  • Select your Instance size for the control plane nodes
  • Select a management cluster name (optional)
  • Select your Worker node (compute node) instance size
  • Select if you want machine health checks or not

Deploy Management cluster to Azure - Management Cluster Settings

  • Set your labels for the cluster as needed.

Deploy Management cluster to Azure Metadata

  • Configure your internal Kubernetes network subnets

Antrea is the only supported CNI for the management clusters in Azure.

  • Setup Proxy settings as needed.

Deploy Management cluster to Azure Kubernetes network

  • (Optional) Set identity management as needed, in this blog, I’ll ignore that configuration for this lab environment.

Deploy Management cluster to Azure Identity Management

  • (optional) Input your TMC management cluster configuration URL.
  • To configure with TMC:
    • in TMC UI > Administration > Management Clusters > Click Register Management Cluster > Fill out details > Click Next
    • Copy and paste the URL into your Tanzu Deployment UI Step 7.

Deploy Management cluster to Azure - Register TMC - TMC register management cluster url

Deploy Management cluster to Azure Register TMC Registration URL Get Yaml

  • Join the CEIP Program if needed.

Deploy Management cluster to Azure - CEIP

Finally click to review your configuration, and once you are happy, on the review screen:

  • Click “deploy management cluster”

At the bottom of the review page is the local command you can run from your machine to deploy the management cluster as well.

Deploy Management cluster to Azure - Tanzu Kubernetes Grid - Confirm Settings

You will be shown the “Deploying Tanzu Kubernetes Grid on Azure” status page which will scroll through the build process and provide updates of the output.

Deploy Management cluster to Azure - UI Output

Below is the output as seen in my terminal window as well, essentially, it’s just a clone of the UI.

My deployment took 26 minutes and 9 seconds.

Deploy Management cluster to Azure - Terminal Output

Logging into your Management Cluster

Your TKG Config and Kubeconfig file locally will be updated with your new context. For more about Kubernetes context files, read this fantastic blog post by Michael Cade.

You can login using the “Tanzu Login” command and choose your context so that all Tanzu CLI commands are performed against this new Management cluster.

Deploy Management cluster to Azure - Tanzu Login

At a Kubernetes CLI level, you can change your configuration by running the following:

# Find all your contexts located in your kubeconfig file

kubectl config get-contexts

# Set your CLI to use a specific context

kubectl config use-context {context-name}

Deploy Management cluster to Azure - kubectl config get contexts - kubectl config use-context

These are the default locations where the Tanzu cluster context files are saved on your bootstrap machine.

  • Management cluster contexts: ~/.kube-tkg/config
  • Workload cluster contexts: ~/.kube/config

We can also view information about the management cluster by running.

tanzu management-cluster get

Deploy Management cluster to Azure - tanzu management cluster get

And here are the resources deployed into Microsoft Azure.

Deploy Management cluster to Azure Azure resources

Scaling your Management Cluster

To scale your management cluster is relatively easy.

tanzu cluster scale {management_cluster_name} --controlplane-machine-count {number} --worker-machine-count {number}

If you have deployed a development management cluster, like I did in this blog, when deploying control plane nodes of 3 or higher, the cluster will automatically initiate high availability configuration.

Deploy Management cluster to Azure - tanzu cluster scale

To view the scaling up or down process run

tanzu management-cluster get

Deploy Management cluster to Azure - tanzu cluster scale - get progress

Summary

In this blog post, we created our first Tanzu Kubernetes Grid Management cluster in Microsoft Azure.

In the next blog post we’ll create a Guest Cluster in Microsoft Azure for use by our developers to deploy their applications to.

Regards

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.