Managing Kubernetes Edge Locations at Scale with VMware Tanzu Mission Control
Managing a few Kubernetes clusters in your datacenter doesn't take a lot of tooling. This dynamic changes when the conversation shifts to edge because now we're talking potentially thousands of Kubernetes clusters running in thousands of locations. Tanzu Mission Control extends its powerful feature set to edge very easily. (skip to the bottom to watch the video of everything in action!)
Tanzu Mission Control is responsible for fleet-wide management. It has extensive capabilities to visualize your entire Kubernetes footprint across many data centers and edge locations. Tanzu Mission Control takes care of lifecycle management with deployment and upgrade capabilities, displays diagnostic data from extensions that transmit data from the cluster, includes data protection services through Velero, and has a powerful policy engine that makes configuration management across thousands of clusters easy to manage.
Tanzu Kubernetes Grid 2.1 has a lot of new features for edge deployments and most will have a hub and spoke architecture with the management cluster residing in the central datacenter. Tanzu Kubernetes Grid has native connections to Tanzu Mission Control and it all starts with registering the management cluster.
In Tanzu Mission Control, navigate to the administration section and go to the management cluster tab to register a new Tanzu Kubernetes Grid Management cluster. After the management cluster has been added, it's now possible to create and deploy new workload clusters directly from Tanzu Mission Control. This will reduce the total touch points by having everything in a single UI.
Creating a cluster is pretty straight forward. Choose the management cluster in the main datacenter and then begin providing placement details for the new workload cluster such as the datacenter, resource pool, folder, network and datastore objects. Then provide the static IP address that will function as the Kuberenetes API server control plane endpoint. There is an option to add as many workers to the cluster as needed but, in many edge environments, this will be one.
Your edge environments could be running Kubernetes on many types of different infrastructures. With Tanzu Mission Control, it's possible to manage Kubernetes clusters that run on platforms such as OpenShift, GKE, Rancher, and even bare metal. In those scenarios, instead of creating a cluster, you will attach a cluster. Attaching a cluster is very simple by providing a name that will be recognized in Tanzu Mission Control and placing it into a cluster group. Use the generated kubectl command line to apply it to your Kubernetes clusters. The caveat of an attached cluster is that it doesn't come with any lifecycle management capabilities from Tanzu Mission Control.
Now that you have tens, hundreds, or even thousands of Kubernetes clusters in Tanzu Mission Control, policies can be created that allow management at scale. There are several out-of-the-box policies that allow you to get started very quickly. There are security, image registry, network, and quota policies available. To make a custom policy, go to the templates menu and build a new policy in yaml format that is compatible with Open Policy Agent. Lastly, there are mutation policies that instruct Kubernetes to enforce custom defaults during deployment.
Take a look at the video to see how Tanzu Mission Control manages edge locations with ease.