Managing Tanzu Mission Control (TMC) tasks using tmc cli

VMware Tanzu Mission Control (TMC) is a Kubernetes management platform that manages several aspect of any conformant k8s clusters. TMC provides a very rich GUI for doing several cluster operations but it also provides a tmc CLI that will help to automate lot of such task and manage them using commands.

In this post, I will be talking about few of the TMC operations e.g. cluster group creation, attaching, package install etc. So, let’s begin.

Pre-requirements

Before we start executing tmc commands, tmc cli needs to be installed and configured on your workstation. You can download tmc cli based on your operating system from “Automation Center” option from TMC GUI.

To configure tmc cli, you need to create an API token with an appropriate permissions and run the below command.

$ tmc login
i If you don't have an API token, visit the VMware Cloud Services console, select your organization, and create an API token with the TMC service roles:
  https://console.cloud.vmware.com/csp/gateway/portal/#/user/tokens
? API Token ****************************************************************
? Login context name tanzu-se-tmc
? Select default log level info
? Management Cluster Name 
? Provisioner Name 
√ Successfully created context tanzu-se-tmc, to manage your contexts run `tmc system context -h

Operations using TMC CLI

Creating Cluster Group

Run the below command in –dry-run mode to view the details before creating cluster group.

$ tmc clustergroup create --name clgroup-from-tmc-cli --description "test group" --labels clgroup=fromtmc --dry-run
fullName:
  name: clgroup-from-tmc-cli
meta:
  annotations: null
  description: test group
  labels:
    clgroup: fromtmc
type:
  kind: ClusterGroup
  package: vmware.tanzu.manage.v1alpha1.clustergroup
  version: v1alpha1

Note: for more information about options, run “tmc clustergroup create –help”

Now, Let’s run the command.

$ tmc clustergroup create --name dt-vsphere-cg --description "test group" --labels env=vsphere
i using template "default"
√ clustergroup "dt-vsphere-cg " is being created

View the created cluster group.

$ tmc clustergroup list                               
  NAME                    LABELS           
  dt-vsphere-cg    env:vsphere

Registering a Supervisor cluster with TMC

  • Set the supervisor cluster context
$ k config use-context <supervisor-cluster-context>
  • Run the registration command
$ tmc managementcluster register dt-supervisor-cluster01 -k ~/.kube/config -p TKGS -c dt-vsphere-cg 
√ management cluster "dt-supervisor-cluster01" created successfully
i identifying TMC namespace 
i installing TMC agents on the management cluster 
┬ √ TMC agents installed on management cluster 
┐ √ management cluster successfully registered to TMC

It will take around 5-10 mins for registration process to complete successfully. Validate the health after sometime by running the following command.

$ tmc managementcluster list  | grep dt-supervisor-cluster01
  dt-supervisor-cluster01    


$ tmc managementcluster get dt-supervisor-cluster01 -o json | jq .status.health     
"HEALTHY
  • See the list of components installed in a supervisor cluster TMC namespace.
$ k get all -n svc-tmc-c8
NAME                                              READY   STATUS      RESTARTS   AGE
pod/agent-updater-59bb6db9b9-zmsjp                1/1     Running     0          6h56m
pod/agentupdater-workload-27414159-zmk22          0/1     Completed   0          42s
pod/cluster-health-extension-8447677f8b-wpzmx     1/1     Running     0          6h55m
pod/extension-manager-5cbd4cc8c8-kpkdm            1/1     Running     0          6h56m
pod/extension-updater-7d6bbcc989-lshl8            1/1     Running     0          6h56m
pod/intent-agent-6b87998fc9-xmw5r                 1/1     Running     0          6h55m
pod/sync-agent-66c54d5688-h9sn2                   1/1     Running     0          6h55m
pod/tmc-agent-installer-27414159-9glf7            0/1     Completed   0          42s
pod/tmc-auto-attach-7669f56858-c9n2p              1/1     Running     0          6h55m
pod/vsphere-resource-retriever-65f669bbc5-prphc   1/1     Running     0          6h55m

NAME                                TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)   AGE
service/extension-manager-service   ClusterIP   10.96.0.183   <none>        443/TCP   6h56m

NAME                                         READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/agent-updater                1/1     1            1           6h56m
deployment.apps/cluster-health-extension     1/1     1            1           6h55m
deployment.apps/extension-manager            1/1     1            1           6h56m
deployment.apps/extension-updater            1/1     1            1           6h56m
deployment.apps/intent-agent                 1/1     1            1           6h55m
deployment.apps/sync-agent                   1/1     1            1           6h55m
deployment.apps/tmc-auto-attach              1/1     1            1           6h55m
deployment.apps/vsphere-resource-retriever   1/1     1            1           6h55m

NAME                                                    DESIRED   CURRENT   READY   AGE
replicaset.apps/agent-updater-59bb6db9b9                1         1         1       6h56m
replicaset.apps/cluster-health-extension-8447677f8b     1         1         1       6h55m
replicaset.apps/extension-manager-5cbd4cc8c8            1         1         1       6h56m
replicaset.apps/extension-updater-7d6bbcc989            1         1         1       6h56m
replicaset.apps/intent-agent-6b87998fc9                 1         1         1       6h55m
replicaset.apps/sync-agent-66c54d5688                   1         1         1       6h55m
replicaset.apps/tmc-auto-attach-7669f56858              1         1         1       6h55m
replicaset.apps/vsphere-resource-retriever-65f669bbc5   1         1         1       6h55m

NAME                                  SCHEDULE      SUSPEND   ACTIVE   LAST SCHEDULE   AGE
cronjob.batch/agentupdater-workload   */1 * * * *   False     0        47s             6h56m
cronjob.batch/tmc-agent-installer     */1 * * * *   False     0        47s             4d22h

NAME                                       COMPLETIONS   DURATION   AGE
job.batch/agentupdater-workload-27414159   1/1           10s        47s
job.batch/tmc-agent-installer-27414159     1/1           6s         47s
  • Validate the same on TMC GUI

Creating a Tanzu Kubernetes Workload Cluster

  • Run the below command to verify the cluster creation yaml file.
$ tmc cluster create -t tkgs --name tkgs-workload-1  --cluster-group dt-vsphere-cg --labels clustertype=tkc --management-cluster-name dt-supervisor-cluster01 --provisioner-name dttkgs --dry-run --version v1.21.2+vmware.1-tkg.1.ee25d55 --storage-class tanzu
fullName:
  managementClusterName: dt-supervisor-cluster01
  name: tkgs-workload-1
  provisionerName: dttkgs
meta:
  labels:
    clustertype: tkc
spec:
  clusterGroupName: dt-vsphere-cg
  proxyName: ""
  tkgServiceVsphere:
    distribution:
      version: v1.21.2+vmware.1-tkg.1.ee25d55
    settings:
      network:
        pods:
          cidrBlocks:
          - 192.0.2.0/16
        services:
          cidrBlocks:
          - 198.51.100.0/12
      storage:
        classes: null
        defaultClass: ""
    topology:
      controlPlane:
        class: best-effort-2xlarge
        highAvailability: false
        storageClass: tanzu
      nodePools:
      - info:
          description: default description for the nodepool
          name: default-node-pool
        spec:
          tkgServiceVsphere:
            class: best-effort-2xlarge
            storageClass: tanzu
          workerNodeCount: "1"
type:
  kind: Cluster
  package: vmware.tanzu.manage.v1alpha1.cluster
  version: v1alpha1

Note: For more options, run the “tmc cluster create –help” command. You can also edit the generated yaml file based on what you need in a cluster. Save the content in a yaml file e.g. tkgs.yaml

  • Now, create the cluster
tmc cluster create -f tkgs.yaml
√ cluster "tkgs-workload-1" is being created

Note: It will take around 10 mins, depends on various parameters e.g template size, network speed etc.

  • You can also validate the cluster creation progress from TMC GUI
  • You can also monitor the task in vCenter
Finally, you will see all green

Installing a “cert-manager” Package using tmc cli

  • Run the below command to validate the cert-manager package installation yaml
$ tmc cluster namespace tanzupackage install create --full-name.cluster-name tkgs-workload-1 --full-name.management-cluster-name dt-supervisor-cluster01 --full-name.provisioner-name dttkgs --spec.package-ref.package-metadata-name cert-manager.tanzu.vmware.com --full-name.name cert-manager --spec.role-binding-scope CLUSTER --spec.package-ref.version-selection.constraints "1.1.0_vmware.1-tkg.2" --dry-run   
fullName:
  clusterName: tkgs-workload-1
  managementClusterName: dt-supervisor-cluster01
  name: cert-manager
  namespaceName: ""
  provisionerName: dttkgs
meta:
  description: ""
  labels: null
spec:
  inlineValues: {}
  packageRef:
    packageMetadataName: cert-manager.tanzu.vmware.com
    versionSelection:
      constraints: 1.1.0+vmware.2-tkg.1
  roleBindingScope: CLUSTER
type:
  kind: Install
  package: vmware.tanzu.manage.v1alpha1.cluster.namespace.tanzupackage.install
  version: v1alpha1
  • Now, you can remove the –dry-run option, tmc cli will install the package.
$ tmc cluster namespace tanzupackage install create --full-name.cluster-name tkgs-workload-1 --full-name.management-cluster-name dt-supervisor-cluster01 --full-name.provisioner-name dttkgs --spec.package-ref.package-metadata-name cert-manager.tanzu.vmware.com --full-name.name cert-manager --spec.role-binding-scope CLUSTER --spec.package-ref.version-selection.constraints "1.1.0+vmware.2-tkg.1"
i using template "expert"
i generated random namespace name: cert-manager-c4db314
√ install "cert-manager" is being created
  • You can also validate the package installation by navigating to Add-ons tab under a cluster

Deleting a Tanzu Kubernetes Cluster

Deleting a cluster is very straight forward process, you can trigger the deletion by running the following command.

$ tmc cluster delete tkgs-workload-1 --management-cluster-name dt-supervisor-cluster01  --provisioner-name dttkgs
√ Cluster is being deleted
  • You can also validate the cluster deletion from TMC GUI
  • You can also see the deletion operation on a vCenter UI

That’s all in this post about tmc cli commands. Will come back with more commands about policy etc.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s