Commands and Bindings

Tanzu Login
kubectl-vsphere login --server=https://10.105.0.1 --insecure-skip-tls-verify --tanzu-kubernetes-cluster-namespace production --vsphere-username [email protected] --tanzu-kubernetes-cluster-name tkgs-cl01

Privledged Rolebinding
kubectl create clusterrolebinding default-tkg-admin-privileged-binding --clusterrole=psp:vmware-system-privileged --group=system:authenticated

kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: rolebinding-cluster-user-administrator
namespace: default
roleRef:
kind: ClusterRole
name: psp:vmware-system-privileged #Default ClusterRole
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: User
name: sso:[email protected] #sso<username>@<domain>
apiGroup: rbac.authorization.k8s.io

Harbor Deploy
helm install harbor bitnami/harbor \
--set harborAdminPassword='CHANGEME' \
--set global.storageClass=tanzu-default \
--set service.type=LoadBalancer \
--set externalURL=harbor.corp.snowlab.tech \
--set service.tls.commonName=harbor.corp.snowlab.tech \
-n harbor

Supervisor Cluster Admin
kubectl get secret TKGS-CLUSTER-NAME-kubeconfig -o jsonpath='{.data.value}' | base64 -d > tkgs-cluster-kubeconfig-admin

Storage Policies
vsan-default-storage-policy (dont use)
tanzu-default (default)

Password Var
export KUBECTL_VSPHERE_PASSWORD=CHANGEME

Permissions Manager
---
apiVersion: v1
kind: Secret
metadata:
name: permission-manager
namespace: permission-manager
type: Opaque
stringData:
PORT: "4000" # port where server is exposed
CLUSTER_NAME: "tkgs-cl01" # name of the cluster to use in the generated kubeconfig file
CONTROL_PLANE_ADDRESS: "https://10.0.101.16:6443" # full address of the control plane to use in the generated kubeconfig file
BASIC_AUTH_PASSWORD: "CHANGEME" # password used by basic auth (username is `admin`)

Workload Management

Commands and Bindings

AWX Operator

Commands and Bindings