VMware Tanzu packages are service add-ons for Tanzu products that are distributed as Carvel packages for easy and standardized installation and management.
You can install packages to:
- Make services available to apps hosted on Kubernetes workload clusters, to help developers.
- Install platform intelligence or other services, to help platform operators.
Types of Packages
Tanzu Kubernetes Grid includes the following types of packages:
- Auto-managed packages. These packages are installed and upgraded automatically by Tanzu Kubernetes Grid.
- CLI-managed packages. These packages are installed and upgraded explicitly by using the Tanzu CLI.
Auto-Managed Packages
Tanzu Kubernetes Grid manages the lifecycle of auto-managed packages. This includes automatic package installation and version updates.
Auto-managed packages are installed during cluster creation. To determine which auto-managed packages to install in a workload cluster, Tanzu Kubernetes Grid reads the Tanzu Kubernetes release that is used to create the cluster and cluster-specific configuration information. When you upgrade a workload cluster, as part of the upgrade process, Tanzu Kubernetes Grid updates the versions of the auto-managed packages that are installed in the cluster.
Auto-managed packages are installed from the tanzu-core repository and run in the following namespace, depending on TKG deployment type:
- Supervisor namespace: vmware-system-tkg
- Standalone management cluster namespace: tkg-system
| Package | Installed in (with Supervisor) | Installed in (with standalone management cluster) | Description |
| ako-operator | Not installed | Management (vSphere with NSX ALB only) | Provides VMware NSX Advanced Load Balancer. This package is installed if NSX Advanced Load Balancer is enabled. |
| antrea | Workload | Management and workload | Enables pod networking and enforces network policies for Kubernetes clusters. Installed by default, unless Calico is selected as the CNI provider. |
| calico | Workload | Management and workload | Enables pod networking and enforces network policies for Kubernetes clusters. Installed if Calico is selected as the CNI provider. Not supported on Windows. |
| capabilities | Workload | Workload | Enables the Capabilities API. A “capability” is anything a Kubernetes cluster can do or have, such as objects, and the API surface area. Capability discovery can be used to answer questions such as “is this a TKG cluster?” or “does this cluster have a resource X?”, and so on. |
| guest-cluster-auth-service | Workload | Not installed | Manages vSphere single sign-on (SSO), which enables vSphere SSO users to access the target workload cluster |
| kapp-controller | Workload | Management and workload | Manages packages. |
| load-balancer-and-ingress-service (AKO) | Not installed | Management and workload (vSphere with NSX ALB only) | Provides L4+L7 load balancing for applications running in clusters created by Tanzu Kubernetes Grid; used for north-south traffic. This package is installed if NSX Advanced Load Balancer is enabled. |
| metrics-server | Workload | Management and workload | Provides Metrics Server |
| pinniped | Workload | Management and workload | Provides user authentication. Installed only if an identity provider is configured. Can be installed in a standalone management cluster after it is already created. |
| secretgen-controller | Workload | Workload | Enables carvel-secretgen-controller |
| tanzu-addons-manager | Management | Management | Manages the lifecycle of tanzu-core packages. |
| tkg-pkg | Not installed | Management | Installs tanzu-addons-manager, tkr-source-controller, ClusterClass definitions, and other components that TKG standalone management clusters require. |
| vsphere-cpi | Workload | Management and workload (vSphere only) | Provides the vSphere Cloud Provider Interface |
| vsphere-pv-csi | Workload | Not installed | Provides the vSphere Cloud Storage Interface |
Carvel API Resources
To make packages available in Kubernetes clusters, Tanzu Kubernetes Grid creates the following API resources in the target cluster:
- PackageRepository, or pkgr, represents a single package repository. It points kapp-controller, a package manager, to the package repository that is defined in the resource.
- Package, or pkg, contains version-specific information about a given package and defines how to install the package. kapp-controller uses the Package resource when installing the package.
- PackageMetadata, or pkgm, contains version-agnostic information about a given package.
- PackageInstall, or pkgi, represents an installed package in your target cluster. It also references the Package resource that was used to install the package.
You can list and view these resources by using the kubectl api-resources and kubectl get commands.
Reference: Tanzu Packages
CloudSkyPod! 