[virtualization][kubernetes_administration] How to log into TKGS

[LukeShortCloud]

Explain the 3 different layers a user can log into with the kubectl vsphere login command: the Supervisor cluster, a namespace in the Supervisor cluster, and a workload cluster.

[LukeShortCloud]

1. Supervisor Cluster = For troubleshooting purposes only.

   $ kubectl vsphere login --insecure-skip-tls-verify --server ${TKGS_SUPERVISOR_CLUSTER_IP} -u ${VSPHERE_USER}@${VSPHERE_DOMAIN}
   $ kubectl config get-contexts
   CURRENT   NAME                            CLUSTER                         AUTHINFO                                                              NAMESPACE
   *         ${TKGS_SUPERVISOR_CLUSTER_IP}   ${TKGS_SUPERVISOR_CLUSTER_IP}   wcp:${TKGS_SUPERVISOR_CLUSTER_IP}:${VSPHERE_USER}@${VSPHERE_DOMAIN}

2. Supervisor Cluster Namespace = For creating, updating, and scaling Kubernetes workload clusters using the TanzuKubernetesCluster API.

   • The login may not automatically switch to the specified namespace. Either (1) change the context namespace, as shown below, or (2) specify the namespace: in the Kubernetes manifest file(s) that will be applied.

   $ kubectl vsphere login --insecure-skip-tls-verify --server ${TKGS_SUPERVISOR_CLUSTER_IP} --tanzu-kubernetes-cluster-namespace ${TKGS_SUPERVISOR_NAMESPACE} -u ${VSPHERE_USER}@${VSPHERE_DOMAIN}
   $ kubectl config get-contexts
   CURRENT   NAME                            CLUSTER                         AUTHINFO                                                              NAMESPACE
   *         ${TKGS_SUPERVISOR_CLUSTER_IP}   ${TKGS_SUPERVISOR_CLUSTER_IP}   wcp:${TKGS_SUPERVISOR_CLUSTER_IP}:${VSPHERE_USER}@${VSPHERE_DOMAIN}
   $ kubectl config set-context --current --namespace ${TKGS_SUPERVISOR_NAMESPACE}
   $ kubectl config get-contexts
   CURRENT   NAME                            CLUSTER                         AUTHINFO                                                              NAMESPACE
   *         ${TKGS_SUPERVISOR_CLUSTER_IP}   ${TKGS_SUPERVISOR_CLUSTER_IP}   wcp:${TKGS_SUPERVISOR_CLUSTER_IP}:${VSPHERE_USER}@${VSPHERE_DOMAIN}   ${TKGS_SUPERVISOR_NAMESPACE}

3. Workload Cluster = The actual workload cluster created from the TanzuKubernetesCluster API.

   $ kubectl vsphere login --insecure-skip-tls-verify --server ${TKGS_SUPERVISOR_CLUSTER_IP} --tanzu-kubernetes-cluster-namespace ${TKGS_SUPERVISOR_NAMESPACE} --tanzu-kubernetes-cluster-name ${TKGS_TKC_CLUSTER_NAME} -u ${VSPHERE_USER}@${VSPHERE_DOMAIN}
   $ kubectl config get-contexts
   CURRENT   NAME                       CLUSTER                         AUTHINFO                                                              NAMESPACE
   *         ${TKGS_TKC_CLUSTER_NAME}   ${TKGS_SUPERVISOR_CLUSTER_IP}   wcp:${TKGS_SUPERVISOR_CLUSTER_IP}:${VSPHERE_USER}@${VSPHERE_DOMAIN}